[sf-lug] WiFi & ip_forward --> bridge

Michael Paoli Michael.Paoli at cal.berkeley.edu
Sun Apr 6 12:54:51 PDT 2008

Actually, probably better to just do simple bridging.

E.g., bring up your WiFi interface, but don't give it an IP address
(e.g.  don't start the dhcp clinet on it, or shut down that clinent -
interface UP, but IP, then set up bridging (eth0 as Ethernet
interface, wlan0 as WiFi, br0 as bridge), e.g.:
# brctl addbr br0
//you may disable or configure STP, depending on your network topology,
//if unsure, read the documentation and/or consult your friendly
//neighborhood network guru.  Quick rule-of-thumb: if everything
//downstream of your switch/bridge (your system in this case) can only 
//reach upstream via your switch, you can safely disable STP, and 
//perhaps should.  If there are alternative paths from downstream to 
//upstream, you need STP, and should be certain the bridge priority is
//set appropriately (65535 would be a safe setting, lower numbers may
//cause problems on the network if you don't know what you're doing).
# ifconfig br0 up
# brctl addif br0 wlan0
# ifconfig wlan0 up
# dhclient br0
# brctl addif br0 eth0
# ifconfig eth0 up
One then has bridging set up - a simple crossover connection on eth0,
and another system/device there can use DHCP to get an address, and
pretty much behave as if it had direct hardwired connection to the LAN
- or better yet, hook up a switch or hub to eth0, then multiple
systems/devices can just plug into that with a regular Ethernet patch
cable.  Some advantages with this type of setup, is one avoids all the
hassle of routing or masquerading/NAT/SNAT, and any need for additional
DHCP configurations or static IP configurations, etc.  It also gives   
the connected systems/devices access that's highly similar to them
having direct wireless access - e.g. they can run servers on the IPs
they get via DHCP, and those will be generally directly accessible from 
the WiFi subnet (and perhaps The Internet, if they're Internet IPs).    

Apologies if anything in the above isn't precisely correct - just
quickly scribbled that from memory and some ancient notes on a rather  
different (but slightly similar) configuration.  When in doubt, A) read
the documentation, B) test.

> Date: Fri, 4 Apr 2008 10:55:39 -0700
> From: "Kristian Erik Hermansen" <kristian.hermansen at gmail.com>
> Subject: Re: [sf-lug] Fwd: [Fwd: LugRadio Live USA 2008 Exhibition]
> To: "Christian Einfeldt" <einfeldt at gmail.com>
> Cc: Linux user Group <sf-lug at linuxmafia.com>
> Message-ID:
>   <fe37588d0804041055w53ceb255j513b208c11a9970 at mail.gmail.com>
> Content-Type: text/plain; charset=ISO-8859-1
> 2008/4/4 Christian Einfeldt <einfeldt at gmail.com>:
> > When I spoke to the Lugradio guys, they said it would be wireless only.
> So
> > any boxes that hope to get onto the Internet must be wifi ready.
> Or bring a crossover cable and I will enable /proc/sys/net/ipv4/ip_forward

More information about the sf-lug mailing list