Dedicated to a friend who is willing to study Linux technology-Bridge-Howto

Article title: dedicated to a friend who is willing to study Linux technology-Bridge-Howto. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
This article applies to: Linux enthusiasts who have certain network, linux, and a little understanding of English. this article applies to the software version: Redhat Linux release, including RedHat, FeraCore, the script in the package is only tested under RedHat9 and Mandrake10.1. You are welcome to test another version. author and copyright: Copyleft under Free Documentation License (FDL) by elcoud e.cloud@163.com this article and related software package download :( not found yet, see the attachment)
　　
　　 Part 1:
Concept principle [Bridge] is a device used to connect to the second layer of the ISO Network. it only provides Ethernet connections and is completely transparent to protocols such as TCP/IP, you can understand it as a switch. In fact, a switch is also a bridge implementation. Configuring a bridge in Linux means using the machine as a switch. For example, in my current situation, I used two computers in my company, but there was a network cable in my seat. so I installed a dual Nic on my desktop and configured a bridge, one network card connects to the company network, and one card connects to my laptop through a dual-host direct connection. Both machines have a fixed IP address in the company, and are connected to the Internet through the company gateway. a desktop is a switch for a laptop.
　　
Linux has provided excellent support for bridges since the 2.4 kernel and supports advanced applications such as Spanning Tree Protocol. No IP address is assigned to the physical port added to the bridge. only the virtual port of the bridge can be assigned an IP address. The virtual port can be used as a common port, and supports various iptables applications and routes in combination with ebtables. It also supports layer-2 network packet filtering, forwarding, and other advanced applications. It can be said that Linux can work with corresponding tools to provide various functions of high-end switches and routers, or even functions they do not have. of course, due to the limitations of the PCI bus, the efficiency must be inferior.
　　
　　 Part 2:
Install configuration 1. after the rpm Package is installed, the bridge-utils toolkit can use the input brctl (press enter) to see the help, which is relatively simple, because we mainly use the system script to set the bridge, so basically do not use this command, at most use brctl show to view the bridge status details can see/usr/share/doc/documents in the bridge-utils-1.0.4
　　
2. patch/sbin/ifup patch-p0/sbin/ifup <ifup. patch
　　
3. in the/etc/modprobe. conf file, add: alias bri0 bridge bri0 is the name you give to the bridge Port. It can also be called or multiple
　　
4, modify the physical Nic configuration file ifcfg-eth0 in the/etc/sysconfig/network-scripts/directory and add the following two lines at the beginning of line 2nd: TYPE = Bridge BRIDGE = bri0 this indicates the name of the bridge to which the physical network card belongs. enter the name based on your actual situation.
　　
5. copy the file ifcfg-bri0 to/etc/sysconfig/network-scripts chown root: root ifcfg-bri0 chmod 755 ifcfg-bri0 according to their own needs to modify the corresponding note that this file is actually bridge virtual port configuration file, can be bri0 virtual into a common Nic, the definition of the variables "TYPE" and "BRIDGE" must not appear in this file. otherwise, bri0 cannot obtain the IP address. if you have multiple bridge ports, you can copy multiple copies of this file and change it to the corresponding name. The type bvi is defined by myself and corresponds to the modified part in the ifup script. it is used to initialize the bridge virtual port. do not change it without authorization.
　　
6. restart the network service/etc/init. d/network restart is similar to the following display, indicating that your bridge has been running smoothly. you can use ifup/ifdown or other tools at any time to switch the virtual port and any physical port is closing the interface eth0: [finished] closing interface eth1: [finished] closing interface bri0: [finished] closing loopback interface: [finished] setting network parameters: [finished] loading loopback interface: [finished] opening interface bri0: [finished] opening interface eth0: [finished] opening interface eth1: [finished]
　　
7. if your ifup version is too old and the patch cannot run smoothly, use the ifup script in the package to copy it to the/sbin/directory chown root: root/sbin/ifup chmod 755/sbin/ifup
　　
8. remember that after the bridge-utils toolkit is installed, the bridge function can be used normally. in the startup script (such as/etc/profile) add several brctl command lines and ifconfig command lines to complete the configuration and ipsettings of the bridge interface. The main purpose of this article is to enable the bridge function and the system network service. closely integrated, the bridge virtual port can be started through the network service like a standard network interface, and controlled through tools such as ifuo/ipdown, in addition, it is more flexible than the command line configuration method. The biggest problem encountered during the configuration attempt is the port start sequence of the ifup script because B is in front of e, bri0 first enters the configuration process. at this time, ports such as eth have not been enabled, and bri0 has not been defined. Therefore, ifup cannot configure IP addresses for him. therefore, I have defined the BVI (Bridge Virtual Interface) type and added a judgment in the ifup script, so that bri0 will be first defined as soon as it enters the configuration process. If the name of the port we set up is not "bri0" but "z", I am afraid this problem will not occur. ^ o ^ The reason for this is that I have such a requirement, in addition, due to network reasons, the company's machine is installed with Mandrake10.1, which is not as good as the bridge support for debian. I have read the documentation that comes with only vlan and bond, therefore, you can add bridge support by yourself. The source code for the bridge-utils toolkit comes from the http://bridge.sourceforge.net, packaged as rpm under RH9.0