Network bridge

Introduction

A network bridge can be used to connect two independent network segments at layer 2 level (much like a router). Common applications include transparent proxying, transparent filtering (using iptables) and saving money on hardware as some mainboards come with two PHY interfaces. For this how-to, eth0 and eth1 are used but of course they can be replaced by whatever you need.
The way bridging works on Linux is that a bridging device is created (brX) that contains at least two network devices as ports (e.g. ethX or pppX). As the bridge works on layer 2, no IP addresses are needed on the port devices - on a typical setup, the bridging device itself will receive the IP (e.g. via DHCP).

Kernel

[Collapse]
Kernel configuration

[*] Networking support  --->
   Networking options  --->
      <M> 802.1d Ethernet Bridging
 This is a deprecated template. Help us update this template!

Installation

root #emerge --ask bridge-utils

Host Configuration (using OpenRC init scripts)

First, we need to add the bridge device to the /etc/conf.d/net file. As an example, bridge configuration with DHCP:
Note
Note that it is important to include 'setfd 0' and 'sethello 10' in order to bring the interface up quickly. Other values will cause network packets to be dropped for the first 30 seconds after the bridge has become active. This in turn could prevent DHCP from working.
[Collapse]
File/etc/conf.d/net

# bridge ports defined empty to avoid DHCP being run for their configuration
config_eth0="null"
config_eth1="null"

# bridge
config_br0="dhcp"
brctl_br0="setfd 0
sethello 10
stp off"
bridge_br0="eth0 eth1"
 This is a deprecated template. Help us update this template!
More documentation can be found in /usr/share/doc/netifrc-*/net.example.bz2.
Next, create the init script and start the interface as follows:
root #ln -s /etc/init.d/net.lo /etc/init.d/net.br0
root #/etc/init.d/net.br0 start
Finally, to make sure the bridge is automatically set up on subsequent boots, run:
root #rc-update add net.br0 default

Host Configuration (using systemd)

As of systemd >= 210, a special service called systemd-networkd is available for network configuration, including bridge construction.
The basic procedure of creating a network configuration with systemd-networkd is creating several .network and .netdev files.
First, we need to create a bridge. With systemd-networkd this is as simple as creating a new .netdev file:
[Collapse]
File/etc/systemd/network/MyBridge.netdev

[NetDev]
Name=br0
Kind=bridge
 This is a deprecated template. Help us update this template!
After we created the bridge definition, we can assign the interfaces to this bridge:
[Collapse]
File/etc/systemd/network/MyEth.network

[Match]
Name=eth*

[Network]
Bridge=br0
 This is a deprecated template. Help us update this template! You can match multiple interfaces to be attached to the bridge
Notice that this bridge is still not active, this can be solved by creating a .network definition to actually use the bridge.

DHCP:

[Collapse]
File/etc/systemd/network/MyBridge.network

[Match]
Name=br0

[Network]
DHCP=v4
 This is a deprecated template. Help us update this template!

Static:

[Collapse]
File/etc/systemd/network/MyBridge.network

[Match]
Name=br0

[Network]
DNS=192.168.1.1
Address=192.168.1.2/24
Gateway=192.168.1.1
 This is a deprecated template. Help us update this template! Gateway is only necessary if you intend to use your physical network interface as access to another network. If you're using the bridge as a private network, omit it as systemd-networkd will add the bridge as a default route when the Gateway option is set.
Do remember to enable and start the systemd-networkd service.

Ref:http://wiki.gentoo.org/wiki/Network_bridge

Comments

Post a Comment

Popular posts from this blog

WMI Static Port configuration

Step one:  Set the DCOM config to use a static port.... Basically, run "dcomcnfg" from command prompt. Navigate the tree to My Computer > DCOM Config > Windows Management and Instrumentation, select properties of that folder. Go to the Endpoints tab Select Properties button for Connection-oriented TCP/IP Use static endpoint, set the port. Step 2:  Configure WMI to use a fixed port http://msdn.microsoft.com/en-us/library/bb219447(v=VS.85).aspx At the command prompt, type  winmgmt -standalonehost Stop the WMI service by typing the command  net stop "Windows Management Instrumentation" Restart the WMI service again in a new service host by typing  net start "Windows Management Instrumentation" Establish a new port number for the WMI service by typing  netsh firewall add portopening TCP 24158 WMIFixedPort Still testing this myself, so not 100% certain it works. Another way, use the Component Services Manager to set the ra
Read more

Optimizing your JVM for Best Performance

The better your JVM performs, the better your installation of Tomcat will perform. It's as simple as that. Getting the most out of your JVM is a matter of configuring its settings to match your real-world performance needs as closely as possible. Update your JVM to the latest version, establish some accurate benchmarks so you have a way of quantifying any changes you make, and then get down to business. Effective Memory Management The main thing to consider when tuning your JVM for Tomcat performance is how to avoid wasting  memory  and draining your server's power to process requests. Certain automatic JVM processes, such as garbage collection and memory reallocation, can chew through memory if they occur more frequently than necessary. You can make sure these processes only occur when they need to by using the JAVA_OPTS -Xmx and -Xms switches to control how JVM handles its heap memory. If your JVM is invoking garbage collection too frequently, use the -Xmx switch to s
Read more

How do I disable FOREIGN KEY checking for the time of database schema migration?

How do I disable  FOREIGN KEY  checking for the time of database schema migration? Currently I found engine-based commands like: PostgreSQL:  SET CONSTRAINTS ALL DEFERRED; MSSQL:  EXEC sp_msforeachtable "ALTER TABLE ? NOCHECK CONSTRAINT all"; MySQL:  SET FOREIGN_KEY_CHECKS = 0; HSQLDB:  SET REFERENTIAL_INTEGRITY FALSE; DB2:  SET INTEGRITY FOR table OFF; SQLite 3.7.16:  PRAGMA foreign_keys = false; Oracle 11g seems to have no such command at all Syntax significantly differ, in case of MSSQL I'm unable to recover previously disabled constraints (if any).
Read more