I just tried to set up ethernet bridging between the wireless interface
and the wired ethernet interface on my laptop machine. It didn't work.
As far as I could tell from the tcpdump output, the wireless stack
doesn't want to transmit packets with a foreign link-layer source
address.
Is there any way around this restriction? Or must I resort to IP
forwarding instead?
Thanks,
Alan Stern
On Mon, 14 Dec 2009, Johannes Berg wrote:
> On Mon, 2009-12-14 at 11:35 -0500, Alan Stern wrote:
> > I just tried to set up ethernet bridging between the wireless interface
> > and the wired ethernet interface on my laptop machine. It didn't work.
> > As far as I could tell from the tcpdump output, the wireless stack
> > doesn't want to transmit packets with a foreign link-layer source
> > address.
> >
> > Is there any way around this restriction? Or must I resort to IP
> > forwarding instead?
>
> There's no standard way around this restriction, the on-air packets are
> required to be transmitted with the correct TA (transmitter address) [1]
> which also must be the SA (sender address) in the regular frame format,
> since the DA (destination address) and RA (receiver address) must be
> present and the format only has three addresses. In recent kernels (what
> will be 2.6.33), we have added code to disallow such configurations
> since they cannot work.
Okay, it sounds like the upshot is that (short of some rather unusual
and/or heroic measures) it can't be done.
Thanks for the information.
Alan Stern
On Mon, 2009-12-14 at 11:35 -0500, Alan Stern wrote:
> I just tried to set up ethernet bridging between the wireless interface
> and the wired ethernet interface on my laptop machine. It didn't work.
> As far as I could tell from the tcpdump output, the wireless stack
> doesn't want to transmit packets with a foreign link-layer source
> address.
>
> Is there any way around this restriction? Or must I resort to IP
> forwarding instead?
There's no standard way around this restriction, the on-air packets are
required to be transmitted with the correct TA (transmitter address) [1]
which also must be the SA (sender address) in the regular frame format,
since the DA (destination address) and RA (receiver address) must be
present and the format only has three addresses. In recent kernels (what
will be 2.6.33), we have added code to disallow such configurations
since they cannot work.
However, if you control both the AP and and the station (e.g. laptop),
and your AP and station both run mac80211, then you can use the
four-address hack that Felix has been developing. It will then use the
standardised four-address frame format that normally cannot be used
between a station and an AP to transfer different TA/SA. I'm not sure if
he has documentation on this yet.
There's also ebtables NAT, but I have no idea if/how that works.
johannes
[1] otherwise the ACK mechanism cannot work