A bridge is a way to connect two Ethernet segments together in a protocol independent way. Packets are forwarded based on Ethernet address, rather than IP address (like a router). Since forwarding is done at Layer 2, all protocols can go transparently through a bridge.
Among other reasons, if you are running KVM or Xen, and you want your virtual machines to have their own IP addresses on the network, you will have to set up and use a bridge.
These instructions are specific to RedHat and derived systems. Tested on 5.6 and beyond.
These instructions assume that the interface you want to bridge is eth0, and that eth0 is the gateway device. It is advisable that you do this at a console and not ssh’d in, since if networking doesn’t restart properly you won’t be able to ssh in to fix it.
- Backup all your networking files:
tar czf /etc/sysconfig.tar.gz /etc/sysconfig
- Copy the file /etc/sysconfig/network-scripts/ifcfg-eth0 to /etc/sysconfig/network-scripts/ifcfg-br0
- In the file /etc/sysconfig/network-scripts/ifcfg-eth0, delete all the lines, and put the following lines in instead:
DEVICE="eth0" BRIDGE="br0" ONBOOT=yes
- In /etc/sysconfig/network-scripts/ifcfg-br0, change and add the following:
DEVICE=br0 TYPE=Bridge ONBOOT=yes STP=on DELAY=0
- Leave the IPADDR, NETMASK and (if there) HWADDR & GATEWAY alone.
- If the interface currently is set to DHCP and you want to change it to a static address:a. To assign a static IP address, change the BOOTPROTO line in the ifcfg-br0 file to:
b. And add the following lines, with the appropriate IP info set:
GATEWAY=10.0.2.2 NETMASK=255.255.255.0 IPADDR=10.0.2.15
- Change the file /etc/sysconfig/network, if GATEWAYDEV is there, set it to:
- If you have any aliases on the device you are bridging to, you will rename the aliases to refer to the bridge instead of the device. For example, if in normal mode you have:
Eth0 192.168.100.20 Eth0:0 192.168.100.41 Eth0:1 192.168.100.42
In bridging mode you will have:
Eth0 Br0 192.168.100.20 Br0:0 192.168.100.41 Br0:0 192.168.100.42
- Restart networking, and check that networking is working properly. Try pinging a system outside your network for verification that the routing is working.