So, you know the way you can’t do proper wireless bridging, in client mode, if your AP doesn’t support “4addr” mode, in Linux, these days? The Debian page on same is about the best resource going on the subject, but the ebtables instructions just plain don’t work. Also, parprouted hasn’t seen any updates in 3 years, and crashes a lot.
Well, if you enable proxy arp on the wireless and bridge interface using sysctl settings, it works, and is nice and simple. :)
Here’s the relevant bit from my /etc/sysctl.conf
net.ipv4.conf.wlp2s0.proxy_arp = 1 net.ipv4.conf.br0.proxy_arp = 1
I split my private subnet into two 25 bit networks so the kernel hopefully knows which IP’s are on which side (the bridge or wireless). Here’s my /etc/network/interfaces:
# interfaces(5) file used by ifup(8) and ifdown(8) auto lo iface lo inet loopback auto wlp2s0 iface wlp2s0 inet static address 192.168.1.212/25 gateway 192.168.1.254 dns-nameservers 127.0.2.1 wpa-iface wlp2s0 wpa-ssid ssid wpa-psk password auto br0 iface br0 inet static bridge_ports none address 192.168.1.1/25
I don’t specify any bridge ports, because they get added dynamically by KVM/LXD – the purpose of this setup is to have KVM/LXD hosts set up on the bridge side, which can communicate with each other, and the rest of the network/internet as though they are “real” and directly connected.
No firewall rules. Just works. No fuss.
Only thing to note is that you either need a separate DHCP server on the bridge interface side, or to configure a dhcp relay so that VM’s/containers can get an address.