From owner-freebsd-questions@FreeBSD.ORG Tue Apr 18 15:06:34 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2CD5A16A40E for ; Tue, 18 Apr 2006 15:06:34 +0000 (UTC) (envelope-from freebsd-listen@fabiankeil.de) Received: from smtprelay05.ispgateway.de (smtprelay05.ispgateway.de [80.67.18.43]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3F89043D6D for ; Tue, 18 Apr 2006 15:06:31 +0000 (GMT) (envelope-from freebsd-listen@fabiankeil.de) Received: (qmail 9403 invoked from network); 18 Apr 2006 15:06:30 -0000 Received: from unknown (HELO localhost) ([pbs]775067@[217.50.145.154]) (envelope-sender ) by smtprelay05.ispgateway.de (qmail-ldap-1.03) with SMTP for ; 18 Apr 2006 15:06:30 -0000 Date: Tue, 18 Apr 2006 17:06:12 +0200 From: Fabian Keil To: dick hoogendijk Message-ID: <20060418170612.3ea78256@localhost> In-Reply-To: <20060417125817.57c63491.dick@nagual.st> References: <20060417125817.57c63491.dick@nagual.st> X-Mailer: Sylpheed-Claws 2.0.0 (GTK+ 2.8.6; i386-portbld-freebsd6.0) X-PGP-KEY-URL: http://www.fabiankeil.de/gpg-keys/freebsd-listen-2006-08-19.asc Mime-Version: 1.0 Content-Type: multipart/signed; boundary=Sig_N7b3DI0CFzORXC7rCb8xy5N; protocol="application/pgp-signature"; micalg=PGP-SHA1 Cc: fbsdq Subject: Re: wrired-wireless if_bridge question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Apr 2006 15:06:34 -0000 --Sig_N7b3DI0CFzORXC7rCb8xy5N Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable dick hoogendijk wrote: > The situation: > A server with two wired Ethernet cards > rl0 to the outside (ISP) > rl1 to the local network (192.168.11.1) > The server does routing NAT and DHCP; pf is enabled (quite a normal > situation ;-) >=20 > The NEW situation (802.11-to-ethernet bridge) > I will add a wireless card to the server. This way my notebook and my > (nintendo) DS will have access to the internet. >=20 > As I understand it after reading articles, the handbook and man > if_bridge it goes like this: >=20 > NOW I have in rc.conf: > defaultrouter=3D"82.74.2.1" > hostname=3D"lothlorien.nagual.st" > ifconfig_rl0=3D"inet 82.74.2.186 netmask 255.255.254.0" > ifconfig_rl1=3D"inet 192.168.11.1 netmask 255.255.255.0" >=20 > After adding the WiFi card this whould be: > defaultrouter=3D"82.74.2.1" > hostname=3D"lothlorien.nagual.st" > ifconfig_rl0=3D"inet 82.74.2.186 netmask 255.255.254.0" > ifconfig_rl1=3D"inet 192.168.11.1 netmask 255.255.255.0" > ifconfig_ath0=3D"ssid airport01 media autoselect mode 11g mediaopt \ > hostap wepmode on wepkey `cat /etc/wepkey` channel 1 up" >=20 > And than I bridge the two "internal" cards with: > cloned_interfaces=3D"bridge0" > ifconfig_bridge0=3D"addm ath0 addm rl1 up" >=20 > Once the interfaces are bridged I should be golden (I'm told). > But I still have some questions: >=20 > (1) Is the above syntax OK? Did I understand it all correctly? You didn't specify the default wepkey, but the syntax looks OK to me. > (2) Will the IP of the wireless card be the same as the cabled (rl1) > card (192.168.11.1)? So, a cabled workstation contacting 192.168.11.1 > would reach rl1 and a wireless one ath0? Is this correct? The wireless NIC doesn't get rl1's ip address, it just sees more or less the same traffic.=20 BTW don't bridge your wireless and wired networks if you don't have to. If your only goal is to get internet access for your wireless clients, it's probably safer to just add another NAT zone. Fabian --=20 http://www.fabiankeil.de/ --Sig_N7b3DI0CFzORXC7rCb8xy5N Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQFERQByjV8GA4rMKUQRAsgCAKCRTRgfzIwD+qSGRxmpDzl2lPaaawCgjWCx Qph9BNcCk276hk4GD8XH8lI= =CT7q -----END PGP SIGNATURE----- --Sig_N7b3DI0CFzORXC7rCb8xy5N--