2

I have a local network setup as shown in the picture below Local network

The bridge has a static IP set to 10.245.245.253/30. My Android device has an IP set to 172.17.2.200 via DHCP. If I change the interface IP settings to 10.245.245.254/30 it works.

But I want to have the DHCP IP settings but just add a secondary IP address, or route to the interface, so I can access the network and access my bridge at the same time.

I've tried this command, but it still doesn't work.

ip addr add 10.245.245.254/30 dev wlan0

This is my configuration.

130|shell@msm8916_64:/ # busybox ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop
    link/ether 76:0d:fc:b7:9d:4f brd ff:ff:ff:ff:ff:ff
3: sit0: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0
4: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq qlen 1000
    link/ether 00:0a:f5:80:c2:50 brd ff:ff:ff:ff:ff:ff
    inet 172.17.2.245/24 brd 172.17.2.255 scope global wlan0
       valid_lft forever preferred_lft forever
    inet 10.245.245.254/30 scope global wlan0
       valid_lft forever preferred_lft forever
    inet6 fe80::20a:f5ff:fe80:c250/64 scope link
       valid_lft forever preferred_lft forever
5: p2p0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq qlen 1000
    link/ether 02:0a:f5:80:c2:50 brd ff:ff:ff:ff:ff:ff

shell@msm8916_64:/ # busybox ip route show
10.245.245.252/30 dev wlan0  src 10.245.245.254
172.17.2.0/24 dev wlan0  src 172.17.2.245  metric 304

shell@msm8916_64:/ # busybox traceroute 10.245.245.253
traceroute to 10.245.245.253 (10.245.245.253), 30 hops max, 38 byte packets
 1  172.17.2.1 (172.17.2.1)  12.263 ms  2.305 ms  2.102 ms

I can ping my own IP:

130|shell@msm8916_64:/ # ping 10.245.245.254
PING 10.245.245.254 (10.245.245.254) 56(84) bytes of data.
64 bytes from 10.245.245.254: icmp_seq=1 ttl=64 time=0.775 ms
64 bytes from 10.245.245.254: icmp_seq=2 ttl=64 time=0.201 ms

Any ideas?

EDIT 1: To clarify the big picture. The wireless bridge is the device I am developing. It will be a device that when you plug an ethernet cable in will provide wireless access to the network. I do not know anything about that network. This is why I disabled DHCP client on my wireless bridge, because I cannot be certain that the network I attach it to will have a working DHCP server.

I still want to have an IP address set to the wireless bridge because of the firmware updates. This is why I opted for an IP address that has a very small chance of colliding with anything out there.

On my Android device I want to have a working internet connection and access to my bridge at the same time. This is why I want to add a this static route.

Some more details on my configuration

shell@msm8916_64:/ $ busybox ip route get 10.245.245.253
10.245.245.253 via 172.17.2.1 dev wlan0  src 172.17.2.245

And some more

1|shell@msm8916_64:/ $ busybox ip rule
0:      from all lookup local
10000:  from all fwmark 0xc0000 lookup 99
13000:  from all fwmark 0x10063 lookup 97
13000:  from all fwmark 0x10069 lookup 236
14000:  from all lookup 236
15000:  from all lookup 99
16000:  from all lookup 98
17000:  from all lookup 97
19000:  from all fwmark 0x69 lookup 236
22000:  from all lookup 236
23000:  from all lookup main
32000:  from all unreachable

And some more:

shell@msm8916_64:/ # ip route list table main
10.245.245.252/30 dev wlan0  proto kernel  scope link  src 10.245.245.254
172.17.2.0/24 dev wlan0  proto kernel  scope link  src 172.17.2.245  metric 304

shell@msm8916_64:/ # ip route list table local
broadcast 10.245.245.252 dev wlan0  proto kernel  scope link  src 10.245.245.254
local 10.245.245.254 dev wlan0  proto kernel  scope host  src 10.245.245.254
broadcast 10.245.245.255 dev wlan0  proto kernel  scope link  src 10.245.245.254
broadcast 127.0.0.0 dev lo  proto kernel  scope link  src 127.0.0.1
local 127.0.0.0/8 dev lo  proto kernel  scope host  src 127.0.0.1
local 127.0.0.1 dev lo  proto kernel  scope host  src 127.0.0.1
broadcast 127.255.255.255 dev lo  proto kernel  scope link  src 127.0.0.1
broadcast 172.17.2.0 dev wlan0  proto kernel  scope link  src 172.17.2.245
local 172.17.2.245 dev wlan0  proto kernel  scope host  src 172.17.2.245
broadcast 172.17.2.255 dev wlan0  proto kernel  scope link  src 172.17.2.245

1|shell@msm8916_64:/ # iptables -t main -n -L
iptables v1.4.20: can't initialize iptables table `main': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
Improve this question
12
  • 1
    You used commands to just show your network configuration. Why did you expect that it would help in any way? I'm not sure what are you trying to achieve Commented Sep 20, 2017 at 8:59
  • Sorry the wording is confusing. The first code snippet shows command that I have tried. The second code snippet shows the current configuration. The third code snippet shows i can ping my ip in that subnet. What I am trying to achieve is ping the bridge at 10.245.245.253. But as you can see with the traceroute command it doesnt work Commented Sep 20, 2017 at 10:15
  • meta.stackexchange.com/questions/66377/what-is-the-xy-problem Commented Sep 20, 2017 at 10:35
  • 1
    You have a second IP address. Look at wlan0. Your problem isn't the IP address. Have you connected to the bridge in any way previously? Are you sure wireless works on your device? Commented Sep 20, 2017 at 10:40
  • 1
    And guys: the question is completely clear. I really don't understand the close votes. Commented Sep 20, 2017 at 16:05

1 Answer 1

Reset to default
0

You have a rather complicated routing setup there, with four additional routing tables and extra routing rules for marks set by the firewall. This is almost certainly the problem. So look at the exta tables (ip route list table 99 etc.), look at the firewall rules (iptables -t table_name -n -L for all table_name), then figure out what is going on.

Edit

Routing tables and firewall tables (iptables) are completely different, so iptables -t main -n -L makes no sense because main is a routing table, not a firewall table.

Please edit question with output of ip route list table 97, ip route list table 98 etc. including 99 and 236. Also with output of iptables -t filter -n -L, iptables -t nat -n -L etc. including mangle, raw and any other table that may be mentioned in the rules. If the output is too long, put all in a pastebin and link to it.

There are plenty of tutorials on the web for iptables and policy routing if you want to do some reading. But even if we figure out what prevents the second address from becoming the source address, the more difficult task is to figure out why all these rules are there, what the person making these rules wanted to achieve, and how we can change the rules to make the second address work without breaking other stuff.

So if you are happy with the answer "because some sort of firewall rules prevent it", we can also leave it at that. :-)

Improve this answer
2
  • Thank you for your response and I think you are right. But this routing policy is a little bit over my head. I am using command ip route list table <table name> and all are empty excpet local and main. I've included them in the question. Iptables tells me that the tables do not exist. Commented Sep 21, 2017 at 10:35
  • I will check the output of iptables commands, but conc erning the ip route list <table> all are empty except for the main and local which i included in the question Commented Sep 21, 2017 at 17:39

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.