Hi Karl, The MAC headers in 802.3 Ethernet and 802.11 wireless frames are very different. Bridging them transparently isn't really possible within the 802.11 standard and either requires hacks with ARP or "extending" the standard. Of course extending 802.11 to allow fully transparent bridging is vendor specific. Mikrotik does a very good job of "it just works" between their devices and therefore it can surprise a lot of people when it doesn't with others. The common hack is to do a proxy ARP or MAC NAT style "solution". This involves the station telling everything on the AP side of it that every MAC address behind it is in fact on the station. Layer 2 broadcasts have lots of problems working with this and DHCP is likely to have issues dependant on the DHCP server, the AP and the station. If you route traffic as you've done all the layer 2 MAC address issues go away and you are just left with standard layer 3 NAT since your phone won't be able to add any extra routes for the network behind the station. It will work and work reliably. And of course these days IPv4 is commonly NAT'ed multiple times for any customer of a large ISP anyway. On a side note: Now if you ever want to see a network completely stop: setup a station in one of these cursed proxy ARP style configs and then plug it's ethernet interface back in to the network. It will now see every device on the network on it's ethernet interface and tell the network on it's wifi interface that every MAC address is reachable via it's WiFi interface. Every packet it sends out via ethernet will come back to it via WiFi and get sent out the ethernet interface to... STP won't help in this situation because the proxy arp is hiding the MAC addresses as they go through. Regards Andrew Radke On Monday, 18-03-2024 at 7:39 Karl Auer via Public wrote: On Sun, 2024-03-17 at 21:28 +1100, Karl Auer via Public wrote:
The bridged solution will probably work perfectly too. I'll let you know if it does.
It didn't. wireless mode station-pseudobridge-clone no dhcp-server, no dhcp-client wlan1 and LAN ports bridged wide open firewall filter no nat wireless is associated and running ... but a node connected to a LAN port does not get a DHCP address from the phone. With a working routed solution my interest in troubleshooting this has waned a bit, so I think I'll leave it at that for now. Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (kauer@nullarbor.com.au, he/him) work +61 2 64957435 http://www.nullarbor.com.au mobile +61 428 957160 Please feel free to deal with this email during your own working hours. _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au