透明桥接

来源：互联网发布：流量电话软件编辑：程序博客网时间：2024/05/16 05:00

   关于透明桥接的论述
    The Linux bridge code implements a subset of the ANSI/IEEE 802.1d standard.
    The code for bridging has been integrated into 2.4 and 2.6 kernel series.

    enable bridging in the kernel.
make menu
Set "networking -> 802.1d Ethernet Bridging" to Y or M

    配置

1。网卡准备,因为是桥接，网卡不能设IP地址

Don't set the IP address, and don't let the startup scripts run DHCP
The IP address needs to be set after the bridge has been configured

2.建立桥组 creates a logical bridge instance

brctl addbr bridgename这个instance 也可以象个接口一样，加入其他brdge中

3.将二层接口（无IP地址的口）加入桥组（instance）

Adding devices to a bridge
brctl addif bridgename devicebrctl delif bridgename device

4. 把新生成的网桥（接口形式） up起来

ifconfig bridgenameup

5．检验

5.1 桥接口都连上网线，看能不能当HUB用
5.2 brctl show
[root@demo1 mac]# /usr/sbin/brctl show
bridge name     bridge id               STP enabled     interfaces
test            8000.0050bacecd17       no              eth0
5.3 此时ifconfig -a 应该可以看到一个新的接口test了
[root@demo1 mac]# /sbin/ifconfig -a
eth0      Link encap:Ethernet HWaddr 00:50:BA:CE:CD:17
          inet6 addr: fe80::250:baff:fece:cd17/64 Scope:Link
          Interrupt:12 Base address:0xa000

eth1      Link encap:Ethernet HWaddr 00:E0:4C:85:DB:D5
          inet6 addr: fe80::2e0:4cff:fe85:dbd5/64 Scope:Link
          collisions:0 txqueuelen:1000
          RX bytes:271724 (265.3 KiB) TX bytes:1426141 (1.3 MiB)
          Interrupt:5 Base address:0xdc00
test      Link encap:Ethernet HWaddr 00:50:BA:CE:CD:17
          inet6 addr: fe80::250:baff:fece:cd17/64 Scope:Link
          collisions:0 txqueuelen:0
          RX bytes:36325 (35.4 KiB)

6。设桥组接口的地址

ifconfig bridgenamexxx.xxx.xxx.xxx netmask 255.255.255.0类似SW的SVI接口地址（int vlan 1）
别的PC就可以telnet 上此机
[root@demo1 mac]# /sbin/ifconfig -a
test      Link encap:Ethernet HWaddr 00:50:BA:CE:CD:17
          inet addr:10.4.1.105 Bcast:10.4.255.255 Mask:255.255.0.0
          inet6 addr: fe80::250:baff:fece:cd17/64 Scope:Link
          collisions:0 txqueuelen:0
          RX bytes:36325 (35.4 KiB) TX bytes:9804

    brctl命令
# brctl
# commands:
        addbr           <bridge>                add bridge
        delbr           <bridge>                delete bridge
        addif           <bridge> <device>       add interface to bridge
        delif           <bridge> <device>       delete interface from bridge
        show                                    show a list of bridges
        showmacs        <bridge>                show a list of mac addrs

        setageing       <bridge> <time>         set ageing time
        setbridgeprio   <bridge> <prio>         set bridge priority
        setfd           <bridge> <time>         set bridge forward delay
        sethello        <bridge> <time>         set hello time
        setmaxage       <bridge> <time>         set max message age
        setpathcost     <bridge> <port> <cost> set path cost
        setportprio     <bridge> <port> <prio> set port priority
        showstp         <bridge>                show bridge stp info
        stp             <bridge> <state>        turn stp on/off

显示当前桥组

[root@demo1 mac]# /usr/sbin/brctl show
bridge name bridge id STP enabled interfaces
test 8000.0050bacecd17 no eth0

建立桥组（bridge instance）

brctl addbr bridgename

删掉桥组（bridge instance）

brctl delbr bridgename

将物理接口加如桥组

brctl addif bridgename device

将物理接口从桥组移出

brctl delif bridgename device

显示桥接表（CAM）

# brctl showmacs br549
port no mac addr                is local?       ageing timer
   1     00:00:4c:9f:0b:ae       no                17.84
   1     00:00:4c:9f:0b:d2       yes                0.00
   2     00:00:4c:9f:0b:d3       yes                0.00
   1     00:02:55:1a:35:09       no                53.84
   1     00:02:55:1a:82:87       no                11.53

    一个基本的桥接shell script： eth0,eth1桥接script

[root@demo1 mac]# cat /root/bridge
#! /bin/sh
# ifconfig eth0 0.0.0.0
# ifconfig eth1 0.0.0.0

/usr/sbin/brctl addbr test

/usr/sbin/brctl addif test eth0
/usr/sbin/brctl addif test eth1

/sbin/ifconfig test up
/sbin/ifconfig test 10.4.1.105 netmask 255.255.0.0[root@demo1 mac]# vi /etc/rc.local

#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.

/root/bridge
touch /var/lock/subsys/local


    任何linux主机都可以设桥接，哪怕是单网卡主机
只要设桥接
接口为桥组成员
再设桥接口地址（SVI接口地址），就可以了