How to bridge two interfaces while not connecting to it, and use a third interface for network

Marc-André Bouchard

11/5/22, 8:06 PM

I am on Linux - Ubuntu 20.04, I am trying to use a 4G USB key that is shown in the interfaces as "ppp0" (created using wvdial) to bridge the secured 4G connection to a sensitive network device (payment terminal) connected on the eth1 of the PC. While, at the same time, using eth2 for the PC internet. I want the result to be as if the ppp0 and eth1 were isolated from the PC, and connected because I don't want the PC to drain the costly 4G connection. I want the PC to use the eth2 and "it doesn't see" the existence of ppp0 or eth1.

I've already achieved the bridge connection using the system option "shared to other computers" on the eth1 interface, but the PC is not isolated from the ppp0 interface. I also tried with iptables, but as always, the many tutorials I found showed how to share the PC to internet. I'm a bit lost.

I hope this diagram will help you understand the situation :

165

1 + 3

linux

iptables

bridge

linux-networking

djdomi

11/15/22, 4:28 AM

Is there a reason why you are not just simple buy a 4G router? Its more efficient IMHO - If you pay your business with this Terminal, get some hardware instead of some crazy workarounds

Marc-André Bouchard

11/15/22, 8:05 AM

You got it djdomi, the crasy workaroud was to skip the expense for a 4G router. Also out of curiosity, because I already had the idea of the "beaglebone 4G router" solution but I was really curious if it was possible to just route it in a single computer instead.

A.B

12/21/22, 4:06 PM

It's possible to use policy routing to route ppp0 to eth1 and eth1 to ppp0 while leaving the host only using eth2. Without an explanation on how is the ppp0 side (assumed to be "Internet") able to reach the LAN on eth1 (assumed to be a private LAN rather than public LAN and thus not reachable *from* Internet). DNAT? I think my answer would trigger additional questions from OP and I wouldn't want this. Please add a more complete layout of your problem that includes all IP addresses involved even if obfuscated with [RFC 5737](https://datatracker.ietf.org/doc/html/rfc5737).

Score:0

Server

Marc-André Bouchard

11/8/22, 12:55 AM

Finally, I came to the conclusion that this is impossible to do. I've tried with iptables until I realized that iptables only reject and accept packets, but do not route, what I was needing was more about routing. I've looked into bridges but it seems to be more about sharing the internet from the computer again. Then I looked into routing tables for Linux, but it seems like you can only have one valid default route and it's impossible to route "from interface to interface" and if the 4G is in the default routes, when the ethernet connection fails you will drain the 4G connection. I've also read a little about Vlan but it doesn't seem to be useful in this situation.

All the time I was doing those tests, the Network manager of Ubuntu was difficult to overcome. So I also tried in Debian, which is not relying on the Network Manager, and it was not possible either. I gave up and I will use a Beaglebone for the 4G-USB to RJ45 "converter". If someone thinks that this is possible to do I would be really curious to see the solution, but to my knowledge and research I think it's not feasible. It's as if this setup required two separate routing tables which is not possible, once there is a network, the whole PC must be aware of it, it cannot blindly relay it to another port.

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How to bridge two interfaces while not connecting to it, and use a third interface for network

TH: วิธีบริดจ์สองอินเทอร์เฟซในขณะที่ไม่ได้เชื่อมต่อ และใช้อินเทอร์เฟซที่สามสำหรับเครือข่าย

RO: Cum să conectați două interfețe în timp ce nu vă conectați la ele și să utilizați o a treia interfață pentru rețea

RU: Как соединить два интерфейса, не подключаясь к ним, и использовать третий интерфейс для сети

VI: Cách kết nối hai giao diện trong khi không kết nối với nó và sử dụng giao diện thứ ba cho mạng

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.