We need Linux to know about the bridge. First tell it that we want one virtual
ethernet bridge interface: (this is to be executed on host bridge
, of course.
See
Testing grounds)
root@bridge:~> brctl addbr br0
Second, we do not need the STP (Spanning Tree Protocol). I.e. we do only have
one single router, so a loop is highly improbable. We may then deactivate this feature.
(Results in less polluted networking environment, too):
root@bridge:~> brctl stp br0 off
After these preparations, we now do finally some effective commands. We add our two
(or even more) physical ethernet interfaces. That means, we attach them to the just
born logical (virtual) bridge interface br0
.
root@bridge:~> brctl addif br0 eth0
root@bridge:~> brctl addif br0 eth1
Now, our two previously physical ethernet interfaces became a logical bridge port each.
Erm, ok, there were and will be the physical devices. They are still there,
go have a look ;-) But now they became part of the logical bridge device and
therefore need no IP configuration any longer. So release the IPs:
root@bridge:~> ifconfig eth0 down
root@bridge:~> ifconfig eth1 down
root@bridge:~> ifconfig eth0 0.0.0.0 up
root@bridge:~> ifconfig eth1 0.0.0.0 up
Great! We now have a box w/o any IP attached. So if you were configuring your future
fw/router via TP, go for your local console now ;-)) You have a serial console? Happy one :-)We tell Linux the new (logical) interface and associate one single IP with it:
root@bridge:~> ifconfig br0 10.0.3.129 up
In case we are configuring a gateway we enable the forwarding in the linux kernel.
root@bridge:~> echo "1" > /proc/sys/net/ipv4/ip_forward
Our box already has an IP assigned but no default route. We
solve this now:
root@bridge:~> route add default gw 10.0.3.129
Finally, we should have a working net from, to and through the gateway.