Wednesday, August 6, 2014

Baseball Scoreboard - Network Configuration within the Control Box

    In this blog post, I'll discuss how to set up the networking for the control box.  If you do this correctly, by the end, you'll be able to join the WiFi access point (AP) in the control box and surf the internet via 4G (yes, I'm aware that the 4G hotspot does that on its own, but we're building to something here).  This post will cover the easy stuff first (selection and configuration of WiFi and 4G) and move onto the more complex (configuration of the Raspberry Pi).  But first, for those who are impatient, the quick start guide starts after the jump.

Quick Start Guide

    Because I know many folks just want to get things working and be saved the long-winded explanation, I've put together the following quick start guide.  If everything works right, you should just be able to do this to get up and running, but there is a nontrivial chance that it may not work flawlessly.  Now that you've been warned, just do the following:

  • Configure the AP using the AP Quick Setup menu:
    • Operation Mode:  Standard AP Mode
    • Wireless Operation Mode:  Access Point (AP)
    • Wireless Network Name:  Scoreboard (or whatever you like -- this is the AP name your scorers will join to get their internet)
    • Wireless Security:  WPA-Personal/WPA2-Personal
    • Wireless Password:  (whatever you like--this is the password your scorer will use to join your AP)
  • On the 4G Hotspot, hide the Hotspot Wireless network name (under Jetpack Settings / Wi-Fi, uncheck the "Broadcast Wi-Fi name")
  • Install Raspian onto the Raspberry Pi using NOOBS (  Sometime during this step, connect the Raspberry Pi to your home LAN via ethernet.
  • Once the Raspberry Pi reboots, ssh in:
    • ssh pi@raspberrypi
  • Using raspi-config (sudo raspi-config):
    • (1) Expand file system
    • (2) Change password
    • (3) Boot to command line
    • (4) Internationalisation Options
      • (I2)  Change Timezone - Change to your timezone to enable proper functioning of box scores
    • (8) Advanced options
      •  (A2) Hostname - Recommend setting it to ScoreboardControl (NOTE:  Do not set to "Scoreboard"or the web server will not work properly due to DNS confusion)
    • Reboot
  • Once rebooted, ssh back in:
    • ssh pi@ScoreboardControl
  • Update/upgrade and install packages
    • sudo apt-get update
    • sudo apt-get upgrade
    • sudo apt-get install dnsmasq
  • Download config tarball into your home directory 
    • cd
    • wget
  • Unpack tarball in your root directory 
    • cd /
    • sudo tar -xvzf /home/pi/configs.tar.gz
  • Reboot the Pi and cross your fingers
If everything worked, at this point, your control box should boot up and you'll be able to browse the internet by joining the wireless AP.  If not, keep on reading to ferret out exactly what went wrong.

Design Goals

    For the networking portion of this project, I went in with one design goal -- design it so that, other than joining the Scoreboard WiFi AP, the scorer doesn't have to do anything to make the scoreboard work.  Sound simple?  On the surface, it doesn't seem hard.  In implementation, it meant tracking down every internet connection and making sure that they all were handled in a seamless fashion.

WiFi AP - Selection Criteria

    Given that the control box and scoreboard are going to be used in some fairly remote (i.e., far from power plug) locations, power considerations were #1 in my book.  Anything with an internal battery was a plus.  If not powered internally, it has to be powered over the USB bus (a USB backup battery was already selected as the power source of choice; any other power method is going to add unnecessary complexity).  Being able to do both is a bonus.  WiFi encryption (WPA2 ideally) was a plus but not a deal breaker.  Lastly, the AP had to have the ability to redirect to wired network (to enable connectivity to the Raspberry Pi).
    After much research, I picked up the TP-link MR3040.  At $40, it came with an internal battery, charges via USB, has USB and RJ-45 ports, and can be flashed with OpenWRT (this last point ended up not being important, but was a design consideration when I started down this path).

WiFi AP - Configuration

    Compared to many of the other device configurations, configuring the AP is a snap as we're asking it to do something it's designed to do.  Personally, my device is installed with OpenWRT (, but it's not necessary.  The device needs to be set to operate in AP only mode (i.e., it passes connections to the wired interface directly without network address translation (NAT) or any other modification).  Perusing the user manual, with the default firmware, you should set the following via Quick Setup:

  • Operation Mode:  Standard AP Mode
  • Wireless Operation Mode:  Access Point (AP)
  • Wireless Network Name:  Scoreboard (or whatever you like -- this is the AP name your scorers will join to get their internet)
  • Wireless Security:  WPA-Personal/WPA2-Personal
  • Wireless Password:  (whatever you like--this is the password your scorer will use to join your AP)

4G Connection - Selection Criteria

    For 4G, I was looking for the a solution that met three criteria:
  1. Linux compatible (i.e., has an ethernet connection, specific Linux driver, or presents itself as a generic ethernet interface)
  2. Powered with what I've got in the field (i.e., directly off of the Raspberry Pi, via USB, or via internal battery)
  3. Worka with my service provider (Verizon)
After looking at all of my choices, I chose the Verizon MiFi 5510L (manufactured by Novatel Wireless).  It works with my provider, has its own internal battery, and represents itself to the Raspberry Pi as a generic ethernet adapter (so, no special configuration required).  Given that this was the single largest expenditure on this project (costing as much as the whole scoreboard), I was a little wary of potentially paying for something that wouldn't work.  Luckily, I had a friend who already had one was able to test everything out prior to ordering my own.  My recommendation if you go with a different 4G hotspot is that you do the same given the potential cost involved.

4G Connection - Configuration

    Technically speaking, other than making sure your account is paid up, no configuration is required for this option.  However, I highly suggest hiding the SSID of the hotspot to avoid confusion as to which AP the scorers are supposed to join.  Consulting the user manual, under Jetpack Settings / Wi-Fi, uncheck the "Broadcast Wi-Fi name" to hide the SSID.

Configuring the Raspberry Pi

    Now that the easy stuff is out of the way, on to configuring the Pi.  The first thing we need to do is install an operating system.  As the Raspberry Pi was a a brand new technology for me, I did what all new people to Raspberry Pi do to install an operating system -- use NOOBS (  My hats are off to the folks who developed NOOBS.  Just like the Arduino IDE, NOOBS took something unfamiliar (Raspberry Pi) and turned it into something familiar (in my case, a Debian-based Linux server, Raspbian) in the space of an evening.  Once the OS is installed, use the initial setup menu to change the user password and enable the SSH server.
    Configuring the Raspberry Pi's networking consists of four parts:
  • Ensure both network interfaces enumerate when plugged in (google around to find the kernel module required for your 4G adapter and install, if needed).  Note interface names.
  • Dual home the LAN network interface
  • Set up dnsmasq
  • Turn on packet forwarding
Here's the breakdown on how to accomplish the last three steps.  Please note that I've attempted to recreate what I installed at each step to the best of my memory.  It's possible I forgot something; in that spirit, I've created a list of all packages installed on my Raspberry Pi for reference(

Dual-homing the LAN interface

    Assuming a normal install, your LAN connection should come up as eth0.  Dual homing the interface is as simple as adding a second entry for eth0:0 into /etc/network/interfaces.  Both eth0 interfaces should be configured with a static ip address (I used and .2) .  For your reference, here is my interfaces file (

Setting up dnsmasq

    If you haven't done so already, do a sudo apt-get update and sudo apt-get upgrade.  Now that you're fully patched, step 1 of setting up dnsmasq is installing it (i.e., sudo apt-get install dnsmasq) .  Now that it's installed, its time for configuration (specified by the /etc/dnsmasq.conf file).  dnsmasq has two parts; the DHCP server and DNS server.  Configuration of the DHCP server requires that we specify an address range for the DHCP pool and an lease time using the dhcp-range configuration option.  Here is my config line:


DNS is, for the most part, self-configuring.  It will automatically pick up on the upstream DNS server and forward all requests there.  However, there are a couple of addresses that we want to lay claim to/redirect.  Using the address configuration option, we can redirect the game changer scoring website ( to the secondary interface (where we can transparently proxy it -- see next post), and direct Scoreboard to the primary interface (where it can interface with our web server -- coming up in a few posts.  Here are those config lines:


For your reference, here is the link to my entire dnsmasq.conf file (
Turn on packet forwarding

    First the code to turn on packet forwarding (also located at

iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
iptables -A FORWARD -i eth1 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
These four lines turn on ip forwarding, and then tell the kernel to NAT connections coming from the LAN using the WAN address.  Drop these lines into a bash script (I put mine at /home/pi/ and make the script executable (i.e., chmod +x /home/pi/
    Now that you have a bash script that turns on packet forwarding, you need to arrange to start it at boot time.  That is simply done by adding the script to your /etc/rc.local where it will be called right before the login prompt.  For your reference, my rc.local (which starts packet forwarding as well as the transparent proxy and parser covered in future blog posts) can be found here (


    If you've gotten this far, you should be able to power up the control box, join the AP, and surf the internet with the only exception being Future posts will get that functionality up and running as well.

 Up next … The Transparent Proxy.

No comments:

Post a Comment