How to Configure Static Route via Bridged ADSL Modem Without Known Next-Hop in Linux


4 views

When an ADSL modem operates in bridged mode, your Linux system directly receives the public IP address (e.g., 11.22.33.44) on the physical interface (eth3 in this case). Unlike router mode where you have a clear gateway IP (like 192.168.1.1), bridged mode presents a unique routing scenario because:

  • There's no layer 3 device between your host and ISP
  • The MAC address of the ISP's equipment becomes your effective next-hop
  • Traditional gateway-based routing doesn't apply

The command ip route add 88.191.250.176 dev eth3 fails because:

# This lacks layer 3 forwarding information
ip route add 88.191.250.176 dev eth3

# This attempts to use the interface IP as gateway (incorrect)
ip route add 88.191.250.176 via 11.22.33.44 dev eth3

Neither works because in bridged mode, traffic must be sent directly to the ISP's DSLAM MAC address, not via an IP gateway.

Option 1: Proxy ARP Configuration

Enable proxy ARP on the interface to handle the missing gateway:

echo 1 > /proc/sys/net/ipv4/conf/eth3/proxy_arp
ip route add 88.191.250.176 dev eth3

Option 2: MAC Address Based Routing

First, discover your ISP's DSLAM MAC address (usually via DHCP logs or tcpdump), then:

# Add static ARP entry for the destination
ip neigh add 88.191.250.176 lladdr [ISP_DSLAM_MAC] dev eth3 nud permanent

# Then add the route
ip route add 88.191.250.176 dev eth3

Option 3: Policy Routing with Source Address

For more complex scenarios where multiple interfaces exist:

ip route add 88.191.250.176 dev eth3 src 11.22.33.44
ip rule add from 11.22.33.44 lookup main

After applying any solution, verify with:

ip route get 88.191.250.176
tcpdump -i eth3 host 88.191.250.176

Common issues to check:

  • ISP MAC address filtering
  • MTU mismatches (PPPoE overhead)
  • Firewall rules blocking outbound traffic

When your ADSL modem operates in bridged mode, your Linux router directly receives the public IP (e.g., 11.22.33.44) on its eth3 interface. Unlike routed mode where the modem acts as a gateway (with a clear next-hop like 192.168.1.1), bridged mode eliminates the visible next-hop, making static route configuration tricky.

The obvious attempts fail because:

# Missing L2 resolution:
ip route add 88.191.250.176 dev eth3  
# Invalid self-referential gateway:
ip route add 88.191.250.176 via 11.22.33.44 dev eth3

Both commands either lack Layer 2 forwarding logic or create a circular reference (using the interface's own IP as gateway).

Option 1: Proxy ARP Setup

Enable proxy ARP on the interface to handle L2 resolution:

echo 1 > /proc/sys/net/ipv4/conf/eth3/proxy_arp
ip route add 88.191.250.176 dev eth3

Option 2: Null Gateway Trick

Use 0.0.0.0 as a pseudo next-hop with strict ARP filtering:

ip route add 88.191.250.176 via 0.0.0.0 dev eth3
echo 2 > /proc/sys/net/ipv4/conf/eth3/arp_filter

Option 3: MAC Address Directives

For advanced control, specify the modem's MAC directly:

ip neigh add 88.191.250.176 lladdr 00:1A:2B:3C:4D:5E dev eth3 nud permanent
ip route add 88.191.250.176 dev eth3

Check route effectiveness with:

ip route get 88.191.250.176
tcpdump -i eth3 -nne

Look for ARP resolution and outgoing packets in captures.