Re: LACP Over Wireless Bridge

2010-10-08 Thread Stuart Henderson 
On 2010-10-06, Martin Pelik??n martin.peli...@gmail.com wrote:
 2010/10/6, Fabio Almeida mente...@gmail.com:
 Is there a chance this messy setup can work?
 Has anyone configured some setup like that in Bridge mode (not ECMP)?

 I don't have access to any of the UBNT's we use right now, but any
 mode except WDS seems not to be fully L2 transparent,

standard 802.11 bridges *cannot* be L2 transparent, there isn't
space for enough MAC addresses without WDS.

Re: LACP Over Wireless Bridge

2010-10-08 Thread Stuart Henderson 
On 2010-10-06, Fabio Almeida mente...@gmail.com wrote:
 There's two WiMax Links to the same location, the idea is to use it for
 failover.
 In a lab setup, OpenBSD Bridge directed connected on 3Com switch,
 everything works, no problem.

 My doubt is related with the LACP packets crossing the wireless links.

LACP is a link aggregation control protocol, it is *not* a keepalive
/ link failure detection protocol.

If you can move to L3 (routing rather than bridging) then ospf is
one way you could achieve something like what you want using OpenBSD
(failover + use bandwidth of both links when available via ECMP).
But you'll need either an L3-capable switch with OSPF support,
or a second box.

Re: LACP Over Wireless Bridge

2010-10-06 Thread Martin Pelikán 
2010/10/6, Fabio Almeida mente...@gmail.com:
 Is there a chance this messy setup can work?
 Has anyone configured some setup like that in Bridge mode (not ECMP)?

I don't have access to any of the UBNT's we use right now, but any
mode except WDS seems not to be fully L2 transparent, hence it might
be incompatible with trunks and  IPv6 doesn't work either. However,
WDS mode works just fine (tested on hundreds of devices, on network
with ca. 1300 users). Might help (doesn't do the stupid ARP proxying
crap).

-- 
Martin Pelikan

LACP Over Wireless Bridge

2010-10-05 Thread Fabio Almeida 
   Hi all :)

I have the following scenario:

   +--+
|Lan Switch|
   +--+
 |
 +-+
 |OpenBSD Bridge + trunk (LACP)|
 +-+
 |  |
+--+  +--+
|Rocket M5 WiMax Bridge|  |Rocket M5 WiMax Bridge|
+--+  +--+
   ^  ^
   ^  ^
   ^  ^
+--+  +--+
|Rocket M5 WiMax Bridge|  |Rocket M5 WiMax Bridge|
+--+  +--+
 |  |
  +- -+
  |3Com Swich 5500/4200 (LACP)|
  +---+
 |
   +--+
|Lan Switch|
   +--+


There's two WiMax Links to the same location, the idea is to use it for 
failover.
In a lab setup, OpenBSD Bridge directed connected on 3Com switch, 
everything works, no problem.

My doubt is related with the LACP packets crossing the wireless links.
I've googled, but couldn't find any definitive information about that.
Any directions will be aprecciated, so:

Is there a chance this messy setup can work?
Has anyone configured some setup like that in Bridge mode (not ECMP)?
Anyone knows if there are any wireless device that properly handle LACP 
packets (let then cross the wireless bridge)?


Thanks in advance,
Fabio Almeida

Re: Wireless Bridge...

2006-07-04 Thread Thomas Börnert 
bridging doesn't work with wireless lan.

Thomas

On Mon, 3 Jul 2006, Novak, Trevor SCIC wrote:

 I'm trying to setup a wireless bridge with openbsd on a Toshiba laptop. I'm
 using an SMC2532W-B (Prism 2.5) wireless card and a 3Com 3C574-TX. I've
 created a bridgename.bridge0 file and added wi0 and ep1 to the file. The
 bridge is up and running. I can ping both on the wireless side and the
 ethernet side from the Obsd box, but I can't get any traffic to pass through
 it. I don't have PF running, in fact, I've stopped most of the services
 (hopefully not one I need). Anyway, any help would be appreciated.

Re: Wireless Bridge...

2006-07-04 Thread Andy Hayward 

On 7/4/06, Thomas BC6rnert [EMAIL PROTECTED] wrote:

bridging doesn't work with wireless lan.


Yes it does. However the wireless adapter needs to be in hostap mode.

-- ach

Re: Wireless Bridge...

2006-07-04 Thread Novak, Trevor SCIC 
 The adapter is in BSS (Infrastructure mode) because I need it to connect to
another access point. Can I do this if my card is in HostAP mode?

-Original Message-
From: Andy Hayward [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, July 04, 2006 4:32 AM
To: misc
Subject: Re: Wireless Bridge...

On 7/4/06, Thomas BC6rnert [EMAIL PROTECTED] wrote:
 bridging doesn't work with wireless lan.

Yes it does. However the wireless adapter needs to be in hostap mode.

-- ach

Re: Wireless Bridge...

2006-07-03 Thread pedro la peu 
On Monday 03 July 2006 23:29, Novak, Trevor SCIC wrote:
 I'm trying to setup a wireless bridge with openbsd on a Toshiba
 laptop. I'm using an SMC2532W-B (Prism 2.5) wireless card and a 3Com
 3C574-TX.

Is the wi(4) in hostap mode? If not you cannot bridge...

Re: Wireless bridge setup

2005-10-26 Thread Anwar Puthu 
Robert,
If I remember correctly, bridging only works in hostap mode.

Rgds,

Anwar Puthu
___
Sent with SnapperMail
www.snappermail.com

.. Original Message ...
On Tue, 25 Oct 2005 12:36:04 +0200 Robert Stepanek [EMAIL PROTECTED] 
wrote:
Hi list,

When setting up a wireless bridge to connect two ethernet segments in  
OpenBSD3.7 I encounter the following problem:

When sending a ping from one ethernet segment to the other the ARP  
request gets transmitted over my WLAN. The counterpart on the  
wireless bridge setup sends the ARP response request on the WLAN as  
well. However, the ARP response never reaches the wireless interface  
on the source bridge (at least checking with tcpdump) and the ping  
fails.

Here is my setup:

192.168.1.1-testbox1 --ethernet-- sis0:wi0-bridge1 -- wifi --  
wi0:sis0-bridge2 --ethernet-- 192.168.1.2-testbox2

All boxes run OpenBSD3.7 GENERIC kernel.

I am using two PRISM2.5 ISL3874A(Mini-PCI) cards with the wi driver.  
bridge0 is in hostap mode (Port type 6), bridge1 in BSS mode (Port  
type 1).

Both bridge boxes have net.inet.etherip.allow=1 and  
net.inet.ip.forwarding=1

pfctl is disabled.

I somehow have the feeling that I am conceptually wrong here. Any  
help on this or a similar setup would be great.

Thanks alot,
Robert

Re: Wireless bridge setup

2005-10-26 Thread Theo de Raadt 
 If I remember correctly, bridging only works in hostap mode.

Bingo, someone remembered -- and that is correct.

In the other modes, MAC addresses of course do not get exposed
correctly, and your access point cannot impersonate the other
hosts it is required to.

It is fairly obvious if you think about it.

Wireless bridge setup

2005-10-25 Thread Robert Stepanek 

Hi list,

When setting up a wireless bridge to connect two ethernet segments in  
OpenBSD3.7 I encounter the following problem:


When sending a ping from one ethernet segment to the other the ARP  
request gets transmitted over my WLAN. The counterpart on the  
wireless bridge setup sends the ARP response request on the WLAN as  
well. However, the ARP response never reaches the wireless interface  
on the source bridge (at least checking with tcpdump) and the ping  
fails.


Here is my setup:

192.168.1.1-testbox1 --ethernet-- sis0:wi0-bridge1 -- wifi --  
wi0:sis0-bridge2 --ethernet-- 192.168.1.2-testbox2


All boxes run OpenBSD3.7 GENERIC kernel.

I am using two PRISM2.5 ISL3874A(Mini-PCI) cards with the wi driver.  
bridge0 is in hostap mode (Port type 6), bridge1 in BSS mode (Port  
type 1).


Both bridge boxes have net.inet.etherip.allow=1 and  
net.inet.ip.forwarding=1


pfctl is disabled.

I somehow have the feeling that I am conceptually wrong here. Any  
help on this or a similar setup would be great.


Thanks alot,
Robert

Re: wireless bridge with soekris 4801 and seano 2511mp+

2005-08-27 Thread Anwar Puthu 
I ought to kick myself!
I've been through that page so many times, but never saw that.

Thanks a lot!

Regards,

Anwar.
___
Sent with SnapperMail
www.snappermail.com

.. Original Message ...
On Sat, 27 Aug 2005 01:23:51 +0100 pedro la peu 
[EMAIL PROTECTED] wrote:
 It would be useful if this little gotcha could be added to the man page

man 4 wi
/EXAMPLES

Re: wireless bridge with soekris 4801 and seano 2511mp+

2005-08-26 Thread Anwar Puthu 
Todd,

I never tried the bridge without WEP.  I could not get the card to initialise 
with WEP in the soekris.  I have successfully initilaised the same card with 
WEP in hostap mode on my laptop, but not as a bridge.

My past attempts to use the card with software WEP in hostap mode have always 
failed!

I can get the wireless bit to work with ibss-master.  I have confirmed by 
assigning an IP address to wi0.
I can see that the bridge works as I can see the packets on both sides with 
tcpdump.  However, the bridge with wireless does not work!

Is hostap essential for bridging?

I'm appending my followup mail listing my experiment, for your reference.


Thanks  Regards,

Anwar.
-
=

I have some more information now.
I'm sorry, its a bit long winded, but I thought I'll document my experiment.
pf is disabled.
ip forwarding is disabled

I am completely stumped and will really appreciate any input.

Thanks  Regards,

Anwar.

Experiment follows:

--
 computer1 - wi0 - bridge1 - sis2 -computer2
 (192.168.5.3)   (soekris machine with no ip assigned)(192.168.5.1)
 

ping 192.168.5.1 from computer1 (192.168.5.3)
On Soekris:
tcpdump -i wi0 
22:44:47.170157 arp who-has 192.168.5.1 tell 192.168.5.3
22:44:47.170528 arp reply 192.168.5.1 is-at 0:6:5b:d7:bf:f7
22:44:48.190277 arp who-has 192.168.5.1 tell 192.168.5.3
22:44:48.190618 arp reply 192.168.5.1 is-at 0:6:5b:d7:bf:f7

tcpdump -i sis2
22:45:34.080259 arp who-has 192.168.5.1 tell 192.168.5.3
22:45:34.080350 arp reply 192.168.5.1 is-at 0:6:5b:d7:bf:f7
22:45:35.100330 arp who-has 192.168.5.1 tell 192.168.5.3
22:45:35.100421 arp reply 192.168.5.1 is-at 0:6:5b:d7:bf:f7

--
Similarly, 
ping 192.168.5.3 from computer2
On soekris:
tcpdump -i sis2
22:46:55.190161 arp who-has 192.168.5.3 tell 192.168.5.1
22:46:57.190171 arp who-has 192.168.5.3 tell 192.168.5.1

tcpdump -i wi0
22:47:41.210268 arp who-has 192.168.5.3 tell 192.168.5.1
22:47:42.210266 arp who-has 192.168.5.3 tell 192.168.5.1

So it looks like the bridge works.

---
On soekris initially, no inet4 address assigned:
wi0: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST mtu 1500
address: 00:02:6f:33:bc:66
ieee80211: nwid test2 nwkey 0x31415926535897932384603141 -21dBm (auto) 
media: IEEE802.11 autoselect ibss-master (DS11)
status: active
inet6 fe80::202:6fff:fe33:bc66%wi0 prefixlen 64 scopeid 0x8

On Soekris, Now assign an IP address:
/root# ifconfig wi0 192.168.5.2 up
/root# ifconfig wi0
wi0: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST mtu 1500
address: 00:02:6f:33:bc:66
ieee80211: nwid test2 nwkey 0x31415926535897932384603141 -21dBm (auto) 
media: IEEE802.11 autoselect ibss-master (DS11)
status: active
inet6 fe80::202:6fff:fe33:bc66%wi0 prefixlen 64 scopeid 0x8
inet 192.168.5.2 netmask 0xff00 broadcast 192.168.5.255
---
Now:
 computer1 - wi0 - bridge1 - sis2 -computer2
 (192.168.5.3)   (192.168.5.2 on wi0   (192.168.5.1)
  no ip address on sis2
  soekris)
---

ping 192.168.5.2 (soekris wi0) from computer1
On soekris: 
tcpdump -i wi0
22:52:33.710202 arp who-has 192.168.5.2 tell 192.168.5.3
22:52:33.710526 arp reply 192.168.5.2 is-at 0:2:6f:33:bc:66
22:52:33.711016 192.168.5.3  192.168.5.2: icmp: echo request
22:52:33.711283 192.168.5.2  192.168.5.3: icmp: echo reply
22:52:34.740159 192.168.5.3  192.168.5.2: icmp: echo request
22:52:34.740413 192.168.5.2  192.168.5.3: icmp: echo reply

It works! (So it looks like the wireless network is also working)
I do receive the ping replies on computer1.
-

Similarly, from computer2
ping 192.168.5.2 (soekris wi0) from computer2
On soekris:
tcpdump -i sis2
22:56:15.620077 arp who-has 192.168.5.2 tell 192.168.5.1
22:56:15.620251 arp reply 192.168.5.2 is-at 0:2:6f:33:bc:66
22:56:15.620982 192.168.5.1  192.168.5.2: icmp: echo request (DF)
22:56:15.621159 192.168.5.2  192.168.5.1: icmp: echo reply (DF)
22:56:16.620089 192.168.5.1  192.168.5.2: icmp: echo request (DF)
22:56:16.620230 192.168.5.2  192.168.5.1: icmp: echo reply (DF)

That works as well... So the bridge is working as well.

Re: wireless bridge with soekris 4801 and seano 2511mp+

2005-08-26 Thread pedro la peu 
On Thursday 25 August 2005 17:36, Anwar Puthu wrote:

 When I tried configuring wi0 in hostap mode with WEP, it used to fail
 consistently with the message wi0: init failed.

I suspect that's because you are using wicontrol after ifconfig.

 I then tried setting up the card in ibss-master mode.  This at least
 initialises the card.

But then it can't function as a bridge, only hostap mode can do that. I 
suspect hostap mode failed was because you used 'wicontrol -e1' after you had 
already enabled WEP with 'ifconfig nwkey key'. Don't do that.

[snip]

--- hostname.wi0

 ! ifconfig \$if up media autoselect mediaopt ibss-master nwid test2 nwkey
 0x... ! wicontrol \$if -f 3 -e 1 -A 2
 ! echo started wi0

Always do any wicontrol stuff first, then ifconfig. Don't fiddle with any 
settings you don't need to. Don't force encryption on with wicontrol after 
you have already enabled it with ifconfig nwkey key.

Why are you using !ifconfig [...] in your hostname.if(5) file? It's not needed 
(unless you are not using the default system scripts in /etc, in which case 
you should have said so).

Try:

!wicontrol \$if -f3
mediaopt hostap nwid test2 nwkey 0xkey up



--- hostname.sis2

 up
 !echo started sis2

Fine.

--- bridgename.bridge1

 # External i/f
 add wi0

 # Internal i/f
 add sis2

Add 'up' and remove everything else (at least, until the bridge is working). 
Power cycle the system and report back.

Re: wireless bridge with soekris 4801 and seano 2511mp+

2005-08-26 Thread pedro la peu 
 It would be useful if this little gotcha could be added to the man page

man 4 wi
/EXAMPLES

wireless bridge with soekris 4801 and seano 2511mp+

2005-08-25 Thread Anwar Puthu 
Hi all,

Has anybody built a wireless bridge using the Soekris net 4801 and a seano 
2511mp+ (wi) minipci card?

When I tried configuring wi0 in hostap mode with WEP, it used to fail 
consistently with the message
wi0: init failed.

I then tried setting up the card in ibss-master mode.  This at least 
initialises the card.

I have tried setting up 2 bridges as:
sis0 - bridge0 - sis1
wi0 - bridge1 - sis2

tcpdump on sis2 and wi0 shows that the bridge is working properly, with arp 
requests visible at both ends.
However when I set up another computer sis2 side as:

computer1 - wi0 - bridge1 - sis2 -computer2
(192.168.5.3)   (soekris machine with no ip assigned)(192.168.5.1)

I cannot ping the two computers.

ping 192.168.5.1 from computer1 shows the whois packets and the corresponding 
reply with tcpdump on wi0, but computer1 does not initiate the icmp echo 
requests.

The other way around, ping 192.168.5.3 from computer2 shows the icmp echo 
requests, but no echo replies.

As a sanity check I set up another computer as 192.168.5.100 on a wireless 
network, and I could ping computer 1 successfully.

I then tried setting up an IP address on soekris-wi0, but it did not help.

It's almost like the wi0 card is not being initialised correctly on the soekris 
board.
I swapped the wi0 cards with another I use on my main laptop, to check that the 
wi0 hardware was OK.

The kernel is GENERIC, but rebuilt with the latest patches for 37.

Any ideas would be appreciated.

The dmesg and startup capture, hostname.* and bridgename.* are appended.


Thanks  Regards,

Anwar Puthu.



com port capture:
-


POST: 0123456789bcefghipajklnopq,,,tvwxy
comBIOS ver. 1.28  20050529  Copyright (C) 2000-2005 Soekris Engineering.

net4801

 CPU Geode 266 Mhz  Mbyte 
Memory00020003000400050006000700080009001000110012001300140015001600170018001900200021002200230024002500260027002800290030003100320033003400350036003700380039004000410042004300440045004600470048004900500051005200530054005500560057005800590060006100620063006400650066006700680069007000710072007300740075007600770078007900800081008200830084008500860087008800890090009100920093009400950096009700980099010001010102010301040105010601070108010901100111011201130114011501160117011801190120012101220123012401250126012701280128

Pri Sla  64MB CTSLBA 1001-4-32  64 Mbyte

Slot   Vend Dev  ClassRev Cmd  Stat CL LT HT  Base1Base2   Int 
---
0:00:0 1078 0001 0600 0107 0280 00 00 00   
0:06:0 100B 0020 0200 0107 0290 00 3F 00 E101 A000 10
0:07:0 100B 0020 0200 0107 0290 00 3F 00 E201 A0001000 10
0:08:0 100B 0020 0200 0107 0290 00 3F 00 E301 A0002000 10
0:10:0 104C AC23 06040002 0107 0210 08 3F 01   
0:14:0 1260 3873 0281 0117 0290 08 3C 00 A0003008  11
0:18:2 100B 0502 01018001 0005 0280 00 00 00   
0:19:0 0E11 A0F8 0C031008 0117 0280 08 38 00 A0004000  05
1:00:0 100B 0020 0200 0107 0290 00 3F 00 D001 A400 09
1:01:0 100B 0020 0200 0107 0290 00 3F 00 D101 A4001000 05
1:02:0 100B 0020 0200 0107 0290 00 3F 00 D201 A4002000 09
1:03:0 100B 0020 0200 0107 0290 00 3F 00 D301 A4003000 05

   Seconds to automatic boot.   Press Ctrl-P for entering Monitor. 2 1
Using drive 0, partition 3.
Loading.
probing: pc0 com0 com1 mem[639K 127M a20=on] 
disk: hd0+
 OpenBSD/i386 BOOT 2.06
|/-\|/-switching console to com0
 OpenBSD/i386 BOOT 2.06
com0: changing speed to 19200 baud in 5 seconds, change your terminal to match!

com0: 19200 baud
boot 
booting hd0a:/bsd: 
\|/-\4686432

wireless bridge router/firewall

2005-06-10 Thread Zen Lunatic 
I recently got cable. The modem is installed on the third floor of the
house. We have a wireless router which allows me to connect my laptop,
and we have an xp machine and a ps2 hooked wired to two of the four
wired ports on the router.

I wanted to build my own router/firewall but the modem is in someone
elses room and they don't want to have a machine sitting in there.

What I want to do is somehow build a box that is a router/firewall but
connects to the internet using the wireless signal, so I can set up my
own router in my room in the basement and connect a bunch of wired
computers so I don't have to buy wireless cards for everything plus so
I can have my own dedicated firewall. This is basically a standard or
bsd dedicated router/firewall box, but which uses the wireless to get
to the internet instead of a second network card. Can this be done?

I looked into these wireless bridge things but I was wondering if I
could do something like I've described with a bsd or gnu/linux box
with wireless card and a network card which is plugged into a switch
like a normal bsd or gnu/linux router.

I searched and didn't find anything on this topic.

I know this isn't the most ideal setup for a home network, but its all
I got for now. At least my part of the network will be firewalled off
from the windows side. Thanks.

Re: wireless bridge router/firewall

2005-06-10 Thread Dimitri Georganas 

*Bridged*:
The easiest, unfirewalled

Get a switch and a wireless bridge (Like senao /engenius sl2511)

Connect the bridge to the wireless router and to the switch and you're done.

Cost: 100 euro

Or:

Get an openbsd box with ethernet and wireless card, bridge both interfaces
and connect the wireless interface to the wireless router. Connect the wired
interface to the switch where you also connect the rest of your equipment.

Here you could set up a bridged firewall with pf.
*
Routed
*
Get an openbsd box with ethernet and wireless card, instead of bridging, 
configure
NAT between the two interfaces, connect the wireless card to the 
wireless router
in client mode. Connect the wired interface to the switch togheter with 
your equipment.


Things to read:

pf manual
man ifconfig
man brconfig
man hostname.if
and some more...

If you know how to do it it's five minutes work. If you don't, it's some 
homework.




Zen Lunatic wrote:


I recently got cable. The modem is installed on the third floor of the
house. We have a wireless router which allows me to connect my laptop,
and we have an xp machine and a ps2 hooked wired to two of the four
wired ports on the router.

I wanted to build my own router/firewall but the modem is in someone
elses room and they don't want to have a machine sitting in there.

What I want to do is somehow build a box that is a router/firewall but
connects to the internet using the wireless signal, so I can set up my
own router in my room in the basement and connect a bunch of wired
computers so I don't have to buy wireless cards for everything plus so
I can have my own dedicated firewall. This is basically a standard or
bsd dedicated router/firewall box, but which uses the wireless to get
to the internet instead of a second network card. Can this be done?

I looked into these wireless bridge things but I was wondering if I
could do something like I've described with a bsd or gnu/linux box
with wireless card and a network card which is plugged into a switch
like a normal bsd or gnu/linux router.

I searched and didn't find anything on this topic.

I know this isn't the most ideal setup for a home network, but its all
I got for now. At least my part of the network will be firewalled off
from the windows side. Thanks.