Wifi Ueber-Geek Question Result

Back in mid September I reported on using my Linksys WRT54 Access Point in "Access Point Client Mode" to create a wireless link to another access point for a number of notebooks which are connected via Ethernet to the Linksys. The traces which I took on the Linksys and on the notebooks indicated that the Linksys replaces the MAC addresses of the notebooks with its own before it sends the packets over the wireless link. Equally it replaced its own MAC address in incoming packets with the MAC address of the real recipient. This is neither layer 2 bridging nor layer 3 IP switching but something in between. I couldn’t quite believe it.

Arp
In the meantime thanks to the suggestions I received I made some further tests and I can now confirm that the Linksys really does replace the MAC addresses. Take a look on the picture on the left which shows the ARP table of a PC connected wirelessly to the real access point. The notebooks connected to the Linksys Client AP both have the same MAC address. The MAC address is that of the access point! Quite sophisticated! (Note: All devices in the network are in the same IP subnet)

I am not sure how this feature should be called. It’s not really ‘Layer 3 switching’ which is already a highly overloaded term anyway. I’d prefer the term ‘MAC masquerading’ although the term is also already used for something else as well.

Thanks to all who sent their comments and suggestions!

4 thoughts on “Wifi Ueber-Geek Question Result”

  1. I was just going to say that this is just proxy arp.

    Proxy arp is a great way introduce gremlins into a network though. Usually DHCP will not work through such a configuration. Also if you get duplicate IP addresses on either side of the proxy-arp ‘pseudo bridge’ it becomes very difficult to isolate the issue.

  2. Hello Nicolas,

    Thanks for the feedback. With my setup, DHCP works through the proxy arp. That’s what has puzzled me in the first place since the wireless link only knows the MAC address of the client access point while the DHCP server on the other end knows the real MAC address of the notebook. I made a trace of the DHCP exchange and found the answer to that as well. The MAC address of the notebook is actually twice in a packet: Once on layer two where it gets changed by the client access point and once on the DHCP application layer (where it is not replaced).

    Cheers,
    Martin

Comments are closed.