The problem with wireless bridging

I want to pick up where I left with my previous post and expand a bit upon the issue with wireless bridging, and why “just use dd-wrt” is not an answer to the problem.

As I said a number of issues I learnt the hard way, by trying to get them to work… and failing. In particular, there is a limitation in 802.11, that even the dd-wrt documentation notes:

Client Bridge mode will only recognize one mac address on the bridged setup, due a limitation in the 802.11 protocol, even if there are multiple clients (with multiple mac addresses) connected to the client router. If you want to bridge a full LAN you must use WDS. The problem is that the 802.11 protocol just supports one MAC address, but in a LAN there is the possibility for more than one MAC address. It may cause ARP table problems, if you connect more than one computer on the far end of a Client Bridge mode setup. You will not be able to, for example, block mac addresses of client of the bridged routers or set access restrictions based on mac addresses in the bridged router

This is actually putting it more bright than it is. Anything relying on proper mac address communication will fail. Indeed, if you wish to use a single DHCP server, your only choice is to run dhrelay on the bridge itself. And that’s not a good idea.

Due to the fact that 802.11 decides where to send the packets depending on the mac address, you only have two choices for this to work: you either go with what OpenRG/Linksys do, and translate addresses at second level (with probably a dhrelay to make sure that dhcp still works), or you do what D-Link did with the DAP-1160 and create a custom work mode, which I guess encapsulates the packets to preserve their addresses (I could probably have tried AP+Bridge mode and sniffed the traffic to find that out but I didn’t care), probably something along the lines of a generic Ethernet-in-Ethernet encapsulation.

Interestingly enough, there is an RFC describing Ethernet-in-IP encapsulation, and then there is a patch for Linux 2.6.10 that implements it .. it would be quite an interesting approach, to have the router listen to an EtherIP device, and have another EtherIP device here to encapsulate the packets.. unfortunately this would still require a very shallow router up here, which is what I’m trying to avoid altogether. And as it happens, looks like the patch never made it to the Kernel, and the author’s website seems to be gone as well (the domain does not have an answering webserver, even though the whois data confirms its registration .. I should try to see if the email address is still valid or not — there is a valid mx record and an answering mail server at least).

I guess I can add this to the long list of projects I’ll work with once I made enough money not to have to work twelve hours a day to pay the bills…

8 thoughts on “The problem with wireless bridging

  1. Because I don’t have the space to do so myself, I’d have to rewire half the house to get enough space in there… which is actually something I’ll probably do soonish, though, since it’s getting more and more expensive to find an alternative.Well, to be honest I know a route that would get to my office from the router just fine… unfortunately it totals to over a hundred metres, which is the limit of cat5e cable. And fiber optics hardware seem to be a tad expensive for my taste.


  2. Yup somebody already pointed out to me of dd-wrt’s etherip implementation, I’ll have to dig further into it, it might be worth having around… although I still wonder why it wasn’t merged into mainline, after all it’s a protocol supported by commercial (high-end) routers as well, and the BSD derivatives seem to support it out of the box.I’ll give a look to l2tp_eth anyway, might turn out useful.


  3. Actually rewiring the house may be quite the simplest thing to do. I did this myself recently, just brought in a guy to drill me a hole through a ceiling and make a trench in the wall to put the cables in … dirty cheap and just working


  4. Pavel the cost of rewiring it here is in the few thousands, and I can’t really do it myself, I need to get a registered electrician to do the job and give me paperwork, … yes it makes little to no sense, but it’s still what the law demands.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s