# Bridging wire and wireless

## habnefrage

Hmmm i have read millions of HowTos, other millions of Threads in this forum but dit not find the answer  :Smile: 

my setup:

eth0 ----- switch ------ (some clients like adsl Modem, and two computers)

wlan0 ---------- some wlan clients

with some ip tabel rules i got it working, that every client on eth0 or wlan0 can connect to the internet (ppp0)

But now my Problem: I can´t ping cross the network adapters. they are in the same subnet (192.168.0.0) and have the correct netmask (255.255.255.0)  but a client connected via wlan can not ping a client connectet via eth0 and visawersa

this is the way i setup the bridge:

```

iwconfig ath0 mode Master essid will2 channel 11

iwpriv ath0 mode 3

brctl addbr br0

brctl addif br0 eth0

brctl addif br0 ath0

ifconfig eth0 0.0.0.0

ifconfig ath0 0.0.0.0

ifconfig br0 192.168.0.1 netmask 255.255.255.0 up

```

this ist what brctl show says

```

tux root # brctl show

bridge name     bridge id               STP enabled     interfaces

br0             8000.000f3df68250       no              eth0

                                                        ath0

```

and this brctl showmacs br0

```

tux root # brctl showmacs br0

port no mac addr                is local?       ageing timer

  1     00:09:5b:b9:09:fd       no                 1.92

  1     00:0f:3d:f6:82:5d       yes                0.00

  2     00:0f:b5:46:2e:34       no                 0.08

  2     00:0f:b5:63:db:7a       yes                0.00

  1     00:90:1a:41:8e:3d       no                 8.36

```

this is ifconfig

```

tux root # ifconfig

ath0      Link encap:Ethernet  HWaddr 00:0F:B5:63:DB:45

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:4394 errors:1446 dropped:0 overruns:0 frame:1446

          TX packets:6349 errors:2010 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:199

          RX bytes:405970 (396.4 Kb)  TX bytes:2574226 (2.4 Mb)

          Interrupt:11 Memory:c6aa0000-c6ab0000

br0       Link encap:Ethernet  HWaddr 00:0F:3D:F6:82:45

          inet addr:192.168.0.1  Bcast:192.168.0.255  Mask:255.255.255.0

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:53329 errors:0 dropped:0 overruns:0 frame:0

          TX packets:47604 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:27839931 (26.5 Mb)  TX bytes:28000799 (26.7 Mb)

eth0      Link encap:Ethernet  HWaddr 00:0F:3D:F6:82:45

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:49248 errors:0 dropped:0 overruns:0 frame:0

          TX packets:44986 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:28267394 (26.9 Mb)  TX bytes:25772864 (24.5 Mb)

          Interrupt:5 Base address:0xec00

lo        Link encap:Local Loopback

          inet addr:127.0.0.1  Mask:255.0.0.0

          UP LOOPBACK RUNNING  MTU:16436  Metric:1

          RX packets:0 errors:0 dropped:0 overruns:0 frame:0

          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

ppp0      Link encap:Point-to-Point Protocol

          inet addr:85.72.55.231  P-t-P:62.104.190.33  Mask:255.255.255.255

          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1454  Metric:1

          RX packets:22801 errors:0 dropped:0 overruns:0 frame:0

          TX packets:26607 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:3

          RX bytes:13898864 (13.2 Mb)  TX bytes:13694617 (13.0 Mb)

```

What can there be the problem? why can´t  i ping throug the bridge?

----------

## mens

can you ping the bridge itself from both sides?

----------

## habnefrage

yes i can...

and i also can ping the clients from the server/router/bridge 

any idea??

----------

## mens

when you try to ping through the bridge, do you see any packets arrive on the bridge?

----------

## mens

Did you explicitly turn of STP? Since you only have 1 bridge, it shouldn't make a difference, but did you try turning it on?

----------

## habnefrage

i just emerge tcpdump, then i can answer your first question.

2. No, I dit not turn it of my selft, it is off by its own. i also tryed to turn it on, but it had no effekt.

----------

## habnefrage

OK, tcpdump is running and i can see this:

21:59:01.405074 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

every two/three seconds

This is what tcpdump says when i start pinging

21:59:50.395643 arp who-has 192.168.0.228 tell 192.168.0.106

21:59:50.396166 arp reply 192.168.0.228 is-at 00:09:5b:b9:09:fc

what does this mean?

----------

## UberLord

You may need to put the interfaces in promiscous mode

```

ifconfig eth0 promisc 1

ifconfig ath0 promisc 1

```

----------

## habnefrage

i did it and thats the new ifoncifg output

```
tux root # ifconfig ath0 promisc 0.0.0.0 up

tux root # ifconfig eth0 promisc 0.0.0.0 up

tux root # ifconfig

ath0      Link encap:Ethernet  HWaddr 00:0F:B5:63:DB:76

          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1

          RX packets:13203 errors:2119 dropped:0 overruns:0 frame:2119

          TX packets:17599 errors:2894 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:199

          RX bytes:1215844 (1.1 Mb)  TX bytes:9897918 (9.4 Mb)

          Interrupt:11 Memory:c6aa0000-c6ab0000

br0       Link encap:Ethernet  HWaddr 00:0F:3D:F6:82:50

          inet addr:192.168.0.1  Bcast:192.168.0.255  Mask:255.255.255.0

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:74216 errors:0 dropped:0 overruns:0 frame:0

          TX packets:65871 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:36309173 (34.6 Mb)  TX bytes:36009667 (34.3 Mb)

eth0      Link encap:Ethernet  HWaddr 00:0F:3D:F6:82:50

          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1

          RX packets:61326 errors:0 dropped:0 overruns:0 frame:0

          TX packets:53836 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:36219774 (34.5 Mb)  TX bytes:26779438 (25.5 Mb)

          Interrupt:5 Base address:0xec00

lo        Link encap:Local Loopback

          inet addr:127.0.0.1  Mask:255.0.0.0

          UP LOOPBACK RUNNING  MTU:16436  Metric:1

          RX packets:14 errors:0 dropped:0 overruns:0 frame:0

          TX packets:14 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:1568 (1.5 Kb)  TX bytes:1568 (1.5 Kb)

ppp0      Link encap:Point-to-Point Protocol

          inet addr:85.72.9.35  P-t-P:62.104.190.33  Mask:255.255.255.255

          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1454  Metric:1

          RX packets:343 errors:0 dropped:0 overruns:0 frame:0

          TX packets:294 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:3

          RX bytes:250925 (245.0 Kb)  TX bytes:51720 (50.5 Kb)

```

but now changes to the problem. i still can´t ping

----------

## mens

 *habnefrage wrote:*   

> OK, tcpdump is running and i can see this:
> 
> 21:59:01.405074 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15
> 
> every two/three seconds
> ...

 

This is your bridge announcing itself as a bridge. On what interface did you read this?

 *habnefrage wrote:*   

> 
> 
> This is what tcpdump says when i start pinging
> 
> 21:59:50.395643 arp who-has 192.168.0.228 tell 192.168.0.106
> ...

 

This is your ping client broadcasting for the MAC address of the machine you try to ping. There's also a reply. Check on that client of you see the reply as well. This is all good, this should now be followed by icmp: echo request packets, but there's no trace of that so either the client didn't receive the arp reply or it doesn't know of the bridge.

----------

## habnefrage

 *Quote:*   

> This is your bridge announcing itself as a bridge. On what interface did you read this?

 

I recieved it on the machine, the bridge is running. i just startet tcpdump by tryping tcpdump (without any arguments) I don´t know which Interface it uses/dumps by default.

 *Quote:*   

> but there's no trace of that so either the client didn't receive the arp reply

 

How can i check this?? Can i change the ARP?

 *Quote:*   

> or it doesn't know of the bridge.

 

i thought, a bridge is transparent, so the client does not need to know anything about the bridge?

 *Quote:*   

> This is your ping client broadcasting for the MAC address of the machine you try to ping. There's also a reply. Check on that client of you see the reply as well. 

 

How do I check this? The Client is a Windows XP machine, i cant use TCPDUMP  :Smile: 

----------

## mens

 *habnefrage wrote:*   

>  *mens wrote:*   This is your bridge announcing itself as a bridge. On what interface did you read this? 
> 
> I recieved it on the machine, the bridge is running. i just startet tcpdump by tryping tcpdump (without any arguments) I don´t know which Interface it uses/dumps by default.
> 
> 

 

You can specify what interface it listens on with the -i switch. Try running two instances of tcpdump, one on eth0 and one on ath0

 *habnefrage wrote:*   

> 
> 
> How can i check this?? Can i change the ARP?

 

Why would you wanna do that?? run tcpdump on the client machine and see if you get the arp reply there as well. Again, on the router, check on which interface the arp request comes in and where it goes out. For my understanding: is the client on the wireless side of the bridge or on the wired side? What's the client's network config?

 *habnefrage wrote:*   

> 
> 
>  *mens wrote:*   or it doesn't know of the bridge. 
> 
> i thought, a bridge is transparent, so the client does not need to know anything about the bridge?
> ...

  I meant the bridge didn't pick up the ping signal

 *habnefrage wrote:*   

>  *mens wrote:*   This is your ping client broadcasting for the MAC address of the machine you try to ping. There's also a reply. Check on that client of you see the reply as well.  
> 
> How do I check this? The Client is a Windows XP machine, i cant use TCPDUMP :)

 

I'm sure there is some equivalent of tcpdump for windows as well. Just google for it.

----------

## habnefrage

OK,  first let me say THANKS that you take the time to help me... I would give you credits if I could  :Smile: 

Here is my Networktopology...:

AP (Netgear WG302 with IP 192.168.0.228) <---wl---> many Wirelessclients

|

w

|

Switch <---w--> ADSL Modem <---w----> Interget

|

w

|

eth0 --bridge (IP 192.168.0.1)-- ath0 (in Master mode) <---wl----> PC1 (IP 192.168.0.106)

(w = wired connection |  wl = wireless connection)

I am going to setup a working accesspoint with ath0. SO I soon can switch off the Netgear AP. But I still need to ping through the bridge because there are other clients connectet to the switch (My Dbox for watching TV, maybe an Asterisk Server)

an here comes what happens when I ping from PC1 (IP 192.168.0.6)

TCPDUMP on PC1

```
11:43:14.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:43:18.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:43:20.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:43:22.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:43:24.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:43:26.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:43:28.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:43:30.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:43:32.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:43:34.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:43:36.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:43:38.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:43:40.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:43:40.343750 arp who-has 192.168.0.228 tell tasche

11:43:40.343750 arp reply 192.168.0.228 is-at 00:09:5b:b9:09:fc

11:43:40.343750 IP tasche > 192.168.0.228: ICMP echo request seq 25344, length 4

0

11:43:42.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:43:44.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:43:45.812500 IP tasche > 192.168.0.228: ICMP echo request seq 25600, length 4

0

11:43:46.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:43:48.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:43:50.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:43:51.312500 IP tasche > 192.168.0.228: ICMP echo request seq 25856, length 4

0

11:43:52.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:43:54.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:43:56.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:43:56.812500 IP tasche > 192.168.0.228: ICMP echo request seq 26112, length 4

0

11:43:58.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:44:00.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:44:02.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:44:04.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:44:06.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:44:08.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:44:10.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:44:10.812500 arp who-has 192.168.0.1 tell tasche

11:44:10.812500 arp reply 192.168.0.1 is-at 00:0f:3d:f6:82:50

11:44:10.812500 IP tasche.68 > 192.168.0.1.67: BOOTP/DHCP, Request from 00:0f:b5

:46:2e:31, length: 300

11:44:10.828125 IP 192.168.0.1.67 > tasche.68: BOOTP/DHCP, Reply, length: 300

11:44:12.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:44:14.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:44:15.812500 arp who-has tasche tell 192.168.0.1

11:44:15.812500 arp reply tasche is-at 00:0f:b5:46:2e:31

11:44:16.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:44:20.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:44:22.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:44:24.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:44:26.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:44:28.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:44:30.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

11:44:32.000000 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:

09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

```

TCPDUMP on eth0 (@ gentoo box)

```
09:43:45.033904 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:43:47.034053 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:43:49.034200 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:43:51.034354 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:43:53.034502 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:43:53.382572 arp who-has 192.168.0.228 tell 192.168.0.106

09:43:53.382999 arp reply 192.168.0.228 is-at 00:09:5b:b9:09:fc

09:43:55.034653 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:43:57.034802 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:43:59.034951 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:01.035100 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:03.035248 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:05.035398 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:07.035546 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:09.035697 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:11.035846 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:13.035994 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:15.036146 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:17.036296 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:19.036443 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:21.036593 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:23.036741 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:23.852270 arp who-has 192.168.0.1 tell 192.168.0.106

09:44:25.036892 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:27.037041 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:29.037190 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:31.037337 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

```

TCPDUMP on ath0 (@ the gentoo box)

```
09:43:27.032635 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:43:27.737541 [|llc]00:0f:b5:46:2e:31 > 00:0f:b5:63:db:76, 802.3, length 14:

09:43:28.383945 [|llc]00:0f:b5:46:2e:31 > 00:0f:b5:63:db:76, 802.3, length 14:

09:43:28.384474 [|llc]00:0f:b5:46:2e:31 > 00:0f:b5:63:db:76, 802.3, length 14:

09:43:29.032765 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:43:29.092343 [|llc]00:0f:b5:46:2e:31 > 00:0f:b5:63:db:76, 802.3, length 14:

09:43:31.032910 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:43:33.033063 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:43:34.081130 [|llc]00:0f:b5:46:2e:31 > 00:0f:b5:63:db:76, 802.3, length 14:

09:43:35.033208 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:43:37.033365 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:43:39.033504 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:43:39.081882 [|llc]00:0f:b5:46:2e:31 > 00:0f:b5:63:db:76, 802.3, length 14:

09:43:39.789751 [|llc]00:0f:b5:46:2e:31 > 00:0f:b5:63:db:76, 802.3, length 14:

09:43:41.033649 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:43:43.033795 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:43:44.784991 [|llc]00:0f:b5:46:2e:31 > 00:0f:b5:63:db:76, 802.3, length 14:

09:43:45.033952 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:43:47.034106 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:43:49.034253 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:43:49.785757 [|llc]00:0f:b5:46:2e:31 > 00:0f:b5:63:db:76, 802.3, length 14:

09:43:50.493634 [|llc]00:0f:b5:46:2e:31 > 00:0f:b5:63:db:76, 802.3, length 14:

09:43:51.034403 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:43:53.034550 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:43:53.382478 arp who-has 192.168.0.228 tell 192.168.0.106

09:43:53.382517 arp who-has 192.168.0.228 tell 192.168.0.106

09:43:53.383040 arp reply 192.168.0.228 is-at 00:09:5b:b9:09:fc

09:43:53.384527 IP 192.168.0.106 > 192.168.0.228: icmp 40: echo request seq 25344

09:43:55.034709 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:43:57.034849 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:43:58.848639 IP 192.168.0.106 > 192.168.0.228: icmp 40: echo request seq 25600

09:43:59.035016 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:00.489625 [|llc]00:0f:b5:46:2e:31 > 00:0f:b5:63:db:76, 802.3, length 14:

09:44:01.035148 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:01.136020 [|llc]00:0f:b5:46:2e:31 > 00:0f:b5:63:db:76, 802.3, length 14:

09:44:03.035299 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:04.348972 IP 192.168.0.106 > 192.168.0.228: icmp 40: echo request seq 25856

09:44:05.035449 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:07.035594 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:09.035749 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:09.849395 IP 192.168.0.106 > 192.168.0.228: icmp 40: echo request seq 26112

09:44:11.035897 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:11.131005 [|llc]00:0f:b5:46:2e:31 > 00:0f:b5:63:db:76, 802.3, length 14:

09:44:11.838872 [|llc]00:0f:b5:46:2e:31 > 00:0f:b5:63:db:76, 802.3, length 14:

09:44:13.036041 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:15.036200 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:17.036343 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:19.036492 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:21.036655 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:21.834755 [|llc]00:0f:b5:46:2e:31 > 00:0f:b5:63:db:76, 802.3, length 14:

09:44:22.604089 [|llc]00:0f:b5:46:2e:31 > 00:0f:b5:63:db:76, 802.3, length 14:

09:44:23.036784 802.1d config 8000.00:09:5b:b9:09:fc.8001 root 8000.00:09:5b:b9:09:fc pathcost 0 age 0 max 20 hello 2 fdelay 15

09:44:23.852163 arp who-has 192.168.0.1 tell 192.168.0.106

09:44:23.852213 arp who-has 192.168.0.1 tell 192.168.0.106

09:44:23.852371 arp reply 192.168.0.1 is-at 00:0f:3d:f6:82:50

```

I hope you do understand something  :Smile:   I doesn´tLast edited by habnefrage on Fri Apr 15, 2005 11:47 am; edited 1 time in total

----------

## mens

OK, first of all, since you already have an access point, you should definately enable STP on your bridge. Your access point is a bridge as well and you need STP to get the two bridges working correctly.

If I'm correct, you are trying to ping your AP from PC1. I also see the ping request enter on ath0 but I do not see it exit on eth0. I assume you can ping your AP from your bridge. Did you setup ip forwarding on this bridge?

If you will get rid of the netgear AP, why don't you try disabling that one and switch al your existing wireless clients to use the bridge. See if this works. It would sure make things a lot easier for you. Are the networks using the netgear AP and your bridge-AP using the same essid? What is the default gateway of your clients, your AP and your bridge?

----------

## habnefrage

OK...

I will Enable stp right now  :Smile:  (But i allready had enabled it, without any success)

Yes you were right, i tryed to ping the Accesspoint from PC1 (through the bridge)

What do you mean with "forwarding on the bridge" ?? There are iptables that NAT all the Traffic so that i can use the internet from both, eth0 and ath0. But no forwarding bitween the net. interfaces (i think)

OK, like you say i will turn off the Netgear AP so that every Client has to use the Bridge as AP. Do i than still need STP turned on?

No the Netgear AP and the "self made AP" don´t use the same essid. Also not the same channel.

The default Gateway the Clients use is the IP of the Bridge (192.168.0.1). For the internet it works.

----------

## budee

hi, bridging don't work with wlan cards. you need two APs in bridge mode, or you can set up Proxy-ARP (this way broadcasts won't get through). If you are interested in proxy-arp i can provide some more info on that.

peace, bud

----------

## habnefrage

You are welcome  :Smile: 

Please give me ALL you have. I NEED the connection from my DBOX to the WLAN.

thx

----------

## budee

ok, i really recommend you buying an AP, it will make your life much easier.

as for the proxy-arp, here is the explanation how it works: http://www.tldp.org/HOWTO/Proxy-ARP-Subnet/how.html

that howto is a bit outdated, there is no need for the arp command anymore (i think since 2.4). a 

```
echo "1" > /proc/sys/net/ipv4/conf/eth0/proxy_arp

echo "1" > /proc/sys/net/ipv4/conf/wlan0/proxy_arp
```

will do it (you can't put it into /etc/sysctl.conf, because when it gets read when the interfaces aren't up yet). maybe a

```
echo "1" > /proc/sys/net/ipv4/ip_forward
```

is needed too, i'm not sure (i'm not at home, where i did this, so i can't try it out). (you can put this one to /etc/sysctl.conf.) but before you do it, remove all the bridge stuff, give different ip addresses for the eth0 and wlan0 on your network segment (in your case 192.168.0.x) netmask 255.255.255.0 (maybe it will work if eth0 and wlan0 have the same ip, i dont know). now you have to make a small subnet for the wlan clients. i will use the example network 192.168.0.208 netmask 255.255.255.240 (4bits) so wlan clients can have ip addresses from 192.168.0.209 to 192.168.0.222 (14 hosts). (if you need more hosts on wlan, you can use a "smaller" netmask.) now:

```
route add -net 192.168.0.208 netmask 255.255.255.240 dev wlan0
```

now you should be able to ping wireless clients from lan and vice versa. (give it some time, the first few packets won't get through) the drawback is, you can't use broadcasts (for example you won't be able to join a warcraft 3 server on your lan from wireless clients, because it won't show up in the server browser).

if something don't work check first:

```
cat /proc/sys/net/ipv4/conf/eth0/proxy_arp

cat /proc/sys/net/ipv4/conf/wlan0/proxy_arp
```

oh, you need some iptables stuff in your kernel to make proxy_arp work (you probably already have it). it's hard to find information on proxy_arp, which is strange, because it's an excellent feature.

if you need inet connection on your wireless clients, you can remove all the iptables stuff, and configure your clients to use the router on lan as a default gateway. i've did this at home with a 166MMX running gentoo, and its working more than 3 weeks nonstop without any problems.

i hope this will help you.

peace, bud

ps: sorry for my terrible english

edit: hm, i just remembered, maybe something like this is needed too:

```
route del -net 192.168.0.X netmask 255.255.255.0 dev wlan0
```

192.168.0.X is the ip address of wlan0

----------

## Trappies

Hey Guys,

I am still a bit of a n00b when it comes to the more technical stuff, I have a very similar setup, I also have ath0 and eth0 with a bridge br0, now, everything seems to work ok, the only problem I have is the following. The wireless card seems to go into some or other suspend mode, it disconnects, reconnects and then works fine again for about 5 minutes, and then disconnects again, here is a sample of what happens :

```
Dec 18 19:32:11 zeus ath0: received packet with  own address as source address

Dec 18 19:32:11 zeus ath0: received packet with  own address as source address

Dec 18 19:32:12 zeus ath0: received packet with  own address as source address

Dec 18 19:32:13 zeus ath0: received packet with  own address as source address

Dec 18 19:32:13 zeus ath0: received packet with  own address as source address

Dec 18 19:32:13 zeus ath0: received packet with  own address as source address

Dec 18 19:32:21 zeus printk: 1 messages suppressed.

Dec 18 19:32:21 zeus ath0: received packet with  own address as source address

Dec 18 19:32:45 zeus br0: port 2(ath0) entering disabled state

Dec 18 19:32:53 zeus br0: port 2(ath0) entering listening state

Dec 18 19:33:08 zeus br0: port 2(ath0) entering learning state

Dec 18 19:33:23 zeus br0: topology change detected, propagating

Dec 18 19:33:23 zeus br0: port 2(ath0) entering forwarding state

Dec 18 19:33:32 zeus ath0: received packet with  own address as source address

Dec 18 19:33:32 zeus ath0: received packet with  own address as source address

Dec 18 19:33:32 zeus ath0: received packet with  own address as source address

Dec 18 19:33:32 zeus ath0: received packet with  own address as source address

Dec 18 19:33:32 zeus ath0: received packet with  own address as source address

Dec 18 19:33:33 zeus ath0: received packet with  own address as source address

Dec 18 19:33:34 zeus dhcpd: DHCPREQUEST for 192.168.0.8 from 00:20:ed:65:8f:78 via br0

Dec 18 19:33:34 zeus dhcpd: DHCPACK on 192.168.0.8 to 00:20:ed:65:8f:78 via br0

Dec 18 19:33:34 zeus br0: port 2(ath0) entering disabled state

Dec 18 19:33:42 zeus br0: port 2(ath0) entering listening state

```

The Wireless network card seems to go into the disabled, listening and learning states  :Sad: 

I have done a search on the forum to find out what the following means and have found nothing :

```
ath0: received packet with  own address as source address
```

and what does this mean :

```
printk: 1 messages suppressed.
```

and isn't a bridge supposed to "bridge" the two sides of the network. As in allow pass through communication?

Thnx

Davin

----------

## jkroon

Are you familiar with a hardware bridge?  They were orriginally used in the days of HUBS to segment networks into smaller chunks to reduce the amount of network traffic (remember that HUBS broadcast all received packets to all ports).  Now that we have switches they are not really needed any more as a switch essentially functions as an n:n bridge (ie, it acts as a bridge between all it's ports).  I guess you can say a bridge was the predessor of a switch (it usually only had 2 ports afaik, possibly a few more).

Anyhow, binding a bunch of network cards in a machine into a bridge turns it into a very expensive and highly intelligent switch for all practical purposes.  The advantage of a bridge over a switch is that it allows for multi-path routes at a layer 2 level allowing for quite a bit of redundancy (STP).  So unless you have an actual <b>loop</b> in your network you should not need STP.

In theory a wireless card should only provide layer 2 services to the O/S in any case.  It might be possible that it's not possible for the O/S to tamper with the source MAC address though causing all transmitted packets on the device to have the machines own MAC address as source even though the source IP is not it's own.  This may or may not cause the "received packet with  own address as source address" error.  Take into consideration that wireless is esentially an ethernet without the wire, a broadcast medium as such, thus you may receive the packets you transmit as well, especially if the destination MAC is the broadcast one (ff:ff:ff:ff:ff:ff).

The printk line just says that another line identical to the previous was received but not output.  By default the syslog (I think) only shows a few identical lines before it will simply keep a copy and a line counter and print such a message.  The fact that it's prefixed by printk (printf for in-kernel use) indicates that this behaviour might in fact be in-kernel.

I'm not a particular fan of Wireless for anything but notebooks (it's usually more hassle than what it's worth imho), and even then I'm semi-skeptical.

As for proxy-arp:  The whole point of proxy-arp is to use the same subnet on both sides, if you are using different subnets you can just as well use normal ip-forwarding since you are going to need to configure a gateway in any case.  Also, my understanding is that broadcast packets (ie: packets to ff:ff:ff:ff:ff:ff) will still be forwarding in the case of proxy-arp, not so?  If not, it should be relatively simple to make iptables (possibly with a small helper) forward these packets for you.

Back to trappies, tcpdump might be able to better diagnose this problem.

----------

