I used an Intel NUC running Debian Stretch as wireless access point for month. All I had to do was to assign all the interface (the internal ethernet one, an USB-ethernet adapter, and hostapd, the access point daemon) to the same network bridge `br0`. That's all. Even hotplugging the usb-ethernet adapter worked fine.
For those curious, find the `/etc/network/interfaces` and `/etc/hostapd.conf` here: (Grep for `br0` in both)
Can anyone elaborate on why the authors way of implementation is superior to that? He/she's using `parprouted` and `dhcp-helper`.
From the parprouted man page:
> parprouted is a daemon for transparent IP (Layer 3) proxy ARP bridging. Unlike standard bridging, proxy ARP bridging allows to bridge Ethernet networks behind wireless nodes. Normal L2 bridging does not work between wireless nodes because wireless does not know about MAC addresses used in the wired Ethernet networks. Also this daemon is useful for making transparent firewalls.
When wireless nodes don't know about mac addresses, why is my wireless interface on `ip a` showing a mac address then?
On wired ethernet, a packet contains the MAC address of the destination host. Switches across the network keep track of which port a given MAC address is associated with and forward it appropriately. Wifi doesn't have the same concept - the only destination MAC address in a standard 802.11 packet is that of the destination Wifi station. So, if you have a device on Wifi with several wired devices behind it, and you want to send a packet to one of those wired devices, you can't stick the wired device's MAC address in there - it needs to be the address of the one with Wifi. So how does that Wifi node know which wired device to forward the packet to?
(This is avoided with WDS, but that requires the AP to cooperate)
The 802.11 header has 4 MAC addresses: Source Address (SA), Destination Address (DA), Transmitter Address (TA), Receiver Address (RA). The TA and RA are those of the Wifi station and SA and DA are the Ethernet addresses. This allows bridging Ethernet and Wifi interfaces and it is how many (most?) Linux-based Wifi routers work.
Yes, if you're using WDS, otherwise you only have three addresses used. Since you need the transmitting device to populate the DA, you can't just turn on bridging on a client and have everything work - you need both ends of the link to be involved.
Yes, for a wifi client (like in the article) you're right. manuel_w was talking about bridging on the AP and for that you do just enable bridging and it works fine.
For those curious, find the `/etc/network/interfaces` and `/etc/hostapd.conf` here: (Grep for `br0` in both)
---Can anyone elaborate on why the authors way of implementation is superior to that? He/she's using `parprouted` and `dhcp-helper`.
From the parprouted man page:
> parprouted is a daemon for transparent IP (Layer 3) proxy ARP bridging. Unlike standard bridging, proxy ARP bridging allows to bridge Ethernet networks behind wireless nodes. Normal L2 bridging does not work between wireless nodes because wireless does not know about MAC addresses used in the wired Ethernet networks. Also this daemon is useful for making transparent firewalls.
When wireless nodes don't know about mac addresses, why is my wireless interface on `ip a` showing a mac address then?