Persistently bridge traffic between two or more Ethernet interfaces (SUSE)
Content |
Specific to |
| SUSE-based distributions |
Tested on |
| openSUSE (11.4, 12.1) |
Objective
To persistently bridge traffic between two or more Ethernet interfaces on a SUSE-based system
Background and Scenario
See Bridge traffic between two or more Ethernet interfaces on Linux.
Method
Overview
The method described here has four steps:
- Install the bridge utilities package.
- Choose a name for the bridge.
- Write a configuration script for the bridge.
- Start or restart the
networkservice.
Be warned that once an interface has been attached to a bridge it cannot be used for other purposes, and in particular, cannot be used as an endpoint for Internet Protocol traffic. A common mistake when administering a machine remotely via SSH is to incapacitate the network interface that the SSH connection is using. Before acting on these instructions you should ensure that you will still be able to control the machine after the bridge has been created.
Note that this method differs significantly from that applicable to Red Hat-based distributions. (The configuration files have a similar format, but the procedure for defining bridges is entirely different.)
Install the bridge utilities package
Bridging is performed by a kernel module, but a userspace package is needed to configure it. On SUSE-based systems this can be found in the bridge-utils package:
zypper install bridge-utils
Choose a name for the bridge
Each bridge must be given a name. In this case the name br0 will be used, however it is not necessary to follow any particular naming convention provided it does not clash with another network device.
Write a configuration script for the bridge
A configuration script should now be written for the bridge and placed in the directory /etc/sysconfig/network. If the bridge is named br0 then the file containing the script should be named ifcfg-br0. The format is an extension of that used for configuring ordinary network interfaces:
BRIDGE='yes' BRIDGE_PORTS='eth0' BRIDGE_STP='on' BOOTPROTO='none' STARTMODE='onboot'
The BRIDGE_PORTS option gives a list of interfaces to be attached to be the bridge when it is brought up. More can be added later if required. For example, when hosting virtual machines you might want to connect a physical network card to the bridge at boot time, but then attach individual virtual machines as and when they are started. If you want to create a bridge with no attached interfaces then set this option to the empty string (or omit it entirely).
The BRIDGE_STP option specifies whether or not the Spanning Tree Protocol should be enabled. This is essential if there is any possibility of the bridge creating a loop in the network. It is safe in other cases, but it will increase the delay between a new link being added and it being able to pass traffic. For this reason you may want to leave STP disabled in simple cases (such as when bridging a set of virtual machines to a single physical interface).
A BOOTPROTO option of none specifies that the bridge should not be bound to an IP address. See below if an address is wanted.
A STARTMODE option of onboot specifies that the bridge should be brought up automatically at boot time. Without
this it would need to be brought up manually using ifup.
Start or restart the network service
Like the Ethernet interfaces, the bridge will not become operational until it is brought into the ‘up’ state.
This can be done by starting or restarting the network service:
service network restart
The bridge should now be ready for use, however there may be a delay before traffic starts to flow (typically about 30 seconds if STP is enabled or half that if not).
Variations
Binding an IP address to the bridge
As noted above, an Ethernet interface cannot usefully have an IP address if it is also attached to a bridge. However it is possible to achieve the same effect by binding an address to the bridge itself. The IP address can be set statically:
BRIDGE='yes' BRIDGE_PORTS='eth0' BRIDGE_STP='on' BOOTPROTO='static' IPADDR='192.168.0.1' NETMASK='255.255.255.0' STARTMODE='onboot'
or obtained using DHCP:
BRIDGE='yes' BRIDGE_PORTS='eth0' BRIDGE_STP='on' BOOTPROTO='dhcp' STARTMODE='onboot'
Troubleshooting
| See: | Troubleshooting Ethernet bridging on Linux |
Alternatives
Using YaST
An alternative method on SUSE-based systems is to create the bridge using YaST. The following procedure was found to work on openSUSE 11.4:
- Click on the ‘Network Settings’ icon listed under ‘Network Services’.
- Click on the ‘Add’ button, to add a new network device.
- Select a device type of ‘Bridge’ and choose a number for the bridge (it will be given a prefix of
br), then click the ‘Next’ button. - Choose how you want an address to be assigned, and which network interfaces should be attached to the bridge, then click the ‘Next’ button again.
- Click the ‘OK’ button. (Your changes will not take effect until you do this.)
In order to create the bridge, YaST creates a configuration script very similar to the one described above in /etc/sysconfig/network. It therefore makes little difference to the final outcome which method is used. Configuration scripts that have been created manually can be subsequently altered using YaST, and vice versa.
See also
- Bridge traffic between two or more Ethernet interfaces on Linux
- Persistently bridge traffic between two or more Ethernet interfaces (Debian)
- Persistently bridge traffic between two or more Ethernet interfaces (Red Hat)
Further reading
-
/usr/share/doc/packages/sysconfig/Network(installed sysconfig documentation) - bridge, The Linux Foundation (bridge module official website)
- Uwe Böhme, Linux BRIDGE-STP-HOWTO, v0.04, January 2001