透明桥接

   关于透明桥接的论述
      The Linux bridge code implements a subset of the ANSI/IEEE 802.1d standard.
      The code for bridging has been integrated into 2.4 and 2.6 kernel series.

      enable bridging in the kernel.
make menu
Set "networking -> 802.1d Ethernet Bridging" to Y or M


      配置

• 1。 网卡准备,因为是桥接，网卡不能设IP地址

Don't set the IP address, and don't let the startup scripts run DHCP
The IP address needs to be set after the bridge has been configured

• 2.建立桥组 creates a logical bridge instance

brctl addbr bridgename

这个instance 也可以象个接口一样，加入其他brdge中

• 3.将二层接口（无IP地址的口）加入桥组（instance）

Adding devices to a bridge

brctl addif bridgename device

brctl delif  bridgename device

• 4. 把新生成的网桥（接口形式） up起来

ifconfig bridgename up

• 5．检验

5.1 桥接口都连上网线，看能不能当HUB用
5.2  brctl show

[root@demo1 mac]# /usr/sbin/brctl show bridge name     bridge id               STP enabled     interfaces test            8000.0050bacecd17       no              eth0

5.3 此时ifconfig -a 应该可以看到一个新的接口test了

[root@demo1 mac]# /sbin/ifconfig -a eth0      Link encap:Ethernet  HWaddr 00:50:BA:CE:CD:17             inet6 addr: fe80::250:baff:fece:cd17/64 Scope:Link           Interrupt:12 Base address:0xa000 eth1      Link encap:Ethernet  HWaddr 00:E0:4C:85:DB:D5             inet6 addr: fe80::2e0:4cff:fe85:dbd5/64 Scope:Link           collisions:0 txqueuelen:1000           RX bytes:271724 (265.3 KiB)  TX bytes:1426141 (1.3 MiB)           Interrupt:5 Base address:0xdc00 test      Link encap:Ethernet  HWaddr 00:50:BA:CE:CD:17             inet6 addr: fe80::250:baff:fece:cd17/64 Scope:Link           collisions:0 txqueuelen:0           RX bytes:36325 (35.4 KiB)

• 6。设桥组接口的地址

ifconfig bridgename xxx.xxx.xxx.xxx netmask 255.255.255.0

类似SW的 SVI接口地址（int vlan 1）
别的PC就可以telnet 上此机

[root@demo1 mac]# /sbin/ifconfig -a test      Link encap:Ethernet  HWaddr 00:50:BA:CE:CD:17             inet addr:10.4.1.105  Bcast:10.4.255.255  Mask:255.255.0.0           inet6 addr: fe80::250:baff:fece:cd17/64 Scope:Link           collisions:0 txqueuelen:0           RX bytes:36325 (35.4 KiB)  TX bytes:9804

      brctl命令
# brctl
# commands:
              addbr                    <bridge>                              add bridge
              delbr                    <bridge>                              delete bridge
              addif                    <bridge> <device>            add interface to bridge
              delif                    <bridge> <device>            delete interface from bridge
              show                                                                      show a list of bridges
              showmacs              <bridge>                              show a list of mac addrs

              setageing            <bridge> <time>                set ageing time
              setbridgeprio    <bridge> <prio>                set bridge priority
              setfd                    <bridge> <time>                set bridge forward delay
              sethello              <bridge> <time>                set hello time
              setmaxage            <bridge> <time>                set max message age
              setpathcost        <bridge> <port> <cost>  set path cost
              setportprio        <bridge> <port> <prio>  set port priority
              showstp                <bridge>                              show bridge stp info
              stp                        <bridge> <state>              turn stp on/off

•  显示当前桥组

[root@demo1 mac]# /usr/sbin/brctl show bridge name     bridge id               STP enabled     interfaces test            8000.0050bacecd17       no              eth0

• 建立桥组（bridge instance） 

brctl addbr bridgename

• 删掉桥组（bridge instance）  

brctl delbr bridgename

• 将物理接口加如桥组 

brctl addif bridgename device

•   将物理接口从桥组移出 

brctl delif  bridgename device

• 显示桥接表（CAM）

# brctl showmacs br549  port no mac addr                is local?       ageing timer    1     00:00:4c:9f:0b:ae       no                17.84    1     00:00:4c:9f:0b:d2       yes                0.00    2     00:00:4c:9f:0b:d3       yes                0.00    1     00:02:55:1a:35:09       no                53.84    1     00:02:55:1a:82:87       no                11.53

 



      一个基本的桥接shell script： eth0,eth1桥接script

[root@demo1 mac]# cat /root/bridge #! /bin/sh # ifconfig eth0 0.0.0.0 # ifconfig eth1 0.0.0.0 /usr/sbin/brctl addbr test /usr/sbin/brctl addif test eth0 /usr/sbin/brctl addif test eth1 /sbin/ifconfig test up /sbin/ifconfig test 10.4.1.105 netmask 255.255.0.0

[root@demo1 mac]# vi /etc/rc.local #!/bin/sh # # This script will be executed *after* all the other init scripts. # You can put your own initialization stuff in here if you don't # want to do the full Sys V style init stuff. /root/bridge touch /var/lock/subsys/local

                                                                                                                                                         
      任何linux主机都可以设桥接，哪怕是单网卡主机
只要设桥接
接口为桥组成员
再设桥接口地址（SVI接口地址），就可以了