Date: Mon, 28 Jul 2025 13:24:40 +0000 (UTC) From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> To: Jan Bramkamp <crest@rlwinm.de> Cc: FreeBSD wireless mailing list <wireless@freebsd.org> Subject: Re: WLAN and Bridge Message-ID: <1943pr1n-p4no-s52n-5o49-75n9024o0627@yvfgf.mnoonqbm.arg> In-Reply-To: <83d7d1f7-a0d9-48ed-bc97-aad6a7b41fef@rlwinm.de> References: <a037a602-7c6b-4ead-a97b-23b7988fc216@benhutton.com.au> <83d7d1f7-a0d9-48ed-bc97-aad6a7b41fef@rlwinm.de>
index | next in thread | previous in thread | raw e-mail
On Mon, 28 Jul 2025, Jan Bramkamp wrote:
> On 13.07.25 02:58, Ben Hutton wrote:
>> Hi,
>>
>> Is it possible to use a wlan device with a bridge and tap device for use
>> with bhyve? When I've tried this I cannot seem to get traffic to route past
>> the bridge.
>
> Not really. A normal Ethernet frame has two MAC addresses (source and
> destination).
>
> WiFi adds a third MAC address to each frame (source, destination and access
> point) with the client MAC address authenticated to the access point.
>
> What you want would require a fourth MAC address (source, destination, access
> point, client) to separate the client authentication from source/destination
> MAC address (depending on direction).
>
> Such a frame format exists and is used by WiFi repeaters, but it's not
> commonly supported by FreeBSD WiFi drivers or access points.
>
>> My aim is to get bhyve working with network access on my laptop on WiFi. So
>> far I have had to use Ethernet connections.
> All reasonably sane bhyve guest connections look like Ethernet to the bhyve
> guest.
>> I have looked into NAT but am unsure how I would do this with bhyve?
>
> You would:
>
> * configure the host as a router
>
> * create a bridge (with a static MAC address if you want to)
>
> * not add any physical interfaces to the bridge
What is that bridge for if you are routing anyway?
You are forwarding packets and are doing { wlan | NAT } - forward - tap.
tap interfaces can have IP addresses.
> * assign at least on IP address out of an IP prefix assigned to the bridge
>
> * add the bhyve tap interfaces to the bridge
>
> * either configure a firewall (PF, IPFW) to NAT outgoing traffic or configure
> a static route on the next router upstream.
>
> If you control the network including the next router upstream routing without
> NAT is a lot cleaner and easier to understand.
>
> If you want to use it on the go connected to different networks you have no
> alternative but to NAT.
>
> A potential alternative if you're only somewhat in control of the network
> would be to setup proxy ARP/NDP to your one and only WiFi MAC address and add
> host routes, but that would require some tinkering.
>
>
>
--
Bjoern A. Zeeb r15:7
home |
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1943pr1n-p4no-s52n-5o49-75n9024o0627>