Network switches are common these days. You can even find quite a few designed for home use. But you can also build a virtual switch using a network bridge in Fedora.
This is most commonly used to connect virtual guests to a network without being behind Network Address Translation (NAT) but can also be used to daisy chain systems together.
A bridge is a network connection that combines multiple network adapters. This way devices attached via the different adapters can talk to each other as if directly connected with a normal network switch. This software switch is the basis for more complicated technologies such as Open VSwitch.
Since the switch is purely software, it’s important to avoid accidentally creating a loop (physically or virtually) if Spanning Tree Protocol (STP) is disabled. Otherwise, the system is likely to bottleneck at 100% CPU use and be very slow to respond, if not grind to a halt.
Moving on from bridge-utils deprecation
Previously
from the
package was used to create and manipulate the bridge virtual interfaces. However this was deprecated a while back and has been superseded by the
suite of tools for most aspects.
To create a new bridge, use this command:
$ ip link add br0 type bridge
At this point,
will show the network interface that exists, but in a down state, as there’s no interfaces connected to it:
3: br0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether 12:bb:3a:9c:02:33 brd ff:ff:ff:ff:ff:ff
You can then add physical network interfaces to the bridge. Be sure not to accidentally cut off a remote connection when doing so! These commands add the
and
interfaces to the bridge just created.
$ ip link set eth0 master br0 $ ip link set eth1 master br0
Now, you can create an IP address on the bridge host, so it can be addressed on the network:
$ ip address add 192.168.1.100/24 dev br0
If you’d like to see the configuration of the bridge, use this command:
$ ip -d link sh br0 3: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000 link/ether 52:54:00:4b:c5:95 brd ff:ff:ff:ff:ff:ff promiscuity 0 bridge forward_delay 1500 hello_time 200 max_age 2000 ageing_time 30000 stp_state 0 priority 32768 vlan_filtering 0 vlan_protocol 802.1Q addrgenmode eui64
To change the configuration of the bridge using
or
can be used for most aspects. Some spanning tree configuration either needs to be changed via
or via the
interface.
$ brctl show br0 bridge name bridge id STP enabled interfaces br0 8000.5254004bc595 no ens3 echo 1 > /sys/class/net/br0/bridge/stp_state $ brctl show br0 bridge name bridge id STP enabled interfaces br0 8000.5254004bc595 yes ens3
While these commands will properly set up a bridge, the network setup won’t be persistent. In other words, when you reboot the system, you’d have to set up the bridge again.
Persistent bridge configuration
Let’s assume one of the network adapters to be connected to the bridge is
. You may want to start by making a backup of the configuration file.
$ sudo cp /etc/sysconfig/network-scripts/ifcfg-eth0 /root/
Now, create a configuration file for the bridge
with the following contents, as
:
DEVICE=br0 TYPE=Bridge IPADDR=192.168.1.100 NETMASK=255.255.255.0 ONBOOT=yes BOOTPROTO=none
Adjust the configuration of the
network adapter as follows, as
:
DEVICE=eth0 TYPE=Ethernet HWADDR=AA:BB:CC:DD:EE:FF BOOTPROTO=none ONBOOT=yes BRIDGE=br0
For each additional network adapter to be added to the bridge, adjust the configuration file accordingly. When reloading NetworkManager, the bridge will be created and the interface linked to it.
This can be scripted through the
tool as well.
$ nmcli connection add ifname br0 type bridge con-name br0 $ nmcli connection add type bridge-slave ifname eth0 master br0
The
tool persists the changes to disk when they are made and can be used to handle things like STP without switching to the deprecated command or venturing into
.
$ nmcli connection modify br0 bridge.stp no
Image courtesy Johnny Lam – originally posted to Unsplash as Connect. Special thanks to Patrick Uiterwijk and James Hogarth for helping edit and review this article.
James
There’s a couple of things a little off here…
Using brctl, whilst it does still work, is deprecated with ip and bridge (both from iproute2) replacing it.
Disabling NetworkManager for a simple bridge doesn’t seem an optimal configuration given NM can handle bridges and nmcli is a very nice tool to do so…
Oscar
Agree. This article is far from being actual
Justin W. Flory
Hey all, thanks for pointing these things out. Some other members of the Magazine team have addressed these topics and the article should be a little more realistic now.
Oscar
That’s much better!!
Thanks!
Onuralp SEZER
We can also use GUI for that purpose. But If you use Gnome in Fedora 22/23/24 well there is small problem. Default Network Manager interface didn’t have “share” options Nbut If you use “Network connection” which is in “/usr/share/applications/” you can share and create bridge in it. Just one click all we needed. If you use KDE just open Network manager you gonna see share options in it. For article I think It would be good to be add that options too for who like to use GUI too. Same for XFCE and LXDE too…
Thank you.
sf
If this network bridging introduction is based on a live setup to, will be even better.
Fedora Workstation as host with
– a LAN port – eth0
– a Wifi port – eth1
Two VM guest running with BOX
– a Linux Guest with single NIC, to be bridge to outside world and the Windows VM
– a Windows Guest with single NIC, to be bridged to outside world, and Linux VM
Objective:
– Only one of the eth0, eth1 will be connected for access to Internet
– IP address assignment will be via DHCP
– No matter eth0 or eth1 is connected, both the Linux VM and the Windows VM can access Internet. Can they communicated with the Fedora Host as well?
More advanced setup
If neither eth0, eth1 are connected, can Linux VM / Windows VM / Fedora Host still communicated to each other?
I need this setup, to introduce to Windows users who wants to try Fedora
– the Windows VM allow them to be productive
– I setup the Fedora Host for them, show them how to connect LAN/Wifi, so that the Windows VM will work
– a Linux VM, to play with Linux
I know I am asking for too much.
Mike Schmidt
There is also the systemd-network interface which is to me a good choice if we don’t want to use network manager (on a server, for example, where we don’t need support for plug-and-play network interfaces). See the man pages for systemd-network(8) and systemd.network(5).