Bridging ethernet and wi-fi

Post Reply
User avatar
mctom
Posts: 440
Joined: Wed Nov 11, 2020 4:44 am
languages_spoken: english, polish
ODROIDs: N2+, Game Advance, a few XU4
Location: Gdansk, Poland
Has thanked: 48 times
Been thanked: 41 times
Contact:

Bridging ethernet and wi-fi

Post by mctom »

Hi,

So my ISP-provided modem-router sucks badly, so I want to use SBC with a wi-fi dongle as an extra access point to my LAN.
I already got past installing and configuring hostapd and it works, I can create Wi-Fi network.

The problem is, the connection to that Wi-Fi fails, because there is no DHCP server on my SBC.
There is none, because I want this connection to be the same as the connection to the router directly - and there is already DHCP server in this network.

So I figure I have to bridge the ethernet and Wi-Fi. The problem is, once I add eth0 to my br0, eth0 stops working and I lose SSH connection. I can't ping it, nothing.
Fortunately the SBC that I honestly picked at random has a video projector connected so I could inspect it in its full 100" glory. ifconfig said that there's nothing wrong, eth0 has an IP, but as I said, in reality it cannot be even pinged.

I don't understand that. The basic sources about Linux network bridges say it works just as if it was a network switch - and clearly it's not. It does something to my eth0 that it is nonfunctional anymore.

The goal is to:
- Keep eth0 working on this SBC as normal (may have fixed IP or DHCP lease, I don't care)
- Make its wi-fi interface an access point to my LAN.

The first point is the one that I struggle with. What am I missing?
Punk ain't no religious cult, punk means thinking for yourself!

Maintainer of PiStackMon

User avatar
mad_ady
Posts: 9689
Joined: Wed Jul 15, 2015 5:00 pm
languages_spoken: english
ODROIDs: XU4, C1+, C2, C4, N1, N2, H2, Go, Go Advance
Location: Bucharest, Romania
Has thanked: 609 times
Been thanked: 721 times
Contact:

Re: Bridging ethernet and wi-fi

Post by mad_ady »

When you add eth0 to a bridge you basically convert it to a layer2 (switch) port. Linux creates a layer3 br0 interface that needs to get an IP address instead. Since it has a different MAC, it will likely be different.

Regarding your quest - I've tried it as well on a HC4, in order to extend wifi coverage.
I bumped into some errors (which I don't remember) when trying to add wifi to br0 and a few days of swearing, I gave up and left wifi as layer3, with a local dhcp server + NAT into my lan. Sure, there's no roaming, or multicast between networks, but hey, it works!

If you manage to pull it off, do document your steps.
I used this, because I was lazy: https://github.com/lakinduakash/linux-wifi-hotspot
These users thanked the author mad_ady for the post:
mctom (Sat Aug 28, 2021 12:22 am)

User avatar
mctom
Posts: 440
Joined: Wed Nov 11, 2020 4:44 am
languages_spoken: english, polish
ODROIDs: N2+, Game Advance, a few XU4
Location: Gdansk, Poland
Has thanked: 48 times
Been thanked: 41 times
Contact:

Re: Bridging ethernet and wi-fi

Post by mctom »

Ahh! So what you're saying is that whenever I create a bridge and add eth0 to it, I should regard br0 as the interface that is plugged together with eth0 into the same "virtual switch"?

Well that makes a lot of sense, but apparently my DHCP (Pi-hole on XU4) doesn't recognize any new client in the network.
Perhaps br0 is severly misconfigured by default?

Oh yes, the default netplan in Ubuntu has at least dhcp4 activated for eth0. Maybe I'll just change it to br0 and see if it works.

Thanks!
Punk ain't no religious cult, punk means thinking for yourself!

Maintainer of PiStackMon

User avatar
mctom
Posts: 440
Joined: Wed Nov 11, 2020 4:44 am
languages_spoken: english, polish
ODROIDs: N2+, Game Advance, a few XU4
Location: Gdansk, Poland
Has thanked: 48 times
Been thanked: 41 times
Contact:

Re: Bridging ethernet and wi-fi

Post by mctom »

First of all, I did set up the network bridge. It was smooth once I knew what I'm after. :)
Indeed it works like a charm once eth0 gets its dhcp blocked and br0 enabled. This is my netplan yaml file for now:

Code: Select all

mctom@pi0:~$ cat /etc/netplan/10-mcnet.yaml 
network:
    ethernets:
        eth0:
            dhcp4: false
            optional: true
    bridges:
        br0:
            dhcp4: true
            optional: true
            nameservers:
                addresses: [192.168.0.170,192.168.0.1,8.8.8.8]
            interfaces:
                - eth0
    version: 2
Notice we don't add wlan interface to the bridge br0 - hostapd shall do it on its own.

After issuing netplan apply everything worked, I didn't even lose the SSH connection. br0 apparently cloned eth0's MAC because DHCP assigned the same IP address. Swell.

Now, it seems that networkmanager has some issues with hostapd, so we make sure that networkd is our renderer of choice. This, by the way, helps solving a problem of a little pest of a feature called rfkill that blocks wifi by default on system startup.

Code: Select all

mctom@pi0:/etc/systemd/network$ sudo cat /etc/netplan/10-mcnet.yaml 
network:
    renderer: networkd
    ethernets:
        eth0:
            dhcp4: false
            optional: true
    bridges:
        br0:
            dhcp4: true
            optional: true
            nameservers:
                addresses: [192.168.0.170,192.168.0.1,8.8.8.8]
            interfaces:
                - eth0
    version: 2

Code: Select all

sudo systemctl stop NetworkManager
sudo systemctl disable NetworkManager
sudo reboot
Second problem is to get rid of rfkill - little pest of a "feature" that blocks WiFi by default. To turn it off one needs to issue:

Code: Select all

sudo rfkill unblock all
Sure, I could do rc.local thing, but I want to make sure it is run before hostapd service starts.
rfkill is supposed to remember its setting on shutdown, but for any reason it doesn't in my case.
Anyway, I think I got it. The boot parameter rfkill.default_state=1 did the trick.

Next, hostapd must be obviously installed. We tweak /etc/default/hostapd to include a path to config file:

Code: Select all

DAEMON_CONF="/etc/hostapd/hostapd.conf"
Optionally we may add -dd to DAEMON_OPTS, to see more stuff in syslog, but honestly there was nothing that would help me solve any issues in there.

And we create a config file, /etc/hostapd/hostapd.conf

Code: Select all

interface=wlan0
hw_mode=g
bridge=br0
channel=7
wmm_enabled=1
auth_algs=1
ignore_broadcast_ssid=0
wpa=2
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP
ssid=Sultanat
wpa_passphrase=snopowiązałka
Then after unmasking, enabling and starting hostapd service, if rfkill doesn't stand in a way, the wifi access point should be up and visible.

But you can't connect to it.

I noticed that my phone sometimes was able to report that the password is incorrect. So after 2 hours of fiddling around I pinpointed the root cause - wpa_supplicant wasn't playing nice.
I followed this tutorial thing and noticed that my phone did connect to the WiFi at some point - but that was when wpa_supplicant has been killed.
obviously I purged the whole thing and it didn't work. I came to a conclusion that hostapd must try to launch it itself, or something. That would make total sense, if it sets up bridging etc.
But no. hostapd is supposed to play a role of wpa_supplicant on its own.

So for now I can get it to work by:
- setting up all the ebove
- Disabling wpa_supplicant service
- running sudo wpa_supplicant -B -i wlan0 -c /etc/wpa_supplicant.conf -b br0 (with config file explained in a linked tutorial)
- killing it after a while.

Then I can happily connect to the LAN, bridge works, gets the same IP as if I connected to the original access point (I keep separate names for testing).
After disconnecting, I have to repeat last two steps of the procedure to be able to connect again.

I don't think that looping that in cron is a way to go though :D
Punk ain't no religious cult, punk means thinking for yourself!

Maintainer of PiStackMon

User avatar
mad_ady
Posts: 9689
Joined: Wed Jul 15, 2015 5:00 pm
languages_spoken: english
ODROIDs: XU4, C1+, C2, C4, N1, N2, H2, Go, Go Advance
Location: Bucharest, Romania
Has thanked: 609 times
Been thanked: 721 times
Contact:

Re: Bridging ethernet and wi-fi

Post by mad_ady »

I had issues with wifi stability (would fail to connect until the process is restarted) on my C2, but it's been stable on my HC4 with kernel 5.10 (or similar)

User avatar
mctom
Posts: 440
Joined: Wed Nov 11, 2020 4:44 am
languages_spoken: english, polish
ODROIDs: N2+, Game Advance, a few XU4
Location: Gdansk, Poland
Has thanked: 48 times
Been thanked: 41 times
Contact:

Re: Bridging ethernet and wi-fi

Post by mctom »

I think what is happening is that wpa_supplicant tweaks some interface settings, so hostapd works properly. If I could somehow learn what exactly it does, I might be able to repeat that in my setup.
I confirmed that hostapd does authentication on its own and technically doesn't require wpa_supplicant for anything.
So there are two options: Either wpa_supplicant does something good when exiting, or does something good when initializing, but blocks hostapd on runtime as well.

Dissecting the command and config file that I referred to earlier, here is what wpa_supplicant does:

sudo wpa_supplicant -B -i wlan0 -c /etc/wpa_supplicant.conf -b br0
-B = run daemon in the background
-i = interface name (wlan0)
-c = Configuration file
-b = optional bridge interface name (br0)

Not much.

The wpa_supplicant config file. I tried to track down the relevant options by removing them and seeing if the old trick still works. And indeed, you can remove everything from the config file and it works the same.

Code: Select all

mctom@pi0:~$ cat /etc/wpa_supplicant.conf 
# SoftAP mode (WPA-PSK/AES)
# ctrl_interface=/var/run/wpa_supplicant
# ctrl_interface_group=0
# fast_reauth=1
# update_config=1

#ap_scan=2
network={
#        ssid="SultanatTalibow"
#        mode=2
#        frequency=2412
#        key_mgmt=WPA-PSK
#        proto=RSN
#        pairwise=CCMP
#        psk="tuplajuustohampurilainen"
}
}
However wpa_supplicant won't work without a config file in the first place.

So it seems that wpa_supplicant does SOMETHING that lets hostapd work normally. but what is it?

When wpa_supplicant is turned on:

Code: Select all

Aug 28 13:51:14 pi0 kernel: [52305.744483] br0: port 2(wlan0) entered disabled state
Aug 28 13:51:14 pi0 kernel: [52305.745018] br0: port 2(wlan0) entered blocking state
Aug 28 13:51:14 pi0 kernel: [52305.745030] br0: port 2(wlan0) entered forwarding state
Aug 28 13:51:14 pi0 systemd-networkd[7274]: wlan0: Lost carrier
Aug 28 13:51:14 pi0 systemd-networkd[7274]: wlan0: Gained carrier
Aug 28 13:51:14 pi0 systemd-networkd[7274]: wlan0: Lost carrier
Aug 28 13:51:14 pi0 kernel: [52305.836036] br0: port 2(wlan0) entered disabled state
Aug 28 13:51:14 pi0 kernel: [52305.836256] br0: port 2(wlan0) entered blocking state
Aug 28 13:51:14 pi0 kernel: [52305.836269] br0: port 2(wlan0) entered forwarding state
Aug 28 13:51:14 pi0 hostapd: wlan0: STA 24:df:6a:c0:1d:b6 IEEE 802.11: disassociated
Aug 28 13:51:14 pi0 systemd-networkd[7274]: wlan0: Gained carrier
Aug 28 13:51:14 pi0 hostapd: wlan0: STA 00:00:00:00:00:00 IEEE 802.11: disassociated
Aug 28 13:51:14 pi0 systemd-networkd[7274]: wlan0: Lost carrier
Aug 28 13:51:14 pi0 systemd-networkd[7274]: wlan0: Gained carrier
Aug 28 13:51:14 pi0 kernel: [52305.863979] br0: port 2(wlan0) entered disabled state
Aug 28 13:51:14 pi0 kernel: [52305.864154] br0: port 2(wlan0) entered blocking state
Aug 28 13:51:14 pi0 kernel: [52305.864162] br0: port 2(wlan0) entered forwarding state
Aug 28 13:51:14 pi0 kernel: [52305.864874] br0: port 2(wlan0) entered disabled state
Aug 28 13:51:14 pi0 kernel: [52305.866776] br0: port 2(wlan0) entered blocking state
Aug 28 13:51:14 pi0 kernel: [52305.866789] br0: port 2(wlan0) entered forwarding state
Aug 28 13:51:14 pi0 systemd-networkd[7274]: wlan0: Lost carrier
Aug 28 13:51:14 pi0 systemd-networkd[7274]: wlan0: Gained carrier
When wpa_supplicant is killed:

Code: Select all

Aug 28 13:49:13 pi0 kernel: [52185.521758] br0: port 2(wlan0) entered disabled state
Aug 28 13:49:13 pi0 kernel: [52185.522039] br0: port 2(wlan0) entered blocking state
Aug 28 13:49:13 pi0 kernel: [52185.522058] br0: port 2(wlan0) entered forwarding state
Aug 28 13:49:13 pi0 systemd-networkd[7274]: wlan0: Lost carrier
Aug 28 13:49:13 pi0 systemd-networkd[7274]: wlan0: Gained carrier
Aug 28 13:49:14 pi0 kernel: [52186.054889] ieee80211 phy0: brcmf_cfg80211_stop_ap: setting AP mode failed -52
Aug 28 13:49:14 pi0 kernel: [52186.065003] br0: port 2(wlan0) entered disabled state
Aug 28 13:49:14 pi0 systemd-networkd[7274]: wlan0: Lost carrier
Aug 28 13:49:15 pi0 systemd-networkd[7274]: wlan0: Link DOWN
Aug 28 13:49:15 pi0 kernel: [52186.610472] br0: port 2(wlan0) entered disabled state
Aug 28 13:49:16 pi0 systemd-networkd[7274]: wlan0: Link UP
Aug 28 13:49:16 pi0 kernel: [52187.772454] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
Aug 28 13:49:16 pi0 kernel: [52187.772699] br0: port 2(wlan0) entered blocking state
Aug 28 13:49:16 pi0 kernel: [52187.772717] br0: port 2(wlan0) entered forwarding state
Aug 28 13:49:16 pi0 systemd-networkd[7274]: wlan0: Gained carrier
And subsequently my phone connects to the AP:

Code: Select all

Aug 28 13:49:19 pi0 hostapd: wlan0: STA 24:df:6a:c0:1d:b6 IEEE 802.11: associated
Aug 28 13:49:20 pi0 hostapd: wlan0: STA 24:df:6a:c0:1d:b6 RADIUS: starting accounting session 05BB893C4C6C0BF0
Aug 28 13:49:20 pi0 hostapd: wlan0: STA 24:df:6a:c0:1d:b6 WPA: pairwise key handshake completed (RSN)
Moreover, if I let hostapd and wpa_supplicant use different drivers, the trick STILL works, although the network is unavailable when both are loaded.

I guess I'm stuck. Many people report similar problems, some guys at RasPi forums narrowed it down to some kernel update in 4.0 era.

Yeah, that's precisely why I prefer keeping everything wired.
Punk ain't no religious cult, punk means thinking for yourself!

Maintainer of PiStackMon

User avatar
mctom
Posts: 440
Joined: Wed Nov 11, 2020 4:44 am
languages_spoken: english, polish
ODROIDs: N2+, Game Advance, a few XU4
Location: Gdansk, Poland
Has thanked: 48 times
Been thanked: 41 times
Contact:

Re: Bridging ethernet and wi-fi

Post by mctom »

So I turned another way around, to welcome back NetworManager and try to set up AP using pure netplan.

According to netplan docs, "mode: ap" is supported only with NetworkManager renderer.

Code: Select all

mctom@pi0:~$ cat /etc/netplan/10-mcnet.yaml 
network:
    renderer: NetworkManager
    ethernets:
        eth0:
            dhcp4: false
            dhcp6: false
            optional: true
    wifis:
        wlan0:
            dhcp4: false
            dhcp6: false
            optional: true
            access-points:
                "SultanatTatarski":
                    mode: ap
                    band: 2.4GHz
                    channel: 2
                    auth:
                        key-management: psk
                        password: "szczerze"
    bridges:
        br0:
            macaddress: de:ad:fe:1a:0f:da
            dhcp4: true
            optional: true
            nameservers:
                addresses: [192.168.0.170,192.168.0.1,8.8.8.8]
            interfaces: [eth0,wlan0]
    version: 2
Well, sources online vary, some say that hostapd is necessary for it to work, others claim they don't have that package installed and everything seems to work fine.

All I can tell is that wpa_supplicant is used by this setup, it is always run after netplan setup is applied. No evidence of hostapd being called.

I also had to battle against rfkill once more. I issued nmcli radio wifi on just once and it seems to persist over reboots.

And indeed, the access point is visible. I tried fiddling with settings back and forth and I managed to connect to the network at least twice. I couldn't reproduce that in a repeatable way though.
But even if I managed to connect to AP from my Android phone, I tried pinging some other machine in the network. At first it looked as if it doesn't work, but eventually pings returned after 21000-25000ms (!!).

I'm thinking that maybe the reason why I cannot connect to that AP is purely because my phone cannot acquire IP address or something. If the performance is THAT bad, maybe it simply hits a timeout.
And why is it that bad? Something wrong with the bridge, I guess?

Anyway I'm fairly disappointed with networking on Linux - maybe it's the bias I developed in last 20 hours trying to make it work and reading countless discussions about bugs everywhere. I was confident that should be an easy task - after all, aren't all servers Linux based?

Oh, there you go - you have to kill wpa_supplicant and let NetworkManager restart it, to get access to access point - but only once.

What the hell...
Punk ain't no religious cult, punk means thinking for yourself!

Maintainer of PiStackMon

User avatar
mad_ady
Posts: 9689
Joined: Wed Jul 15, 2015 5:00 pm
languages_spoken: english
ODROIDs: XU4, C1+, C2, C4, N1, N2, H2, Go, Go Advance
Location: Bucharest, Romania
Has thanked: 609 times
Been thanked: 721 times
Contact:

Re: Bridging ethernet and wi-fi

Post by mad_ady »

Wifi, like printing still lives somewher in the realm of magic...

User avatar
mctom
Posts: 440
Joined: Wed Nov 11, 2020 4:44 am
languages_spoken: english, polish
ODROIDs: N2+, Game Advance, a few XU4
Location: Gdansk, Poland
Has thanked: 48 times
Been thanked: 41 times
Contact:

Re: Bridging ethernet and wi-fi

Post by mctom »

Yeah, the fragmentation of effort in unix world is another problem. Why do we have a few network renderers and setup.. mechanisms, to begin with?
Before I set off I didn't know netplan was just one of many options to set up the network.

Anyway, I gave up trying to make it work on the Pi. Today my network went haywire and DNS stopped working, and everything collapsed after that. ;) I had to quickly reset my shitty router to make it to a conference call.

Now I turned my eyes on XU4 that hosts my Pi Hole as my DNS server of choice. It sports Armbian Focal, so no netplan alright. Maybe this will work? I mean, at least DHCP will work this time :D
So, back to the basics with setting up a bridge, hostapd and whatnot.

But wait, there's an armbian-config tool that can do stuff! And indeed, there is a utility to set up hotspot automatically! Hm, I wonder..
So yeah, it didn't say a lot, and it took 20 minutes or so to get through the automated process. It installed hostapd, did some "optimization", then "probed channel 40" (that's a 2.4GHz dongle but whatever), then 36, then 40 again, then removed hostapd and replaced it with hostapd-realtek (that's a ralink chip), then I lost interest and just waited till something else appears.
It asked me whether I want my hotspot on 100Mbps LAN, or unconfigured wlan. Or at least that's what I think they meant - polish translations vary in quality.
It proceeded with installing dnsmasq, which started to be quite unsettling with a perfectly working DHCP service, but then again, how bad can it get, right?
...and it got stuck at 80% for about 10 minutes. Some apt-get process was hanging and seemingly doing nothing, so I killed it. The script carried on quickly, said the job is done, printed some errors of dnsmasq, et voila. Nothing happened.
Later I realized that dpkg wanted to ask me if I want to overwrite the .conf file or not - that didn't get through the script to me. Oh well.

I think I'm gonna try something else tomorrow. :D
Punk ain't no religious cult, punk means thinking for yourself!

Maintainer of PiStackMon

User avatar
mctom
Posts: 440
Joined: Wed Nov 11, 2020 4:44 am
languages_spoken: english, polish
ODROIDs: N2+, Game Advance, a few XU4
Location: Gdansk, Poland
Has thanked: 48 times
Been thanked: 41 times
Contact:

Re: Bridging ethernet and wi-fi

Post by mctom »

After another few days of battle I ended up with the following results:

- I think I broke the modem/gateway box, because after changing some settings it entered reboot loop. It didn't respond to factory reset button on the back. An ISP technician came the next day and gave me a new box.
- The new box has both 2.4 and 5GHz bands working simultaneously and the reception is great, so... :lol:

- To take out at least something from this lesson I created an eth0/wlan0 bond on my torrent SBC. The point is to aggregate two interfaces to act as one, with the same MAC, IP and so on, so the theoretical bandwidth is the sum of bonded bandwidths, and redundancy is a bonus.
It works okay with netplan's default parameters. If you dare to change any of them, you lose connection, both wired and wireless. Knowing what I know now, I just assume these are netplan bugs again.

So, yay, an SBC with 100Mbps wired link and 390Mbps wireless link bonded together.. What interesting times we live in.
Punk ain't no religious cult, punk means thinking for yourself!

Maintainer of PiStackMon

igorpec
Posts: 992
Joined: Sat Dec 12, 2015 4:34 pm
languages_spoken: english,german,slovene
ODROIDs: XU4, HC1, C2, C1+
Has thanked: 60 times
Been thanked: 144 times
Contact:

Re: Bridging ethernet and wi-fi

Post by igorpec »

But wait, there's an armbian-config tool that can do stuff! And indeed, there is a utility to set up hotspot automatically! Hm, I wonder..
So yeah, it didn't say a lot, and it took 20 minutes or so to get through the automated process. It installed hostapd, did some "optimization", then "probed channel 40" (that's a 2.4GHz dongle but whatever), then 36, then 40 again, then removed hostapd and replaced it with hostapd-realtek (that's a ralink chip), then I lost interest and just waited till something else appears.
It asked me whether I want my hotspot on 100Mbps LAN, or unconfigured wlan. Or at least that's what I think they meant - polish translations vary in quality.
Thank you for trying it. I made this many years ago and it usually works ... until it doesn't ;) Sadly I don't have time for proper maintaining or extending its functionality. Since you are the second person this week that I know using it with genuine interest of using it ... I might look into it and fix those bugs ;) But can't promise it.

BR
ARMBIAN
Linux for ARM development boards
What is Armbian?

Post Reply

Return to “General Topics”

Who is online

Users browsing this forum: No registered users and 4 guests