Raspberry Pi documentation
This document explains how to configure a Raspberry Pi 4 (RasPi) to act as a router between three networks (Control Station, Vehicle and Booster).
All of the following addresses have /24 mask .
Our full network is made of three different sub-networks:
- Control Station net: 192.168.0.0, where our PC is located with the 192.168.0.9 address
- Vehicle net: 192.168.1.0
- Booster net: 192.168.2.0
Between these three networks we have two RasPis that connect them:
RasPi 1 in the Vehicle with interfaces:
-
eth0: 192.168.1.1
-
eth1: 192.168.0.1
RasPi 2 in the Booster with interfaces:
-
eth0: 192.168.2.1
-
eth1: 192.168.0.2
There are also NAPs on the 192.168.0.0 net, but they are configured to act on layer 2, so they don't influence our IP network.
Insert the SD card into your computer and download the Raspberry Pi imager from the official web or using a packet. When opened, you should see an interface like this:
Here, select Raspberry Pi 4 and for OS we are going to use Raspberry Pi OS Legacy 64-bit Lite. Also, select the SD on the storage option. (Note: Some files that we need to configure are not available on other versions of the OS)
Now press Next and select Edit settings. Enable the username and password and set them up as desired. Then enable SSH on the Services window. Finally disable Enable telemetry on the options window.
Now, you can flash the SD.
Insert the SD card into the RasPi, connect the supply and connect an Ethernet cable between the RasPi and your computer. Now, on a terminal write:
ssh HyperloopUPV@raspberrypi.local
It should prompt you with a password, which is the one you set earlier. Now, you have full contro of the RasPi from your computer.
Open the DHCP configuration with
sudo nano /etc/dhcpcd.conf
Scroll to the end of the file and add the following lines:
RasPi 1 (Vehicle):
interface eth0
static ip_address=192.168.1.1/24
interface eth1
static ip_address=192.168.0.1/24
static routers=192.168.0.2
static route=192.168.2.0/24 via 192.168.0.2/24
RasPi 2 (Booster):
interface eth0
static ip_address=192.168.2.1/24
interface eth1
static ip_address=192.168.0.2/24
static routers=192.168.0.1
static route=192.168.1.0/24 via 192.168.0.1/24
Close the file with Ctrl+X, then pres y and press Enter to save it with the same name.
This will give them the addresses 1.1 or 2.2 on the eht0 interface, on the ethernet port, and the addresses 0.1 and 0.2 on the USB port with the ethernet adapter.
Also, it created the routes necessaries for communicating the Vehicle and Booster network with each other.
This file will be run after booting:
sudo nano /etc/rc.local
Here, delete the existing code and add the following code:
RasPi 1 (Vehicle):
#!/bin/bash
exec 1>/tmp/rc.local.log 2>&1
set -x
ip link set eth0 up
ip link set eth0 promisc on
ip link add name tun0 type ipip remote 192.168.0.9 local 192.168.1.1
ip link set tun0 up
# Delete all existing iptables rules
iptables -t filter -F
iptables -t filter -X
iptables -t mangle -F
iptables -t mangle -X
iptables -t security -F
iptables -t security -X
iptables -t raw -F
iptables -t raw -X
iptables -t nat -F
iptables -t nat -X
iptables -t filter -P INPUT ACCEPT
iptables -t filter -P FORWARD ACCEPT
iptables -t filter -P OUTPUT ACCEPT
iptables -A FORWARD -s 192.168.2.0/24 -d 192.168.2.0/24 -j DROP
tc qdisc add dev eth0 handle ffff: ingress
tc filter add dev eth0 parent ffff: protocol all u32 match ip src 192.168.1.0/24 match ip dst 192.168.1.0/24 action mirred egress mirror dev tun0
exit 0
RasPi 2 (Booster):
#!/bin/bash
exec 1>/tmp/rc.local.log 2>&1
set -x
ip link set eth0 up
ip link set eth0 promisc on
ip link add name tun0 type ipip remote 192.168.0.9 local 192.168.2.1
ip link set tun0 up
# Delete all existing iptables rules
iptables -t filter -F
iptables -t filter -X
iptables -t mangle -F
iptables -t mangle -X
iptables -t security -F
iptables -t security -X
iptables -t raw -F
iptables -t raw -X
iptables -t nat -F
iptables -t nat -X
iptables -t filter -P INPUT ACCEPT
iptables -t filter -P FORWARD ACCEPT
iptables -t filter -P OUTPUT ACCEPT
iptables -A FORWARD -s 192.168.1.0/24 -d 192.168.1.0/24 -j DROP
tc qdisc add dev eth0 handle ffff: ingress
tc filter add dev eth0 parent ffff: protocol all u32 match ip src 192.168.2.0/24 match ip dst 192.168.2.0/24 action mirred egress mirror dev tun0
exit 0
Close the file with Ctrl+X, then pres y and press Enter to save it with the same name.
This code does several things:
- Enable promiscuous mode en eth0 so it can sniff all the packets on that interface.
- Create a tunnel interface using IP over IP so we can send packets directly to the Control Station.
- Delete all the network default configuration.
- Accept incoming, forward and outgoing packets.
- Drop (delete) all packets mirrored by the other RasPi since the Control Station already recieved them and we don't want them bouncing around the two RasPis.
- Mirror all packets between devices on the eth0 network and send them to the Control Station for logging.
Finally, we need to enable packet forwarding so the RasPi can act as a router. Write the following command:
sudo nano /etc/sysctl.conf
Add or uncomment the following line:
net.ipv4.ip_forward=1
Close the file with Ctrl+X, then pres y and press Enter to save it with the same name.
The RasPi is now fully configured and can act as a router between the networks.
If you want to connect to the RasPi again after configuring, keep in mind that you will need to set up a static address for yout PC in the same network as the RasPi.