From owner-freebsd-virtualization@freebsd.org Tue Jun 14 06:18:09 2016 Return-Path: Delivered-To: freebsd-virtualization@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AACF8AF2B9B for ; Tue, 14 Jun 2016 06:18:09 +0000 (UTC) (envelope-from ticso@cicely7.cicely.de) Received: from raven.bwct.de (raven.bwct.de [85.159.14.73]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "raven.bwct.de", Issuer "BWCT" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 2143D2D70 for ; Tue, 14 Jun 2016 06:18:08 +0000 (UTC) (envelope-from ticso@cicely7.cicely.de) Received: from mail.cicely.de ([10.1.1.37]) by raven.bwct.de (8.13.4/8.13.4) with ESMTP id u5E6HiiO068620 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Tue, 14 Jun 2016 08:17:52 +0200 (CEST) (envelope-from ticso@cicely7.cicely.de) Received: from cicely7.cicely.de (cicely7.cicely.de [10.1.1.9]) by mail.cicely.de (8.14.5/8.14.4) with ESMTP id u5E6HcN9066335 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 14 Jun 2016 08:17:39 +0200 (CEST) (envelope-from ticso@cicely7.cicely.de) Received: from cicely7.cicely.de (localhost [127.0.0.1]) by cicely7.cicely.de (8.15.2/8.15.2) with ESMTP id u5E6HcvG052589; Tue, 14 Jun 2016 08:17:38 +0200 (CEST) (envelope-from ticso@cicely7.cicely.de) Received: (from ticso@localhost) by cicely7.cicely.de (8.15.2/8.15.2/Submit) id u5E6HcVi052588; Tue, 14 Jun 2016 08:17:38 +0200 (CEST) (envelope-from ticso) Date: Tue, 14 Jun 2016 08:17:38 +0200 From: Bernd Walter To: Fehmi Noyan ISI Cc: "freebsd-virtualization@freebsd.org" Subject: Re: Cannot forward traffic over wlan0 with bhyve Message-ID: <20160614061738.GB50738@cicely7.cicely.de> Reply-To: ticso@cicely.de References: <231368807.5153885.1463691015944.JavaMail.yahoo.ref@mail.yahoo.com> <231368807.5153885.1463691015944.JavaMail.yahoo@mail.yahoo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <231368807.5153885.1463691015944.JavaMail.yahoo@mail.yahoo.com> X-Operating-System: FreeBSD cicely7.cicely.de 10.2-RELEASE amd64 User-Agent: Mutt/1.5.11 X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED=-1, BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01 autolearn=ham version=3.3.0 X-Spam-Checker-Version: SpamAssassin 3.3.0 (2010-01-18) on spamd.cicely.de X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jun 2016 06:18:09 -0000 On Thu, May 19, 2016 at 08:50:15PM +0000, Fehmi Noyan ISI via freebsd-virtualization wrote: > Hi there, > > As I mentioned in this forum post [1], I am having issues with getting my FreeBSD-CURRENT VM connected to the Internet via wlan0 interface. > > I created tap0 and bridge0 interfaces, and edited configuration files to keep changes permanent as suggested by the handbook [2]. > > I also set the pf rules to enable NAT between tap0 and wlan0 interfaces as described here [3]. > > > When I monitor tap0 and wlan0 interfaces with tcpdump while running "dhclient vtnet0" in the guest OS, I noticed that tap0 forwards packets to wlan0 and wlan0 recevies them (some tcpdump output is in [1]). But nothing happens after this... > > I also noticed that the pf fails to start with the ruleset given in [3], and having paranhtesis around (bridge0:network) solves the issue, so I filed a bug report for this [4]. > > I need assistance with my VM internet access and will appreciate you guidance on the matter. It's been a few weeks old, but still unanswered. The problem is that as a wifi client only a single MAC address is registered with the AP. The systems behind the bridge have their own MAC addresses, which the AP doesn't know. You either need to setup your wifi with mesh support, run the bridge on the AP instead of the client side, or run dirty tricks with proxy ARP. The best option would be to avoid bridging from wifi completely and route a different net to your vm host or use a cable. -- B.Walter http://www.bwct.de Modbus/TCP Ethernet I/O Baugruppen, ARM basierte FreeBSD Rechner uvm.