Bridge

Hi all,

I have a linux based gateway (running 2.6.3-4 with iptables 1.2.9 and
samba). There's 3 NICs, one bc509 connected to a DSL modem, one ne on
a hub, and one wireless. All the adapters work fine without a bridge.
So, my setup is


W1 ----------- eth1 -- GW -- wlan0 -----------W2
|
eth0
|
|
DSL-modem

W1, W2 and W3 are windows boxes, GW the gateway. So far so good.
The whole thing uses iptables for masquerading, which works fine. All
machines have access to the net, can ping the gateway, but: since
there's two different adapters connecting the Ws, they are, naturally,
on different subnets.
Ping between the Ws works in this setup, but seemingly no tcp traffic
(no Windows network browsing, no ftp from W2 to W1, for example.

So, to enable traffic between them, I created a bridge (bridge-utils
0.9.6-1)between eth1 and wlan0. I set both eth1 and wlan0 to 0.0.0.0,
set the bridge to 192.168.0.1 and ifconfig up'd the bridge.

Again, access from all Ws to the net works fine, all Ws can ping GW
and have access to a Samba share on GW as well. However, with the
bridge up, there now is NO traffic at all between the left and the
right side of the network - not even ping between W1 and W2 works.
How can I get this to work? I was told that creating a bridge was the
best way to get rid of the subnet separation and enable traffic
between the eth1 and wlan0. What am I doing wrong?

opiesche@yahoo.com (Dodger) wrote news:d3d53d9d.0404301331.3a03709
@posting.google.com:
> Ping between the Ws works in this setup, but seemingly no tcp traffic
> (no Windows network browsing, no ftp from W2 to W1, for example.

Windows network browsing is a bit special. It uses broadcasting and so is
naturaly limited to each network. To "windowsaly" browse between two
network you may use different methods (a WINS server, a domain browser, a
samba server to send browse list to the other network).

No FTP is not a good sign. Could you give more information :

- ifconfig -a output
- netstat -rn output
- iptables -L output

> Again, access from all Ws to the net works fine, all Ws can ping GW
> and have access to a Samba share on GW as well. However, with the
> bridge up, there now is NO traffic at all between the left and the
> right side of the network - not even ping between W1 and W2 works.
> How can I get this to work? I was told that creating a bridge was the
> best way to get rid of the subnet separation and enable traffic
> between the eth1 and wlan0. What am I doing wrong?

Well, a bridge means that the two networks are the same network. It as if
there is no more GW between the W1 and W2. The GW is becoming
"invisible".

And so, you have to map your Ws host address/mask in the same network,
that is the bridge network. For managemebt purpose the "invisible" has
often an ip (it's a visible invisible bridge).

The advantage of the bride is that any broadcast packet is propagate on
the both "network" (there is only 1 tcp/ip network) and so Windows
browsing is fully supporting. However it means that you GW will
retransmeet many packet.


Regards

Dodger <opiesche@yahoo.com> wrote:

> I have a linux based gateway (running 2.6.3-4 with iptables 1.2.9 and
> samba). There's 3 NICs, one bc509 connected to a DSL modem, one ne on
> a hub, and one wireless. All the adapters work fine without a bridge.
> So, my setup is


> W1 ----------- eth1 -- GW -- wlan0 -----------W2
> |
> eth0
> |
> |
> DSL-modem

> W1, W2 and W3 are windows boxes, GW the gateway. So far so good.
> The whole thing uses iptables for masquerading, which works fine. All
> machines have access to the net, can ping the gateway, but: since
> there's two different adapters connecting the Ws, they are, naturally,
> on different subnets.
> Ping between the Ws works in this setup, but seemingly no tcp traffic
> (no Windows network browsing, no ftp from W2 to W1, for example.

I'd setup a subnet gateway on each Wintendo box. The gateway for each
W2 host must be the IP address of the GW wlan0 interface and the subnet
that for the eth1 interface network. The gateway for each W1 host must
be the IP address of the GW eth1 interface and the subnet that for the
wlan0 interface network.

Don't know how to do that for Wintendos, but for Linux hosts it would
be done this way:

route add -net <wlan0_subnet> gw <GW_eth1_IP_address> <W1_eth0>
route add -net <eth1_subnet> gw <GW_wlan0_IP_address> <W2_wlan0>

> So, to enable traffic between them, I created a bridge (bridge-utils
> 0.9.6-1)between eth1 and wlan0. I set both eth1 and wlan0 to 0.0.0.0,
> set the bridge to 192.168.0.1 and ifconfig up'd the bridge.

Sorry, I don't know anything about bridge configuration.

--
Clifford Kite Email: "echo xvgr_yvahk-ccc@ri1.arg|rot13"
PPP-Q&A links, downloads: http://ckite.no-ip.net/