WDS link problem: ping only

Denis Vlasenko vda
Mon Nov 1 05:15:19 PST 2004


On Monday 01 November 2004 14:20, michael schatz wrote:
> denis-
> thanks for your responses---i think you understand my difficulty well, but i'm not
> sure i understand what to do based on your suggestions...see below
> 
> Denis Vlasenko <vda at port.imtp.ilyichevsk.odessa.ua> wrote: 
> 
> On Monday 01 November 2004 06:05, michael schatz wrote:
> > 
> > Hi-
> > I've established a WDS static link between two APs running hostAP (call
> > them AP:A and AP:B) under RedHat 9.0. AP:A and all wireless devices that
> > associate with it have full access to the internet (ping, DNS, web
> > browsing, ssh, etc). AP:B also has full access to the internet, but
> > all wireless devices associated with AP:B can only ping (only by using IP
> 
> ping what? ping anything? ping AP only?
> 
> 
> everything behind AP:B can ping anything (AP:B, AP:A, wireless devices on AP:A, anything on the internet) but only if i use the explicit IP address-i.e. host names are not resolved.

Your routing/firewall is correct, then. Only DNS is messed up.

Do "ping www.yahoo.com" and watch tcpdumps, you
will see where do DNS requests are going,
and wheter there is any reply.

Check /etc/resolv.conf

> You most probably meant this:
> 
> INTERNET via router (192.168.0.1)
> |
> |
> eth0 (192.168.0.7)
> AP-A wlan0 (10.1.2.1) -- 
> 10.1.2.254/30
> |
> WDS
> |
> 10.1.2.253/30

> AP-B wlan0 (10.1.3.1) --
> > ********AP:A initialization script********
> > #!/bin/sh
> > #
> > 
> > touch /var/lock/subsys/local
> > echo "Local wlan0 config. stuff"
> > /sbin/iwconfig wlan0 channel 1 ESSID "Vedado" txpower 15
> > 
> > echo "setup WDS static link"
> > #MAC address below from AP on other end of the link
> > iwpriv wlan0 wds_add BB:BB:BB:BB:BB:BB
> > ip addr add 10.1.2.254/30 broadcast 10.1.2.255 dev wlan0wds0
> > ip link set wlan0wds0 up
> > 
> > echo "Enabling IP Masquerading"
> > /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
> > echo "1" >/proc/sys/net/ipv4/ip_forward
> 
> You dont have any routing setup here.
> Does AP-A know how to reach 10.1.3.x?
> If not, nothing will work from behind AP-B.
> 
> you are exactly right!.....AP-A  _cannot_ reach 10.1.3.x   i think this is the main problem...how specifically do i correct this?

At closer examination, you have MASQed out 10.1.3.x

You can leave it as is if you do want 10.1.3.x
firewalled from outside.

Or remove MASQ and add routing rule on AP-A so that it
knows thtat there is a subnet behind AP-B's ip:

> > ********AP:B initialization script********
> > 
> > #!/bin/sh
> > #
> > touch /var/lock/subsys/local
> > echo "Local wlan0 config. stuff"
> > /sbin/iwconfig wlan0 channel 1 ESSID "Vedado" txpower 23
> > 
> > echo "set up WDS static link"
> > #MAC address below from other end of link
> > iwpriv wlan0 wds_add AA:AA:AA:AA:AA:AA
> > 
> > ip addr add 10.1.2.253/30 broadcast 10.1.2.255 dev wlan0wds0
> > ip link set wlan0wds0 up
> > 
> > echo "Enabling IP Masquerading"
> > /sbin/iptables -t nat -A POSTROUTING -o wlan0wds0 -j MASQUERADE
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

remove this, then add on AP-A:

ip route add 10.1.3.0/24 via 10.1.2.253

> BTW, use tcpdump to see what's going on the 'wire'.
> 
> How specifically do i use tcpdump in this case?

tcpdump -nli<interface>
--
vda





More information about the Hostap mailing list