Image of the glider from the Game of Life by John Conway
Skip to content

Masquerade Computer Network Interfaces

I just recently acquired a Raspberry Pi at SAINTCON 2013. I already had one, and forgot how much fun these little computers can be. I also forgot what a PITA they can be if you don't have your house hard wired to your switch for Internet access, and have to go into the basement to plug in. Plugging into a monitor and keyboard isn't a big deal for me, it's just the inconvenience of getting to the Internet. So, I downloaded Raspbian, ran through the initial config, including setting up an SSH server. The only thing left to do is get it online, and that will take a little config, which this post is about.

My laptop is connected wirelessly, so my ethernet port is available. So, I should be able to plug the Raspberry Pi into the laptop, and have it use the laptop's wireless connection. In other words, using my laptop as a router and a gateway. So, let's get started. Below is an image of what I am trying to accomplish:

Image showing the Raspberry Pi connected to the laptop, which in turn is connected to the Internet wirelessly.

The Raspberry Pi needs to be connected to the laptop via a standard twisted pair ethernet cable. The laptop will be connecting to the Internet wirelessly. So, while I still had my Raspberry Pi connected to the monitor and keyboard, while it is offline, I edit the /etc/network/interfaces file as follows:

# Raspberry Pi
iface eth0 inet static
    address 172.16.1.2
    netmask 255.255.255.252
    gateway 172.16.1.1

Then, on my laptop, I gave my ethernet port the address of "172.16.1.1" (mostly because no one ever uses this network- so it shouldn't conflict with your home/office). My laptop must be the gateway to the Internet for the Raspberry Pi. Notice that my laptop does not need a gateway for this interface. Instead, it's going to masquerade off of the "wlan0" interface, which already has a gateway configured:

# Laptop
iface eth0 inet static
    address 172.16.1.1
    netmask 255.255.255.252

Now, I need to make my laptop a router, so it can route packets from one network (172.16.1.0/30) to another (whatever the "wlan0" interface is connected to). As such, run the following command as root:

echo 1 > /proc/sys/net/ipv4/ip_forward

Now, that this point, the "eth0" and "wlan0" interfaces are logically disconnected. Any packets coming into the "eth0" device won't make it any further. So, we need to create a logical pairing, called a "masquerade". This will allow packets going in "eth0" to exit "wlan0", and vice versa. So, as root, pull up a terminal, and type the following:

iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
iptables -A FORWARD -i eth0 -j ACCEPT

If you have any firewall rules in your INPUT chain, you will need to open up access for the 172.16.1.0/30 network.

At this point, plug your Raspberry Pi into your laptop, SSH into the Pi, and see if you can ping out to the Internet.

{ 3 } Comments

  1. Ricardo N Feliciano using Google Chrome 28.0.1500.71 on Ubuntu 64 bits | October 20, 2013 at 3:21 pm | Permalink

    Been wanting to do something like this. Thanks for the guide! Bookmarking for later.

    Now I can play with the Raspberry Pi at Starbucks :)

  2. Ricardo N Feliciano using Google Chrome 28.0.1500.71 on Ubuntu 64 bits | October 20, 2013 at 3:23 pm | Permalink

    Actually, quick question. Is there any steps that need to be taken each time you connect/disconnect the Pi? Or do you set this up once and it'll just work?

  3. Aaron Toponce using Google Chrome 29.0.1547.57 on GNU/Linux 64 bits | October 20, 2013 at 5:03 pm | Permalink

    If you leave everything as is, meaning you don't change the IP address on the Pi, don't change the address on your laptop, and don't change the firewall, it will be fine. However, this isn't practical. As such, a good tip would be to create a virtual IP address on both the Pi and your laptop. Then you won't interfere with the physical hardware address.

Post a Comment

Your email is never published nor shared.

Switch to our mobile site