Wireless and Broadcast packets problem

Adrian Thearle adrian at thearle.com.au
Sat Aug 23 01:25:06 UTC 2008 

Hi Guys

I am having a problem with my wireless network. The Issue is that 
clients connected to the wireless LAN cannot _see_ other clients. My 
understanding of 802.11 was that clients could talk to other clients, 
except all traffic would go via the access point and that the AP would 
forward on the packets. This also ensures that encryption works as 
expected as well as other RF issues.

One thing that I can see is going wrong is that clients on the Wireless 
Lan sending Broadcast packets, but they are not being forwarded by the 
AP to anyone else... Wireless clients also cannot ping each other 
(mainly because their ARP requests are not being answered)

Below is a simplified system diagram.

AdriansPC                  AlbertAP       \|/
---------  192.168.123/24  ------------    |
|        |--LAN------bge0-|            |---| ral0 (192.168.124/24)
|________|                |____________|----------tun0--->PPPoE(bge0)

Windows                    FreeBSD


  Sneaky    \|/
---------    |
|        |---|  192.168.124.2  (Static IP address)
|________| ral0
 FreeBSD

  Laptop    \|/
---------    |
|        |---|   192.168.124.150 (DHCP)
|________|
 Windows

When running TCPDump on AlbertAP I can see plenty of wireless traffic 
going around the place. Wireless Clients are able to connect and have 
their session is encrypted with WPA. This all seems to work, wireless 
clients are able to browse the net. (Those that can get an IP address 
anyway, which happens to be the windows machines)

*Problem*
I have run tcpdump on both AlbertAP and Sneaky and seem some interesting 
omissions. When I ping Sneaky from Laptop I see on Albert the ARP 
request come out from Laptop asking for Sneaky's MAC address.

AlbertAP> tcpdump -i ral0
10:27:51.979664 arp who-has 192.168.124.2 tell 192.168.124.150
10:27:51.979684 arp who-has 192.168.124.2 tell 192.168.124.150

But on Sneaky I cannot see these packets comming in... All I get is 
random EAP traffic
Sneaky> tcpdump -i ral0
10:30:32.987961 EAP code=2 id=3 length=123
10:30:32.988383 EAP code=1 id=3 length=95
10:30:32.990557 EAP code=2 id=3 length=135
10:30:32.991548 EAP code=1 id=3 length=95

However if a Wired client like AdriansPC tries to ping Laptop then 
things work. Albert knows the MAC address of the Wireless client to send 
the ping packet to and so just sends it off.


*Problem*
The other thing I see alot of is netbios broadcast traffic coming from 
the Laptop on the wireless. Albert can see all this traffic coming in, 
but none of it gets forwarded to Sneaky, (nothing about netbios from a 
tcpdump on sneaky).

The same can be said for a particular client doing DHCP/BOOTP. On 
AlbertAP, I see the request come in and see the response go out (the 
response goes to 255.255.255.255) but I do not see this on sneaky (I 
should right, its a broadcast address). Oh and I don't think this client 
is actually getting a response as I can't do much with it(ie ping). (Its 
a wireless print server)

Interestingly enough DHCP does seem to work to Laptop. I believe that 
this is because windows is doing DHCP, where as my print server is doing 
BOOTP.


*It does work*
Just so you believe me that normal traffic does get around, here is a 
ping from sneaky to albert.

Sneaky> tcpdump -i ral0
10:36:11.243678 arp who-has 192.168.124.1 tell 192.168.124.2
10:36:11.244634 arp reply 192.168.124.1 is-at 00:1a:ee:00:d5:c0 (oui 
Unknown)
10:36:11.244693 IP 192.168.124.2 > 192.168.124.1: ICMP echo request, id 
18949, seq 0, length 64
10:36:11.251920 IP 192.168.124.1 > 192.168.124.2: ICMP echo reply, id 
18949, seq 0, length 64

AlbertAP> tcpdump -i ral0
10:36:11.241001 arp who-has 192.168.124.1 tell 192.168.124.2
10:36:11.241017 arp who-has 192.168.124.1 tell 192.168.124.2
10:36:11.241042 arp reply 192.168.124.1 is-at 00:1a:ee:00:d5:c0 (oui 
Unknown)
10:36:11.248582 IP 192.168.124.2 > 192.168.124.1: ICMP echo request, id 
18949, seq 0, length 64
10:36:11.248600 IP 192.168.124.1 > 192.168.124.2: ICMP echo reply, id 
18949, seq 0, length 64


*Discussion Point*
I find it interesting that sneaky asks for 192.168.124.1's MAC address 
with an ARP request, but albert got two of them...



*System Details*
Things are basically setup as detailed in the Handbook, with the 
wireless LAN on a different Subnet to the wired one. I have also had a 
go at bridging the two interfaces but ran into trouble so didn't spend 
long there. I expect I would have the same issues.

AlbertAP> uname -a
FreeBSD albertAP 7.0-RELEASE-p3 FreeBSD 7.0-RELEASE-p3 #2: Mon Jul 14 
09:00:17 EST 2008     
adrian at albertAP:/usr/obj/usr/src/sys/AdriansKernel  i386

AlbertAP> ifconfig
bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
        ether 00:11:85:b3:a2:7e
        inet 192.168.123.1 netmask 0xffffff00 broadcast 192.168.123.255
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
ral0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 
0 mtu 2290
        ether 00:1a:ee:00:d5:c0
        inet 192.168.124.1 netmask 0xffffff00 broadcast 192.168.124.255
        media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>
        status: associated
        ssid Wireless channel 3 (2422 Mhz 11g) bssid 00:1a:ee:00:d5:c0
        authmode WPA privacy MIXED deftxkey 2 TKIP 2:128-bit TKIP 3:128-bit
        txpower 50 scanvalid 60 bgscan bgscanintvl 300 bgscanidle 250
        roam:rssi11g 7 roam:rate11g 5 protmode CTS dtimperiod 1
plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT> metric 0 
mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
        inet6 ::1 prefixlen 128
        inet 127.0.0.1 netmask 0xff000000
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1492
        inet 111.111.111.11 --> 222.22.222.222 netmask 0xffffffff   
(sanatised)
        Opened by PID 433

ifconfig_ral0="inet 192.168.124.1 ssid Wireless channel 3 mode 11g 
mediaopt hostap up"
hostapd_enable="YES"

ipfw Firewall rules
ipfw add 007 allow all from any to any via ral0




So is there any chance there is a magic sysctl or ifconfig switch that 
will make these broadcast packets go to everyone...?
or is there another problem?
or is this just all the FreeBSD supports at the moment?
or am I just dumb...


Your help is appreciated

Adrian

More information about the freebsd-net mailing list