Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 19 Oct 2005 10:26:10 -0400
From:      "Andrew Atrens" <atrens@nortel.com>
To:        Andrew Thompson <thompsa@freebsd.org>
Cc:        freebsd-current@freebsd.org, Jiri Mikulas <konfer@mikulas.com>
Subject:   Re: ath client bridge
Message-ID:  <43565782.8080706@nortel.com>
In-Reply-To: <20051019091559.GA45009@heff.fud.org.nz>
References:  <43560B6A.4070505@mikulas.com> <20051019091559.GA45009@heff.fud.org.nz>

next in thread | previous in thread | raw e-mail | index | archive | help
Andrew Thompson wrote:
> On Wed, Oct 19, 2005 at 11:01:30AM +0200, Jiri Mikulas wrote:
> 
>>Hello
>>I have problem to setup bridging box with ath in client mode and if_bridge
>>When card is in AP mode, everything is ok, but if I want to run card in
>>client mode, bridging is not working.
>>Here are my testing steps: (it's quite long, so I prefer put URL there :) )
> 
> 
> Bridging on the client side of a wireless connection is not supported
> and has to do with the 801.11 frame format. The problem is that the
> client only registers its own MAC address with the AP, so the bridged
> clients do not get a reply (as far as I understand).

Yah, the 802.11 header only has room for three addresses.

The AP uses them as -

ssid
src
dest

(in this case src is the *real* src of the packet hence the AP itself can bridge)

The client uses -

ssid
src
dest

(in this case src *must* be the client mac, hence the client can't bridge packets
  from other macs)


There is a four address version of the packet header, but as I recall the fourth
address is used by TKIP.


So it's a problem with 802.11 standard. I think that's why they came up with WDS.
I think there's some support for WDS in MadWiFi, but not yet in the BSD stack(s).

Another thing that you *could* do - that I'm actually working on for DragonFly, is
to add support for bridging GIF interfaces. Or, if it was possible add support
for directly bridging across IPsec - I think even transport mode support would suffice,
as long as in either case the AP and client were endpoints for the IPsec connection.

Andrew




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43565782.8080706>