In Linux gateway mode, wired LAN and wireless LAN share network segments are connected within the LAN:
The idea is actually very simple: to create a bridge port with the virtual wired LAN and wireless LAN on this virtual bridge port, and assign an address to this bridge port, and configure the gateway to the bridge port with other subnet microcomputers. Of course, because it is a device or gateway mode, routing and nat are also necessary. If the device itself is in bridge mode, then routing and nat can be saved.
brctl addbr bridge
brctl addif bridge eth0
brctl addif bridge ath0
ifconfig eth0 0.0.0.0
ifconfig bridge 10.0.0.1 netmask 255.255.255.0 up
Add iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to 192.168.2.173
Set both wired and wireless to 10.0.0.* network segment, and you can access it through online neighbors.
Of course, if Linux can work in bridge mode, you must install the bridge tool bridge-utils and run the command:
yum install bridge-utils
Or download bridge-utils-1. For installation, the steps are as follows:
Compile and install bridge-utils
(1) Enter the /usr/src directory and download bridge-utils-1.:
#cd /usr/src
#wget /bridgeutils/
main/1.4/+download/bridge-utils-
1.
(2) Decompression:
#tar zxvf bridge-utils-1.
Enter the bridge-utils-1.4 directory:
#cd bridge-utils-1.4
(3) Compile and install:
#autoconf
Generate the configure file:
#./configure
#make
#make install
Compilation and installation are complete. Finally, copy the command brctl to /sbin:
#cp/usr/local/sbin/brctl/sbin
=========================================================================
Here is a reference article:
There are five hosts. One of the hosts is equipped with linux, has a bridge module, and has four physical network cards to connect to other hosts in the same network segment. We want it to be one
Each bridge is for forwarding packets between the other four hosts (IPs are 192.168.1.2, 192.168.1.3, 192.168.1.4, and 192.168.1.5 respectively). At the same time, for the convenience of management
In principle, I hope that the bridge can have an IP (192.168.1.1), so that the administrator can telnet the bridge on the host in the 192.168.1.0/24 network segment and configure it.
Implement remote management.
As mentioned in the previous section, the bridge forwards data packets on the same logical segment. For the above topology, this logical network segment is the 192.168.1.0/24 network segment. We have a name for this logical segment, br0. First, you need to configure such a logical network segment.
# brctl addbr br0 (Create a logical network segment with the name br0)
In fact, we can think of logical segment 192.168.1.0/24 as making a VLAN, and br0 is the name of this VLAN.
After establishing a logical network segment, we also need to allocate specific ports to this network segment. In Linux, a port is actually a physical network card. And every physical network card
The names of the two are eth0, eth1, eth2, and eth3 respectively. We need to connect each network card one by one with the br0 network segment as a port in br0.
# brctl addif br0 eth0 (let eth0 be a port of br0)
# brctl addif br0 eth1 (let eth1 be a port of br0)
# brctl addif br0 eth0 (let eth2 be a port of br0)
# brctl addif br0 eth3 (let eth3 be a port of br0)
Each physical network card of the bridge is used as a port, running in mixed mode and working at the link layer, so there is no need for IP.
# ifconfig eth0 0.0.0.0
# ifconfig eth1 0.0.0.0
# ifconfig eth2 0.0.0.0
# ifconfig eth3 0.0.0.0
Then configure the IP of br0's virtual network card: 192.168.1.1. That way, the bridge can be managed remotely.
# ifconfig br0 192.168.1.1
After br0 is configured with IP, the bridge will work. The hosts in the 192.168.1.0/24 network segment can all telnet to the bridge to configure it.
The above is configured with a logical network segment. In fact, the Linux bridge can also be configured as multiple logical network segments (equivalent to the division of multiple VLANs in the switch).
Another article that is helpful: http://os/201202/
=====================================================================
[root@xenserver ~]# brctl --help
Usage: brctl [commands]
commands:
addbr <bridge> add bridge
delbr <bridge> delete bridge
addif <bridge> <device> add interface to bridge
delif <bridge> <device> delete interface from bridge
setageing <bridge> <time> set ageing time
setbridgeprio <bridge> <prio> set bridge priority
setfd <bridge> <time> set bridge forward delay
sethello <bridge> <time> set hello time
setmaxage <bridge> <time> set max message age
setpathcost <bridge> <port> <cost> set path cost
setportprio <bridge> <port> <prio> set port priority
show show a list of bridges
showmacs <bridge> show a list of mac addrs
showstp <bridge> show bridge stp info
stp <bridge> {on|off} turn stp on/off
====================================================================
addbr bridge name #add bridge;
delbr bridge name #delete bridge;
addif bridge name device name #add interface to bridge;
delif bridge name device name #delete interface from bridge
The name time of setting bridge #Set the aging time, that is, the survival cycle
setbridgeprio bridge name priority # Set the priority of bridge
setfd bridge name time #Set bridge forwarding delay time
The name time of the sethello bridge #Set hello time
setmaxage bridge name time #Set the maximum life cycle of the message
setpathcost bridge name Port Weight # Set the weight of the path
The name of setportprio bridge Port Priority # Set the priority of the port
show #Show bridge list
The name of showmacs bridge #Show MAC address
showstp bridge name #Show bridge stp information
stp bridge name {on|off} #On/Off stp
Set up linux to make the bridge run. Configure the bridge
1. We need to let linux know about the bridge, first tell it, we want a virtual Ethernet bridge interface: (This will be executed on the host bridge, if you don't know, look at the test scenario)
root@bridge:~> brctl addbr br0
2. Secondly, we do not need STP (spanning tree protocol) etc. Because we only have one router, it is absolutely impossible to form a ring. We can turn off this feature. (This can also reduce packet pollution in the network environment):
root@bridge:~> brctl stp br0 off
3. After these preparations, we can finally do something immediate. We add two (or more) Ethernet physical interfaces, meaning: we attach them to the just generated logical (virtual) bridge interface br0.
root@bridge:~> brctl addif br0 eth0
root@bridge:~> brctl addif br0 eth1
4. Now, our two Ethernet physical interfaces have become two logical ports on the bridge. Those two physical interfaces existed in the past and will not disappear in the future. If you don't believe it, go and have a look. .Now they become part of the logical bridge device, so IP addresses are no longer needed. Let's release these IP addresses below
root@bridge:~> ifconfig eth0 down
root@bridge:~> ifconfig eth1 down
root@bridge:~> ifconfig eth0 0.0.0.0 up
root@bridge:~> ifconfig eth1 0.0.0.0 up
alright! We now have a box w/o that does not have any IP address. OK, now if you want to configure your firewall or router through TP, you can only use the local control port. You won't tell me that there is no serial port on your machine, right?
Note: The red part above is actually optional. During the experiment, I found that the bridge can work even if the original network card address is not released! However, for more standardization, or
In order to avoid any inexplicable problems, it is best to do as required and follow these four steps!
5. Finally, enable the bridge root@bridge:~> ifconfig br0 up
Optional: We assign an IP address to this new bridge interface
root@bridge:~> ifconfig br0 10.0.3.129
Or combine the last two steps into one step:
root@bridge:~> ifconfig br0 10.0.3.129 up
Just one more up!
Now we're done.
Close the bridge command
brctl delif ena eth1;
brctl delif ena eth0;
ifconfig ena down;
brctl delbr ena;
Excerpted from the column of zjl_1026_2001
What is a bridge
A bridge is a technology that realizes relay at the link layer and forwards frames. According to the MAC partition block, collisions can be isolated and collisions can be connected to multiple network segments of the network at the data link layer.
Linux Bridge configuration command: brctl
Configuring the network in Linux generally uses the brctl command. The first thing to do is to install the bridge-utils package using this command is to install the:bridge-utils package.
[inbi@debian~]#apt-get install bridge-utils
[inbi@debian~]#modprobe bridge
[inbi@debian~]#echo "1">/proc/sys/net/ipv4/ip_forward
#Installe the bridge-utils package, load the bridge module and enable kernel forwarding.
[inbi@debian~]#brctl
#Turn directly enter the brctl command to display help information!
Usage: brctl [commands]
commands:
| addbr |
<bridge> |
add bridge |
| delbr |
<bridge> |
delete bridge |
| addif |
<bridge> <device> |
add interface to bridge |
| delif |
<bridge> <device> |
delete interface from bridge |
| setageing |
<bridge> <time> |
set ageing time |
| setbridgeprio |
<bridge> <prio> |
set bridge priority |
| setfd |
<bridge> <time> |
set bridge forward delay |
| sethello |
<bridge> <time> |
set hello time |
| setmaxage |
<bridge> <time> |
set max message age |
| setpathcost |
<bridge> <port> <cost> |
set path cost |
| setportprio |
<bridge> <port> <prio> |
set port priority |
| show |
show a list of bridges |
|
| showmacs |
<bridge> |
show a list of mac addrs |
| showstp |
<bridge> |
show bridge stp info |
| stp |
<bridge> {on|off} |
turn stp on/off |
Add bridge
[inbi@debian~]#brctl addbr br0
#Add a bridge
[inbi@debian~]#ifconfig eth0 0.0.0.0 promisc
[inbi@debian~]#ifconfig eth1 0.0.0.0 promisc
[inbi@debian~]#brctl addif br0 eth0 eth1
#Add two existing network cards to the bridge. At this time, these two network cards work in mixed mode, so there is no need for IP, because the bridge works at the link layer.
[inbi@debian~]#brctl show
#View existing bridges
You can also set an IP for br0, and the machine has been accessed.
[inbi@debian~]#ifconfig br0 10.10.1.1 netmask 255.255.0.0 up
Delete the bridge
[inbi@debian~]#brctl delif br0 eth0 eth1
#Add the interface in the bridge
[inbi@debian~]#brctl delbr br0
#Delete the bridge
Close the spanning tree
[inbi@debian~]#brctl stp br0 off
#Close the spanning tree protocol to reduce packet pollution, because I only have one router here!
Configure bridge boot activation
[inbi@debian~]#echo "modprobe bridge">>/etc/
#Open the bridge module, or echo "bridge">>/etc/modules
[inbi@debian~]#cp /etc/network/interfaces /etc/network/
#Backup, it's convenient for future use!
[inbi@debian~]#vim /etc/network/interfaces
auto lo eth0 eth1 br0
iface lo inet loopback
iface br0 inet static
address 10.10.10.1
netmask 255.255.0.0
gateway 10.10.10.254
pre-up ip link set eth0 promisc on
pre-up ip link set eth1 promisc on
pre-up echo "1">/proc/sys/net/ipv4/ip_forward
bridge_ports eth0 eth1
#Configure eth0 eth1 br0 boots up, eth0 and eth1 have no IP information set. When starting the br0 network card, the mixed mode of eth0 and eth1 is enabled and they are bridged.