Home | /b/

Setup network bridge with a single ethernet port on linux

This allows you to emulate having multiple network ports! Very useful to have "independent" network stacks of QEMU vm's

whole script: 
#!/bin/bash
ether=eth1
bridge=br0
addr=192.168.1.5/24 # note the /24
gateway=192.168.18.1

# shut dhcpcd interfering
dhcpcd -k "$ether"

ip link add name "$bridge" type bridge
ip link set dev "$bridge" up
ip link set dev "$ether" up

ip link set "$ether" master "$bridge"

ip address add "$addr" dev "$bridge"

# start routing from here
ip route append default via "$gateway" dev "$bridge"
This setups the bridge interface. It does not add or manage the TUN devices.
If things go wrong, just reboot your machine.

WHY

 (section added by popular request)

Having multiple interfaces allows you to have multiple addresses!
My case is to give my QEMU vm it's own networking stack. This means i don't need to forward any ports!
Imagine this: all 3 vms have their own ip addresses, and you can just ssh vm-ip instead of ssh -p 8022 vm-ip!

There's no NAT or any firewall between your actual network and the network the VM uses. This could be a problem, but also a great simplification!

My main use case is just to treat multiple independent VMs as if they were physical devices on the network.

Another usecase is to isolate the VMs from your main network. In this case, they will share a bridge, disconnected from main interface. Then, they can only talk with each other, but not with the network.

As i understand, it won't quite work like this, so you need additional steps.

Explanations

  1. Add bridge device
    2. ip link add name br0 type bridge
    This setups a new bridge device. A bride device is one that works on the link layer of OSI model. It does not care about IP addresses, however to simplify, we'll give it an ip address and make it the default device. This layer should forward packets to their destination by noting the mac address in the packets.

  2. Make sure bridge and the physical interface is UP
    3. ip link set dev br0 up
ip link set dev eth0 up
    Before adding the device, make sure both of them are UP and working. In my case, the ethernet cable was not plugged in, so i had to plug it in before continuing.

  3. Make sure the physical or bridge interface don't have any address associated with them.
    4. If you're using DHCP (default everywhere) then services will try to get addresses themselves. You need to stop those services and manage the address yourself. Ofcourse, you can have DHCP with a bridge by having the dhcp client attach to the bridge interface (or whatever underlying interface you want) instead. By default, those daemons also setup routes so it's just eay to kill them.

    For my case, it was just dhcpcd. Yours may be NetworkManager or whatever. 

    dhcpcd -k eth0
    Then make sure both br0 and eth0 don't have any addresses. 
    ip address br0
ip address eth0

  4. Add device to bridge
    5. ip link set eth0 master br0

  5. Give the bridge an address
    6. Here, we give the bridge itself an address. I couldn't get it to work by giving the eth0 interface an address instead --- which i would have preferred. 
    ip address add 192.168.1.2/24 dev br0
    Note the /24.

  6. Add default route via the bridge
    7. ip route append default via 192.168.1.1 dev br0
    where 192.168.1.1 is the gateway address.