Question Mesh Wifi Backhaul - proxy arp???

[tech101us]

I'm in a situation where I'm having to live in a rental property where I cannot run any of my own cable and the location where the internet comes into the building is on the 1st floor while my home lab equipment is all upstairs. Looked at the Powerline stuff, but performance is terrible if there's any distance and breakers between the two powerline bridges. So then considered wireless and tried out one of the TPLink wifi extenders. However, finding that many of these wifi bridge/repeater type devices don't do WDS (and even if they did seems WDS is a soup sandwich if the device manufacturers and chipsets aren't the same). With simple AP Client/Bridging scenarios, I'm noticing issues with proxy arp where devices on the WIFI network have issues reaching devices in my home lab behind the wifi bridge/repeater.

To make a long story short...I'm wondering abut some of these mesh solutions and how wifi backhaul works. If I have a 2-3 device mesh kit, where the mesh devices have at least one wired ethernet port, and I place one downstairs at the Internet Router (Mikrotik Hex RB750GR3) and another upstairs plugged into my managed homelab switch...will it function as a flat L2 domain where devices on the wifi can reach devices in my homelab setup without any proxy arp trickery? I guess what I need is a wireless solution that's as close to having an ethernet cable as possible. And since my homelab setup has a managed switch with several IP subnets configured, I need to be able to add those routes in my Internet Router (Mikrotik) pointing to the managed switch and have ARP working properly without interference (proxy arp) from the wifi devices.

Appreciate any thoughts on this subject...

Thanks in advance.

 

[bill001g]

Mesh uses WDS in many cases and has all the same issues as other repeaters. Mesh is mostly a fancy marketing name for repackaged repeaters. There are some high end "mesh" systems that have extra radio chips so they can use a dedicated radio channel for the backhaul. They work a little better but you still have multiple wifi radio signal that can get interfered with so they just don't degrade the performance as badly as lower end repeater/mesh systems.

Proxy ARP is generally a layer 3 issue and it is strange since most consumer grade devices do not support it. Mesh and repeaters all run flat layer 2 by default. Now what you might be using is what some vendors call "universal" repeater. This is almost as bad as WDS because it is implemented even more non standard.
Some of these so called repeaters are using a tricky mac spoofing, kinda similar to NAT but at a mac level. A lot of these use proxy arp and as you have found proxy arp causes problems.

Although WDS is a pain, is not part of the official wifi standard, and will no longer work when wifi fully goes WPA3, it is still your best option to solve the bridge issue in wifi. WDS has been around so long now that most vendors will function between brands even though there is no official standard.

Your key problem is a wifi connection as part of the encryption methodology uses the mac address of the end devices as part of the session keys. This was done intentionally so you did not get mac address spoofing. The WDS field was not actually designed to be used for passing mac addresses so it kinda is a hack that everyone is using to get past the restriction.

Your best bet is to find a way to use WDS to get past this restriction or make sure you buy 2 devices from the same manufacture. Most mesh unit that do not use WDS are using some proprietary thing. I suspect this is partially to force you to only buy units from the same manufacture.

Have you considered MoCA. If you have coax cable in both rooms this is your next best thing you can get when real ethernet is not a option. Most newer MoCA systems run at 2.5gbit....and unlike powerline they can actually achieve it.