Get the top HN stories in your inbox every day.
dasl
PragmaticPulp
> * median ping was 2.4% higher on the bridged pi
Pings are best compared in absolute terms as the latency of the Pi would be additive, not multiplicative.
I looked at your results and the Pi appears to add 0.6ms, which is indeed very negligible!
Thanks for sharing detailed results
KingMachiavelli
Even download & upload should be posted as bride/no-bridge speeds. Assuming they meant internet upload/download then it makes a big difference if you are testing using a 50Mbps internet connection or 500Mbps.
I'd be very curious of the Wifi & Ethernet can both operate at link saturation speeds so 1Gbit on the Ethernet. While the 4B has AC WiFi, just quick search shows it can only hit ~120Mbps with maybe 200Mbps maybe being achievable with some tweaks. At best it can do 480Mbps.
Considering the 4B costs ~$80, you would be better off buying a dedicated bridge. I think any Ubiquity AP can be used as a bridge for example. An old router would also work. I have a hard time thinking of a situation where you would want a 1-many bridge but don't need decent bandwidth. i.e most situations where minimal throughput is OK means you probably only need 1 raspberry pi for the task anyway.
Still it's a pretty decent project and good intro to networking.
neilv
You can also do this with an old OpenWrt router, which also gets you a management interface and a gigabit Ethernet switch as part of the plastic box.
I used to have such a bridge (OpenWrt on Netgear WNDR3800 hardware) Velcro'd to the underside of a TV cart, so that an appliance on the cart that only had Ethernet and 2.4 GHz WiFi built-in could do a more reliable 5 GHz across the room.
aurelian15
I agree that this is a much better option. Also, if you use two OpenWrt devices, you can enable WDS mode to build a true layer 2 bridge. That is, you won't need Proxy ARP and DHCP relay. For example, DHCP and IPv6 will just work out of the box.
Edit: From what I can tell, support for WDS depends on the WiFi chipset. "iw list" must explicitly include "WDS" as a "supported interface mode". At least the Broadcom chipset on the Raspberry Pi Zero does not support this, but, for example, the Atheros chipsets used in a variety of routers do.
mobilio
I'm bridging for an IPTV box now TP-Link Archer C20i that cots me $10.
It also make 2nd AP connected wireless to first one for extending WiFi coverage. Not a perfect setup but works few months without issues.
cuu508
DD-WRT also supports this (wifi mode: "client")
tyingq
And probably also a much better antenna.
CogitoCogito
I might as well just dump this question in this thread:
Would this be easy to combine with openvpn? Basically what I'd like is to hook (say) my Apple TV into my pi by ethernet and then use the pi's wifi to connect to my router. Finally I'd like to be able to connect the pi to a VPN and have the Apple TV transparently use that connection. Is this straight-forward to achieve?
pmccarren
Yep, rather straight-forward. Little bit of iptables forwarding and you're all set:
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT
iptables -A FORWARD -i wlan0 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
refs: [0]https://www.wireguard.com/
archontes
May I ask where I might start learning things like this?
giobox
The tutorials provided by VPS providers like Digital Ocean are a pretty good way to learn how to setup a VPN or any other common webservice yourself. They have a pretty well maintained library:
https://www.digitalocean.com/community/tutorials/how-to-crea...
etc. I'd also second a recommendation of wireguard over OpenVPN - it's far simpler to configure too.
hatware
Stand up a few useful services around the home and harden them. Stuff like Plex/Emby, Paperless-ng, *arr's, etc. Self hosting is addicting and one of the best teachers.
CogitoCogito
Great thanks for the info!
sohei
Yes, but a better approach would be to enable forwarding on the pi and using the pi as a gateway.
Performance is probably the only reason you'd favor bridging over routing. A segmented network is a safer network.
deeblering4
Some routers support acting as a transparent vpn client as well, particularly those with open linux firmwares.
godelski
Has anyone tried this and successfully blocked ads from services like YouTube and Hulu? uBlock works on my computer but I've always had a hard time with pihole. It'll work for like a day then go back to serving ads.
vorpalhex
Make sure nothing is changing your DNS. You may need to set your router to push the pihole as your DNS and tell any programs to use system DNS.
godelski
I've checked that my router continues to point to the pihole (no fallbacks, though I've tried with fallbacks and no difference). I also setup the pihole with cloudflare. I'm just always confused because it seems like some people have absolutely no problem and there's others in my camp and the former just stop after "just follow the directions." I even remember the LTT video mentioned this specific problem.
puzzlingcaptcha
Ah yes, network configuration by way of executing a random bash script from a blog. With tasty morsels like:
># I have to admit, I do not understand ARP and IP forwarding enough to explain exactly what is happening here.
geerlingguy
I mean, the number of people on this site who could intelligently explain ARP and IP forwarding in detail is probably 10x higher than in the general population—and that percentage here is probably in the low single digits.
tomjakubowski
I think you mean the proportion is higher here, unless you mean that >90% of people who could intelligently explain ARP and IP forwarding are HN posters.
icedchai
Yes, I read it and found the overall approach a bit strange. I wondered why they weren't just using a normal bridge interface, like https://unix.stackexchange.com/questions/363332/how-do-i-con...
OJFord
Yeah, I don't like the style of this 'first, download this script; then, execute it'.. and it creates/overwrites files.
Why not tell me to create the necessary files, with some article content around what we're doing and why?
As an article this doesn't seem to offer anything more than a suggestively named GitHub repository with a small readme.
geerlingguy
This can also be set up graphically using OpenWRT (which is a lighter-weight OS if you just want to do some networking and not use the Pi for anything else.
I should note that while the onboard WiFi is 802.11ac, I've never seen it get more than 60-70 Mbps in my own testing (in a variety of network environments), so if you want more speed, you might want to get an old n or ac router and flash it with OpenWRT instead.
mths
What operating frequency did you use? I got the RPi4 mentioned in the article and I run OpenWrt on it as my home router. I got it configured to AC mode, 40 MHz width, and I easily hit 100Mbps.
I live in an apartment though, I wouldn't trust it to cover much of a house. Also it's struggling with keeping 10+ devices connected. But speed is not bad! I prefer it over the retail routers I got hooked up as access points.
dasl
Yes, those speeds are roughly consistent with what I got in my speed tests here :)
You (and others in these comments) have suggested using OpenWRT as an alternative. I suppose one advantage of the approach outlined in the submitted article is that you can still use the pi for other tasks using the normal raspberry pi OS, instead of installing the OpenWRT OS.
xiii1408
Yeah, this. I've used Ethernet bridge on old Netgear 802.11n routers, and it's quite fast.
ThatPlayer
I've thought of doing something similar, but exposing it as a USB-Ethernet adapter instead. The Pi 4 (and Pi Zero W) support USB OTG. It looks simple enough with a single command with Linux USB gadget to create the network interface usb0.
Then you can do power and data over the single USB port.
manuel_w
I used an Intel NUC running Debian Stretch as wireless access point for month. All I had to do was to assign all the interface (the internal ethernet one, an USB-ethernet adapter, and hostapd, the access point daemon) to the same network bridge `br0`. That's all. Even hotplugging the usb-ethernet adapter worked fine.
For those curious, find the `/etc/network/interfaces` and `/etc/hostapd.conf` here: (Grep for `br0` in both)
* https://gitlab.com/manuel_wagesreither/debian-image-creator/-/blob/master/src/files/interfaces
* https://gitlab.com/manuel_wagesreither/debian-image-creator/-/blob/master/src/files/hostapd.conf
Can anyone elaborate on why the authors way of implementation is superior to that? He/she's using `parprouted` and `dhcp-helper`.
From the parprouted man page:
> parprouted is a daemon for transparent IP (Layer 3) proxy ARP bridging. Unlike standard bridging, proxy ARP bridging allows to bridge Ethernet networks behind wireless nodes. Normal L2 bridging does not work between wireless nodes because wireless does not know about MAC addresses used in the wired Ethernet networks. Also this daemon is useful for making transparent firewalls.
When wireless nodes don't know about mac addresses, why is my wireless interface on `ip a` showing a mac address then?
mjg59
On wired ethernet, a packet contains the MAC address of the destination host. Switches across the network keep track of which port a given MAC address is associated with and forward it appropriately. Wifi doesn't have the same concept - the only destination MAC address in a standard 802.11 packet is that of the destination Wifi station. So, if you have a device on Wifi with several wired devices behind it, and you want to send a packet to one of those wired devices, you can't stick the wired device's MAC address in there - it needs to be the address of the one with Wifi. So how does that Wifi node know which wired device to forward the packet to?
(This is avoided with WDS, but that requires the AP to cooperate)
serendipitous
The 802.11 header has 4 MAC addresses: Source Address (SA), Destination Address (DA), Transmitter Address (TA), Receiver Address (RA). The TA and RA are those of the Wifi station and SA and DA are the Ethernet addresses. This allows bridging Ethernet and Wifi interfaces and it is how many (most?) Linux-based Wifi routers work.
mjg59
Yes, if you're using WDS, otherwise you only have three addresses used. Since you need the transmitting device to populate the DA, you can't just turn on bridging on a client and have everything work - you need both ends of the link to be involved.
lxgr
Is this a "true" bridge (i.e. every Ethernet segment coming in on one end is transformed into an appropriate 802.11 frame and vice versa)? If not, is that possible using an RPi?
rkeene2
Not every IEEE 802.1 Ethernet frame can be converted to an IEEE 802.11 WiFi frame. To do that you would need some type of tunnel to the Ethernet fabric.
icedchai
No tunnel is needed. Just use a bridge interface.
rkeene2
Since not all IEEE 802.1 Ethernet frames can be converted to IEEE 802.11 frames using the Linux bridging infrastructure isn't sufficient (even though it can do fancy things like bridge non-Ethernet and Ethernet interfaces; Like bridging PPP interfaces and IEEE 802.1 Interfaces). You genuinely need a tunnel if you want support all Ethernet functionality.
musicale
It seems like making an ethernet bridge shouldn't be hard; off the top of my head, if we wanted to bridge eth1 to wlan1 it would be something like:
brctl addbr br0
brctl addif br0 eth1
brctl addif br0 wlan1
ip link set br0 up
I frequently use RPi as a programmable soft switch, plugging in four USB-ethernet dongles. On my Pi it splits the USB bandwidth, but it's still very useful.
colonelxc
I wondered too, and found this from the debian docs: https://wiki.debian.org/BridgeNetworkConnectionsProxyArp
TL;DR: Some routers don't like it, so layer 3 might work better
belval
This is fun! I wanted to do something similar but ended up buying two TP-Link AC routers with WDS for ~100$. Setup was simple and I get the full 400Mbps download speed from the paired router (the one that isn't connected to WAN).
bredren
I used an old Airport Extreme I had sitting around to set up a bridge network recently. In doing so I realized those routers can become Time Machine devices simply by plugging a HD into the back USB port.
api
This should work with ZeroTier's Ethernet bridging capability. You could have a WiFi network that bridged right into a virtual Ethernet network that spanned sites.
Get the top HN stories in your inbox every day.
A couple of months ago, another setup for a wifi to ethernet bridge was posted here: https://news.ycombinator.com/item?id=26940521
I like Will Haley's setup better though, because it keeps everything in the same subnet.
The slowdown from the bridge is negligible, in my experience. After running 10 trials, I found that:
* median ping was 2.4% higher on the bridged pi
* median download speed was 3.6% slower on the bridged pi
* median upload speed was 0.1% slower on the bridged pi
More details about my setup and how I performed this speedtest: https://github.com/dasl-/pitools/tree/main/wifi-ethernet-bri...