The Bridged Boy Mac OS

One method of bridging network interfaces 17 comments Create New Account
The Bridged Boy Mac OS

Functionality is limited when using AirPort, the Mac's wireless networking system, for bridged networking. Currently, Oracle VM VirtualBox supports only IPv4 and IPv6 over AirPort. For other protocols, such as IPX, you must choose a wired interface. The VirtualBox 'Bridged Adapter': First remove bridge1 in Terminal and use a 'Bridged Adapter' instead of vboxnet0 in your VM. Go to the Network settings of the respective VM - Adapter1 - attached to: and change the type from whatever it is now to 'Bridged Adapter' then choose your Wi-Fi interface. HoneyDrive is the premier honeypot Linux distro. It is a virtual appliance (OVA) with Xubuntu Desktop 12.04.4 LTS edition installed. It contains over 10 pre-installed and pre-configured honeypot so. 0 is a complete bridge playing program in which you and your computer partner bid against two computer opponents and then play out the hand.

Click here to return to the 'One method of bridging network interfaces' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.

Am I missing something with this hint? Isn't this what the 'Internet Sharing' feature (System Preferences->Sharing->Internet tab) is for?

Internet sharing only allows one direction access.
This allows communication in 2 directions.
Machine A -- Router -- (Internet and Machine B)
This setup allows machine A to talk to Machine B, and Machine B to talk to Machine A.
Internet sharing would only allow Machine A to talk to Machine B.
Unfortunately, you need to know the IP address of the target machine.. but otherwise this works well.
---
A completely SANE Canadian.

Not true.
This is exactly what Internet Sharing does. Its simply a router so communication is possible in both directions. I have the very same setup here in my house and it works like a charme.

As mentioned here, simply enabling Internet Sharing doesn't allow machines on the wifi network to access machines on the wired network, only machines on the wired network to connect to machines on wifi. I wanted both.
Internet Sharing is only part of the solution.
- Guillaume

Let's get Rob to change the title of this hint to 'One unnecessarily complicated method of bridging network interfaces.'

I'd be happy to hear it if you have a better solution so I can reach machines behind the mini's Internet Sharing from the 'Internet' (which is basically what I needed to do).
As mentioned here, simply enabling Internet Sharing doesn't allow machines on the wifi network to access machines on the wired network, only machines on the wired network to connect to machines on wifi. I wanted both.
Internet Sharing is only part of the solution.
- Guillaume

You have just set up your mac to be a router, NOT a bridge. A bridge operates at layer 2, not layer 3.
If you had set up a bridge, you would have created a virtual bridge interface and added both network adapters to it. The bridge interface would get a single IP address, and then anything connected to either interface could have an address from the same range, and would use the address of the bridge interface as their default gateway.
This way, broadcasts and multicast packets (such as the Redezvous protocol) would be able to be seen by all machines on both interfaces. In addition, a bridge will participate in Spanning Tree if you have multiple switches in your environment. A common use of bridging on hosts is configuring redundant interfaces to connect to multiple switches, in case a switch or a network link goes down.
Bridging is an actual networking term, and what you have set up has nothing to do with bridging.

Doesn't Rob check these hints before publishing them? Or does Mac OS X need a knowledgeable technical editor to filter out the non-hints? As has already been pointed out, there is already a one-click solution built into the Sharing panel of the System Preferences.

As mentioned here, simply enabling Internet Sharing doesn't allow machines on the wifi network to access machines on the wired network, only machines on the wired network to connect to machines on wifi. I wanted both.
Internet Sharing is only part of the solution.
- Guillaume

You have over-complicated your network, and as a result you are proposing adding even more complications :-)
You have 2 routers, with 2 separate but probably colliding address spaces.
What you need to do is disable router functionality on one of the boxes (either wired or wireless), and slave the second box to the first - or replace your wireless router with a dumb access point.
Actually, since wireless routers probably have a few wired ports as well, you can get away without a second router altogether. If you run out of wired ports, get a hub or a switch.
This way you have a single address space, all of your devices can see each other, etc. And, you have fewer devices to maintain.
The only caveat is security. If you don't use authentication on your wireless network, you should consider it 'hostile' because you never know who comes to steal your traffic. So lock up your wireless access - and you should be fine.

While I'm happy to have a hints website, some of them seriously need more quality control before they are posted. I am pretty sure this is a long and unnesessary way to network, albeit usually a way your typical PC WEENIE would do most things (my appologies to the original poster, I just couldn't resist taking that little jab at you). I'm childish. Anyhow, if there is anyone out there that is an absolute networking professional please let me know, I have a complex setup and would like to compare notes. In short I have multiple internet lines, one dsl and the other cable. So if anyone is up for it post here let me know. -digitol-

Most people seems to have missed the point of what I was trying to achieve.
To simplify:
Computer A is on my LAN.
Computer B is on my LAN and has internet access.
Computer C is on the Internet.
Computer B has Internet Sharing enabled.
So now, computer A and B can both reach computer C. Yay!
But I also need computer C to be able to reach computer A on my private LAN.
To be able to do that, computer C needs to know where is computer A, so I forced a route (config. on computer C) to computer A that goes through computer B. And I configured computer B to route incoming connections for computer A to the LAN.
Anyone who has a better way to configure computer B to allow access to computer A from the Internet is welcome to reply to this comment.
From what I found though Google searches, there's no way to configure the default Mac OS X Internet Sharing to do port forwarding, or DMZ.
- Guillaume

I read two drastically different descriptions of your setup and goals; but if I just listen to the example in this reply-thread, I don't understand why you don't just port-forward inbound ('from the Internet'; Computer C) traffic to Computer B via your router's undoubted ability to accept port forward commands to a single subnet IP address (like a DMZ, but is still port restrictive).
For example, I have a wired and a wireless LAN both at my workplace.
The wireless LAN is top-level; i.e., it hosts all the standard client/guest computers, printers, etc., and can accept guest access either wired or wirelessly; it also uplinks to the Internet (via cable modem). It is, of course, firewalled, but less-restrictive, to allow more communication in/out and across the LAN. Ffile transfers and freedom of movement/access is critical to workflow, and risk is dealt with by safe practice, virus software, etc. It is vulnerable, and frequently attacked, but no critical or sensitive data lives for long at this level. This is superfluous to our conversation, but is here to explain why *I* need two LAN types, and why I don't just use a wired/wireless combo LAN (as cheap as $15) as others have suggested you just convert to.
The wired-only LAN is at the second level, using its own firewall and router, so that I can protect my sales stations and sensitive data, customer data (credit card info, sensitive files, etc.); it uplinks to the level one LAN.
The computers on the second level need to be able to see/use/access the printers and computers on the first level, and can easily do so by passing IP-specific requests up through the second-level router to the first-level router; as well as access the Internet, which just get passed normally from gateway to gateway. Requests in the other direction are summarily denied, except for the following:
I frequently need to access my primary workstation under the second level from either a computer on the first level, or via the Internet from home. Similarly, our web server also resides behind the firewall and router at level two.
In order to access these computers/services 'from the Internet', I have the first level router set to port-forward, e.g., port 80 requests (HTTP) to the second-level router, and the second level router points those same requests to the web server IP address. The same is true for file access; AFS ports are forwarded to my workstation, as are VNC and SSH port requests. These, of course, are further protected by 128bit passwords and secure sockets.
Any need to access any other computer on the second level is passed through my station as host. This is the 'bridge' to which you refer and seek.
While you have created a situation that works for you, and was free, but, for most people, a $15-$50 all-in-one wireless/wired router combo, which has built-in bridging (i.e., wired and wireless computers receive/can specify IP addresses in the same range and subnet mask) is the best solution, as it also unifies all behind a single firewall. You point out the ultra-cool AirPort as too expensive for your taste, but if you watch the specials, you can get D-Link, Lynksys, or lesser known but just as good brands (like Hawking), that also have printer ports for enabling 'network' printers without resorting to printer sharing via a host, for as little as free, if you watch rebates and such.
e.g., this deal is common, and ones for less that are new with more featurres and with free shipping come along all the time:
[link:]http://dealmac.com/deals/Refurbished-Netgear-WGT624-108-Mbps-802-11-g-4-Port-Firewall-Router-for-15/132194.html[/link:]
HTH

If I am understanding the original hint, this is what your network looks like now:
http://conigs.com/temp/gboudrea/before.png
Why not set it up like this:
http://conigs.com/temp/gboudrea/after.png
This way, the WAP, and by extension all your wifi devices, are on the same network as all your ethernet connections.

The Bridged Boy Mac Os Download

Most wireless routers have a built-in Ethernet switch, so none of this should be necessary. I'm using a Linksys WRT54G with my servers & iMac connected to the ethernet ports and I connect to it wirelessly from my MacBook Pro & Mac Mini.

@gboudrea:
There is a MUCH easier way to do this. Just about any router nowdays will achieve what you need. Furthermore, if you need you can configure multiple ethernet interfaces in your network pane. Multihoming is what I think you may be after.

The Bridged Boy Mac Os Update

Well, folks complained about this hint at the time, but four years later, I wanted to do exactly what gboudrea was trying to explain, and his explanation was the only really sufficient one on the internet.
I'm now able to use my Mac Mini to act as a 5ghz radio to serve my TiVo hi-def video via ethernet, without having to buy a separate $80 box. And gboudrea correctly explains how I can connect into the TiVo from within my LAN.
Hours and dollars saved. Thank you.