Frankenstein network success! I managed to turn an old Linksys WRT54GL into a wireless ethernet bridge. It was remarkably difficult. Despite a long history the WRT54GL seems end of life to me, a lot of the hacker firmwares don’t really support it well anymore.
The goal here is to bridge my new fast Internet access from the tree 200 feet away to my house. The router up there works great but right now I don’t have a wire into my house, so only wireless devices with good antennae can use it. A wireless ethernet bridge is perfect for that; it turns that old WRT54GL into what looks like an ethernet switch connected to the router via a magic wireless wire. In theory. Note the WRT54GL is doing very little else in this configuration: no routing, no DHCP, no DNS, etc. It’s acting more like a layer 2 ethernet/wifi device than a layer 3+ Internet device.
The big problem I had was trying to make this work with Tomato/Shibby firmware. It supports ethernet bridging but has some weird and spooky restrictions around WPA2 and bridging mode. I never could get it to connect on the wireless link, probably because of that authentication mismatch.
I’m grateful I understand arp; there’s no way to debug or reason about what a bridge is doing without it. The Tomato firmware doesn’t even really present the arp data to you very clearly, you have to ssh in and run the arp binary to see it.
So now I have 4 ethernet ports with fast internet inside my house. Albeit as a temporary setup. How do I get the rest of the network using it? I can just plug the switch for the wired devices into the bridge and it should all work, now DHCPed and routed by the temporary router up by the tree. The problem is I have a couple of wifi-only devices in the house with antennae too weak to reach the tree. So I could repurpose a third router and turn it into an access point for the tree network, that’d be the “right” way to do it permanently. But I want to be able to undo this all and so not screw up that third router, the one that’s my current normal (slow Internet) router.
So instead I’m considering plugging that house router’s WAN cable into the bridge. That should work with much less disruption to the rest of the house network and easy to undo. But it implies we’re doing double NAT for everything which is pretty gross.
Update: I went with the double NAT setup; basically changed my primary home router’s WAN connection from the old Internet link to get Internet via the bridge, which goes to another NAT router, and then the antenna. It may actually be triple NAT; I think the antenna hardware does NAT too. It’s gross but none of my client computers seem to care much. UPnP/NAT-PMP doesn’t seem to be working so no inbound connections, but I can live with that for now. I realized later the “right” setup is for the wireless ethernet bridge to be outside near the tree / antenna, then have my internal router get its WAN connection via that WiFi link. I think DD-WRT or Tomato can be bent to do that but the firmware all assumes your WAN link is coming in that ethernet port on the back. Too much hacking for a temporary thing.
One other thing to mention / option for making this work is WDS, a sort of bridge-like system for wifi networks. The key thing is it allows a device like my WRT54GL to both use the wifi interface as a client and also serve as a repeater / second access point serving that exact same wifi interface. Both Tomato and DD-WRT claim to support it, but it seems pretty spooky to me. Also lots of warnings online it’s not a well defined standard and compatibility is a problem.
I’ve spent a lot of time on a hack that’s only going to be used for a few days. The outside router is sitting in open air on top of a post! Good thing it doesn’t rain in California anymore.