[systemd-devel] Bridging a wifi access point?

Mantas Mikulėnas grawity at gmail.com
Mon Apr 14 15:36:09 UTC 2025 

On Mon, Apr 14, 2025, 17:03 Hadmut Danisch <hadmut at danisch.de> wrote:

> Hi,
>
> a technical question:
>
>
> I'd like to build a router on a machine with four ethernet and one wlan
> adapter,  using Ubuntu 24.04 server, coming with 255.4-1ubuntu8.6.  I need
> to build a bridge with two of the ethernets and the wlan as an accesspoint,
> making use of as much default software as possible, i.e.  systemd,
> networkd, netplan.
>
>
> Problem:
>
> It's easy to configure the wlan adapter as a client and put it in a
> bridge, but not as an access point.
>
I don't remember seeing client-mode wlan interfaces working as bridge
members on regular Linux kernel. Did that change recently?



>
> First attempt, straight forward, /etc/netplan/60-bridge-lan.yaml
>
> network:
>   version: 2
>   renderer: networkd
>
>   ethernets:
>     enp4s0:
>       dhcp4: no
>     enp5s0:
>       dhcp4: no
>
>   wifis:
>     wlp1s0:
>       dhcp4: no
>       access-points:
>         "hurra":
>            mode:  ap
>            password: something
>
>
>   bridges:
>     lan:
>       dhcp4: no
>       addresses:
>         - "192.168.122.1/24"
>         - "fdfc:1234:5678:1234::1/24"
>       interfaces:
>         - enp4s0
>         - enp5s0
>         - wlp1s0
>
>
> doesn't work:
>
> ERROR: wlp1s0: hurra: networkd does not support this wifi mode
>
>
As far as I know, the Linux kernel doesn't have a built-in implementation
of WPA, and neither does networkd, so the only kind of AP that would be
*technically possible* to configure this way would be the extremely
obsolete WEP (i.e. static-keyed) – or of course a fully open network.

This means that hostapd is effectively required in order to host an AP.
(There are alternatives, I *think* iwd has support for being an AP, but
hostapd is what you'll find in various off-the-shelf APs even.)

For the same reason you can't manually set "ap" mode through the `iw`
command either (technically you can, using the secret "__ap" keyword, but
it won't do anything above WEP when configured that way).

>
>
>
>
>
> Second attempt, doing as many websites propose, running the wlan with hostapd and using it as a regular ethernet, i.e. removing the wifis section and using instead
>
>   ethernets:
>     enp4s0:
>       dhcp4: no
>     enp5s0:
>       dhcp4: no
>     wlp1s0:
>       dhcp4: no
>
> doesn't work either. Error message
>
> 2025-04-11T14:11:29.023613+00:00 mini20 systemd-networkd[1281]: wlp1s0:
> Failed to set master interface: Device does not allow enslaving to a
> bridge. Operation not supported
>
>
> which is clearly wrong, since a manual
>
> brctl addif lan wlp1s0
>
> works properly
>
> These happen at different times, and it sounds like the interface is in
different modes between the two commands. The same wlan interface can be
bridged when it's in AP mode or in station+4addr mode, but cannot be
bridged when it's in client mode.

Let hostapd put the device in the bridge after it has switched it to AP
mode; it has a dedicated option for that.


>
>
>
> Third attempt, not configuring the wifi with netplan at all, just listing it as a bridge interface, results in
>
> # networkctl
> IDX LINK   TYPE     OPERATIONAL SETUP
>   1 lo     loopback carrier     unmanaged
>   2 enp3s0 ether    routable    configured
>   3 enp4s0 ether    enslaved    configured
>   4 enp5s0 ether    no-carrier  configured
>   5 enp6s0 ether    off         unmanaged
>   6 wlp1s0 wlan     degraded    unmanaged
>   7 lan    bridge   routable    configured
>
>
That doesn't sound like an issue. If I remember correctly, older networkd
displayed 'degraded' for externally bridged interfaces, but newer versions
don't?

Either way, if the ports are bridged, they *definitely* don't need any
IP-level configuration, so even if networkd thinks the interface is
'degraded' that is fine for a bridge port.

>
>
>
> man pages  systemd.netdev and systemd.network don't help either.
>
>
>
>
>
>
> So my question is:
>
>
> What is the correct and supposed way to build a bridge interface with ethernets and a wifi access point with systemd and networkd?
>
>
>
>
> Thank you and best regards
> Hadmut
>
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20250414/fdf144e4/attachment-0001.htm>

More information about the systemd-devel mailing list