Shanto Roy

I Explore Research, Tech, Travel, and Business. PhD Student @UHCS.

4 minute read

If we want to create a physical testbed to experiment different scenarios, Raspberry Pi’s are the best options out there. We can create private networks and connect the networks through routers or gateways.

And we don’t have to buy a router to connect two different networks. We can configure one of our raspberry Pi’s to act as gateways for two different private networks and connect these networks as well.

In this post, we will learn how to configure a Raspberry Pi to act as two gateways for two different networks and route traffics between these two networks through Ethernet interfaces.

Hardware Requirements

We will need the following hardware:

  • Three Raspberry Pi Devices with power adapter/cables and memory cards
  • Three Ethernet Cables
  • One USB-to-LAN Converter

If you need to check how to install a Raspbian OS to a Raspberry Pi, check out my other blog post.

Install Raspbian OS in Raspberry Pi without Keyboard and Monitor

Setting Static IP

First, we need to set static IP addresses to the ethernet interfaces. We can do that by adding the following configuration:

The End Devices

Let’s create a file for interface eth0

$ sudo nano /etc/network/interfaces.d/eth0

And add the following to the one of the Raspberry Pi devices:

# Static IP configuration for eth0
auto eth0
iface eth0 inet static
address 192.168.5.10
netmask 255.255.255.0
network 192.168.5.0
broadcast 192.168.5.255
gateway 192.168.5.1

and the following to the second one:

# Static IP configuration for eth0
auto eth0
iface eth0 inet static
address 192.168.6.10
netmask 255.255.255.0
network 192.168.6.0
broadcast 192.168.6.255
gateway 192.168.6.1

The Gateway

For the Gateway Raspberry Pi, we have two ethernet interfaces: eth0 and eth1 after we added the USB-to-ethernet cable to one of the USB ports.

So, we will create two files. Let say, eth0 is connected to 192.168.5.10, then we will do the following

$ sudo nano /etc/network/interfaces.d/eth0

# Static IP configuration for eth0
auto eth0
iface eth0 inet static
address 192.168.5.1
netmask 255.255.255.0
network 192.168.5.0
broadcast 192.168.5.255
gateway 192.168.5.1

And, then eth1 is connected to 192.168.6.10

$ sudo nano /etc/network/interfaces.d/eth1

# Static IP configuration for eth1
auto eth1
iface eth1 inet static
address 192.168.6.1
netmask 255.255.255.0
network 192.168.6.0
broadcast 192.168.6.255
gateway 192.168.6.1

Or, there is a good alternative way to do all in a single file. In the /etc/network/interfaces file, instead of the following,

auto lo
iface lo inet loopback

source /etc/network/interfaces.d/*

allow-hotplug wlan0
iface wlan0 inet manual
wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
iface default inet dhcp

we can have everything in that file:

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
address 192.168.5.1
netmask 255.255.255.0
network 192.168.5.0
broadcast 192.168.5.255
gateway 192.168.5.1

auto eth1
iface eth1 inet static
address 192.168.6.1
netmask 255.255.255.0
network 192.168.6.0
broadcast 192.168.6.255
gateway 192.168.6.1

allow-hotplug wlan0
iface wlan0 inet manual
wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
iface default inet dhcp

Now, whatever change we made, we will have to run the following command

$ sudo systemctl restart networking

Or, if not working, reboot the devices.

Routing

We can ping both 192.168.5.10 and 192.168.6.10 from the gateway raspberry pi. However, the devices cannot ping to each other for now.

To make routing happen between both end devices, we will have to run the following command in the gateway raspberry pi:

$ sudo sysctl net.ipv4.ip_forward=1

or do it like the following:

  1. Enable IP forwarding on the Raspberry Pi by editing the /etc/sysctl.conf file and uncommenting the following line:

    net.ipv4.ip_forward=1

  2. Save and exit the file, then apply the changes by running the following command:

    $ sudo sysctl -p

also, set up NAT (Network Address Translation) on the Raspberry Pi to allow traffic from the honeypot network to access the Internet via the real network.

$ sudo mkdir /etc/iptables
$ sudo touch /etc/iptables/rules.v4
$ sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
$ sudo iptables-save | sudo tee /etc/iptables/rules.v4

Now, you should be able to ping each devices.

Note that, if the gateways are not properly set up and ping does not work, you can additionally do the following:

Add static routes on each of the two Raspberry Pis to enable them to communicate with each other. On the Raspberry Pi with IP address 192.168.5.10, add a static route for the 192.168.6.0/24 subnet by running the following command:

$ sudo ip route add 192.168.6.0/24 via 192.168.5.1

Similarly, on the Raspberry Pi with IP address 192.168.6.10, add a static route for the 192.168.5.0/24 subnet by running the following command:

$ sudo ip route add 192.168.5.0/24 via 192.168.6.1

Concluding Remarks

That’s all for today. I hope this tutorial can help you set up testbeds according to your needs if there are multiple networks you are dealing with.

I have made this tutorial to do the routing through Ethernet interfaces since the WiFi interface I use for SSH (for configuration change and troubleshooting from remote location) and internet access only. When I will no longer need outside connection, I can simply disconnect these devices from WiFi and work around a perfect testbed.

You can also read my other posts related to Raspberry Pi:

Leave a comment

You may also enjoy