3

One of our new requirements for a product I work on is to support Ethernet-to-wireless bridging. Suppose we have two network interfaces: eth0 and ath0 (we're using the Madwifi driver). What sort of options do I have to allow computers hooked into eth0 to be able to access the wireless network?

The first thing I tried was the brctl utility. This seemed to be exactly what I want. And, on wired networks, it is. But on wireless networks, it didn't quite work. Some Wiresharking revealed that the source MAC of the bridged packet was (correctly) set to a computer behind the bridge. However, the AP, having never seen that MAC associate, would drop the packet. If I enable WDS packets (iwpriv ath0 wds 1), then the packet is sent with the transmitter and receiver addresses, but doesn't seem to be allowed by the AP (it is very old, and we can't change it). Not all APs have to accept WDS, right?

Thus, I'm wondering if we have to do some sort of Ethernet NATing or the like. However, I don't see how it can work -- how can one MAC address be shared amongst n computers? ebtables appears too low level. Simply rewriting MAC addresses on the way out and the way back in makes it so the bridge computer cannot use the network. Plus, how would it know the ultimate destination for an incoming packet? You'd need details from the IP and TCP/UDP layers, at least.

user35428
  • 133
  • 1
  • 1
  • 4

5 Answers5

2

Right, bridging doesn't work with wifi. The easiest solution is to use routing. You can setup a 'transparent router', that feels like a bridge, but in fact it is routing packets. For this, make one network a subset of the other.

for example, if your wired LAN is 192.168.183.0/24, you could make the wireless LAN use 192.168.183.192/26.

You might also have to turn on the 'proxy arp'. Just add a echo 1 > /proc/sys/net/ipv4/conf/all/proxy_arp to some startup script.

Javier
  • 9,078
  • 2
  • 23
  • 24
  • I like this solution, but, unfortunately, IP configuration isn't known a priori. – user35428 Feb 19 '10 at 16:08
  • Those IP subnets will not work. Devices on the wired LAN will not attempt to route their packets to the wireless LAN since it is within their subnet. You need independent subnets, i.e. `192.168.183.0/26` and `192.168.183.192/26` – einstiien Feb 19 '10 at 16:15
  • Wireless bridging does work perfecly fine. I have done it before on Ubuntu. – Antoine Benkemoun Feb 19 '10 at 18:59
  • @einstiien: yes, this works. the point is that those on the 'bigger' network won't ask for routing; but the proxy arp makes them send the packets to the router anyway. – Javier Feb 22 '10 at 13:59
  • @Antoine Benkemoun: maybe you had full control on both ends of the WiFi? in theory bridging _should_ work; but there are so many drivers and firmwares out there that only cater for the common setups that it's really random it you'd be able to make it work or not. – Javier Feb 22 '10 at 14:02
  • @Javier: I misunderstood you but I think you are closest to the solution in this case. The IP configuration isn't a problem: I can simply specify that all packets coming from the bridge's LAN interface must be routed. Besides proxy ARP, is there anything else I need to enable? Would I use the `route` command to set this up? The important part is that the bridge's wireless card is used for transmission, and then used for routing received packets. – user35428 Feb 22 '10 at 21:34
1

Such configuration will work perfectly fine for brdging two network interfaces

# The primary network interface
allow-hotplug eth0

iface eth0 inet static
        address 192.168.0.10
        network 192.160.0.0
        netmask 255.255.255.0
        broadcast 192.168.0.255
        gateway 192.168.0.1
        dns-nameservers 212.27.39.2
        dns-search home
        auto eth0

iface wlan0 inet static
        address 192.168.0.9
        network 192.160.0.0
        netmask 255.255.255.0
        broadcast 192.168.0.255
        gateway 192.168.0.1
        dns-nameservers 212.27.39.2
        dns-search home
        wireless_keymode open
        wireless_mode managed
        wireless_nick srvolivier
        wireless-essid SMC2870
        wireless-key wepkey
        auto wlan0

iface br0 inet static
        address 192.168.0.8
        network 192.160.0.0
        netmask 255.255.255.0
        broadcast 192.168.0.255
        gateway 192.168.0.1
        dns-nameservers 212.27.39.2
        dns-search home
        bridge_ports eth0 wlan0
        auto br0
Antoine Benkemoun
  • 7,314
  • 3
  • 41
  • 60
0

I wrote a repeater program that reads one side and sends it to the others, learning the MAC of the PC behind the bridge and using it to rewrite src/dst MACs as necessary, but this strikes me as laden with unforeseen consequences.

user35428
  • 133
  • 1
  • 1
  • 4
0

Here is what we have working (hope it helps):

Network1 ---wireless(WDS bridging) ) ) ) ( ( ( wireless(WDS bridging)---Network2

Network1 and Network2 utilize common IP adress space ( 192.168.1.0/24) It works like charm.

moo
  • 311
  • 1
  • 8
0

Don't know with "normal" desktop distros, but on dd-wrt on netgear routers i can easily bridge wireless (virtual) interfaces with ehternet and vlan interfaces. Like

brctl addif br0 wl0.1
brctl addif br0 vlan1
brctl addif br1 wl0.2
brctl addif br1 eth0

so i have a wireless "WAN" bridged to the wan eth port and a wireless "LAN" bridged to the 4 port switch (eth0).

Daniele Santi
  • 2,479
  • 1
  • 25
  • 22