[ale] What do I need to bridge two networks?

Michael H. Warfield mhw at WittsEnd.com
Mon Feb 3 10:39:27 EST 2014 

On Mon, 2014-02-03 at 08:04 -0500, Jim Lynch wrote: 
> Sorry for the confusion.  In-line responses.
> On 02/02/2014 03:44 PM, Michael H. Warfield wrote:
> > On Sun, 2014-02-02 at 15:00 -0500, Jim Lynch wrote:
> >> I'm working in a lab that has a single wifi connection to the outside.
> >> I don't have any control over the installed router.  I have a separate
> >> router that I use to connect come of my systems together but would like
> >> to be able to bridge the two routers somehow.  I don't have physical
> >> access to the installed router so I'd have to bridge a wifi to my router
> >> somehow.  It's difficult to attempt to put my systems (some of them) on
> >> the installed router.
> > Your description is kind of confusing.  I'm not quite sure I have the
> > mental image of what you're trying to accomplish or if you're referring
> > to "router" when you mean "switch".
> >
> > You say the lab as a single WiFi connection to the outside.  Meaning it
> > connects through WiFi to the greater Internet or that it as a single
> > WiFi access point that you can connect to?
> >
> > Internet -> WiFi -> Lab -> Network
> >
> > or
> >
> > Internet -> Router -> Network -> Wifi ->Z--Z-> clients
> Simplier than that.  They powers at be have a wireless router we can 
> use.  It's a distance from us so it will be hard to connect all the 
> devices we are using and I don't always have access to the devices 
> except via a wired ethernet connection. They are now connected by a 
> stand alone router that I mentioned.  So I have a local network with 
> both wired and wifi devices connected that isn't connected to the 
> outside.   I simply need to connect that network to the outside via the 
> wireless router that is connected to the net using wifi.
> 
> Internet -> WiFi -> Lab -> Network
> 
> Seems like it's what we have.
> >
> > Where does your equipment fall.  I assume it's inside the lab.  You say
> > "some of your equipment".  What's the problem with the others?
> I don't have an easy way to configure them to connect to the provided 
> wifi due to physical location.  They are configured to work with my router.
> >   Not
> > enough ports?  You say you don't have access to the router.
> I do have physical access but they won't let us run a cable.  It's a 
> long ways off.  I don't know the admin passwords to get in and dink with 
> the settings.  It is a wifi router.  The only thing they will allow us 
> to do is connect over wifi with it.
> 
> My local router simply connects my devices together.  That's the major 
> purpose, but I'd like for devices (all Linux) on that network to be able 
> to do things like install new software (apt-get), save files (svn ci, 
> scp, etc) to a remote system.
> >    Well,
> > that's not unexpected.  What is this router doing?  Is it a WiFi router?
> > Having access to one port off of it should be sufficient to throw an
> > etherswitch on and give you more fan-out.  What does your "separate
> > router" do?
> >
> >> What's the minimum that that I'd need to make this happen, if it's even
> >> possible?  The router I have is a Cisco/Linksys of some variety.  I
> >> forget the model number but it is several years old. It's running the
> >> stock Cisco software.
> > Well...  You asked for a minimum.  My minimum would be a Raspberry Pi
> > with a WiFi plugin dongle.  Then bridge the ethernet and the WiFi
> > interfaces to an internal bridge.  Then again, if you just need more
> > ports, a 5 or 8 port workgroup etherswitch would do just fine.
> That's doable.  There already is a Pi in the system. Can you point me to 
> instructions on how to set up a route table to connect the two 
> networks?  I hate to use the word bridge 'cause it apparently has a 
> different meaning from what I though it was.

Yeah, a router separates but links two routing domains and uses routing
tables to direct traffic while a bridge joins multiple network segments
or devices into one flat routing domain acting much like and
etherswitch.  Each has its pluses and minuses.

If you want to bridge them, you wouldn't use a routing table.  You would
use the bridge utilities to create a bridge (say "br0", bring it up and
add the two interfaces (probably eth0 and wlan0).  NetworkMangler
doesn't like to play well with bridges, so you would probably need to
manually configure the WiFi using wpa-supplicant and the wireless
utilities and then add it to the bridge.  How you do that varies with
what distribution you're using.  I have Fedora/Pidora on my RPi's.
Raspian would be different.

OTOH, you could route them but you would then probably have to NAT them
as well.  Then it's more in your firewall tables than your routing
tables if you didn't have access to the routing tables of the superior
routing domain (default route) to tell them how to route back.

Another alternative, now that you've described this more, would be to
use your existing WiFi router in client or extender mode.  I've done
this before...

Internet -> LAN-2 -> WRT-54G WiFi >-Z---Z-> WRT-54G WiFi -> LAN-2

I've also done that with the Linksys WRT-610N as well as well but, in
each case, the client router is running dd-wrt firmware running in
bridge mode bridging the WiFi to the LAN ports.  I believe some of that
capability is in the Cisco/Linksys firmware but I've never used their
firmware in that way, so I would have no idea where to look.

I think you can also configure dd-wrt to provide access to additional
WiFi clients beyond the reach of the main router (hybrid client / AP
mode) but I haven't done that either and I don't think that's available
in the stock firmware.

> Thanks,
> Jim.
> >
> >> Thanks,
> >> Jim.
> > Regards,
> > Mike
> 

-- 
Michael H. Warfield (AI4NB) | (770) 978-7061 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 465 bytes
Desc: This is a digitally signed message part
URL: <http://mail.ale.org/pipermail/ale/attachments/20140203/cbced4f1/attachment.sig>

More information about the Ale mailing list