[ previous ] [ next ] [ threads ]
 
 From:  "Dennis Hoshield" <dhosh at gaslightmedia dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Dual Bridging
 Date:  Tue, 28 Sep 2004 12:29:06 -0500 
It's worth a shot, maybe to do it with the command line options on boot-up.
I'd rather not do too much that circumvents m0n0wall, as that will come back
to byte me in the butt.  Then I'll have a bloody butt AND foot. 
Subsequent upgrades of m0n0wall might very well step on something that's out
of it's normal control.

Bridging has allways thrown me for a loop.  Should be easy-peasy.  

Bruce's explination  of the paired interfaces, makes sense, and would be a
reasonable limit to m0n0wall's config.

I guess I need to come up with a better solution.  We have an instance where
the customer contracting us to do the wireless would like all the wireless
nodes bridged back to the head end, but many of them will be using wireless
for their feed as well.  Bridging 2 wireless customer networks with either a
ethernet or wireless feed, seemed to be a quick fix.  

We have only experimented with the Captive Portal.  It might be able to do
what we need (indeed on the surface, it makes sense), but the authorative
box, also wants to hand out DHCP addresses, so I don't see how the wireless
clients would connect to it, get authorized, and get the 'proper'  IP
address from the head end, in a routed environment.

Gee, and my foot was just healed up from the LAST time I shot it. :-)

Thanks,
Dennis

If memory serves me right, Dennis Hoshield wrote:
> I thought I have seen this in the lists before, but haven't found it 
> again, now that I'm looking to implement it....
> 
> Can multiple interfaces be bridges to a single interface?  i.e. 
> wireless to a single WAN?

The m0n0wall UI doesn't support configuring a bridge this way, but the
FreeBSD bridging code underneath does.  For more details, see:

http://www.freebsd.org/cgi/man.cgi?query=bridge&apropos=0&sektion=4&manpath=
FreeBSD+4.10-RELEASE&format=html

In m0n0wall's view of the world, each "group" of bridged interfaces contains
exactly two interfaces, and exactly one of the two has an IP address
assigned to it.  You might be able to tweak the bridging parameters
underneath the UI to make it do what you want.  Maybe.  You could also shoot
yourself in the foot pretty well.  :-)

Bruce.