Date: Thu, 26 Sep 2002 19:21:12 +0200 From: Jacques Caron <Jacques.Caron@IPsector.com> To: Jason Hunt <leth@primus.ca> Cc: mobile@FreeBSD.ORG, Bruce M Simpson <bms@spc.org>, Dan Langille <dan@langille.org> Subject: Re: getting wi running as a bridge Message-ID: <5.1.1.6.0.20020926191527.04145548@wheresmymailserver.com> In-Reply-To: <20020926112828.N52066-100000@lethargic.dyndns.org> References: <F336654A-CC47-11D6-B02B-0003930B3DA4@nostrum.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 18:47 26/09/2002, Jason Hunt wrote:
>On Thu, 26 Sep 2002, Jacques Caron wrote:
>
> > And this won't work with two boxes configured as APs: they won't talk to
> > each other (only stations talk to APs). And regular stations can't
> > bridge (because of differences in the 802.11 frame format depending on
> > whether the source/destination MAC addresses match the wireless cards or
> > something else).
> >
> > To obtain a real 802.11 bridge, you need the cards to be able to run in
> > so-called WDS mode, but I'm not even sure this is supported with the
> > PRISM cards, let alone the Orinocos.
>
>Do you mean it's not supported by the driver in FreeBSD? I ask this
>because I have one of those Apple Airports (an older one), and they use
>Orinoco Silver cards.
AFAIK, you need a special firmware on those cards to support AP mode. There
is some speculation about it being downloadable in the card from the W2K
driver by setting some registry value, but the default firmware does not
have the "hostap" mode, and does not support sending frames with a source
mac not matching the card's (or a dest mac not matching the destination
WLAN card's).
> > Your only options are:
> > - route instead of bridging: this requires 3 subnets (one for each LAN
> > and a /30 for the wireless link), and IP forwarding enabled
> > - set up some form of tunnel
> > - a specific case of the above, setup an IPsec VPN between the two
> > boxes.
> >
> > Note that the latter options probably require some sort of routing too,
> > or you'll need to do some fun things with proxy ARP or promiscuous mode
> > somehow...
>
>An IPSec VPN is a form of a tunnel (well, IPsec goes inside a tunnel, but
>whatever), which would require routing like you described in the first
>option.
Usually yes, but I'm pretty sure you can do some stuff without actually
routing through the box: remember that ipsec does not use the routing table
to decide where and how to send packets, but the policy table, so it might
actually work with some form of bridging. I wouldn't bet anything on that,
though.
Or one might be able to imagine some form of bridging over PPP over
Ethernet over WLAN... ;->
Jacques.
-- Jacques Caron, IP Sector Technologies
Join the discussion on public WLAN open global roaming:
http://lists.ipsector.com/listinfo/openroaming
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-mobile" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.1.6.0.20020926191527.04145548>