Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[solved] ethernet + wifi: how to route/bridge to my 4G AP?
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
30121963
n00b
n00b


Joined: 28 Sep 2020
Posts: 9

PostPosted: Sat Oct 24, 2020 3:58 pm    Post subject: [solved] ethernet + wifi: how to route/bridge to my 4G AP? Reply with quote

hi!
not so gentoo-specific, honestly, but I try anyway :-)

my situation:
subnet 192.168.1.0 -> wifi
subnet 192.168.2.0 -> ethernet
the 4G access point provides GW and DHCP to its subnet)
a pc provides DHCP to ethernet subnet, and connects to internet via wifi
the ethernet LAN serves a few appliances (ip cameras, switches, no-wifi stuff etc)
splitting into subnets would be better but not mandatory.

is there any way to bridge the pc's 2 interfaces, or route the wired subnet(s) traffic to the wifi GW?
I already googled a lot and tried few configurations, but no success. not even sure if it is possible to implement..
any hint?

:wink: S.


Last edited by 30121963 on Wed Oct 28, 2020 1:17 pm; edited 1 time in total
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 46727
Location: 56N 3W

PostPosted: Sat Oct 24, 2020 4:38 pm    Post subject: Reply with quote

30121963,

Wifi does not usually play nicely with bridging.
In any case you end up with the bridge being a single interface, which defeats the purpose.

You can create a route between the two interfaces. You need packet forwarding support in you kernel and enabled.
That will not provide NAT. Packets will appear on both subnets unchanged.

If you want NAT, turn the PC with both interfaces into a router.
See the Home Router guide on the Wiki.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 16206

PostPosted: Sat Oct 24, 2020 4:49 pm    Post subject: Reply with quote

If you go with the route approach, then this is a fairly common and straightforward situation. It should work fine, once you have all the bits in place. If you encounter problems with the guide that Neddy recommended, post back with what exactly you did, what you are seeing that you consider incorrect, and (if it will not be obvious to us) what should have happened instead.
Back to top
View user's profile Send private message
30121963
n00b
n00b


Joined: 28 Sep 2020
Posts: 9

PostPosted: Mon Oct 26, 2020 4:34 pm    Post subject: Reply with quote

ok, first silly question:

the Home Router guide on the Wiki specs: LAN card + WAN card.

my configuration: LAN card (192.168.2.100), WIFI card (192.168.1.100) in the PC and a standalone 3G wifi AP (192.168.1.1 <-> [WAN ip])

so I have a wifi router in the 192.168.1.0 subnet, and I would like to route the 192.168.2.0 subnet to internet via the PC wifi card.
the wifi router is a mini box, just the sim card, no cable plugs.

does this change something?
thanks..
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 16206

PostPosted: Mon Oct 26, 2020 6:38 pm    Post subject: Reply with quote

The design is the same. For your purpose, the wireless card in the PC is your "WAN card" since that is the device that will talk to the Internet-connected AP. You will need to:
  • Configure the PC to NAT traffic from wired to wireless
  • Configure the PC to enable IP forwarding
  • Configure other wired devices to treat the PC as the default route, so that they send Internet-destined traffic to the PC, which can then route it to the AP.
You should also configure the PC to filter Internet-initiated traffic destined for the LAN. This is not required for proper operation, but almost everyone wants this.
Back to top
View user's profile Send private message
30121963
n00b
n00b


Joined: 28 Sep 2020
Posts: 9

PostPosted: Wed Oct 28, 2020 1:10 pm    Post subject: Reply with quote

The home router wiki has been helpful, my routing is working now.
I wrote a short memo/howto for my own use. The notes are in italian but I guess it is quite clear for everyone.
There are a lot of those internet boxes here so I guess it could help.

---------------------------------------------------


specifiche rete:

- 1x access point (router) tipo minibox 4G fornito dall' operatore telefonico:
lato lan: ip 192.168.1.1/24, dns 192.168.1.1, server dhcp (per la sottorete 192.168.1.0)

- 1x server con:
ethernet (cavo) -> 192.168.2.3/24 statico.
wifi -> dhcp.
server dhcp (per la sottorete 192.168.2.0).
nat/iptables.

- 1x PC di supporto per test, ethernet + wifi, dhcp.

-----------

sul server:

- configurare le schede di rete

ho usato il sistema net.* (gentoo manual), le mie interfacce sono:

net.enp1s0
net.wlp2s0

questo il file /etc/conf.d/net:

[...]
dns_domain_lo="localdomain"
config_enp1s0="192.168.2.3/24 brd 192.168.2.255"
modules_wlp2s0="wpa_supplicant"
config_wlp2s0="dhcp"
[...]

- configurare iptables/nat ( da https://wiki.gentoo.org/wiki/Home_router )

iptables -F
iptables -t nat -F
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
export LAN=enp1s0
export WAN=wlp2s0
iptables -I INPUT 1 -i lo -j ACCEPT
iptables -A INPUT -p UDP --dport bootps ! -i ${LAN} -j REJECT
iptables -A INPUT -p UDP --dport domain ! -i ${LAN} -j REJECT
iptables -A INPUT -p TCP ! -i ${LAN} -d 0/0 --dport 0:1023 -j DROP
iptables -A INPUT -p UDP ! -i ${LAN} -d 0/0 --dport 0:1023 -j DROP
iptables -I FORWARD -i ${LAN} -d 192.168.2.0/24 -j DROP
iptables -A FORWARD -i ${LAN} -s 192.168.2.0/24 -j ACCEPT
iptables -A FORWARD -i ${WAN} -d 192.168.2.0/24 -j ACCEPT
iptables -t nat -A POSTROUTING -o ${WAN} -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
for f in /proc/sys/net/ipv4/conf/*/rp_filter ; do echo 1 > $f ; done
/etc/init.d/iptables save
rc-update add iptables default

- configurare il server dhcp

creare un file di configurazione per la sottorete 192.168.2.0:
(per la sottorete 192.168.1.0, se ne occupa il server dhcp del mini router wifi 192.168.1.1)

nano /etc/dhcp/dhcpd.enp1s0.conf

e inserire questo:

subnet 192.168.2.0 netmask 255.255.255.0 {
authoritative;
range 192.168.2.100 192.168.2.200;
option broadcast-address 192.168.2.255;
option routers 192.168.2.3;
option subnet-mask 255.255.255.0;
option domain-name-servers 192.168.1.1;
}

creare un link da /etc/init.d/dhcpd.enp1s0 -> /etc/init.d/dhcpd

e creare i servizi (se non gia' presenti):

rc-update add /etc/init.d/dhcpd.enp1s0
rc-update add /etc/init.d/net.enp1s0
rc-update add /etc/init.d/net.wlp2s0

- configurare /etc/sysctl.conf:

net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 1

- test

rimuovere l'interfaccia wifi del PC di test:

rc-update del wpa_supplicant [mio runlevel]

riavviare server e PC, e mandare ping dal pc di test a indirizzi su entrambe le sottoreti e verso internet.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum