Re: bridge or nat for multiple lan interfaces?
On Sun, Oct 15, 2006 at 07:15:58PM -0400, H.S. wrote:
> But while researching on google about wireless access points in linux,
> we discovered another option is to make a bridge. We are thinking this
> could be done by bridging the eth0 and ath0 and giving the bridge
> device, br0, an ip address that other lan computers may look for as a
> gateway (the same way they look to the router machine's eth0 as a
> gateway at present).
>
> So, that was the story. Now the question. What is the comparison between
> the two methods: using nat or making a bridge to share internet
> connection with wireless and wired computers. If somebody can discuss
> the ups and downs of nat v/s bridging approaches it would be great.
>
> One thing I am sure about. If we use nat, then the wireless lan
> network device will have different subnet. If we use bridging, the
> whole lan will share the same subnet.
>
I did something similar, network wise, when I had a laptop without a
NIC. I used as serial line as a PPP link between them. I used
shorewall on the server because it does such stuff easily. I didn't do
bridging because I figured the serial line is a different network, so
give it a different network number e.g. the laptop was 192.168.2.2 while
the workstation was 192.168.1.2. The server, ofcourse, had both since
its the NICs that have IP numbers, not machines. The laptop and
workstation used the server as default gateways and the server put stuff
where it belonged, there really wasn't anything to it.
So the question is, does having a different subnet matter in your
situation?
If your wired network is considered more trustworthy than the wireless
one, having them on different subnets may make any differences between
the firewall rules easier to configure.
Personally, I would only look at bridging if I knew I needed bridging.
Doug.
Reply to: