tedcox 10-30-2005 11:53 AM

Bridge connectivity problems
I am attempting to upgrade my linux router by adding an AP function (since my old netgear AP kicked the bucket). It strikes me that I should have better/more powerful tools and controls on a linux AP, plus less running hardware = happier wife. :)

Currently the machine has four NIC cards:

eth0 - attached to the internet via Cable Modem
eth1 - wired attachment to my local LAN
ath0 - Madwifi 802.11a Turbo capable WIFI Adapter
wlan0 - Prism based 802.11b WIFI Adapter

At various points, I have had both ath0 and wlan0 functioning successfully as WIFI access points. Currently, I have eth1, ath0, and wlan0 combined into a bridge called br0. That way they all share DHCP. I am able to connect 802.11b and see the internet. I am also able to connect wired and see the internet. However, I cannot see a device on my internal wired LAN from my wireless or vice versa. My understanding is that this is exactly what a bridge should enable me to do. Hence I am confused. Here is my bridge setup (from rc.local):


# Set up bridge to handle access point services
ifconfig eth1
ifconfig wlan0
ifconfig ath0
brctl    addbr br0
brctl    addif  br0 eth1
brctl    addif  br0 wlan0
brctl    addif  br0 ath0
ifconfig br0 netmask up
brctl stp br0 off

There are some other issues in my config I'd like to get fixed, but for the immediate... How do I get my wireless LAN talking to my wired LAN? Here is the route table as well:


# route
Kernel IP routing table
Destination    Gateway        Genmask        Flags Metric Ref    Use Iface    *      U    0      0        0 br0  *      U    0      0        0 eth0    *        U    0      0        0 eth0
default        UG    0      0        0 eth0

My only success getting the interfaces to talk to one another has been through making br0 the default gateway, and thus losing internet connectivity.

For the sake of completeness, I am running a firewall. It is the rc.firewall-2.4-stronger ver 0.80s available here:

I apologize. My issues seems like it's probably a simple mis-config on my part. But it has been troubling me for a long time, and I have been unable to google a solution. Any suggestions you may have are greatly appreciated.


tedcox 10-31-2005 03:38 PM

bump. Anyone have any ideas?

fr_laz 10-31-2005 05:20 PM


i didn't check your firewall, so excuse me if you already configured this...
you must enable forwarding from br0 to br0, because packets using the bridge go through iptables as well: iptables -A FORWARD -i br0 -o br0 -j ACCEPT

tedcox 10-31-2005 06:50 PM

THAT DID IT! Thank you so much! As I suspected, that should have been obvious to me, but for whatever reason it wasn't. Happy Halloween.

