Just some random notes about my RV network setup.

Parts in RV

  • UniFi airCube AC mini WiFi AP / Router
  • Netgear LTE 4G hotspot, with ethernet
  • Raspberry Pi 4, running Raspberry Pi OS
  • Apple TV
  • Antennas:
    • Netgear 6000450 MIMO Antenna
    • 11dBi High Gain 3G 4G/LTE Waterproof Fixed-Mount Panel Dual Polarized MIMO Antenna

At home

  • Synology NAS, running Channels
  • UniFi Security Gateway (USG)

The airCube and Netgear LTE hotspot are relatively straight forward to setup, I use an AT&T prepaid plan which gets me 100Gb/month. It’s unfortunately not a ton of bandwidth, but we generally don’t run out since we’re only up at the seasonal site on weekends, and maybe an odd week or two during the summer.

I have two antenna options for my Netgear hotspot. There’s an external 11dBi antenna I mount on a pole, and run the cables through the slide. This is really only ever used when we’re going to remote New Hampshire, otherwise the hotspot or the mini window MIMO antenna Netgear sells work fine.

If you’d rather link up to the camground wifi, you can buy something like the UniFi Nanostation Loco M5, and link your RV network to the campground’s WiFi.

At some point, I’ll have to think about moving to something that supports 5G, but the LTE speeds are fine for what we do.

Raspberry Pi Setup

My raspberry pi is running the raspberry pi OS, headless. It mostly just acts as a VPN gateway for my Apple TV, which doesn’t support any VPN. I may have it do something else, like hosting a local media server.

The VPN lets me access my Channels instance at home, and stream live TV (HD Homerun with CableCARD) or our media library. This generally works well enough that I haven’t found the need to say run something local.

Some software I installed

$ history | grep install
    5  apt install cockpit
   11  apt install podman
   14  apt install cockpit-podman cockpit-networkmanager
   16  apt install network-manager-l2tp
   58  apt install iptables-persistent

VPN Connection

To connect to my UniFi L2PT network at home, I set up the connection using nmcli:

$ nmcli c add con-name Home \
  type vpn \
  vpn-type l2tp \
  vpn.data 'gateway=<GATEWAY IP>, ipsec-enabled=yes, ipsec-psk=<PSK>, password-flags=0, user=<MY USER>' \
  vpn.secrets 'password=<MY SECRET PASSWORD>'

I then setup my Wired connection to always use the VPN (uuids from nmcli c)

$ nmcli c modify uuid 4d2d61c5-0da0-3fa4-a5bd-11f887e8610c +connection.secondaries 6020210e-4605-4c5a-afbd-a6bef4c24aae

iptables

And configure iptables to forward traffic through the VPN:

# Generated by iptables-save v1.8.7 on Wed Apr  6 01:08:04 2022
*filter
:INPUT DROP [183:49914]
:FORWARD DROP [1886:122937]
:OUTPUT ACCEPT [316:38255]
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth0 -p icmp -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i eth0 -o ppp0 -j ACCEPT
-A FORWARD -i ppp0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
COMMIT
# Completed on Wed Apr  6 01:08:04 2022
# Generated by iptables-save v1.8.7 on Wed Apr  6 01:08:04 2022
*nat
:PREROUTING ACCEPT [2056:170538]
:INPUT ACCEPT [2:148]
:OUTPUT ACCEPT [64:4711]
:POSTROUTING ACCEPT [64:4711]
-A POSTROUTING -o ppp0 -j MASQUERADE
COMMIT
# Completed on Wed Apr  6 01:08:04 2022

Make sure ipv4 forwarding is on in /etc/sysctl.conf, and configure whatever devices you want to use your Pi as their gateway. I do not make this the default, but rather just set static networking on the Apple TV.