Date: Mon, 28 Jul 2025 13:59:40 +0200 From: Jan Bramkamp <crest@rlwinm.de> To: wireless@freebsd.org Subject: Re: WLAN and Bridge Message-ID: <83d7d1f7-a0d9-48ed-bc97-aad6a7b41fef@rlwinm.de> In-Reply-To: <a037a602-7c6b-4ead-a97b-23b7988fc216@benhutton.com.au>
index | next in thread | previous in thread | raw e-mail
On 13.07.25 02:58, Ben Hutton wrote: > Hi, > > Is it possible to use a wlan device with a bridge and tap device for > use with bhyve? When I've tried this I cannot seem to get traffic to > route past the bridge. Not really. A normal Ethernet frame has two MAC addresses (source and destination). WiFi adds a third MAC address to each frame (source, destination and access point) with the client MAC address authenticated to the access point. What you want would require a fourth MAC address (source, destination, access point, client) to separate the client authentication from source/destination MAC address (depending on direction). Such a frame format exists and is used by WiFi repeaters, but it's not commonly supported by FreeBSD WiFi drivers or access points. > My aim is to get bhyve working with network access on my laptop on > WiFi. So far I have had to use Ethernet connections. All reasonably sane bhyve guest connections look like Ethernet to the bhyve guest. > I have looked into NAT but am unsure how I would do this with bhyve? You would: * configure the host as a router * create a bridge (with a static MAC address if you want to) * not add any physical interfaces to the bridge * assign at least on IP address out of an IP prefix assigned to the bridge * add the bhyve tap interfaces to the bridge * either configure a firewall (PF, IPFW) to NAT outgoing traffic or configure a static route on the next router upstream. If you control the network including the next router upstream routing without NAT is a lot cleaner and easier to understand. If you want to use it on the go connected to different networks you have no alternative but to NAT. A potential alternative if you're only somewhat in control of the network would be to setup proxy ARP/NDP to your one and only WiFi MAC address and add host routes, but that would require some tinkering.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?83d7d1f7-a0d9-48ed-bc97-aad6a7b41fef>