[Bradford] Bridging Wlan & eth

Sat Aug 1 14:30:38 UTC 2015

Hi,

I'm a bit out of date with all this stuff, so take this with a pinch of salt.

>> I'm using a headless Pi, running Raspbian, to pick up a WiFi signal via a dongle (wlan1). That works OK.
>> I want to link this to the Pi's ethernet port so I can use it to feed to a switch. I'm generally confused about the
>> best way to bridging Wlan to Ethernet.

>> I don't want to use NAT as there is already NAT on the router to cope with and it can only create more
>> problems for my VoIP services.

Ok, I'm gonna assume a few things, correct me if any of this is wrong

o Everything is ipv4 as you're talking about NAT.
o You are not trying bridge/route a publicly routable network as the router is doing NAT.
o You don't need to VPN anywhere and have the whole of the RFC1918 address space at your disposal.

With these assumptions I can't see any reason to trouble yourself with NAT.

It's not clear from your question whether you really mean bridging, as in a layer 2 link, or if you just mean connect. If you really do mean bridging, then this link may be useful:

https://wiki.debian.org/BridgeNetworkConnections

The document doesn't mention it, but there is also a bridging firewall, which you can access through ebtables. If things aren't working, that's the first thing to check.

>> Also, I've got another dongle (wlan0) which acts as an access point. I'd like to link that to the received Internet
>> as well if possible.

I have no idea whether you would also be able to also bridge this in AP mode, I can't think of a reason why not, but I've never tried it. The main problem here is that you need to make sure the top level router doesn't run out of addresses in its DHCP pool, depending how many things will be connected.

However bear in mind that when doing proper bridging, all the broadcast traffic goes everywhere - which you may not want from a performance point of view.

If you just mean bridging as in connecting, then multiple networks with routing is another option. There are many documents on setting up routing between multiple networks - you can find your favourite and follow it, but I think it basically boils down to this:

o Have each device in the Pi on a separate network
o Set up appropriate static routes on every device behind the NAT (or push them via dhcp) - obviously this
    must include the router supplying wlan1, and all it's other clients.
o Enable ip_fowarding (/proc/sys/net/ipv4/ip_forward IIRC) on the Pi
o Ensure the policy and rules of the Forward chain in the filter table are not blocking anything.

>> So can anyone offer any advice please as to the best direction to take? 

I would always go with routing, unless bridging was specifically needed. Bridging is simpler to set up, but there many ways it can go wrong, and it is very difficult to fault find. Routing is a little harder to set up, but there's not a lot to go wrong with it.

Thanks,
Kevin