3-way Bridge: WAN{BSS}-LAN-OPT1{AP}



  • [using beta4]
    I need to set up a simple 3-way bridge on my wrap.2c with two wifi cards and 1 ethernet port.
    I bridged LAN-to-WAN and OPT1-to-LAN.  But ethernet traffic isn't passing yet.
    I set the firewall to all/all/all on all interfaces (just for testing). I set the IPs on each interface to the same IP number.
    WAN is in BSS/Client mode connected to a distant AP/Bridge.  OPT1 is set to Access Point (hostap) mode.
    No PCs can ping each other or the gateway (or get DHCP from the gateway) through my "bridge".
    However, from my "bridge" I can ping the PCs, and the PC's can ping it.
    Any suggestions are greatly appreciated.
    Thank you, -Pete



  • Are all interfaces involved in the bridge up? In case your LAN is unconnected the bridge won't pass traffic.



  • Yes, All three interfaces are involved, and they are listed in "ifconfig" under bridge0.

    In case your LAN is unconnected the bridge won't pass traffic.
    Thanks!  I did have it unconnected while testing wan-op1.



  • I changed the bridges to: LAN->WAN  &  OPT1->WAN
    ifconfig indicates the wan is connected to the remote AP, but I can't ping the remote AP, not even from pfSense.



  • 3 way bridging does not work in 1.0.  This will appear in 1.1.



  • no bridge, no RIP… don't see any way around having to hard coding tons of routes old-school, unless you accomplish the 3-way bridge by spending double $ for two hardware units 2-way bridged.  I guess this also means no seamless wireless roaming between APs is possible without bridging.  I look forward to pfSense1.1 when I can enjoy the combination of RIP & OLSR.



  • @pcatiprodotnet:

    no bridge, no RIP… don't see any way around having to hard coding tons of routes old-school, unless you accomplish the 3-way bridge by spending double $ for two hardware units 2-way bridged.  I guess this also means no seamless wireless roaming between APs is possible without bridging.  I look forward to pfSense1.1 when I can enjoy the combination of RIP & OLSR.

    Until FreeBSDs hostapd supports IAPP, seemless roaming between APs (which really isn't all that seemless anyway) isn't a possibility regardless of bridging.  The code is in hostapd for IAPP already if anyone feels like removing the linux-ism's and making it actually work in FreeBSD - it's on my plate currently - it'll be a while (as much as I want it).

    –Bill



  • Adding this to hostapd.conf should give you what you are looking for. This should work in hostapd 0.4.8 and newer.

    rsn_preauth=1
    rsn_preauth_interfaces=em0 (layer2 connected interface to talk to other AP's)
    The rsn_preauth lines are only for preauthentication of WPA key etc. This provides the client to preauth to the new AP prior to actually associating(romaing to) with the new AP.

    iapp_interface=em0 (layer2 connected interface to talk to other AP's)


Log in to reply