Community discussions

 
Conjur
just joined
Topic Author
Posts: 5
Joined: Thu Jul 18, 2013 10:54 am

Bridging WLAN and ETHER properly

Thu Jul 18, 2013 11:19 am

I have a rather complex network setup, using a bit of everything, I'm trying to get a RB532A with 2 Atheros WLAN Adapters to connect to an access point, and bridge the broadcast domain to a ether1 and the other wlan interface.

The RB532A has 5 interfaces-
wlan1 connects as a client, to an existing AP (Cisco 871w)
wlan2 acts as an AP, clients pull DHCP from the Cisco 871w
ether1, 2, and 3 all connect to local ethernet clients, which need to pull DHCP from the Cisco 871w.

So I tried putting everything into a bridge, and at first, could ping everything from the RB532A; but not after a reboot. After a reboot, I can no longer ping any wireless clients, nor the 871w, even though they appear to still connect fine.

Even while I can ping everything FROM the RB532a, I cannot ping THROUGH it (IE, from a client hanging off of ether1, thru wlan1 to the Cisco 871w. I tried messing with the Forwarding rules to no avail..

I need to keep everything on the same broadcast domain, and would prefer not complicate things with giving every interface in IP.

I currently have RouterOS v6.1 on the RB532a; and yes, I know, a RB532a is extreme overkill for what I'm using it for, but I had it laying around from a previous project.

V/r,
Mike
 
CelticComms
Forum Guru
Forum Guru
Posts: 1766
Joined: Wed May 02, 2012 5:48 am

Re: Bridging WLAN and ETHER properly

Thu Jul 18, 2013 4:39 pm

It sounds as if you are hitting some limitations of bridging with non-RouterOS APS. Have a look at this link:

http://wiki.mikrotik.com/wiki/Manual:Wi ... tion_Modes
Interlynx | Networking and Information Security Consultants & Trainers | Email: routerlynx@gmail.com
BGP | EIGRP | OSPF | MPLS | Firewall | VPN | IPsec | Multicast | QOS | IPv4/6 | STP | VLAN | PON | AE | M2M | and more!

 
Conjur
just joined
Topic Author
Posts: 5
Joined: Thu Jul 18, 2013 10:54 am

Re: Bridging WLAN and ETHER properly

Thu Jul 18, 2013 6:25 pm

Yes, I've seen that page. I found some vague references to using an EoIP Tunnel to resolve the problem; but can't see how that would help, other than excessively complicating a simple network.

For the time being, I've given up on the single broadcast domain, and just setup a 2nd network on the RB532a; and I'm just statically routing between them.

The background of this, is I'm a bit of a computer nerd.. I hate not being able to access anything from anywhere; and prefer to be able to memorize most of the ips/configs. Adding a 2nd network makes it much harder to memorize. I find it hard to believe that MikroTik simply doesn't support standard bridging, and they only support their own proprietary protocol...

I have not bothered to dig too deeply into the firmware yet; but is the MikroTik firmware not based on linux, anyhow?

V/r,
Mike
 
CelticComms
Forum Guru
Forum Guru
Posts: 1766
Joined: Wed May 02, 2012 5:48 am

Re: Bridging WLAN and ETHER properly

Fri Jul 19, 2013 2:10 pm

Which "standard bridging" did you have in mind? WDS has some significant interoperability issues among manufacturers.
Interlynx | Networking and Information Security Consultants & Trainers | Email: routerlynx@gmail.com
BGP | EIGRP | OSPF | MPLS | Firewall | VPN | IPsec | Multicast | QOS | IPv4/6 | STP | VLAN | PON | AE | M2M | and more!

 
rjickity
Member Candidate
Member Candidate
Posts: 212
Joined: Sat Jul 17, 2010 10:40 am
Location: Perth, Australia

Re: Bridging WLAN and ETHER properly

Fri Jul 19, 2013 2:54 pm

Want to post your config mike ? it may assist
 
Conjur
just joined
Topic Author
Posts: 5
Joined: Thu Jul 18, 2013 10:54 am

Re: Bridging WLAN and ETHER properly

Fri Jul 19, 2013 6:10 pm

Unfortunately, posting the current config will not help much.. below is a breakdown of the desired operation

[Cisco 871w]
Dot11Radio0.2 acts as a WiFi AP(WPA2 PSK, aes), and provides DHCP for 192.168.0.0/24


[Mikrotik RB532a]
ether{1,2,3} connect to local Ethernet clients, that need to be able to broadcast back to the Cisco Router
wlan2 acts as a WiFi AP(WPA2 PSK, aes, different SSID), clients need to be able to pull DHCP from the Cisco Router, and be on the same broadcast domain as clients that are connected locally to it.
wlan1 acts as a WiFi Client, connecting to Dot11Radio0.2 on the Cisco Router. (Static, 192.168.0.6/24)

Needless to say, the Cisco router has several other interfaces and clients.

I've been using a WRT54, with DD-WRT; but the devices connected to this spot burn ~30mbit/s of bandwidth; which tends to push the WRT54 to its limits, and causes it to overheat. So far, with the RB532a in place, even though it's not configured how I want; it's ice cold, handling the abuse like a boss.

I have tried configuring wlan2 in "station pseudobridge" mode... it works great for a single client; but fails when you connect a 2nd client. I'm thinking my only solution will be to setup an EoIP tunnel back through the wireless to the Cisco router..

V/r,
Mike
 
Feklar
Forum Guru
Forum Guru
Posts: 1726
Joined: Tue Dec 01, 2009 11:46 pm

Re: Bridging WLAN and ETHER properly

Fri Jul 19, 2013 7:33 pm

You should just be able to bridge all the interfaces (WLAN and Ether) together, as long as the wlan1 is connecting to the Cisco and associating fine, the rest of it should work assuming that there isn't some other configuration issue in place.

Please provide:

/ip firewall export
/interface bridge export
/interface print detail
 
Ivoshiee
Member
Member
Posts: 471
Joined: Sat May 06, 2006 4:11 pm

Re: Bridging WLAN and ETHER properly

Fri Jul 19, 2013 8:42 pm

I have tested bridging ROS and Ubiquity NS5 devices before, but that didn't quite work for me.
If you indeed need bridging then the ROS v6.1 is too new a piece of software for anything more exotic to have. I would back to the v5 series and then try it again.
 
Conjur
just joined
Topic Author
Posts: 5
Joined: Thu Jul 18, 2013 10:54 am

Re: Bridging WLAN and ETHER properly

Fri Jul 19, 2013 9:49 pm

Please keep in mind that wlan1 is not in the bridge atm; and bridge1 is configured as a separate network.

/ip firewall export
# jul/19/2013 18:46:05 by RouterOS 6.1
# software id = SUXJ-IRX5
#
/interface bridge export
# jul/19/2013 18:46:42 by RouterOS 6.1
# software id = SUXJ-IRX5
#
/interface bridge
add l2mtu=1600 name=bridge1
/interface bridge port
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=wlan2
/interface print detail
Flags: D - dynamic, X - disabled, R - running, S - slave 
 0  RS name="ether1" default-name="ether1" type="ether" mtu=1500 l2mtu=1600 
       mac-address=00:0C:42:0F:CA:A7 

 1   S name="ether2" default-name="ether2" type="ether" mtu=1500 l2mtu=1600 
       mac-address=00:0C:42:0F:CA:A8 

 2   S name="ether3" default-name="ether3" type="ether" mtu=1500 l2mtu=1600 
       mac-address=00:0C:42:0F:CA:A9 

 3  R  name="wlan1" default-name="wlan1" type="wlan" mtu=1500 l2mtu=2290 
       mac-address=00:0C:42:18:2E:DE 

 4  RS name="wlan2" default-name="wlan2" type="wlan" mtu=1500 l2mtu=2290 
       mac-address=00:0C:42:18:2F:31 

 5  R  name="bridge1" type="bridge" mtu=1500 l2mtu=1600 
       mac-address=00:0C:42:0F:CA:A7 
 
CelticComms
Forum Guru
Forum Guru
Posts: 1766
Joined: Wed May 02, 2012 5:48 am

Re: Bridging WLAN and ETHER properly

Sat Jul 20, 2013 12:53 am


I have tried configuring wlan2 in "station pseudobridge" mode... it works great for a single client; but fails when you connect a 2nd client. I'm thinking my only solution will be to setup an EoIP tunnel back through the wireless to the Cisco router..
This mode only really helps for certain IP traffic. The Routerboard snoops the IP packets to determine which IP client at the station end the frame should be sent to. The AP only sees the station's MAC address. Non-IP protocols are not helped beyond the first station to attach so the broadcast domain is not truly bridged.

The basic problem is that 802.11 is *not* Ethernet and the frame format on 802.11 systems is quite different from Ethernet frames. The non WDS frame format does not support bridging at the station end whereas the WDS frame format does, but while the WDS frame format is clear other details were subject to interpretation resulting in poor inter-operability among different vendors' equipment.

You could certainly make use of the longer MTUs available in 802.11 to run something over an IP path to provide a true layer 2 tunnel, but that might be easiest with a single vendor at both ends and if that were the case then you may already have a radio solution which provides perfectly good layer 2 bridging throughout.
Interlynx | Networking and Information Security Consultants & Trainers | Email: routerlynx@gmail.com
BGP | EIGRP | OSPF | MPLS | Firewall | VPN | IPsec | Multicast | QOS | IPv4/6 | STP | VLAN | PON | AE | M2M | and more!

Who is online

Users browsing this forum: No registered users and 113 guests