Linux Network Bridge

Linux Network Bridge operations-Linux Enterprise Application-Linux server application information, the following is a detailed description. I. Settings

1. Obtain ''bridge configuration''

Ftp://shadow.cabi.net/pub/Linux/BRCFG.tgz

2. Obtain and read ''multiple ethernet ''HOWTO

Ftp://sunsite.unc.edu/pub/Linux/docs/HOWTO/mini/Multiple-Ethernet

3. Configure lilo startup parameters

To enable multiple Ethernet devices to operate on your machine, you must add the following line to/etc/lilo. conf and re-Execute lilo: append = "ether =, eth1"

If you have three NICs on your bridge adapter, use these lines to replace the above:

Append = "ether =, eth1 ether =, eth2"

You can find more settings by adding more Ethernet configurations. By default, a traditional Linux core detects only one single ethernet card and stops when one is found. The above statement tells the core to continue to detect more Ethernet devices after the first device is found.

Another way is to replace the following variables with startup variables:

Linux ether = 0, 0, eth1
Alternatively, you can use the following three interfaces:
Linux ether = 0, 0, eth1 ether = 0, eth2

4. recompile the core and start the BRIDGING function.

A bridge Adapter should have no IP address. It can have one, but a common bridge does not need an IP address. The method to remove an IP address from your bridge is: to/etc/sysconfig/network-scripts/(for a RedHat system) and to copy the ifcfg-lo0 to the ifcfg-eth0 & ifcfg-eth1. In the two ethernet files, the line changed includes ''device = lo'' to ''device = eth0'' and ''device = eth1 ''. Other Linux distribution may be different from this. You can do what you want! If there are more than two interfaces on the bridge, be sure to make the settings conform to these interfaces.

Restart, execute the core that contains the bridge function, and confirm that an IP address is not specified to this network interface.

Once a system is backed up, the ethernet card is set to the chaotic (promiscuous) mode. They will monitor each packet through its interface: ifconfig promisc eth0; ifconfig promisc eth1 connects all the interfaces of the network segment to the promiscuous mode separated by the bridge.
Start the bridge adapter and use the brcfg program:

Brcfg-ena
Verify that each interface has different traffic flows:
Tcpdump-I eth0 (in a window)
Tcpdump-I eth1 (in another window)
Execute an sniffer or tcpdump to verify that the bridge adapter correctly separates the segments on another machine.

　　 II. General Problems

Question: I get this message ioctl (SIOCGIFBR) failed: Package not installed what does this mean?
Answer: Your core does not have the ability to bridge. Get a 2.0 or later core, and recompile the option BRIDGING to start the bridge function.

Question: The machine cannot be pinged to the other side!

Answer: Do you have 'brcfg-ename' to make the bridge running? (Brcfg will say ''bridging is ENABLED '') Do you have to place the interface in the promiscuous (chaotic) mode? (Use the ''ifconfig'' command. Then the ''promisc' parameter should be on two interfaces .). If you are using the multiple-media interface, make sure that the end is started correctly. You may need to use the configuration/setup program attached to the network interface for configuration.

Question: I cannot telnet/ftp from the bridge! Why?

Answer: This is because no IP address is specified to the interface of any bridge. A bridge is a transparent part of a network.

Question: What do I need to do to set routes?

Answer: none! The entire routing data is controlled by the code of the core bridge adapter. When the bridge adapter sees the ethernet address, they are learned. In the test error mode, use the brcfg program: brcfg-deb.

Question: The bridge seems to work, but why isn't ''traceroute' showing that the bridge is a part of the path?

Answer: because of the functionality of the bridge, ''traceroute'' does not display the bridge as part of the path. A bridge is a transparent component of the network.

Question: Does IP_FORWARD need to be compiled into the core?

Answer: No. The code of the bridge adapter in the core takes care of packet transfer. IP_FORWARD for a gateway, it must have an IP address specified to its interface.

Question: According to the ''brcfg ''program, why is the ethernet address of Port 1 and Port 2 the same? Should they be different?

Answer: No. Each port of a bridge is intentionally specified by the bridge code to specify the Ethernet path address of the same entity.

Question: When a make config build setting is executed in the core, the bridging option does not appear. How does it start?
Answer: during core configuration, answers 'y', ''Prompt for development and/or incomplete code/drivers (CONFIG_EXPERIMENTAL) [Y/n/?] ''.

Question: too many hubs (four or more) connect one by one (consecutively) on one Ethernet path to cause time response problems. what will happen to a bridge in a subnet built by a hub?

Answer: A bridge adapter resets 3/4/5 hub rules. A bridge adapter does not process packets as a hub, so no contributor (contributor) has time to respond to problems on a network.

Question: Can a bridge interface connect both 10 Mb and 100 Mb Ethernet segments? Will this configuration slow the Other Side of high-speed traffic?

Answer: Yes. A bridge adapter can bind a 10 Mb block with a 100 Mb block, as long as the network is stuck on the side of the fast network of the bridge adapter, it has the capability of 100 Mb, TCP will take care of the remaining parts. at this time, it occurs that one host on the 100 Mb network sends packets to communicate with the other host on the 10 Mb network, only moving at 10 Mb/s speed, the rest of the network traffic will not be slowed down in the Fast Ethernet path.