How do I configure a network interface bridge from WiFi to Ethernet with Debian?
Solution 1
For configuring a bridge from ethernet to wifi, it is as simple as doing in your /etc/network/interfaces
:
auto eth0
allow-hotplug eth0
iface eth0 inet manual
auto wlan0
allow-hotplug wlan0
iface wlan0 inet manual
auto br0
iface br0 inet static
bridge_ports eth0 wlan0
address 192.168.1.100
netmask 255.255.255.0
Replace the IP address with something more appropriate to your network.
If you prefer the IP attribution done via DHCP, change it to:
auto br0
iface br0 inet dhcp
bridge_ports eth0 wlan0
After changing /etc/network/interfaces
, either restarting Debian or doing
service networking restart
Will activate this configuration.
You will have to make sure for this configuration to have bridge-utils
installed. You can install it with:
sudo apt install bridge-utils
For more information, see:
The wlan0 interface also has to be condigured to connect to your remote AP so this configuration is not be used verbatim.
Additional note: bridging eth0 and wlan0 together means in poor layman´s terms that br0 will present itself as a single logical interface englobing the interfaces that make part of the bridge. Usually such configuration is made when both extend or belong to the same network.
Solution 2
See https://wiki.debian.org/BridgeNetworkConnections#Bridging_with_a_wireless_NIC
Bridging with a wireless NIC Just like you can bridge two wired ethernet interfaces, you can bridge between an ethernet interface and a wireless interface. However, most Access Points (APs) will reject frames that have a source address that didn’t authenticate with the AP. Since Linux does ethernet bridging transparently (doesn’t modify outgoing or incoming frames), we have to set up some rules to do this with a program called ebtables.
For an alternative Layer 3 approach using proxy ARP and routing, see BridgeNetworkConnectionsProxyArp.
ebtables Overview ebtables is essentially like iptables, except it operates on the MAC sublayer of the data-link layer of the OSI model, instead of the network layer. In our case, this allows to change the source MAC address of all of our frames. This is handy because we fool our AP into thinking that all of our forwarded frames come from the machine which authenticated to the AP.
... The instructions there go on to manage a list of addresses on one side, I couldn't follow.
Related videos on Youtube
SDsolar
Updated on September 18, 2022Comments
-
SDsolar over 1 year
I am using Raspberry Pi using Raspbian which is just Debian.
I would like to bridge from the primary WiFi network router that connects to Cox Cable to my cabled router here for my subnet to have reliable internet access.
It needs to be a WiFi-to-Ethernet bridge.
I have set /etc/networks for a static address for the USB wlan1 with the external adapter and hi-gain antenna. wpa_supplicant is configured to log in to the master router properly.
So right now it is set up so I can login to the proper network with the password, on external wlan1. Static address is set in /etc/networks. Gateway and nameserver are OK. I can browse web pages, etc.
The missing link is to bridge this to the eth0 port so my router can connect also, to provide service to my subnet.
No need for any extra network services like routing or nat or dhcp, etc. Just a simple bridge.
Can anyone please point me in the right direction to make this happen?
-
Admin about 7 yearsDid you try a very basic bridge by setting no IP on your Ethernet device, creating a bridge with
brctl addbr br0
, adding both devices to the bridge withbrctl addif br0 device
, and then setting your original Ethernet address and route onbr0
? -
Admin about 7 yearsYou have not documented how your wlan0 is configured atm.
-
Admin about 7 yearsGood point. I added some edits to clarify. I like your answer below. It is precisely the opposite of what I am trying to do, but that's OK because I think it is enough information to get me moving. Thank you for posting it.
-
Admin about 7 yearsFound this one and the first answer is funny. 'too broadly correct' - so this bridging stuff apparently requires magic, also. unix.stackexchange.com/questions/272146/…
-
Admin over 5 yearsUpdate from the future (late 2018): Since 2.6.33, you can't bridge wlan to eth. You can bridge wlan to eth only if you switched then wlan0 into 4addr mode. Not all drivers support that. You can read more about it here.
-
-
Rui F Ribeiro about 7 yearsIt is not actually the opposite; if you want wifi clients to connect to the raspberry you need hostapd on top of this configuration; I actually have an openwrt that has been configured here to do what you are asking
-
Rui F Ribeiro about 7 yearsIt is simpler than, it is a matter of configuring the wpa_supplicant
-
SDsolar about 7 yearsOK. Right now it is set up so I can login to the proper network with the password, on external wlan1. Static address is set in /etc/networks. Gateway and nameserver are OK. It logs in to the router perfectly. I can browse web pages, etc. The missing link is to bridge this to the eth0 port so my router can connect also.
-
Ingo about 6 yearsI'm a little bit confused. If I try your setup and do
sudo ifup -a
I get the error messagecan't add wlan0 to bridge br0: Operation not supported
. This was widely discussed with Bridging wlan0 to eth0. What I'm missing with your setup? -
Rui F Ribeiro about 6 years@Ingo I advise opening a new question.
-
Ingo about 6 yearsNo problem to open a new question but I'm unsure if it make sense. I think your answer is outdated and should be corrected. Since kernel >=2.6.33 you cannot add wifi to a bridge (except when WDS is used). This is what is discussed in Bridging wlan0 to eth0.
-
Rui F Ribeiro about 6 years@Ingo There must be more to it, this post is from 2017 for an rpi (kernel 3 or 4?), it was accepted, and I was using and copied this configuration from my Lamobo R1 w/ wifi running Debian with kernel 3 and maybe later with kernel 4. I was not using an athk though. I already suggested you opening a new question to discuss this.
-
Mike Mestnik about 3 yearsI think this can be done with L3 switching, where only the L2 addresses are masqed and 'routing' is done using the L3 headers. See 'ebtables'
-
ddlab over 2 yearsSide notice: I learned in the past few days is, that bridging wifi to eth interfaces with running dhcp requires 4addr mode
sudo iw dev wlp2s0 set 4addr on
for both, AP and clients. To do this, all of the involved wifi interfaces must support interface mode AP, seeiw list | less
and connections need to take down for4addr on
first, and then take up again, to prevent theOperation not supported
error message, as mentioned by @Ingo -
A.B about 2 yearsIt's not (just?) about authentication: bridging with 3 MAC addresses instead of 4 (yes 3 and 4, while Ethernet has only 2) won't allow systems behind the bridge to work. See networkengineering.stackexchange.com/questions/25100/…