Introduction to Linux Bridges

The function of the bridge is similar to the two-layer switch, which is divided into conflict domains, which are preceded by some subtle differences and are not unfolded here.

Linux Bridge as a special Network bridge implementation, have some of their own characteristics, because no look at the code, only from the function of a simple analysis. Personally, the biggest difference between the Linux bridge and the two-tier switch is that the bridge corresponds to a virtual network device that can send and receive packets directly. Because the Linux device itself is also a host, you can send and receive packets directly, you can also accept the packet directly, which makes the function of the Linux bridge a bit similar to the three-layer switch.

The bridge function of Linux is implemented by the bridge module, which can be manipulated by the BRCTL using the IOCTL method at the application layer.

To use a network bridge, first create a network bridge using the following command:

#brctl ADDBR Br0

You can create a network bridge named Br0, and also create a BR0 virtual network device.

The next step is to add the slave device to the bridge, and be aware that the bridge can only bind the Ethernet device, using the following command:

#brctl addif br0 eth0

#brctl addif br0 eth1

Assuming there is also a network device for ETH2, the network structure is now as shown:

From the visible, from the device can not directly with the Network layer protocol to send and receive packets, only through the bridge to relay, so at this time from the device's IP address is no longer useful. In addition, when a network device is added to a network bridge, the device works in promiscuous mode, that is, a packet that receives the destination address for all MAC addresses, and the bridge to determine where the packet is destined, so the MAC address of the device is no longer meaningful. The bridge chooses its smallest MAC address from the device as its own MAC address (rushes).

You can add an IP address for the virtual device that corresponds to the bridge, so that the device is added to the routing system, and the packet is sent and received directly through the device.

In fact, the home wireless router is usually LAN and WLAN (wireless) are bound to the bridge, so that the WLAN and LAN belong to a local area network, they can access the router host (that is, the router's internal Linux host) services, mainly DHCP, A service provided by the router itself, such as the Web Server,samba Server used to configure the router. Because the bridge can only bind Ethernet devices, the wireless device (ATHX) is eventually connected to the Network bridge via an Ethernet device.

When a bridge receives a packet, it decides which port (i.e. slave device) to send the packet to, depending on the MAC address table it learns from, or it can pass to the upper stack directly from its own virtual network device. If it is a broadcast packet, it forwards to all ports and copies a copy of the virtual network device to itself. Each packet that the bridge receives is the MAC address table that updates it.

When a network bridge's virtual network device is to be contracted, it will decide which port to send to or broadcast to all ports, depending on the MAC address table.

It seems that there is nothing to write about the code, that's all.

Introduction to Linux Bridges