[Bridge] Transparent wired/wirless bridge: is it possible?

[Bridge] Transparent wired/wirless bridge: is it possible?

[Mauro Condarelli]

Hi,
I read a lot on the Internet, but didn't find quite what I need.
I'm not even sure it's possible.

I have a machine with ethernet access and wireless card (in master mode).
Both are running ok under ubuntu maverick.
I also have a separate firewall (wired) acting as DHCP server for my 
whole home network.
I would like to bind the two interfaces together with no translation (no 
NAT, SNAT, masquerading, ...) so that the machines connecting to the 
wireless lan can get their address from the firewall and access the 
Internet.

Is this possible with bridging?
If so: can someone point me to the right documentation?

TiA
Mauro

Re: [Bridge] Transparent wired/wirless bridge: is it possible?

[Ryan Whelan]

[-- Attachment #1: Type: text/plain, Size: 975 bytes --]

Have you looked at hostapd (http://hostap.epitest.fi/hostapd/)?

On Tue, Oct 26, 2010 at 5:24 AM, Mauro Condarelli <mc5686@mclink.it> wrote:

> Hi,
> I read a lot on the Internet, but didn't find quite what I need.
> I'm not even sure it's possible.
>
> I have a machine with ethernet access and wireless card (in master mode).
> Both are running ok under ubuntu maverick.
> I also have a separate firewall (wired) acting as DHCP server for my
> whole home network.
> I would like to bind the two interfaces together with no translation (no
> NAT, SNAT, masquerading, ...) so that the machines connecting to the
> wireless lan can get their address from the firewall and access the
> Internet.
>
> Is this possible with bridging?
> If so: can someone point me to the right documentation?
>
> TiA
> Mauro
> _______________________________________________
> Bridge mailing list
> Bridge@lists.linux-foundation.org
> https://lists.linux-foundation.org/mailman/listinfo/bridge
>

[-- Attachment #2: Type: text/html, Size: 1504 bytes --]

Re: [Bridge] Transparent wired/wirless bridge: is it possible?

[Mauro Condarelli]

[-- Attachment #1: Type: text/plain, Size: 2255 bytes --]

On 26/10/2010 14.36, Ryan Whelan wrote:
> Have you looked at hostapd (http://hostap.epitest.fi/hostapd/)?
Sorry,
I was not clear enough.

I have the wireless card up-and-running in ap-mode using hostapd.
I *can* connect a laptop to the wireless Access Point.
I also know how to setup a masquerading router on the linux machine to 
share the landline connection (e.g.: using firestarter).
This would create a second net for wireless with double natting.
I would like to avoid this and I'm looking for a "bridge" configuration 
so that all machines (wireless & wired) can share the same subnet 
(192.68.1.0/24).

I tried something like:
=====================
auto lo
iface lo inet loopback

auto wlan2
iface wlan2 inet manual
     up /usr/sbin/service hostapd start
     up /sbin/ifconfig wlan2 up
     down /sbin/ifconfig wlan2 down
     down /usr/sbin/service hostapd stop

auto eth2
iface eth2 inet manual
     up /sbin/ifconfig eth2 up
     down /sbin/ifconfig eth2 down

auto br0
iface br0 inet dhcp
     bridge_ports eth2 wlan2
     bridge_maxwait 0
=====================
... but it does not seem to work as hoped.

Thanks in Advance for *ANY* hint ;)

Regards
Mauro
>
> On Tue, Oct 26, 2010 at 5:24 AM, Mauro Condarelli <mc5686@mclink.it 
> <mailto:mc5686@mclink.it>> wrote:
>
>     Hi,
>     I read a lot on the Internet, but didn't find quite what I need.
>     I'm not even sure it's possible.
>
>     I have a machine with ethernet access and wireless card (in master
>     mode).
>     Both are running ok under ubuntu maverick.
>     I also have a separate firewall (wired) acting as DHCP server for my
>     whole home network.
>     I would like to bind the two interfaces together with no
>     translation (no
>     NAT, SNAT, masquerading, ...) so that the machines connecting to the
>     wireless lan can get their address from the firewall and access the
>     Internet.
>
>     Is this possible with bridging?
>     If so: can someone point me to the right documentation?
>
>     TiA
>     Mauro
>     _______________________________________________
>     Bridge mailing list
>     Bridge@lists.linux-foundation.org
>     <mailto:Bridge@lists.linux-foundation.org>
>     https://lists.linux-foundation.org/mailman/listinfo/bridge
>
>


[-- Attachment #2: Type: text/html, Size: 4023 bytes --]

Re: [Bridge] Transparent wired/wirless bridge: is it possible?

[Nicolas de Pesloüan]

Le 30/10/2010 18:20, Mauro Condarelli a écrit :
>
> I tried something like:
> =====================
> auto lo
> iface lo inet loopback
>
> auto wlan2
> iface wlan2 inet manual
> up /usr/sbin/service hostapd start
> up /sbin/ifconfig wlan2 up
> down /sbin/ifconfig wlan2 down
> down /usr/sbin/service hostapd stop
>
> auto eth2
> iface eth2 inet manual
> up /sbin/ifconfig eth2 up
> down /sbin/ifconfig eth2 down
>
> auto br0
> iface br0 inet dhcp
> bridge_ports eth2 wlan2
> bridge_maxwait 0
> =====================
> ... but it does not seem to work as hoped.

Consider reading http://www.linuxfoundation.org/collaborate/workgroups/networking/bridge, in 
particular the following sections :

- 7.11 What can be bridged?
- 7.16 It doesn't work with my Wireless card!
- 7.17 I still don't understand!!

	Nicolas.

Re: [Bridge] Transparent wired/wirless bridge: is it possible?

[Mauro Condarelli]

  Il 31/10/2010 00:16, Nicolas de Pesloüan ha scritto:
> Le 30/10/2010 18:20, Mauro Condarelli a écrit :
>>
>> I tried something like:
>> =====================
>> auto lo
>> iface lo inet loopback
>>
>> auto wlan2
>> iface wlan2 inet manual
>> up /usr/sbin/service hostapd start
>> up /sbin/ifconfig wlan2 up
>> down /sbin/ifconfig wlan2 down
>> down /usr/sbin/service hostapd stop
>>
>> auto eth2
>> iface eth2 inet manual
>> up /sbin/ifconfig eth2 up
>> down /sbin/ifconfig eth2 down
>>
>> auto br0
>> iface br0 inet dhcp
>> bridge_ports eth2 wlan2
>> bridge_maxwait 0
>> =====================
>> ... but it does not seem to work as hoped.
>
> Consider reading 
> http://www.linuxfoundation.org/collaborate/workgroups/networking/bridge, 
> in particular the following sections :
>
> - 7.11 What can be bridged?
> - 7.16 It doesn't work with my Wireless card!
> - 7.17 I still don't understand!!
>
>     Nicolas.
Thanks for the pointer.
I assume the short answer (gleamed from the above link) is: "this can't 
be done (easily)".

I have it working now without bridges using hostapd, dnsmasq and a 
static route in the upstream router (ipfire).

This has the (small) drawback I have a second subnet and a largely 
useless dnsmaq installed.

My setup is with a separate firewall (ipfire) connected to the Internet; 
on the GREEN LAN I have another server with an "Atheros Communications 
Inc. AR928X Wireless Network Adapter (PCI-Express) (rev 01)" managed via 
ath9k and hostapd.
On "server" (ubuntu-workstation 10.10; I had some problems convincing 
NetworkManager not to meddle with the interfaces) I have:
========================
auto wlan2
iface wlan2 inet static
     address 192.168.2.1
     netmask 255.255.255.0
     broadcast 192.168.2.255

auto eth2
iface eth2 inet dhcp # gets address from ipfire in the range 
192.168.1.100-129
========================
IPV4 routing is enabled.
hostapd and dnsmasq are set and configured.

On "ipfire" I have the additional static route
========================
route add -net 192.168.2.0/24 gw server
========================



Any comment?
Can I simplify?
Is this The Right Way to go?

Thanks
Mauro

Re: [Bridge] Transparent wired/wirless bridge: is it possible?

[Ryan Whelan]

[-- Attachment #1: Type: text/plain, Size: 3387 bytes --]

hostapd puts the interface into the bridge when it starts up- but you have
to put it in the config. in your hostpad.conf add 'bridge=br0' (making sure
of course you have the correct 'interface= ' set.) search for 'bridge' on
this page: http://wireless.kernel.org/en/users/Documentation/hostapd

once setup, hostapd should put the interface in the bridge at start up and
remove it at shutdown so you take the interface out of the interfaces file.

HTH

On Sat, Oct 30, 2010 at 12:20 PM, Mauro Condarelli <mc5686@mclink.it> wrote:

>  On 26/10/2010 14.36, Ryan Whelan wrote:
>
> Have you looked at hostapd (http://hostap.epitest.fi/hostapd/)?
>
> Sorry,
> I was not clear enough.
>
> I have the wireless card up-and-running in ap-mode using hostapd.
> I *can* connect a laptop to the wireless Access Point.
> I also know how to setup a masquerading router on the linux machine to
> share the landline connection (e.g.: using firestarter).
> This would create a second net for wireless with double natting.
> I would like to avoid this and I'm looking for a "bridge" configuration so
> that all machines (wireless & wired) can share the same subnet (
> 192.68.1.0/24).
>
> I tried something like:
> =====================
> auto lo
> iface lo inet loopback
>
> auto wlan2
> iface wlan2 inet manual
>     up /usr/sbin/service hostapd start
>     up /sbin/ifconfig wlan2 up
>     down /sbin/ifconfig wlan2 down
>     down /usr/sbin/service hostapd stop
>
> auto eth2
> iface eth2 inet manual
>     up /sbin/ifconfig eth2 up
>     down /sbin/ifconfig eth2 down
>
> auto br0
> iface br0 inet dhcp
>     bridge_ports eth2 wlan2
>     bridge_maxwait 0
> =====================
> ... but it does not seem to work as hoped.
>
> Thanks in Advance for *ANY* hint ;)
>
> Regards
> Mauro
>
>
> On Tue, Oct 26, 2010 at 5:24 AM, Mauro Condarelli <mc5686@mclink.it>wrote:
>
>> Hi,
>> I read a lot on the Internet, but didn't find quite what I need.
>> I'm not even sure it's possible.
>>
>> I have a machine with ethernet access and wireless card (in master mode).
>> Both are running ok under ubuntu maverick.
>> I also have a separate firewall (wired) acting as DHCP server for my
>> whole home network.
>> I would like to bind the two interfaces together with no translation (no
>> NAT, SNAT, masquerading, ...) so that the machines connecting to the
>> wireless lan can get their address from the firewall and access the
>> Internet.
>>
>> Is this possible with bridging?
>> If so: can someone point me to the right documentation?
>>
>> TiA
>> Mauro
>> _______________________________________________
>> Bridge mailing list
>> Bridge@lists.linux-foundation.org
>> https://lists.linux-foundation.org/mailman/listinfo/bridge
>>
>
>
>
> _____________________________________
> This e-mail and any attachments from Toyota Boshoku America
> (TBA), TrimMasters Inc. (TMI), or other affiliated companies may
> contain confidential and privileged information.
>
> If you are not the intended recipient, please notify the sender
> immediately by return e-mail, delete this e-mail and destroy any
> copies.
>
> Any dissemination or use of this information by a person other
> than the intended recipient is unauthorized and may be illegal.
>
> _______________________________________________
> Bridge mailing list
> Bridge@lists.linux-foundation.org
> https://lists.linux-foundation.org/mailman/listinfo/bridge
>

[-- Attachment #2: Type: text/html, Size: 5514 bytes --]