Raspberry Pi Router

Raspberry Pi Router Configuration

Complete guide for configuring Raspberry Pi 4 devices as inter-network routers in the Hyperloop UPV infrastructure.

🎯 Overview

Raspberry Pi routers enable communication between isolated network segments (Control Station, Vehicle, and Booster) while maintaining security boundaries and proper traffic routing.

Network Architecture

Control Station Network (192.168.0.0/24)
              ↕
        RasPi Router 1
              ↕
Vehicle Network (192.168.1.0/24)
              ↕  
        RasPi Router 2
              ↕
Booster Network (192.168.2.0/24)

📊 Network Topology

Complete Network Map

Network Segment	CIDR	Gateway	Router Device
Control Station	192.168.0.0/24	192.168.0.1	Network Switch
Vehicle	192.168.1.0/24	192.168.1.1	RasPi Router 1
Booster	192.168.2.0/24	192.168.2.1	RasPi Router 2

Router Interface Configuration

RasPi Router 1 (Vehicle)

• eth0: 192.168.0.10/24 (Control Station network)
• eth1: 192.168.1.1/24 (Vehicle network gateway)
• wlan0: 192.168.1.10/24 (Vehicle wireless backup)

RasPi Router 2 (Booster)

• eth0: 192.168.1.20/24 (Vehicle network)
• eth1: 192.168.2.1/24 (Booster network gateway)
• wlan0: 192.168.2.10/24 (Booster wireless backup)

🛠️ Hardware Requirements

Raspberry Pi Specifications

• Model: Raspberry Pi 4B (4GB RAM minimum)
• Storage: 32GB+ microSD card (Class 10 or better)
• Network: USB-to-Ethernet adapters for additional interfaces
• Power: Official Pi 4 power supply (5V/3A)
• Case: With adequate cooling for continuous operation

Additional Hardware

• USB-to-Ethernet adapters (USB 3.0 recommended)
• High-quality microSD cards (SanDisk Extreme Pro recommended)
• Ethernet cables (Cat6 or better)
• Power supplies with sufficient amperage

💿 Operating System Setup

1. Raspberry Pi OS Installation

# Download and flash Raspberry Pi OS Lite
# Use Raspberry Pi Imager or balenaEtcher

# Enable SSH before first boot
touch /boot/ssh

# Configure WiFi (optional)
cat > /boot/wpa_supplicant.conf << EOF
country=ES
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1

network={
    ssid="YourNetworkName"
    psk="YourPassword"
}
EOF

2. Initial System Configuration

# SSH into the Pi (default: pi/raspberry)
ssh pi@192.168.1.XXX

# Update system
sudo apt update && sudo apt upgrade -y

# Install essential packages
sudo apt install -y vim htop iptables-persistent dnsmasq hostapd

# Configure timezone
sudo timedatectl set-timezone Europe/Madrid

# Change default password
passwd

# Configure hostname
sudo hostnamectl set-hostname hyperloop-router-vehicle

🌐 Network Interface Configuration

1. Static IP Configuration

Edit /etc/dhcpcd.conf:

sudo nano /etc/dhcpcd.conf

# Add at the end of file:

# Static IP configuration for eth0 (Control Station network)
interface eth0
static ip_address=192.168.0.10/24
static routers=192.168.0.1
static domain_name_servers=8.8.8.8 8.8.4.4

# Static IP configuration for eth1 (Vehicle network)
interface eth1
static ip_address=192.168.1.1/24

2. USB Ethernet Adapter Setup

# Check USB network adapters
lsusb
ip link show

# Identify adapter names (usually eth1, eth2, etc.)
# May need to install drivers for specific adapters

# For AX88179 chipset (common USB 3.0 adapters)
sudo apt install -y linux-modules-extra-$(uname -r)

3. Wireless Interface Configuration (Backup)

Edit /etc/wpa_supplicant/wpa_supplicant.conf:

sudo nano /etc/wpa_supplicant/wpa_supplicant.conf

# Configure for HyperNAP connection
country=ES
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1

network={
    ssid="HyperNAP"
    psk="YourSecurePassword"
    priority=1
}

🚏 Routing Configuration

1. Enable IP Forwarding

# Enable immediately
echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward

# Make permanent
echo 'net.ipv4.ip_forward=1' | sudo tee -a /etc/sysctl.conf

# Reload sysctl
sudo sysctl -p

2. Routing Tables

RasPi Router 1 (Vehicle)

# Add routing rules
sudo ip route add 192.168.2.0/24 via 192.168.1.20 dev eth1

# Make routes persistent
echo "192.168.2.0/24 via 192.168.1.20 dev eth1" | sudo tee -a /etc/dhcpcd.conf

RasPi Router 2 (Booster)

# Add routing rules  
sudo ip route add 192.168.0.0/24 via 192.168.1.10 dev eth0

# Make routes persistent
echo "192.168.0.0/24 via 192.168.1.10 dev eth0" | sudo tee -a /etc/dhcpcd.conf

3. Firewall Configuration

# Create iptables rules for NAT and forwarding
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT

# Allow SSH access
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT

# Allow established connections
sudo iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Allow loopback
sudo iptables -A INPUT -i lo -j ACCEPT

# Default policies
sudo iptables -P INPUT DROP
sudo iptables -P FORWARD ACCEPT
sudo iptables -P OUTPUT ACCEPT

# Save rules
sudo netfilter-persistent save

🌐 DHCP Configuration

1. Configure dnsmasq

Edit /etc/dnsmasq.conf:

sudo nano /etc/dnsmasq.conf

# Basic DHCP configuration
interface=eth1
dhcp-range=192.168.1.100,192.168.1.200,255.255.255.0,24h

# DNS settings
server=8.8.8.8
server=8.8.4.4

# Local domain
local=/hyperloop.local/
domain=hyperloop.local

# Static assignments for known devices
dhcp-host=aa:bb:cc:dd:ee:ff,hyperloop-vcu,192.168.1.101
dhcp-host=11:22:33:44:55:66,hyperloop-pcu,192.168.1.102

# Enable logging
log-queries
log-dhcp

2. Start and Enable Services

# Enable and start dnsmasq
sudo systemctl enable dnsmasq
sudo systemctl start dnsmasq

# Check status
sudo systemctl status dnsmasq

📊 Monitoring and Diagnostics

1. Network Monitoring Scripts

Create /home/pi/monitor-network.sh:

#!/bin/bash
# Network monitoring script

echo "=== Hyperloop Network Status ===" 
echo "Date: $(date)"
echo

echo "=== Interface Status ==="
ip -brief addr show
echo

echo "=== Routing Table ==="
ip route show
echo

echo "=== Active Connections ==="
ss -tuln
echo

echo "=== DHCP Leases ==="
cat /var/lib/dhcp/dhcpd.leases | tail -20
echo

echo "=== System Load ==="
uptime
free -h
echo

echo "=== Network Traffic ==="
cat /proc/net/dev | grep -E "(eth|wlan)"

Make executable and run:

chmod +x /home/pi/monitor-network.sh
./monitor-network.sh

2. Automated Health Checks

Create /home/pi/health-check.sh:

#!/bin/bash
# Health check script

LOG_FILE="/var/log/hyperloop-health.log"

check_connectivity() {
    local target=$1
    local name=$2
    
    if ping -c 1 -W 2 $target > /dev/null 2>&1; then
        echo "$(date): OK - $name ($target) reachable" >> $LOG_FILE
        return 0
    else
        echo "$(date): ERROR - $name ($target) unreachable" >> $LOG_FILE
        return 1
    fi
}

# Check key network endpoints
check_connectivity "192.168.0.9" "Control Station"
check_connectivity "192.168.1.101" "Vehicle VCU"  
check_connectivity "192.168.2.101" "Booster PCU"
check_connectivity "8.8.8.8" "Internet DNS"

# Check disk space
DISK_USAGE=$(df / | tail -1 | awk '{print $5}' | sed 's/%//')
if [ $DISK_USAGE -gt 80 ]; then
    echo "$(date): WARNING - Disk usage at ${DISK_USAGE}%" >> $LOG_FILE
fi

# Check memory
MEM_USAGE=$(free | grep Mem | awk '{printf "%.0f", $3/$2 * 100.0}')
if [ $MEM_USAGE -gt 90 ]; then
    echo "$(date): WARNING - Memory usage at ${MEM_USAGE}%" >> $LOG_FILE
fi

Add to crontab for regular monitoring:

# Edit crontab
crontab -e

# Add health check every 5 minutes
*/5 * * * * /home/pi/health-check.sh

# Daily network status report
0 6 * * * /home/pi/monitor-network.sh > /var/log/daily-network-report.log

🛡️ Security Configuration

1. SSH Hardening

Edit /etc/ssh/sshd_config:

sudo nano /etc/ssh/sshd_config

# Security improvements
Port 2222
PermitRootLogin no
PasswordAuthentication yes
MaxAuthTries 3
LoginGraceTime 60

2. Firewall Refinement

# Limit SSH access to specific networks
sudo iptables -I INPUT -p tcp --dport 2222 -s 192.168.0.0/24 -j ACCEPT
sudo iptables -I INPUT -p tcp --dport 2222 -s 192.168.1.0/24 -j ACCEPT

# Block SSH from other sources
sudo iptables -A INPUT -p tcp --dport 2222 -j DROP

# Save configuration
sudo netfilter-persistent save

3. System Updates

# Create update script
sudo nano /home/pi/update-system.sh

#!/bin/bash
# System update script

apt update
apt upgrade -y
apt autoremove -y
apt autoclean

# Log update
echo "$(date): System updated" >> /var/log/system-updates.log

# Make executable
sudo chmod +x /home/pi/update-system.sh

# Schedule weekly updates
echo "0 3 * * 0 /home/pi/update-system.sh" | sudo crontab -

🔧 Troubleshooting

Common Issues

No Internet Connectivity

# Check routing
ip route show
ping -c 4 8.8.8.8

# Check DNS
nslookup google.com
cat /etc/resolv.conf

DHCP Not Working

# Check dnsmasq status
sudo systemctl status dnsmasq
sudo journalctl -u dnsmasq -f

# Check configuration
sudo dnsmasq --test

Interface Problems

# Check interface status
ip link show
sudo dmesg | grep usb

# Restart networking
sudo systemctl restart dhcpcd
sudo systemctl restart networking

Performance Optimization

Network Performance

# Test bandwidth between networks
iperf3 -s  # On target machine
iperf3 -c 192.168.X.X  # On source machine

# Monitor traffic
sudo tcpdump -i eth1 -n

System Performance

# Monitor system resources
htop
iostat 1
iftop -i eth1

📋 Maintenance Procedures

Daily Checks

• Verify all network interfaces are up
• Check system logs for errors
• Monitor CPU and memory usage

Weekly Tasks

• Review DHCP lease assignments
• Check routing table accuracy
• Update system packages
• Backup configuration files

Monthly Procedures

• Full system backup
• Performance analysis
• Security audit
• Firmware updates

🔗 Related Documentation

• Network Overview - Complete network architecture
• NAP Configuration - Wireless access points
• Switch Configuration - Network switches
• Troubleshooting Network - Network diagnostics

---

✅ Raspberry Pi Router Configuration Complete!

Your inter-network routing infrastructure is now ready to support seamless communication across all Hyperloop network segments. For ongoing monitoring and troubleshooting, refer to the scripts and procedures outlined above.