Re: Bridging wired to STA interfaces.

[Ben Greear <greearb@candelatech.com>]

On 08/11/2011 01:48 AM, Adrian Chadd wrote:
> On 11 August 2011 15:14, Ben Greear<greearb@candelatech.com>  wrote:
>
>> I think I'll just force user to create an STA with matching MAC (for the
>> MAC of the PC/whatever to be bridged).  Ath9k and ath5k can support at
>> least 128 stations, so that will be plenty for our uses...
>>
>> We saw some problems changing MAC on STA after they were created, but
>> it seems to be ok if we just create it with correct STA the first time,
>> and we'll try to figure out why changing MAC was acting weird as well.
>
> Oh wow, that's a cool use of multi-STA support. Now I want to get it
> working in FreeBSD.
>
> I think I may need to corner you sometime and sort out exactly how
> this works. Nice thinking Ben!

Just to follow up on this, I believe I now have this working
with a user-space bridge.  It's part of my proprietary app, but
here's the basic algorithm in case someone else wants to try
this:

Network setup:

server -- AP {{{}}} station-bridge  -- clients

For each client, create a virtual station on the station-bridge machine
with the same MAC as the client.

Packets coming in a station interface are sent out the wired interface
unless they are 802.1X frames (0x888e ethernet type).  These
are just dropped.  If destination MAC is broadcast, it is changed
to be that of the STA's MAC.  This is probably not required, but seems
a good optimization and I cannot think of any reason not to...I may be
wrong however.

Packets coming in the ethernet interface are mapped onto the STA that
matches the source MAC of the ethernet frame.  Packets that do not match
are silently discarded.

You have to explicitly disable IPv4/6 routing on the bridge interfaces
or the OS might try to route them.  You should also disable ARP and such.
You must remove all IP addresses from the bridge interfaces.  You should
probably disable LRO and such as well.  In general, the idea is to make
the packet socket the only active consumer of the packets so that the OS
doesn't muck with things and toss un-expected packets onto the network.

Use packet sockets to read/write the packets.


This could all be done in the kernel, but aside from saving some packet
copies to/from user-space, it seems like a user-space app is sufficient.

I tested this with ath9k in the AP and virtual station machines.  The
pertinent bits should be available in standard upstream kernels,
but we're using our hacked kernels.

If anyone writes a stand-alone app to do this, I'm interested to know.

Thanks,
Ben


-- 
Ben Greear <greearb@candelatech.com>
Candela Technologies Inc  http://www.candelatech.com