bridging and WPA

[Bakul Shah]

This is my setup:

    A -- [tap0 B iwi0] ~~ wireless ~~ AP -- C -( internet )

A is a qemu VM running on host B (but I see similar behavior
when a wired interface connects a laptop to B instead of VM
and tap0).  I'd like to make B act as a bridge so I did this:

    ifconfig bridge0 create
    ifconfig bridge0 addm tap0 addm iwi0 up
    <edit rc.conf so that it has ifconfig_iwi0="WPA">
    /etc/rc.d/netif restart iwi0
    ifconfig bridge0 <iwi0's old ip address>

I do see traffic from other machines such as C coming in on
iwi0 and going out on tap0 (as it should).  But C does not
see any pkts from B. So I did this:

    ifconfig bridge0 ether <iwi0's mac address>

Now B is once again happily exchanging pkts with C.  When A
sends out dhcp requests they go out iwi0 but nothing comes
back and C does not see the original dhcp requests.

Am I correct in thinking this has to do with the WPA mode?
May be the interface mac address is used in some way or is
the AP (Linksys WRT54GS) doing something?  I am using WPA-PSK
and running -current of two days ago.

Also, when I ping B from C, this works fine but I see some
funny things on the tap0 interface.  An icmp echo request
turns into the following!

01:22:36.688601 IP truncated-ip - 7096 bytes missing! 190.2.179.15 > 122.160.138.29: ip-proto-205
01:22:37.689380 IP9 bad-hlen 8
01:22:38.690216 IP8 truncated-ip - 27274 bytes missing! 107.80.159.197 > 18.31.117.141: ip-proto-236
01:22:39.691139 IP6 , wrong link-layer encapsulationtruncated-ip - 41480 bytes missing! 85.216.108.207 > 88.35.66.234: ttp
...

Is there any way to make this work (bridged packets going out
on a WPA protected wireless link)?  I can use NAT and a local
dhcpd on B and avoid bridging but NAT and NFS don't get along
(that is, I can't mount C's filesystem on A).

Thanks!

-- bakul