Bridged wifi Access for kvm vm's

Message

Elleni · Post by **Elleni** » Fri Dec 20, 2024 10:06 am

Hi All,

I am testing debian based ProxMox as Hypervisor and its looking quite promising. Our company has a requirement, that the vms use bridget network and no nat. That works fine with wired nic connection - particularly because with the following entry in the network settings, it enables usint eap-tls certificates to distinguish in which vlans the vms are routed.

Code: Select all

post-up echo 8 > /sys/class/net/vmbr0/bridge/group_fwd_mask

My goal is to successfully establish networking through a bridge for the vms which is connected to the wifi nic of the host; in proxmox forum they told me that it is possible, but difficult as the problem is, the vm sends packets through the bridge but the access point, did not negotiate its ssid and password with the vm but only with the host, thus the vm is an unknown entity and those packets will probably be rejected.

They also mentioned it should be possible anyway but is rather complicated. a) by connman or b) by rewriting the packages so that they seem to come from the host.

Can anyone point me to the right direction on to how this could be achieved? (Either way - via connman or via rewriting packets)

alamahant · Post by **alamahant** » Sat Dec 21, 2024 4:17 pm

You can try with NetworkManager.

Code: Select all

nmcli con add ifname br0 type bridge con-name br0
nmcli con add type bridge-slave ifname wlan0 master br0
nmcli con mod br0 ipv4.address <ip/cidr> ipv4.gateway <router-ip> ipv4.dns  <preferred dns> ipv4.method.manual

Maybe NM can bridge wifi.just check it out.

Elleni · Post by **Elleni** » Thu Dec 26, 2024 7:48 pm

I tried but somehow the last line didnt work, so I left away the . between ipv4.method and manual.

It looked like this afterwards:

Code: Select all

ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute 
       valid_lft forever preferred_lft forever
2: wlp0s20f3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 18:cc:18:84:75:4c brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.187/24 brd 192.168.0.255 scope global dynamic noprefixroute wlp0s20f3
       valid_lft 86167sec preferred_lft 86167sec
    inet6 fe80::1acc:18ff:fe84:754c/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: vmbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
    link/ether 0a:ec:01:60:40:97 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::8ec:1ff:fe60:4097/64 scope link 
       valid_lft forever preferred_lft forever
5: vmbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether f2:37:74:d6:bb:84 brd ff:ff:ff:ff:ff:ff

But the problem in principle is that proxmox expects networkconfiguration without NetworkManager but configured in:

/etc/network/interfaces

I think I might have found something, but didnt try it out yet. Maybe they meant something like this:
https://wiki.debian.org/BridgeNetworkCo ... reless_NIC