In Linux Gateway mode, wired and wireless LAN shared network segments are interconnected within the LAN.

Source: Internet
Author: User
The company's online behavior management products support both wired and wireless Ethernet LAN in the gateway connection mode. However, the current implementation is that the subnet addresses of wired and wireless LAN cannot overlap, in this way, the communication between the wired LAN and the wireless LAN cannot be performed in the same network segment. Later I worked as a system kernel colleague... the company's online behavior management products support both wired and wireless Ethernet LAN in the gateway connection mode. However, the current implementation is that the subnet addresses of wired and wireless LAN cannot overlap, in this way, the communication between the wired LAN and the wireless LAN cannot be performed in the same network segment. Later, with the help of colleagues working on the system kernel, I found a way to divide the wired LAN and wireless LAN in the same network segment for mutual communication.
 
 
 
The idea is actually very simple: it refers to virtualizing a bridge Port, binding the corresponding wired LAN and wireless LAN to the virtual bridge port, and assigning an address to the bridge port, you can configure the Gateway as the bridge port address for other subnets. Of course, because the device is in the Gateway mode, routing and nat are also required. If the device is in the bridge mode, the routing and nat can be saved.
 
 
 
Brctl addbr bridge
 
Brctl addif bridge eth0
Brctl addif bridge ath0
Ifconfig eth0 0.0.0.0
Ifconfig bridge 10.0.0.1 netmask 255.255.255.0 up
Add iptables-t nat-a postrouting-o eth1-j SNAT -- to 192.168.2.173
Set both wired and wireless to the 10.0.0. * CIDR block to allow access by network peers.
 
 
Of course, if Linux can work in the bridge mode, you must install the bridge-utils tool and run the following command:
Yum install bridge-utils
 
Download bridge-utils-1.4.tar.gz to install bridge-utils-1.4.tar.gz. The steps are as follows:
 
Compile and install bridge-utils
 
(1) go to the/usr/src directory and download bridge-utils-1.4.tar.gz:
 
# Cd/usr/src
# Wget http://launchpad.net/bridgeutils/
Main/1.4/+ download/bridge-utils-
1.4.tar.gz
(2) extract:
 
# Tar zxvf bridge-utils-1.4.tar.gz
Go to the bridge-utils-1.4 Directory:
 
# Cd bridge-utils-1.4
(3) compilation and installation:
 
# Autoconf
Generate the configure file:
 
#./Configure
# Make
# Make install
Compilation and installation are complete. Finally, copy the command brctl to/sbin:
 
# Cp/usr/local/sbin/brctl/sbin
 
 
========================================================== ========================================================== ========================================================== ==============
 
The following is an article for reference:
 
 
There are five hosts. One of the hosts is installed with linux and The Bridge module is installed. There are four physical NICs that connect other hosts in the same network segment. We want it to become a bridge and forward data packets between the other four hosts (IP addresses are 192.168.1.2, 192.168.1.3, 192.168.1.4, and 192.168.1.5 respectively. In addition, to facilitate management, the administrator wants the bridge to have an IP address (192.168.1.1) so that the administrator can telnet to the bridge on the host in the 192.168.1.0/24 network segment and configure it, remote Management.
 
As mentioned in the previous section, the bridge forwards data packets in the same logical network segment. For the above topology, the logical network segment is 192.168.1.0/24. We have a name for this logical CIDR block, br0. First, you must configure such a logical CIDR block.
 
 
 
# Brctl addbr br0 (create a logical network segment named br0)
 
 
 
 
 
In fact, we can regard the logical network segment 192.168.1.0/24 as a VLAN, while br0 is the name of this VLAN.
 
After creating a logical CIDR block, we need to allocate specific ports to the CIDR block. In Linux, a port is actually a physical Nic. The names of each physical network adapter are eth0, eth1, eth2, and eth3. We need to associate each Nic with the network segment br0 one by one as a port in br0.
 
 
 
# Brctl addif br0 eth0 (make eth0 a port of br0)
 
# Brctl addif br0 eth1 (make eth1 a port of br0)
 
# Brctl addif br0 eth0 (make eth2 a port of br0)
 
# Brctl addif br0 eth3 (making eth3 a port of br0)
 
 
 
 
 
Each physical network card of the bridge acts as a port and runs in the hybrid mode and works at the link layer, so no IP address is needed.
 
 
 
# Ifconfig eth0 0.0.0.0
 
# Ifconfig eth1 0.0.0.0
 
# Ifconfig eth2 0.0.0.0
 
# Ifconfig eth3 0.0.0.0
 
 
 
 
 
Configure IP address: 192.168.1.1 for the virtual network card of br0. In this way, the bridge can be remotely managed.
 
 
 
# Ifconfig br0 192.168.1.1
 
 
 
 
 
After the IP address is configured for br0, the bridge will be able to work. Hosts in the 192.168.1.0/24 CIDR block can all be configured by telnet to the bridge.
 
The above configuration is a logical network segment. In fact, the Linux bridge can also be configured into multiple logical network segments (equivalent to dividing multiple VLANs in a switch ).
 
 
 
Another helpful article: http://www.2cto.com/ OS /201202/118320.html
 
========================================================== ========================================================== ======================================
 
 
 
[Root @ xenserver ~] # Brctl -- help
Usage: brctl [commands]
Commands:
Addbr Add bridge
Delbr Delete bridge
Addif Add interface to bridge
Delif Delete interface from bridge
Setageing Set ageing time
Setbridgeprio Set bridge priority
Setfd Set bridge forward delay
Sethello Set hello time
Setmaxage Set max message age
Setpathcost Set path cost
Setportprio Set port priority
Show a list of bridges
Showmacs Show a list of mac addrs
Showstp Show bridge stp info
Stp {On | off} turn stp on/off
 
 
========================================================== ========================================================== ========
Addbr bridge name # Add bridge;
Delbr bridge name # delete bridge;
Addif bridge name: device Name # Add an interface to bridge;
Delif bridge name: device Name # Delete interface from bridge
Setageing bridge name time # set the aging time, that is, the life cycle
Setbridgeprio bridge name Priority # set bridge priority
Setfd bridge name time # set bridge forwarding delay time
Sethello bridge name time # set the hello Time
Setmaxage bridge name time # set the maximum message lifecycle
Setpathcost bridge name port weight # set the path weight
Setportprio bridge name port priority # set Port priority
Show # display the bridge list
Showmacs bridge name # display MAC address
Showstp bridge name # display bridge stp information
Stp bridge name {on | off} # enable/disable stp
 
 
 
Set linux to run bridges and configure bridges
We need to let linux know about the bridge. First, we need to tell it that we want a virtual Ethernet bridge interface: (this will be executed on the host bridge, but it is unclear to see the test scenario)
Root @ bridge: ~> Brctl addbr br0
Second, we do not need STPs (Spanning Tree Protocol. Because we only have one vro, it is absolutely impossible to form a ring. We can disable this function. (This can also reduce packet pollution in the network environment ):
Root @ bridge: ~> Brctl stp br0 off
After these preparations, we can finally do something immediate. We add two (or more) Ethernet physical interfaces, which means we attach them to the newly generated logical (virtual) bridge interface br0.
Root @ bridge: ~> Brctl addif br0 eth0
Root @ bridge: ~> Brctl addif br0 eth1
Now, our two Ethernet physical interfaces have changed to two logical ports on the bridge. The two physical interfaces used to exist and will not disappear in the future. If you don't believe it, check it out .. Now they are part of the logical bridge device, so IP addresses are no longer needed. Next, release these IP addresses.
Root @ bridge: ~> Ifconfig eth0 down
Root @ bridge: ~> Ifconfig eth1 down
Root @ bridge: ~> Ifconfig eth0 0.0.0.0 up
Root @ bridge: ~> Ifconfig eth1 0.0.0.0 up
 
Okay! We now have a box w/o which is not available for any IP address. Now, if you want to configure your firewall or router through TP, you can only use the local control port. Won't you tell me that your machine does not even have a serial port?
Note: The above Red part is actually optional. in the test, I found that even if the original Nic address is not released, the bridge can also work! However, to be more standardized, or to avoid any inexplicable problems, we 'd better follow these four steps as required!
 
Finally, enable the bridge root @ bridge: ~> Ifconfig br0 up
 
Optional. an IP address is assigned to the new bridge interface.
Root @ bridge: ~> Ifconfig br0 10.0.3.129
 
Or combine the last two steps:
Root @ bridge: ~> Ifconfig br0 10.0.3.129 up
There is one more up!
 
Now we are done.
 
Disable the bridge command
 
 
Brctl delif ena eth1;
Brctl delif ena eth0;
Ifconfig ena down;
Brctl delbr ena;


From the column zjl_1026_2001
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.