LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Wireless Networking (https://www.linuxquestions.org/questions/linux-wireless-networking-41/)
-   -   Bridging a Wifi and Wired Network... (https://www.linuxquestions.org/questions/linux-wireless-networking-41/bridging-a-wifi-and-wired-network-646275/)

sancho 06-01-2008 05:48 PM
Bridging a Wifi and Wired Network...
 
I've got what should be a simple networking setup, but it is complicated by the fact that it is physically cut in half by a wireless link.

What I essentially have is a server, two workstations (one is WinXP), a wireless laptop, a wifi router (running dd-wrt), and a network printer that I want to all communicate on the same network (192.168.1.0) as though they were all connected to the same hub. Here's what my setup looks like when presented ASCIIly:

Code:
                    *
                    |
[[INTERNET]]-----[wifi router]-----[server]

=================== WALLS ===================

  *
  |
[workstation]-----[ethernet switch]-----[network printer]
                        |
                        |
                    [Windows PC]

            *
            |
          [laptop]
I know I have too many computers but that's an entirely different issue...

The question I have regards the "workstation" in the diagram above, which is an Ubuntu Hardy box with two network interfaces:

wlan0: 192.168.1.2 (assigned by static DHCP lease)
eth0: 192.168.1.200 (static)

Basically, this workstation needs to be the bridge that joins the lower group of computers with the upper in a way that doesn't introduce routing overhead (which is why I don't want to use NAT or place the lower group on a different network than the upper). It sounds like a network bridge is what I want (bridging wlan0 to eth0), but is this possible when one of the bridged interfaces is Wifi? The instructions that I have for setting up a bridge don't mention anything about specifying access points, enabling WPA2 encryption, or getting an address from a DHCP server (all of which are requirements to get wlan0 to talk to the router).

If someone could give me some guidance here on how I should approach this, I'd greatly appreciate it!

Thanks.

pinniped 06-02-2008 07:00 AM
A few things I can think of (but I haven't got the gear around to test it myself):

1. run a 'virtual' interface over the wireless - so you have 'wlan0' which is for your workstation, and 'wlan0:0' for other things. Bridge wlan0:0 to eth0 and in principle all your ethernet traffic now goes to wlan0:0 (including DHCP requests) but doesn't interfere with 'wlan0' and the workstation's network access (aside from chewing up bandwidth).

2. create a 'tap' on wlan0; bridge the tap with eth0. Come to think of it, this is the same as (1) really. Do 'taps' still exist?

MrUmunhum 06-02-2008 01:49 PM
While I don't how to do it, you need to use EBTables to bridge
networks. I use two WAP54G's to connect my network. Works great!

sancho 06-03-2008 08:58 AM
Quote:
Originally Posted by pinniped (Post 3171939)

1. run a 'virtual' interface over the wireless - so you have 'wlan0' which is for your workstation, and 'wlan0:0' for other things. Bridge wlan0:0 to eth0 and in principle all your ethernet traffic now goes to wlan0:0 (including DHCP requests) but doesn't interfere with 'wlan0' and the workstation's network access (aside from chewing up bandwidth).
Can't say I've ever heard of a "virtual interface" before. Is this something that a "stock" kernel would support? ("Stock" meaning a pre-compiled kernel distributed with one of the major distributions such as Ubuntu) Or is this a hack or third-party solution?

Incidentally, I am keeping my eyes peeled for a decent second-hand router such as a WRT54GL that I can put Tomato/DD-WRT on. Or, failing that, one that supports bridging out of the box. Any recommendations for such a router are welcome!

Gryyphyn 06-03-2008 10:50 AM
Quote:
Originally Posted by sancho (Post 3171441)
The question I have regards the "workstation" in the diagram above, which is an Ubuntu Hardy box with two network interfaces:

wlan0: 192.168.1.2 (assigned by static DHCP lease)
eth0: 192.168.1.200 (static)
What I can't figure out is why you think there's two different networks, unless you've specified it w/subnetting. You didn't provide your subnet mask(s) so I'm just taking a guess there.

The linksys routers support single subnet for both wired/wifi connections. There's no need for there to be more than one subnet: it's one router w/two different kind of connections. I'd start by checking your settings and eliminating extraneous subnets.

Post your router config and hosts full addr set (ipv4/6 if your using it, subnet, gateway).

Gryyphyn, out.

sancho 06-05-2008 03:22 AM
This is entirely an IPv4 network.

There are not (nor do I desire there to be) two separate "networks" in the TCP/IP sense. If anything, there are two distinct groups of computers, separated by an inability to make things easy by just stacking hubs since I can't put a cable between these groups. But, essentially, that's the equivalent that I want to achieve: "stacking" hubs via Wifi. Except that one of the "hubs" is a PC with a Wifi interface and the other hub is a WRT54GL router.

What I'm trying to avoid is the suggestion that I should just set the ethernet interface on the workstation to a separate (say 192.168.2.0) network, place everything that connects via that interface on that network/subnet, and then setup NAT on the workstation. I don't want to maintain 'x' computers on the 192.168.1.0 network and then 'y' computers on 192.168.2.0 network if I can avoid it.

As for posting my router config ([wifi router] in the diagram): It's just a router running DD-WRT and is essentially a simple gateway to the Internet. Its IP is 192.168.1.254, subnet mask is 255.255.255.0, and it also hosts a DHCP server. It treats both wireless clients and anything connected to the ethernet ports in the same way (i.e. it will assign addresses in the 192.168.1.0 address space).

The [server] is direct-connected to the [wifi router] via ethernet. It, including everything else in the diagram, has an address in the 196.168.1.0 network, and the subnet mask is set to 255.255.255.0 for everything. Short of listing the actual IP for each node, that's basically all you could want to know about the network. There is nothing special about the way that anything is connected, except that I want the [Windows PC] and [network printer] to be accessible to the entire network via the [workstation] because they do not have Wifi interfaces to connect to the Wifi router directly.

Gryyphyn 06-07-2008 11:06 AM
Quote:
Originally Posted by sancho (Post 3175292)
This is entirely an IPv4 network.

There are not (nor do I desire there to be) two separate "networks" in the TCP/IP sense. If anything, there are two distinct groups of computers, separated by an inability to make things easy by just stacking hubs since I can't put a cable between these groups. But, essentially, that's the equivalent that I want to achieve: "stacking" hubs via Wifi. Except that one of the "hubs" is a PC with a Wifi interface and the other hub is a WRT54GL router.
Ok, I think I know what you're asking now. You want the workstation to act like an aggregator, pulling all the wifi connections in the lower section to it and piping them back to the wifi router in the upper section.

If thats correct then I'm not sure you'll be able to do it, or at the very least how. You'd have to set the workstation up as a WAP and redirect all the traffic from the wireless to eth0 and find a way to re-broadcast traffic through the WiNIC to the other computers when requested traffic comes back.

Piping the traffic received through the WiNIC is easy. Setting it up as a WAP... I wouldn't even know where to begin. And piping the traffic back out, like a repeater, probably isn't going to be that hard since it's already capable of doing so as a router/firewall with the right apps/servers.

I do have a question for you though: why can't you run a single eth cable to the other room to a small router? And why do you want to stay away from using two subnets? Just curious...

Gryyphyn, out.

*add*

A virtual interface is a fake, secondary interface that uses the actual interface (in the case of the above statement, wlan0) to send traffic through but appears as it's own interface when you do things like ifconfig. It's typically used, at least in my experience, for setting up things like vlans and routing through a single interface. It's virtually there in that it's not a physical interface but can handle it's own traffic.

Quigi 06-15-2008 11:39 AM
Quote:
Originally Posted by sancho (Post 3175292)
This is entirely an IPv4 network.

What I'm trying to avoid is the suggestion that I should just set the ethernet interface on the workstation to a separate (say 192.168.2.0) network, place everything that connects via that interface on that network/subnet, and then setup NAT on the workstation. I don't want to maintain 'x' computers on the 192.168.1.0 network and then 'y' computers on 192.168.2.0 network if I can avoid it.
I haven't found the solution.

My situation is very similar (minor difference: I don't have a wired "Windows PC", but instead a wireless Windows laptop).
I resigned myself to have two subnets -- 192.168.1.0 includes wireless and "server", and 192.168.3.0 is just between "workstation" (.10) and "network printer" (.50), connected via "switch" (I think a lowly hub would do, too).

I don't need to do any NAT or routing, by running CUPS in "workstation". Everyone prints to that (192.168.1.14), and CUPS knows to reach its printer at 192.168.3.50. Works nicely for me, but I'm aware that this would NOT give your "Windows PC" access to the internet.

As an experiment, I once did the routing thing: I told the wireless "laptop" (which happens to run Windows XP in my case) that its printer was 192.168.3.50. I added a route sending all packets for 192.168.3.0/24 to "workstation" (192.168.1.14). On "workstation", I set an iptables SNAT for such packets to 192.168.3.10, so that "switch" would route them back appropriately. I might have needed a special route on "workstation", too, I don't remember.
This worked; now "laptop" was able to access all ports of the "network printer" (HTTP 80, JetDirect 9100, Telnet, FTP). But all that manual routing seemed to involved, so I'm not using this currently.

I disagree with Gryyphyn: "workstation" should NOT be an access point (running in Master mode). In order to talk to "wifi router", your main access point, I think it must be a client (running in Managed mode). I don't think two access points could associate -- anyone, correct me if this is wrong.

One more idea: to make "Windows PC" happy, you will need at least to turn ipv4_forward. I think you can set your network up without NAT (after all, your packets sent over the internet don't usually get NATted at any of their many hops, except at your "wifi router"). But I think you may have to set up some routing in "workstation" -- packets destined for "laptop" or "server" or the internet must be sent out through wlan0; those for "network printer" and "Windows PC" must take eth0. I think that would be easiest if the addresses were in disjoint ranges, e.g., 1..127 and 128..255.

73gavin 07-18-2008 06:31 PM
No Tun tap stuff needed.

http://www.linuxfoundation.org/en/Net:Bridge

With your workstation up and running as a client fine, try:

ifconfig eth0 0.0.0.0
ifconfig wlan0 0.0.0.0
brctl addbr br-lan
brctl addif br-lan wlan0
brctl addif br-lan eth0
dhclient br-lan


All times are GMT -5. The time now is 04:03 PM.