Zero3W WiFi aic8800_fdrv-Does supoort forward traffic from virtual wlan0.1 to wlan0.2?

lesiehzcn · August 29, 2024, 4:14am

My goal is using create 1 Ap (wlan0.1)& 1 Station(wlan0.2) at the same time, and forword the traffic from wlan0.1 to wlan0.2 , from iw list ,
Supported interface modes:
* managed
* AP
* AP/VLAN
* monitor
* mesh point
* P2P-client
* P2P-GO
* P2P-device
valid interface combinations:
* #{ managed, mesh point } <= 1, #{ AP } <= 1, #{ P2P-client, P2P-GO } <= 1, #{ P2P-device } <= 1,
total <= 4, #channels <= 3
seems support such combinations, ,i want to know if aic8800 support using iptables to do
sudo iptables -t nat -A POSTROUTING -s 192.168.50.0/24 -o wlan0.2 -j MASQUERADE
mysetup is
wlan0.1 as AP mode, static ip addrss 192.168.50.1,
wlan0.2 as client ,connet to other ssid which can access to the internet , i want to client connect to wlan0.1 as can access internet

RadxaYuntian · August 29, 2024, 8:32am

It would be possible as long as you set your ZERO 3W as a router: separate sub net, providing DHCP & DNS, etc.

Wi-Fi hardware will block other devices if you just bridge it with another interface, unless both ends enable WDS.

lesiehzcn · August 29, 2024, 9:50am

--------ip addr show for wlan0.1 (ap-static ip 192.168.50.1)------
------- wlan0.2(client which can access to internet -------
‘’’’
radxa@radxa-zero3:~$ ip addr show wlan0.1
7: wlan0.1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 98:03:cf:d2:26:4d brd ff:ff:ff:ff:ff:ff
inet 192.168.50.1/24 brd 192.168.50.255 scope global noprefixroute wlan0.1
valid_lft forever preferred_lft forever
inet 169.254.181.61/16 brd 169.254.255.255 scope global noprefixroute wlan0.1

radxa@radxa-zero3:~$ ip addr show wlan0.2
8: wlan0.2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 98:03:cf:d2:26:4e brd ff:ff:ff:ff:ff:ff
inet 192.168.5.106/24 brd 192.168.5.255 scope global dynamic noprefixroute wlan0.2
valid_lft 40689sec preferred_lft 40689sec
inet 192.168.5.110/24 brd 192.168.5.255 scope global secondary dynamic noprefixroute wlan0.2
valid_lft 40697sec preferred_lft 35297sec
‘’’’

i have one ethernet port ( usb NIC through usb3.0 host ,use udev rule rename it to rad2-aslo can access internet) –
below works fine, - phone conect to wlan0.1 - then can access to internet through rad2

--------------- iptables commands for traffic from wlan0.1 to rad2 this works-------------------
radxa@radxa-zero3:~$ sudo iptables -t nat -A POSTROUTING -s 192.168.50.0/24 -o rad2 -j MASQUERADE
radxa@radxa-zero3:~$ sudo iptables -t nat -L -v -n
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
2 144 MASQUERADE 0 – * rad2 192.168.50.0/24 0.0.0.0/0

remove above rule,change it to (wlan0.2 can also access internet)
below not work, phone only can ping 192.168.50.*, the traffic can not forward to wlan0.2,
is this right behavior of the specified aic8800 wireless card, or some wireless card can support this mode( one wlan virtual interface as AP,the other one as station/client mode, and forward the traffic between those 2 virtual interfaces)

--------------- iptables commands for traffic from wlan0.1 to wlan0.2 this does’n work -------------------
radxa@radxa-zero3:~$ sudo iptables -t nat -A POSTROUTING -s 192.168.50.0/24 -o wlan0.2 -j MASQUERADE
radxa@radxa-zero3:~$ sudo route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.5.1 0.0.0.0 UG 1005 0 0 rad2
0.0.0.0 192.168.5.1 0.0.0.0 UG 3008 0 0 wlan0.2
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 rad2
169.254.0.0 0.0.0.0 255.255.0.0 U 3007 0 0 wlan0.1
192.168.5.0 0.0.0.0 255.255.255.0 U 1005 0 0 rad2
192.168.5.0 0.0.0.0 255.255.255.0 U 3008 0 0 wlan0.2
192.168.50.0 0.0.0.0 255.255.255.0 U 600 0 0 wlan0.1

RadxaYuntian · August 29, 2024, 9:36am

Can’t read your message. You should use
```
code block
```
to quote your command output.