Dear forum members,
I have been googling around for almost 7 days now trying various samples and suggestions and still cannot figure out how to solve the following issue:
I have a linux box (Fedora core 5, 2.6.15) with two NICs installed: One 10/100 Ethernet and one Wireless 802.11b (Cisco Aironet 350 PCI). My purpose is to bridge those two interfaces (eth0 - wireless, eth1 - wired), so that the computers on both sides exchanged traffic as if they were on the same physical network, on the same subnet.
First I tried to bridge those two connections with "brctl" utility to act as a layer 2 bridge: created a new bridge (brctl addbr br0), then added those two interfaces to the bridge (brctl addif br0 addif eth0, eth1). For ease of administration, I also added an IP address to the bridge interface br0 itself (192.168.0.10), meanwhile removing all IP information from eth0 and eth1 interfaces (as per to most tutorials available on google).
Having all this configured, I am now able to ping to both sides of the network: wireless over eth0 and wired, over eth1. Meanwhile both sides can reach the Linux box as well. But the problem is that the hosts themselves cannot reach each other.
After spending another day in google, I figured out that some wireless cards might not work in layer 2 bridging mode. I supposed that mine was the case.
Next I figured out the key to solution could be using "Proxy ARP" technology. I tried to use the "parprouted" deamon. It worked, but partially! Now ICMP packets (pinging) were successfully passing between clients in both interfaces, but nothing more. I could not even open a port on remote host with telnet. The deamon's manual implies that it is possible to pass unicast traffic between hosts, but at least it did not work in my case.

Now my request is to all people who can assist me in setting up this network scenario. Is it possible to do it through Proxy ARP? What routes should be added? What should be altered in iptables' chains? Any hint is highly appreciated.


Client 1...............((((((((.. )))))))............ Linux Box with bridge ___________________ Client 2
192.168.0.3..............Wireless..................eth0, eth1, br0...............Ethernet..............192.168.0.4
.............................................................192.168.0.10

Thank You.
Best Regards,
Hohenzolern

Proxy arp *should* work, but the most efficient way to do it IMO would be to make the wireless side one subnet, and the wired side another. Assuming you already had a router on the wired side doing DHCP, you could run a dhcp server for the wireless card that'll distribute addresses as well as the eth0's address as the default gateway, then add a default route from eth0 to eth1, and a route for the eth0's subnet from eth1 to eth0, and a static route at your existing router to route traffic for eth0's subnet to the eth1 address of your bridging machine.

_________________
Kevin C. Leacock
cmantito 'at' cmantito 'dot' com

"A train station is where a train stops. A bus station is where a bus stops. On my desk I have a workstation..."

Thank you cmantito for your reply.
I have already solved the problem... I used proxy ARP. The problem that it did not forward packets excempt ICMP was because of my firewall. I made some changes to iptables. So basicly it is working now.
I thought about subnetting; the point is that I'm assigned a subnet of 248 (255.255.255.248) by my ISP, so actually there are 5 usable IP addresses, and assigninng IP addresses lavishly to the interfaces will leave me in the lack of some additional IP addresses.
So I think "proxy ARP"-ing is a better solution.
Anyway thanks for your advise.

Kind Regards,
Hohenzolern

I gotcha. I was on the assumption you were using internal non-routable addresses. Glad to hear you got it working though ^.^

_________________
Kevin C. Leacock

cmantito 'at' cmantito 'dot' com



"A train station is where a train stops. A bus station is where a bus stops. On my desk I have a workstation..."