#StackBounty: #networking #wireless #20.04 #atheros #network-bridge Transparently bridge (not route) a wired connection to act as anoth…

Bounty: 100

My new, shiny, home NAS-computer, running Ubuntu 20.04, has a gigabit wired connection and an ath-9k chipset dual-band (2.5 / 5 GHz) wifi card. My current wireless AP only has a 2.5 GHz radio, and in my region 2.5 GHz is fairly congested. I would like to bridge from the lan to a new 5 GHz wireless network using the new computer, but using the same DHCP server / default gateway / DNS servers as the lan / Wifi at the moment. This is because I have a single-board computer as a default gateway, transparently ad-blocking (amongst other things). I’ve achieved this by just disabling the DHCP server on my ISP’s supplied router and using my own instead (which is also the gateway, routing packets to the router as the only device on it)

A brief ascii-art description of what I have is below:

+----+      +------------------+
| WAN+------+ISP Router        |
+----+      +------------------+         +--------------------+
            |1000-Base-T       +---------+LAN                 |
            |2.4 GHz (WPA2/PSK)+-------+ +--------------------+    +-----------------+
            +------------------+       | |SBC DHCPd / DNS / GW+----+Wired clients (*)|
                                       | +--------------------+    +-----------------+
                                       |
                                       | +-----------------------+
                                       +-+2.4GHz Wireless clients|
                                         +-----------------------+

I believe I’d like to configure the computer as a layer-2 bridge between its wired connection and wifi. I don’t want to use hostapd as I don’t want it to be doing NAT and routing — I might want to ssh from a wired device to a wireless one that may be associated with it. I’d also like devices to seamlessly switch between 2.4 & 5 GHz as appropriate — and I believe that doing that is as simple as having the same SSID, authentication method (i.e. WPA2/PSK) and key.

In short, I think that I’d like to change the above diagram to include a "5 GHz Wireless clients" at the node marked (*).

My card supports AP mode and quite a lot of other features: here’s the output of lshw and the (very long!) output of iw list:

     *-network
                          description: Wireless interface
                          product: AR93xx Wireless Network Adapter
                          vendor: Qualcomm Atheros
                          physical id: 0
                          bus info: pci@0000:03:00.0
                          logical name: wlp3s0
                          version: 01
                          serial: 14:cc:20:10:a6:fa
                          width: 64 bits
                          clock: 33MHz
                          capabilities: pm msi pciexpress bus_master cap_list rom ethernet physical wireless
                          configuration: broadcast=yes driver=ath9k driverversion=5.4.0-39-generic firmware=N/A latency=0 link=no multicast=yes wireless=IEEE 802.11
                          resources: irq:101 memory:fc900000-fc91ffff memory:fc920000-fc92ffff
      ----
# iw list
Wiphy phy0
    max # scan SSIDs: 4
    max scan IEs length: 2257 bytes
    max # sched scan SSIDs: 0
    max # match sets: 0
    max # scan plans: 1
    max scan plan interval: -1
    max scan plan iterations: 0
    Retry short limit: 7
    Retry long limit: 4
    Coverage class: 0 (up to 0m)
    Device supports RSN-IBSS.
    Device supports AP-side u-APSD.
    Device supports T-DLS.
    Supported Ciphers:
        * WEP40 (00-0f-ac:1)
        * WEP104 (00-0f-ac:5)
        * TKIP (00-0f-ac:2)
        * CCMP-128 (00-0f-ac:4)
        * CCMP-256 (00-0f-ac:10)
        * GCMP-128 (00-0f-ac:8)
        * GCMP-256 (00-0f-ac:9)
        * CMAC (00-0f-ac:6)
        * CMAC-256 (00-0f-ac:13)
        * GMAC-128 (00-0f-ac:11)
        * GMAC-256 (00-0f-ac:12)
    Available Antennas: TX 0x7 RX 0x7
    Configured Antennas: TX 0x7 RX 0x7
    Supported interface modes:
         * IBSS
         * managed
         * AP
         * AP/VLAN
         * monitor
         * mesh point
         * P2P-client
         * P2P-GO
         * outside context of a BSS
    Band 1:
        Capabilities: 0x11ef
            RX LDPC
            HT20/HT40
            SM Power Save disabled
            RX HT20 SGI
            RX HT40 SGI
            TX STBC
            RX STBC 1-stream
            Max AMSDU length: 3839 bytes
            DSSS/CCK HT40
        Maximum RX AMPDU length 65535 bytes (exponent: 0x003)
        Minimum RX AMPDU time spacing: 8 usec (0x06)
        HT TX/RX MCS rate indexes supported: 0-23
        Bitrates (non-HT):
            * 1.0 Mbps
            * 2.0 Mbps (short preamble supported)
            * 5.5 Mbps (short preamble supported)
            * 11.0 Mbps (short preamble supported)
            * 6.0 Mbps
            * 9.0 Mbps
            * 12.0 Mbps
            * 18.0 Mbps
            * 24.0 Mbps
            * 36.0 Mbps
            * 48.0 Mbps
            * 54.0 Mbps
        Frequencies:
            * 2412 MHz [1] (20.0 dBm)
            * 2417 MHz [2] (20.0 dBm)
            * 2422 MHz [3] (20.0 dBm)
            * 2427 MHz [4] (20.0 dBm)
            * 2432 MHz [5] (20.0 dBm)
            * 2437 MHz [6] (20.0 dBm)
            * 2442 MHz [7] (20.0 dBm)
            * 2447 MHz [8] (20.0 dBm)
            * 2452 MHz [9] (20.0 dBm)
            * 2457 MHz [10] (20.0 dBm)
            * 2462 MHz [11] (20.0 dBm)
            * 2467 MHz [12] (20.0 dBm)
            * 2472 MHz [13] (20.0 dBm)
            * 2484 MHz [14] (disabled)
    Band 2:
        Capabilities: 0x11ef
            RX LDPC
            HT20/HT40
            SM Power Save disabled
            RX HT20 SGI
            RX HT40 SGI
            TX STBC
            RX STBC 1-stream
            Max AMSDU length: 3839 bytes
            DSSS/CCK HT40
        Maximum RX AMPDU length 65535 bytes (exponent: 0x003)
        Minimum RX AMPDU time spacing: 8 usec (0x06)
        HT TX/RX MCS rate indexes supported: 0-23
        Bitrates (non-HT):
            * 6.0 Mbps
            * 9.0 Mbps
            * 12.0 Mbps
            * 18.0 Mbps
            * 24.0 Mbps
            * 36.0 Mbps
            * 48.0 Mbps
            * 54.0 Mbps
        Frequencies:
            * 5180 MHz [36] (23.0 dBm)
            * 5200 MHz [40] (23.0 dBm)
            * 5220 MHz [44] (23.0 dBm)
            * 5240 MHz [48] (23.0 dBm)
            * 5260 MHz [52] (23.0 dBm) (no IR, radar detection)
            * 5280 MHz [56] (23.0 dBm) (no IR, radar detection)
            * 5300 MHz [60] (23.0 dBm) (no IR, radar detection)
            * 5320 MHz [64] (23.0 dBm) (no IR, radar detection)
            * 5500 MHz [100] (disabled)
            * 5520 MHz [104] (disabled)
            * 5540 MHz [108] (disabled)
            * 5560 MHz [112] (disabled)
            * 5580 MHz [116] (disabled)
            * 5600 MHz [120] (disabled)
            * 5620 MHz [124] (disabled)
            * 5640 MHz [128] (disabled)
            * 5660 MHz [132] (disabled)
            * 5680 MHz [136] (disabled)
            * 5700 MHz [140] (disabled)
            * 5745 MHz [149] (30.0 dBm)
            * 5765 MHz [153] (30.0 dBm)
            * 5785 MHz [157] (30.0 dBm)
            * 5805 MHz [161] (30.0 dBm)
            * 5825 MHz [165] (30.0 dBm)
    Supported commands:
         * new_interface
         * set_interface
         * new_key
         * start_ap
         * new_station
         * new_mpath
         * set_mesh_config
         * set_bss
         * authenticate
         * associate
         * deauthenticate
         * disassociate
         * join_ibss
         * join_mesh
         * remain_on_channel
         * set_tx_bitrate_mask
         * frame
         * frame_wait_cancel
         * set_wiphy_netns
         * set_channel
         * set_wds_peer
         * tdls_mgmt
         * tdls_oper
         * probe_client
         * set_noack_map
         * register_beacons
         * start_p2p_device
         * set_mcast_rate
         * connect
         * disconnect
         * channel_switch
         * set_qos_map
         * set_multicast_to_unicast
    Supported TX frame types:
         * IBSS: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
         * managed: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
         * AP: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
         * AP/VLAN: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
         * mesh point: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
         * P2P-client: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
         * P2P-GO: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
         * P2P-device: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
    Supported RX frame types:
         * IBSS: 0x40 0xb0 0xc0 0xd0
         * managed: 0x40 0xd0
         * AP: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
         * AP/VLAN: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
         * mesh point: 0xb0 0xc0 0xd0
         * P2P-client: 0x40 0xd0
         * P2P-GO: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
         * P2P-device: 0x40 0xd0
    software interface modes (can always be added):
         * AP/VLAN
         * monitor
    valid interface combinations:
         * #{ managed } <= 2048, #{ AP, mesh point } <= 8, #{ P2P-client, P2P-GO } <= 1,
           total <= 2048, #channels <= 1, STA/AP BI must match
    HT Capability overrides:
         * MCS: ff ff ff ff ff ff ff ff ff ff
         * maximum A-MSDU length
         * supported channel width
         * short GI for 40 MHz
         * max A-MPDU length exponent
         * min MPDU start spacing
    Device supports TX status socket option.
    Device supports HT-IBSS.
    Device supports SAE with AUTHENTICATE command
    Device supports low priority scan.
    Device supports scan flush.
    Device supports AP scan.
    Device supports per-vif TX power setting
    P2P GO supports CT window setting
    Driver supports full state transitions for AP/GO clients
    Driver supports a userspace MPM
    Device supports active monitor (which will ACK incoming frames)
    Driver/device bandwidth changes during BSS lifetime (AP/GO mode)
    Device supports configuring vdev MAC-addr on create.
    Supported extended features:
        * [ RRM ]: RRM
        * [ FILS_STA ]: STA FILS (Fast Initial Link Setup)
        * [ CQM_RSSI_LIST ]: multiple CQM_RSSI_THOLD records
        * [ CONTROL_PORT_OVER_NL80211 ]: control port over nl80211
        * [ TXQS ]: FQ-CoDel-enabled intermediate TXQs
        * [ AIRTIME_FAIRNESS ]: airtime fairness scheduling

I’ve tried to do this with bridge-utils, i.e. by bridging the interfaces directly:

   $ brctl addbr br0
   $ brctl addif br0 enp4s0 wlp3s0

Unfortunately, this stopped all DNS resolution on the computer (!) and resulted in some ‘interesting’ routing errors I didn’t understand: e.g. I could ping 8.8.8.8 but not dig @8.8.8.8 google.com. Even doing

   $ brctl br0 down
   $ brctl delbr br0

still resulted in a restart of /etc/init.d/networking.

I don’t understand why this doesn’t work. I’ve also tried using Ubuntu’s network-manager gui, creating a new ‘shared’ AP — which just opens hostapd and also googled extensively, but can’t find a clear answer. I know that network topologies with multiple wireless bridges definitely exist — what’s the simplest way to configure it?


Get this bounty!!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.