rt2500 chipset rt2500 pci and bridging capabilities

Live forum: http://rt2x00.serialmonkey.com/viewtopic.php?t=4779


07-05-2008 06:54:49

Hello, I recently installed debian on macbook, and the driver for its atheros chipset has some flaws that forces me to reboot every once in a while. (

However I have a Desktop which has a wireless device installed and working rt2500 with official 2.6.25 rt2x00 drivers
This Desktop also has at the moment an (unused) ethernet interface.
So I had thought about something that looked like that

NAT-Wifi-dhcp-Gateway <----- WiFi ------> wlan0 (rt2500-pci) - Desktop-eth0 ------->ethernet <---- MacBook

In order for it to be completely transparent for the macbook user, I thought that the best thing would be to setup a bridge between wlan0 and eth0. I tried to use the debian bridging tools (bridge-utils package) in order to do that
# brctl addbr br0
# brctl addif br0 wlan0
# brctl addif br0 eth1

Then I got my bridge up using my dhcpserver
# dhclient br0

And it worked, got a lease from dhcp server. 8)
But actually, I could not ping anything anymore and I could not get a lease from the dhcp server from the Macbook (

So I googled a little bit and found this[/url5a7gvesj], which states
It doesn't work with my Wireless card!
This is a known problem, and it is not caused by the bridge code. Many wireless cards don't allow spoofing of the source address. It is a firmware restriction with some chipsets. You might find some information in the bridge mailing list archives to help. Has anyone found a way to get around Wavelan not allowing anything but its own MAC address? (answer by Michael Renzmann (mrenzmann at compulan.de))

So my question is "Did I mess up with my bridge configuration, or is rt2500 chipset (or rt2500pci driver) completely unable to perform mac-Adress spoofing and I should use iptables in order to configure a classical router? "


08-05-2008 18:49:44

I don't think you can do that in a plain Managed network.
When you associate with your AP you associate with the MAC address of your desktop. When your desktop bridges a MacBook frame to the wlan0 interface, it has to spoof the source address. Even if wlan0 allowed the spoofed address to go through, your AP would reject that spoofed MAC because that MAC never associated with it.

You would probably need WDS support on both sides for it to work. That way you could send the frame with both MAC addresses. I have no idea if mac80211 supports that.


09-05-2008 21:36:59

Ok thank you a lot for the explanations. I think I'll give up with the briding idea for now and will setup a classic router (standard or NAT, I am not sure).