Hosts can't see each other on wlan0 access point (debian 12)
by pkkrusty from LinuxQuestions.org on (#6QNJK)
I have a 4g USB stick running debian 12, using NetworkManager to manage the GSM connection, the wifi hotspot and the USB.
4G connection is fine. Internet access works as expected.
WLAN0 and USB0 both serve that internet connection correctly to hosts on either of those interfaces.
A client on wifi can reach a client on USB and vice versa, and any client can reach the 4G stick and vice versa.
BUT...
Two or more clients on the hotspot are unable to see each other. No ARP, no ping, nothing.
I've been searching for days for some little setting I'm missing, or something in the routing table that's normally necessary, but haven't found the right combination of terms in google to solve it. I was hopeful that "hairpin mode" was the answer, but that only works for bridges, and since NM is managing everything, and all the interfaces can see each other, I assume I don't need any bridging happening.
Here's the output of "ip route"
-----------
default via 10.186.90.154 dev wwan0 proto static metric 700
10.99.0.0/24 dev tun0 proto kernel scope link src 10.99.0.1
10.186.90.152/30 dev wwan0 proto kernel scope link src 10.186.90.153 metric 700
192.168.100.0/24 dev wlan0 proto kernel scope link src 192.168.100.1 metric 600
192.168.200.0/24 dev usb0 proto kernel scope link src 192.168.200.1 metric 100
------------
Here's output of "ip addr"
-----------
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
2: usb0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 8a:b1:27:16:8e:a7 brd ff:ff:ff:ff:ff:ff
inet 192.168.200.1/24 brd 192.168.200.255 scope global noprefixroute usb0
valid_lft forever preferred_lft forever
inet6 fe80::b4f:6773:7bec:93a8/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 02:00:a1:d0:d5:ad brd ff:ff:ff:ff:ff:ff
inet 192.168.100.1/24 brd 192.168.100.255 scope global noprefixroute wlan0
valid_lft forever preferred_lft forever
inet6 fe80::1c5d:648c:db71:768f/64 scope link noprefixroute
valid_lft forever preferred_lft forever
5: wwan0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 1000
link/[519]
inet 10.186.90.153/30 brd 10.186.90.155 scope global noprefixroute wwan0
valid_lft forever preferred_lft forever
6: wwan1: <POINTOPOINT,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[519]
7: wwan2: <POINTOPOINT,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[519]
8: wwan3: <POINTOPOINT,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[519]
9: wwan4: <POINTOPOINT,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[519]
10: wwan5: <POINTOPOINT,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[519]
11: wwan6: <POINTOPOINT,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[519]
12: wwan7: <POINTOPOINT,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[519]
13: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 500
link/none
inet 10.99.0.1/24 scope global tun0
valid_lft forever preferred_lft forever
inet6 fe80::adb6:e874:25cd:4d38/64 scope link stable-privacy
valid_lft forever preferred_lft forever
-------------
I have OpenVPN installed, which is the tun0 interface, but whether it's there or not makes no difference for my problem.
No firewalls are installed, ip tables show accept for input, forward and output.
4G connection is fine. Internet access works as expected.
WLAN0 and USB0 both serve that internet connection correctly to hosts on either of those interfaces.
A client on wifi can reach a client on USB and vice versa, and any client can reach the 4G stick and vice versa.
BUT...
Two or more clients on the hotspot are unable to see each other. No ARP, no ping, nothing.
I've been searching for days for some little setting I'm missing, or something in the routing table that's normally necessary, but haven't found the right combination of terms in google to solve it. I was hopeful that "hairpin mode" was the answer, but that only works for bridges, and since NM is managing everything, and all the interfaces can see each other, I assume I don't need any bridging happening.
Here's the output of "ip route"
-----------
default via 10.186.90.154 dev wwan0 proto static metric 700
10.99.0.0/24 dev tun0 proto kernel scope link src 10.99.0.1
10.186.90.152/30 dev wwan0 proto kernel scope link src 10.186.90.153 metric 700
192.168.100.0/24 dev wlan0 proto kernel scope link src 192.168.100.1 metric 600
192.168.200.0/24 dev usb0 proto kernel scope link src 192.168.200.1 metric 100
------------
Here's output of "ip addr"
-----------
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
2: usb0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 8a:b1:27:16:8e:a7 brd ff:ff:ff:ff:ff:ff
inet 192.168.200.1/24 brd 192.168.200.255 scope global noprefixroute usb0
valid_lft forever preferred_lft forever
inet6 fe80::b4f:6773:7bec:93a8/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 02:00:a1:d0:d5:ad brd ff:ff:ff:ff:ff:ff
inet 192.168.100.1/24 brd 192.168.100.255 scope global noprefixroute wlan0
valid_lft forever preferred_lft forever
inet6 fe80::1c5d:648c:db71:768f/64 scope link noprefixroute
valid_lft forever preferred_lft forever
5: wwan0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 1000
link/[519]
inet 10.186.90.153/30 brd 10.186.90.155 scope global noprefixroute wwan0
valid_lft forever preferred_lft forever
6: wwan1: <POINTOPOINT,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[519]
7: wwan2: <POINTOPOINT,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[519]
8: wwan3: <POINTOPOINT,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[519]
9: wwan4: <POINTOPOINT,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[519]
10: wwan5: <POINTOPOINT,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[519]
11: wwan6: <POINTOPOINT,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[519]
12: wwan7: <POINTOPOINT,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[519]
13: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 500
link/none
inet 10.99.0.1/24 scope global tun0
valid_lft forever preferred_lft forever
inet6 fe80::adb6:e874:25cd:4d38/64 scope link stable-privacy
valid_lft forever preferred_lft forever
-------------
I have OpenVPN installed, which is the tun0 interface, but whether it's there or not makes no difference for my problem.
No firewalls are installed, ip tables show accept for input, forward and output.