From owner-freebsd-mobile@FreeBSD.ORG  Thu Dec  8 09:54:41 2005
Return-Path: <owner-freebsd-mobile@FreeBSD.ORG>
X-Original-To: freebsd-mobile@freebsd.org
Delivered-To: freebsd-mobile@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7637516A420
	for <freebsd-mobile@freebsd.org>; Thu,  8 Dec 2005 09:54:41 +0000 (GMT)
	(envelope-from bakul@bitblocks.com)
Received: from gate.bitblocks.com (bitblocks.com [209.204.185.216])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0289443D68
	for <freebsd-mobile@freebsd.org>; Thu,  8 Dec 2005 09:54:37 +0000 (GMT)
	(envelope-from bakul@bitblocks.com)
Received: from bitblocks.com (localhost [127.0.0.1])
	by gate.bitblocks.com (8.13.4/8.13.1) with ESMTP id jB89qxD1037834;
	Thu, 8 Dec 2005 01:52:59 -0800 (PST)
	(envelope-from bakul@bitblocks.com)
Message-Id: <200512080952.jB89qxD1037834@gate.bitblocks.com>
To: freebsd-mobile@freebsd.org
Date: Thu, 08 Dec 2005 01:52:59 -0800
From: Bakul Shah <bakul@BitBlocks.com>
Cc: 
Subject: bridging and WPA
X-BeenThere: freebsd-mobile@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Mobile computing with FreeBSD <freebsd-mobile.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-mobile>, 
	<mailto:freebsd-mobile-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-mobile>
List-Post: <mailto:freebsd-mobile@freebsd.org>
List-Help: <mailto:freebsd-mobile-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-mobile>,
	<mailto:freebsd-mobile-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Dec 2005 09:54:41 -0000

This is my setup:

    A -- [tap0 B iwi0] ~~ wireless ~~ AP -- C -( internet )

A is a qemu VM running on host B (but I see similar behavior
when a wired interface connects a laptop to B instead of VM
and tap0).  I'd like to make B act as a bridge so I did this:

    ifconfig bridge0 create
    ifconfig bridge0 addm tap0 addm iwi0 up
    <edit rc.conf so that it has ifconfig_iwi0="WPA">
    /etc/rc.d/netif restart iwi0
    ifconfig bridge0 <iwi0's old ip address>

I do see traffic from other machines such as C coming in on
iwi0 and going out on tap0 (as it should).  But C does not
see any pkts from B. So I did this:

    ifconfig bridge0 ether <iwi0's mac address>

Now B is once again happily exchanging pkts with C.  When A
sends out dhcp requests they go out iwi0 but nothing comes
back and C does not see the original dhcp requests.

Am I correct in thinking this has to do with the WPA mode?
May be the interface mac address is used in some way or is
the AP (Linksys WRT54GS) doing something?  I am using WPA-PSK
and running -current of two days ago.

Also, when I ping B from C, this works fine but I see some
funny things on the tap0 interface.  An icmp echo request
turns into the following!

01:22:36.688601 IP truncated-ip - 7096 bytes missing! 190.2.179.15 > 122.160.138.29: ip-proto-205
01:22:37.689380 IP9 bad-hlen 8
01:22:38.690216 IP8 truncated-ip - 27274 bytes missing! 107.80.159.197 > 18.31.117.141: ip-proto-236
01:22:39.691139 IP6 , wrong link-layer encapsulationtruncated-ip - 41480 bytes missing! 85.216.108.207 > 88.35.66.234: ttp
...

Is there any way to make this work (bridged packets going out
on a WPA protected wireless link)?  I can use NAT and a local
dhcpd on B and avoid bridging but NAT and NFS don't get along
(that is, I can't mount C's filesystem on A).

Thanks!

-- bakul