Page 1 of 1

SOLVED: Ubuntu - local bridge to interface eth0 ...

Posted: Wed Oct 10, 2018 1:28 pm
by sky59
Has anybody ever tried local bridging in Ubuntu?

I get cascade connection to server (site-to-site) but it is not working. Other devices work well (A5V11, OrangePiZero)

I read somewhere that physical interface must be able to work in promiscuite mode. Is there any was to check this?

I have local bridge to VPN, or BRIDGE virtual hub, but it does not work. Is there any way how to diagnose the system?
(as i said earlier, I get cascade connection correctly bethween VPN and BRIDGE so it is sure it is local bridge problem)

Re: Ubuntu - local bridge to interface eth0 ...

Posted: Wed Oct 10, 2018 1:52 pm
by cmd wh0ami
I think I know how to set up what your trying to do, although your not exactly clear...

Are you running the SE Server software on Ubuntu?

What interface on Ubuntu are you bridging to? If it's eth0 or wlan0 it should just work out of the box. Your router will do the DHCP server function, but you have to disable SecureNAT in Virtual Hub>Virtual NAT & Virtual DHCP Server (SecureNAT)...

If you don't have an interface you can bridge to and have to create a TAP_INTERFACE your going to need to enable forwarding in sysctl.conf, install, enable, and program dnsmasq for a dhcp server, and use iptables NAT.

Drop by the discord server, there is an invite in my signature. We can talk in real time in chat.

Re: Ubuntu - local bridge to interface eth0 ...

Posted: Wed Oct 10, 2018 5:36 pm
by sky59
Yes i run SE on ubuntu pc, one is server, other is bridge.
Reason is, bridge pc is in our industrial cabinet, it has got eth0 connected to internet, eth1 is to our cabinet internal network 10.52.254.xx

One of the devices is siemens PLC. So i need site-to-site version. It is already working on orangepizero and a5v11 micro router.

Now i want to use already existing pc with ubuntu.

I think that forwarding is missing, ih openwrt i simply clicked it in LUCI.

Can you please hit me how to enable forwarding?

Re: Ubuntu - local bridge to interface eth0 ...

Posted: Wed Oct 10, 2018 6:15 pm
by cmd wh0ami
In /etc/sysctl.conf add code below or, if it's already in the file, enable ipv4 forwarding by changing to 1....

Code: Select all

# For binary values, 0 is disabled, 1 is enabled.
# To save changes run command  sysctl -p
# For more information, see sysctl.conf(5) and sysctl.d(5).

# Controls IP packet forwarding
net.ipv4.ip_forward = 1
load changes by

Code: Select all

sysctl -p
Without being able to chat in real time, it's hard for me to understand what you are trying to do with the Ubuntu PC... If your bridged to eth0 on the Ubuntu PC running the server software you shouldn't need to do any forwarding... The forwarding only needs to be used to forward from eth0 to tap_interface if your were bridged to tap_interface. You would also need to use iptables nat

Code: Select all

# NAT using Local Bridge
# 192.168.30.0/24 = Local Bridge & SoftEther VPN Clients (dnsmasq)
# 192.168.0.12 = SoftEther VPN Server's network interface (Local IP if behind NAT or Public IP of VPS)
iptables -t nat -A POSTROUTING -s 192.168.30.0/24 -j SNAT --to-source 192.168.0.12

Re: Ubuntu - local bridge to interface eth0 ...

Posted: Thu Oct 11, 2018 11:15 am
by sky59
I appretiate your offer for "online" solution but I do not see it feasible... I am under stress, and I am sure we will never find a time window suitable for both..

I made some more tests and I isolated clear visible "desription" of the problem, see attached screenshots

Configuration:

PC pinging remote device with device address 10.52.254.240, PC MAC is AC-......-64
|
1st working option: router A5V11 SE-BRIDGE ... connected with PC LAN-LAN , connected to internet
2nd non working Ubuntu SE-BRIDGE, ----------------------- // ................................
|
INTERNET
|
router A5V11 SE-SERVER, connected with LAN to device 10.52.254.240, connected to internet
|
device 10.52.254.240

As you can see on attached screen shots working configuration has got VLAN ID for all interfaces
With Ubuntu group of interfaces including pinging PC AC-.....-64 has not been granted any VLAN ID

In my opinion this is the problem but I do not know why it is like this? Definitely it is Ubuntu config problem

Re: Ubuntu - local bridge to interface eth0 ...

Posted: Thu Oct 18, 2018 8:05 am
by thisjun
Do you use the latest version of SoftEther VPN?

You can untag VLAN ID with the security policy of the cascade connection.

Re: SOLVED: Ubuntu - local bridge to interface eth0 ...

Posted: Thu Oct 18, 2018 12:19 pm
by sky59
Thnx all who followed...

I used for Ubuntu wifi connection using RTL8188EU usb stick - there is some problem with drivers (?) as everything seemed to work but data was not going through SoftEther. I got Online status on the bridge but as a whole it was not working.

The same wifi connection from OrangePi Zero works (onboard wifi) => it is Ubuntu/rtl8188 driver problem => it is not AP router problem
The same wifi connection from A5V11 works (onboard wifi) => it is Ubuntu/rtl8188 driver problem => it is not AP router problem

Then I replaced wifi connection with wired connection to THE SAME NETWORK (AP router with wifi) and everything works now!

Though it works now no VLAN IDs are shown, just "-". So this is not a must to have VLAN ID.

Re: SOLVED: Ubuntu - local bridge to interface eth0 ...

Posted: Thu Nov 01, 2018 7:23 am
by thisjun
Promiscuous mode doesn't be allowed with most of Wifi device in Windows for security reason