Re: Can't send packets via WiFi (possibly route issue)
From: Floyd L. Davidson (floyd_at_barrow.com)
Date: 01/17/05
- Next message: lili_at_nrcan.gc.ca: "Re: NFS help"
- Previous message: GS: "I have 6 PC's with Linux installed and Cable modem with LAN connection, How can I hookup all these PC's to Internet??"
- In reply to: OtisUsenet: "Re: Can't send packets via WiFi (possibly route issue)"
- Next in thread: Trygve Selmer: "Re: Can't send packets via WiFi (possibly route issue)"
- Reply: Trygve Selmer: "Re: Can't send packets via WiFi (possibly route issue)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Mon, 17 Jan 2005 05:39:10 -0900
"OtisUsenet" <otis_usenet@yahoo.com> wrote:
>Floyd L. Davidson wrote:
>> "OtisUsenet" <otis_usenet@yahoo.com> wrote:
>> Given this is a laptop, you'll want to be able to use either a
>> 10baseT wired link or the wireless link. There are only big
>> problems if you want to use both at once, because then you have
>> to decide which traffic goes to which interface.
>
>Sorry for not saying that. You guessed correctly - this is a laptop
>and I want it to use eth0 (10baseT Iface) if I'm plugged into the
>network, and if I'm not then I'd like the machine to try going over
>eth1 (WiFi).
>I don't need to use both at once - one or the other is fine.
That makes it easy unless you want the selection to be
automatic. I've never tried that... Hmmmm...
>> >Machine, OS, kernel:
>> >ThinkPad T42, Fedora Core 3, kernel 2.6.9-1.667.
I have no idea how Fedora Core 3 manages networking. Therefore
I can't tell you which files or which admin programs are
available to massage networks. I have a "unix" background, and
use Slackware Linux just because it doesn't try to hide the
nitty gritty behind another layer (or two) of obscurity.
Hence,
>> >169.254.0.0 * 255.255.0.0 U 0 0
>0
>> >eth1
>>
>> This will send all traffic for any 169.254.x.x address to eth1.
>
>Yes. (not sure why this 169.254 IP is even in the routing table - it
>gets automatically added when I ifup eth0)
I have no idea where you should look to see what is doing that.
I'd start by looking in /etc/hosts and /etc/networks to see if
there is a name assigned to 169.254 anything. Then I'd use grep
on /etc and all its subdirectories looking for any name assigned
to it, and for the string "169.254". Some place you'll find a
reference to it...
>> concerned. But the question is, if eth1 is a wireless device...
>> what does it connect to? *That* device has to be able to route
>> all of these addresses to your wired LAN, and it appears that it
>> does not.
>
>Well, I think that this WiFi device (eth1) should route all
>non-192.168.0.0 packets to my AP/router (192.168.0.1). That's the only
>way I can get out on the WAN, no?
Actually, it should *all* be routed to the eth1 interface.
That is as opposed to sending it specifically to an address
reached on that interface (which would be a gateway). That
could be done, but isn't necessary. Just having a route which
masks everything to a 192.168.x.x address and routes to eth1
will do fine. Wireless is much like a point-to-point link using
PPP in that respect. There is only 1 node physically connected
to the interface, so there is no need to specify it as a
gateway. Of course that does mean that node must necessarily be
capable of IP forwarding and routing.
Regardless, a command like
route add -net 192.168.0.0 netmask 255.255.0.0 dev eth1
will add the proper route, and will show up looking like,
192.168.0.0 * 255.255.0.0 U 0 0 0 eth1
The ifconfig program, when you bring up the interface, will
automatically add a route that looks like this,
192.168.0.0 * 255.255.255.0 U 0 0 0 eth1
It isn't needed, though it does no harm. If you want you
can remove it with,
route del -net 192.168.0.0 netmask 255.255.255.0 dev eth1
>> For a number of reasons, I'd suggest that you separate your
>> wired and wireless networks onto different subnets. It makes
>> routing a lot easier. For example, use 192.168.0.x addresses
...
>I just tried this.
But you only separated half of it, so how could it work?
>I assigned the WiFi IFace a static IP: 192.168.1.3, while I left the
>10baseT IFace at 192.168.0.2.
>Router/AP's IP is set in the router and it is: 192.168.0.1.
Change that to 192.168.1.1.
>My Router (Netgear MR814) Admin app does have a section called 'Static
>Routes', which lets me enter this:
>
>Route Name [ ]
>Private [ ]
>Active [ ]
>Destination IP Address xxx.xxx.xxx.xxx
>IP Subnet Mask xxx.xxx.xxx.xxx
>Gateway IP Address xxx.xxx.xxx.xxx
>Metric [ ]
More on this, farther down.
>Don't I want eth0 going to the Router and out, as well as eth1 going to
>the Router and out. I don't really need my eth0 and eth1 to talk to
>each other directly.
eth0 and eth1 are interfaces. Only one of them is connected to the
router. 192.168.0.x and 192.168.1.x are subnetted IP address ranges.
If you disconnect your wired LAN from eth0, then you want *everything*
to go to eth1. Of course, if instead you turn off the wireless router,
and still have the LAN connected, then you want everything going to eth0.
And if you have them both connected at once you'll have the
option of deciding (and using this option is not optional, you
*must* decide what goes where) which traffic goes to which
interface. And it should be obvious that you can decide all or
any of it goes to one or the other. The only thing is that you
can't ever send to more than one route.
Lets draw a diagram of an example network, to make it a little
more clear just what function that Route/AP has.
Internet
| (Ethernet)
+---------+ |
| Gateway |----+ \ /
+---------+ | / \
| +---------+ |
+----| wifi AP |---+
| +---------+
+---------+ | \ /
| Host 1 |----+ / \
+---------+ | | +---------+
| +--x<->x--| |
| | Laptop |
+---------------------o o--| |
| +---------+
+---------+ |
| Host 2 |----+ \ /
+---------+ | / \
| | +---------+
v +---------| Host 3 |
+---------+
\__Sub Net 192.168.0.x__/ \____Sub Net 192.168.1.x____/
Everything on the left is part of the wire network, and has an
address of 192.168.0.x, and everything on the right is part of
the wireless network and has an address of 192.168.1.x.
The "wifi AP" sits in the middle, and connects to *both*. Indeed,
it is the *only* connection between them. (Note that for this
example the laptop is *physically disconnected* from the wired
network.
The /etc/hosts file in *every* node needs the address and name
of *every* interface on that network (assuming they are all to
be able to communicate with each other).
The connection between the two networks is the "Wifi AP". It
*necessarily must* 1) do ip forwarding and 2) routing to both
networks. I *must* have a route to each and every node on the
wired network that is expected to communicate with *any* device
on the wireless network.
And each host on the wired network needs to send traffic for the
wireless network to the wifi AP, and therefore each host must
route 192.168.1.x traffic to the ethernet, *and* either that
traffic must be addressed to the wifi AP as a gateway *or* the
wifi AP must know the IP address of every connected wireless
client and have ip forwarding and a route enabled to that
client.
Hence if the laptop is expected to be able to nfs mount file
systems from Host 2, or to allow telnet or ssh/ssl in either
direction, the Wifi AP *must* have a route to Host 2. (This is
very handy too! Laptop keyboards are a pain to use, so I very
commonly fire up the laptop and set it aside while I telnet into
it from my workstation with a nice keyboard and a screen that is
twice as large...)
>The Router also lets me assign IPs to Mac addresses, so that each
>device always gets the same IP. So I tried using that to assign
>192.168.1.3 to the Mac address of my WiFi card. That didn't work -
>apparently the IP has to be in the same subnet as that of the Router,
>which is 192.168.0.0.
I'm not sure what you did there, as far as "assign IPs". On the
laptop, the ifconfig command assigns the IP for that interface.
You can use a "static IP" or use DHCP to get an IP assigned by a
DHCP server (which might be the Wifi AP, for example). There
are advantages to both. If you commonly plug into various
networks that do DHCP, then you'll want to configure your laptop
to deal with that. Otherwise it is easier, on a small network,
to just use static IPs.
I have no idea how Fedora Core sets up DHCP, so I can't help you
with that at all.
Regardless, you will want to move the Wifi AP's IP address to
the wireless subnet anyway. So do assign it an address like
192.168.1.1. Then, if it is used as a DHCP server, you'll get
your 192.168.1.x addresses for wifi interfaces, or just use
static IP's and assign the laptop 192.168.1.3 as you describe
below.
>I _did_ set eth1's IP as 192.168.1.3 in
>/etc/sysconfig/network-scripts/ifcfg-eth1 and now I do have that in the
>routing table:
>
># route
>Destination Gateway Genmask Flags Metric Ref Use
>Iface
>192.168.1.0 * 255.255.255.0 U 0 0 0
>eth1
This routes everything with a wifi subnet address to the wifi interface.
It doesn't allow you access to the LAN via the wifi AP.
>192.168.0.0 * 255.255.255.0 U 0 0 0
>eth0
This routes everything with a LAN subnet address to the LAN... except
you don't have the LAN connected, and instead have the wifi interface
active.
So you need to 1) make sure the eth0 interface is down, 2) delete any
and all routes to eth0, 3) add routes for all of your LAN nodes to be
sent to the eth1 interface. Of course that means that all of these
IP addresses get sent to the Wifi AP, and that means it *must* have
routes to any LAN address that is intended to communicate with the
laptop.
>169.254.0.0 * 255.255.0.0 U 0 0 0
>eth1
Figure out where that comes from, and delete whatever is causing it.
>default 192.168.0.1 0.0.0.0 UG 0 0 0
>eth0
This won't work, because the eth0 interface is supposed to be
disconnected and everything should go to the eth1 interface.
Once there is a route for 192.168.0.1, then you can set up a
default gateway route to that node (via eth1 though).
>That still doesn't do it, though. With the above I can still only ping
>the eth1/WiFi interface if I say ping -I eth1 192.168.1.3. I can't
>ping any other IPs using -I eth1.
Because there are no routes. I suspect the Wifi AP also has no
routes either. So initially all you want to accomplish is being
able to ping the Wifi AP. Then get it to where you can ping
other hosts on the ethernet (which will require proper routes
through the AP).
I'm not specifically familiar with your Wifi Router/AP. The
table of inputs that you gave,
Route Name [ ]
Private [ ]
Active [ ]
Destination IP Address xxx.xxx.xxx.xxx
IP Subnet Mask xxx.xxx.xxx.xxx
Gateway IP Address xxx.xxx.xxx.xxx
Metric [ ]
looks very similar to what the Linksys WRT54G that I have uses,
and I can't say that I fully understand what they are doing! I
had a heck of a time experimenting with it to see what it would
accept and what it wouldn't.
I have no idea what "Private" or "Active" might do. Otherwise I
assume there is some similarity between the others and what
shows up on a route table in Linux. But since, other than
deriving it from the IP address, there is no way to say "host"
or "net", it might do funny things.
Try things like,
A. Enter a route name like "wired_subnet"
B. Ignore both "Private" and "Active"
C. Enter an IP address of "192.168.0.0"
D. Enter a subnet mask of "255.255.0.0"
See what that gets you. Hopefully it would be a route to *all*
192.168.0.0 addresses. You might try both yes and no for Active,
and also for Private.
If that doesn't work, name a route for each of your hosts, enter
the host's IP address and use 255.255.255.255 for the mask, and
make a route for each of them.
And try a default too, using 0.0.0.0 for the IP address and a
0.0.0.0 mask, and enter your gateway's IP address for the
gateway.
>> The device whose MAC address is 00:09:5B:29:41:3F has to be able
>> to correctly forward and route traffic. It appears from what
>> you gave above that it might not be doing that.
>
>That could be it, because I _do_ see my WiFi MAC address in a list of
>'attached devices' on the Router. That MAC address above belongs to my
>Access Point/Router.
Yes. That indicates you have a connection between the AP and
your client in the laptop, which means you have all of the other
pieces, like crypto key's and essid, matching up okay at least
to a point where you can test it. If is shows up as all 00's,
there is no connection.
>> Destination Gateway Genmask Flags ... Iface
>> 1 192.168.0.1 * 255.255.255.255 UH ... eth1
>> 2 192.168.0.0 * 255.255.255.0 U ... eth0
>> 3 192.168.1.0 * 255.255.255.0 U ... eth1
>> 4 169.254.0.0 * 255.255.0.0 U ... eth0
>> 5 default 192.168.0.1 0.0.0.0 UG ... eth1
>>
>> When the ifconfig command for each interface is given, it will insert
>> a default route based on the address. Those are lines 2 and 3. Line
>> 1 is created with this command:
>>
>> route add -host 192.168.0.1 dev eth1
>
>Of the 5 routes in your routing table, that is the one whose purpose I
>don't get. :) Your 10baseT is on .0.0 subnet, your WiFi is on .1.0
>subnet. Anything for .0.x you send to eth0, _except_ when x=1 (so
>.0.1), in which case you send packets to WiFi. I'm not sure I
>understand why you do that.
That was just to demonstrate that the IP subnet addresses and
the routing are two entirely separate things. That distinction
is what is causing you all the problems!
First, that example is for a system with both eth0 and eth1
interfaces up and functioning. The eth0 interface has an
address in the 192.168.0 subnet, and physically is connected by
ethernet to every device that has such an address. Hence
routing 192.168.0.x traffic to that interface will work.
But lets pull the plug on that interface, and fire up the eth1
interface to the wifi AP. The eth1 interface has a 192.168.1.x
subnet address and is physically connected only to the wifi AP.
But, since we've pulled the plug on the wired LAN (and walked
across the street or something), we have no route available to
the 192.168.0.x subnet *other than through eth1 and the wifi AP*,
all of which are on the 192.168.1.x subnet.
So to fix that, we make sure there are no routes at all to the
disabled eth0 interface, and add a route to send *everything* to
the eth1 interface. In order for that to work of course...
something on the 192.168.1.x subnet must necessarily forward
traffic with 192.168.0.x addresses to the wired network. Since
wireless is basically point to point, obviously whatever your AP
is, if this is to work, has to forward those packets.
(In your case a router is used as an AP, and obviously that
should work if it has the right routing set up; but consider an
Ad-Hoc network where two client wireless cards can talk to each
other. In that case, the client might be your Host 3 node, and
no it is not necessarily going to forward packets anywhere! Of
course one could set up a Linux box with a wireless client, one
port going to the Internet and 4 ports for local ethernet
host... and that is exactly what a Linksys WRT54G is, too!)
Anyway, so now that we've routed all traffic to the eth1
interface, lets go back over and plug in the cable to eth0
again. Hmmm... we have *two* possible routes to the
192.168.0.x subnet. But, when the ifconfig command is used it
will supply a default 255.255.255.0 masked route, which means if
you ping any 192.168.1.x address it will still go to the wifi
router, and any 192.168.0.x address will now be routed to the
eth0 wired interface. But... with two functional links
available, it doesn't _have_ to be that way!
To demonstrate that, I put in that one route, to the gateway,
which goes to the wifi router via eth1 instead of going via
eth0. (You could, for example, then use any of the firewall
capabilities of the router to filter packets sent to the Internet
while not filter those sent to local wired hosts.)
The point is, if you have two routes you can mask off subnets,
but you can also route individual hosts to either interface.
But in either case there must be a *physical* *connection* to
the destination and there must be a *route* through every node
in that physical connection.
If you route traffic to eth0, and unplug it... no connection.
If you route traffic to eth1 and the AP drops the traffic because
it has no route for it... no connection.
And the fact that eth1 has a 192.168.1.x address itself in no
way means it has to carry only 192.168.1.x packets.
>Also, the IP in the Gateway column of line 5 (192.168.0.1) belongs to
>what IFace? Is that your Router/Gateway? That is what I always
>thought goes there.
Yes, that is the address of the Internet gateway.
>What is your AP/Router's IP? Which line in the routing table says
>'send packets to the AP/Router'?
>
>Ooooh, is that not even needed?
!!!! Exactly! Because *everything* sent to eth1 necessarily goes
to the AP. The trick is making sure the AP itself has a route for
everything it is supposed to see.
>Is this (iwconfig output) all that is needed to tell the kernel to
>route packets sent to 'eth1' to the AP, using that AP MAC address:
>
>eth1 IEEE 802.11b ESSID:"Wireless"
>Nickname:"localhost.localdomain"
>Mode:Managed Frequency:2.412GHz Access Point:
>00:09:5B:29:41:3F
>
>Is that it?
All that tells you is that the wireless client is talking to the
wireless AP whose MAC is 00:09:5B:29:41:3F, and can be accessed
via the eth1 interface. It has *nothing* to do with which packets
will be sent to eth1.
*Only* the route tables decide that.
Note that while your particular devices are using eth0 and eth1
as the interface names, on my laptop eth0 is the ethernet
interface, and the internal wireless client gets wlan0. When I
use a pcmcia wireless client in addition to the onboard client,
the card gets the wlan1 interface. (The wlan0 intefaces are all
based on Broadcom wireless chips.) On another machine I have a
wireless client based on an rt2500 chip, and that driver uses
ra0 as the name for the interface. The interface name does not
have any relationship to the IP address until you use the
ifconfig program to assign an address, and it can be any valid
IP address you choose to use.
>But line 5, the default gateway one, goes to eth1. What happens if you
>take your laptop to a place without WiFi AP? Don't you have to modify
>the routing table then?
Of course. You can't route traffic to a network that is not
connected! Just as you cannot use routing to your 10baseT eth0
interface if you unplug it and walk across the street, you
certainly cannot route traffic to the wireless net if you turn
off the AP or move the laptop to anyplace that it cannot connect
from.
Hence you *necessarily* must have different routing setups for
1) Having both eth0 and eth1 functional.
2) Having only eth0 functional.
3) Having only eth1 functional.
And, it should also be obvious that if your laptop is connected
via eth0 to your home network (with some specific Internet
gateway, for example, and perhaps with a static address of its
own that is known to other hosts on your network), it has a
configuration for both the interface and the route tables that
will not necessarily work if you unplug it and visit a friend to
plug into his network.
The same is true of the wifi AP, in that if you change AP's,
the entire configuration needs to be redone to match.
>I'm still not sure what to do with my WiFi IFace here.
>My AP/Router has IP of 192.168.0.1.
Change that to 192.168.1.1
>My eth0 (10BaseT) has IP of 192.168.0.2.
Fine.
>My eth1 (WiFi) has IP of 192.168.0.3.
Change that to 192.168.1.3
>With the above IPs, my eth1 MAC address _does_ show up in the AP's list
>of 'attached devices', which is a good sign.
But since it is a 192.168.0.x address, you'll play Hell trying to
mask it off!
>If I manually change my Wifi IFace to 192.168.1.3, while leaving my
>10baseT IFace on 192.168.0.2, the WiFi MAC address disappears from the
>AP's list of 'attached devices'. That is, I think, because of
>difference in subnets (.0.0 vs. .1.0). Hmmmm.... Arrrrggggghhhh. :(
So change them *both*!
-- Floyd L. Davidson <http://web.newsguy.com/floyd_davidson> Ukpeagvik (Barrow, Alaska) floyd@barrow.com
- Next message: lili_at_nrcan.gc.ca: "Re: NFS help"
- Previous message: GS: "I have 6 PC's with Linux installed and Cable modem with LAN connection, How can I hookup all these PC's to Internet??"
- In reply to: OtisUsenet: "Re: Can't send packets via WiFi (possibly route issue)"
- Next in thread: Trygve Selmer: "Re: Can't send packets via WiFi (possibly route issue)"
- Reply: Trygve Selmer: "Re: Can't send packets via WiFi (possibly route issue)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
