Network switches are common these days. You can even find quite a few designed for home use. But you can also build a virtual switch using a network bridge in Fedora.
This is most commonly used to connect virtual guests to a network without being behind Network Address Translation (NAT) but can also be used to daisy chain systems together.
A bridge is a network connection that combines multiple network adapters. This way devices attached via the different adapters can talk to each other as if directly connected with a normal network switch. This software switch is the basis for more complicated technologies such as Open VSwitch.
Since the switch is purely software, it’s important to avoid accidentally creating a loop (physically or virtually) if Spanning Tree Protocol (STP) is disabled. Otherwise, the system is likely to bottleneck at 100% CPU use and be very slow to respond, if not grind to a halt.
Moving on from bridge-utils deprecation
brctl from the
bridge-utils package was used to create and manipulate the bridge virtual interfaces. However this was deprecated a while back and has been superseded by the
iproute2 suite of tools for most aspects.
To create a new bridge, use this command:
$ ip link add br0 type bridge
At this point,
ip link will show the network interface that exists, but in a down state, as there’s no interfaces connected to it:
3: br0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether 12:bb:3a:9c:02:33 brd ff:ff:ff:ff:ff:ff
You can then add physical network interfaces to the bridge. Be sure not to accidentally cut off a remote connection when doing so! These commands add the
eth1 interfaces to the bridge just created.
$ ip link set eth0 master br0 $ ip link set eth1 master br0
Now, you can create an IP address on the bridge host, so it can be addressed on the network:
$ ip address add 192.168.1.100/24 dev br0
If you’d like to see the configuration of the bridge, use this command:
$ ip -d link sh br0 3: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000 link/ether 52:54:00:4b:c5:95 brd ff:ff:ff:ff:ff:ff promiscuity 0 bridge forward_delay 1500 hello_time 200 max_age 2000 ageing_time 30000 stp_state 0 priority 32768 vlan_filtering 0 vlan_protocol 802.1Q addrgenmode eui64
To change the configuration of the bridge using
ip bridge link set or
ip link set can be used for most aspects. Some spanning tree configuration either needs to be changed via
brctl or via the
$ brctl show br0 bridge name bridge id STP enabled interfaces br0 8000.5254004bc595 no ens3 echo 1 > /sys/class/net/br0/bridge/stp_state $ brctl show br0 bridge name bridge id STP enabled interfaces br0 8000.5254004bc595 yes ens3
While these commands will properly set up a bridge, the network setup won’t be persistent. In other words, when you reboot the system, you’d have to set up the bridge again.
Persistent bridge configuration
Let’s assume one of the network adapters to be connected to the bridge is
eth0. You may want to start by making a backup of the configuration file.
$ sudo cp /etc/sysconfig/network-scripts/ifcfg-eth0 /root/
Now, create a configuration file for the bridge
br0 with the following contents, as
DEVICE=br0 TYPE=Bridge IPADDR=192.168.1.100 NETMASK=255.255.255.0 ONBOOT=yes BOOTPROTO=none
Adjust the configuration of the
eth0 network adapter as follows, as
DEVICE=eth0 TYPE=Ethernet HWADDR=AA:BB:CC:DD:EE:FF BOOTPROTO=none ONBOOT=yes BRIDGE=br0
For each additional network adapter to be added to the bridge, adjust the configuration file accordingly. When reloading NetworkManager, the bridge will be created and the interface linked to it.
This can be scripted through the
nmcli tool as well.
$ nmcli connection add ifname br0 type bridge con-name br0 $ nmcli connection add type bridge-slave ifname eth0 master br0
nmcli tool persists the changes to disk when they are made and can be used to handle things like STP without switching to the deprecated command or venturing into
$ nmcli connection modify br0 bridge.stp no