1

sorry if my terminology is way off, I'm not well versed with networking.

Can any combination of hardware and software make following scenario a reality:

In location A there is a WiFi network called, let's say, 'X-wifi'. In location B (geographically distant - another district, city, country) there is a WiFi network also called 'X-wifi'. Using Internet as a intermediary, can you construct such a system so that machines connected to 'X-wifi' in location A and B see each other, just as (or effectively as) if they were actually connected to the same access point? If yes, what is the simplest way to achieve it?

Gerino
  • 113
  • 2
  • Your criteria for simple is quite vague. Simple with unlimited budget? Simple only using open source? Simple meaning you don't need to hire more staff to manage it? – Mike Pennington Nov 28 '14 at 13:44
  • 'Simple' meant 'least effort', which can be quantified as mandays. Buying and running a commercial software is simple, modifying open-source router firmware with custom-written patches or applications is rather not simple. My question is mostly theoretical though, I stumbled upon that idea and was completly unable to google any existing solutions that would accomplish it, so I'd like to know if it is possible at all. – Gerino Nov 28 '14 at 14:02
  • 1
    Probably a VPN then. – Fabián Heredia Montiel Nov 28 '14 at 16:06

4 Answers4

1

One way to achieve this is with two commercial-grade routers (I assume you have an Internet connection in both locations). You configure the routers to create a GRE Tunnel between them so they can route traffic between the two sites. Your two sites will be able to communicate with each other.

I should point out that you will have a routed connection (layer 3) between the two access points, which may not be suitable for all applications. But for general use, it should be fine.

Ron Trunk
  • 66,852
  • 5
  • 65
  • 126
  • 2
    Connected to the same access point means routed separation is insufficient for the need. The OP needs a layer2 vpn – Mike Pennington Nov 28 '14 at 14:44
  • Perhaps, but I suspect you're reading his words more closely than he intends. After all, he's "not well versed with networking." I added to the answer in any case. – Ron Trunk Nov 28 '14 at 14:47
  • GRE tunelling does look like what I was asking about! I get the concept of the limitations of the solution being layer 3 not 2, but can you - for educational purposes :) - give some examples of what wouldn't work over such tunelling? – Gerino Nov 28 '14 at 15:57
  • There's not a lot that won't work. Things that require layer 2 connections include redundant server or device keepalive and synchronization, or some rather old applications. You are not likely to run into these things on a simple wireless LAN. – Ron Trunk Nov 28 '14 at 16:54
  • You also cannot share the same subnet across both locations, or use [LLMNR](http://en.m.wikipedia.org/wiki/Link-Local_Multicast_Name_Resolution) – Mike Pennington Nov 28 '14 at 16:58
  • @Gerino I would guess some of the Apple bonjour-ey stuff wouldn't work (eg. AirPlay, printer sharing). Apple [seems to expect devices to be in the same L2 broadcast domain](http://networkengineering.stackexchange.com/q/5954). (That might not be quite accurate, but Apple doesn't publish enough of the protocols they use to prove otherwise.) Even if you manage to extend the L2 broadcast domain across two sites, the latency between the sites would be so uncharacteristically high that I would expect chatty applications wouldn't work right (eg. SMB file shares don't work well with high latency). – alx9r Nov 28 '14 at 19:30
0

Basicaly what you are looking for is an Ethernet VPN soloution. This can then be connected to the wireless access points at both sites.

I've successfully used openvpn on linux for this myself.

One possible wrinkle with such a setup is that you normally only get one DHCP server and therefore one default gateway. This means that all your external traffic ends up routing through one site. That may or may not be desirable.

If you want seperate DHCP and default gateways on each site I belive it should be possible to achive this with some ebtables filtering but I haven't actually tried such a setup myself.

Peter Green
  • 12,935
  • 2
  • 20
  • 46
0

That's a feature called L3 Roaming if I remember correctly. Most enterprise Wifi solutions support it, and it works by tunneling traffic from the WAPs (wireless access points) to a central controller, where they are egressed into the network. That way users are always connected to the same L2 network regardless of which AP they are connected to. Enterprises use this feature to simplify management and improve security (firewall rules are for example easier to maintain if the client IPs always are within a certain subnet).

How the solution implements it differs quite a lot. Cisco Meraki for example uses a VPN concentrator VM that terminates VPN tunnels from the WAPs and egresses traffic. As Meraki utilizes a cloud-based controller, it doesn't matter if the WAPs are inside your network or outside it. Some other brands use physical controllers that tunnel traffic through your own L3 network and egresses it traffic from WAPs on a dedicated interface.

Do note that this is not a plug for Meraki, it's just the solution I'm most familiar with myself.

Stuggi
  • 2,249
  • 1
  • 12
  • 33
0

Any router that can build L2 VPN between them solve this problem. Better to be able to filter L2 traffic to solve problems with unnecssary broadcast/multicast flood and add flexibility.

Personally I prefer Mikrotik router, bit it not the only solution.

PS. If You ask this question, building and maintaining this configuration require some effort.

mmv-ru
  • 754
  • 6
  • 15