Linux 系統架設 Bridge mode(橋接模式)

Fedora core 1 kernel 2.4.xx

01.   cd /usr/src/linux-2.4.25

02.   wget ebtables-brnf-5_vs_2.4.25.diff.gz

03.   zcat ebtables-brnf-5_vs_2.4.25.diff.gz | patch -p1

04.   make mrproper

05.   make menuconfig

a. (將 802.1d Ethernet Bridging 與 Bridge: ebtables (NEW) 及其子項目全選)

b.  Code maturity level options
[*] Prompt for development and/or incomplete code/drivers
Loadable module support
[*] Enable loadable module support
        [*] Set version information on all module symbols
[*] Kernel module loader
Networking options
[*] Network packet filtering (replaces ipchains)
[*] Network packet filtering debugging

P: Netfilter Configuration —>
<M> 802.1d Ethernet Bridging
[*] netfilter (firewalling) support

06.   make dep

07.   make clean

08.   make bzImage

09.   make modules

10.   make modules_install

11.   make install

12.   reboot

13.   modprobe bridge

14.   apt-get install bridge-utils

15.   apt-get install ebtables   (安裝套件之後就可用iptables + bridge，於fc4安裝時，沒有用到這個)

16.   brctl addbr br0                (新增一個虛擬的bridge interface name)

17.   brctl stp br0 off               (關閉spanning tree protocol)

18.   brctl addif br0 eth0

19.   brctl addif br0 eth1         (將eth0、eth1附加到新增的br0)

20.   ifconfig eth0 down

21.   ifconfig eth1 down

22.   ifconfig eth0 0.0.0.0 up

23.   ifconfig eth1 0.0.0.0 up        (eth0、eth1不需要 ip address)

24.   ifconfig br0 10.10.1.75 netmask 255.0.0.0 up        (指定一個 ip address給 br0)

25.   echo "1" > /proc/sys/net/ipv4/ip_forward

26.   route add default gw 10.10.1.1        (手動新增一個 gateway)

Fedora core 2
1.   從上面第十三項開始

2.   ifconfig

3.   route -n

附註:
如何移除 Bridge模式
brctl delif br0 eth0
ifconfig br0 down
brctl delbr br0

寫了一 Shell script用於開機時啟動，詳看 http://ssorc.tw/?p=89

Bridge + kernel

讓 /etc/sysconfig/network-srcipt/裡的設定檔支援 bridge mode

在 ifcfg 設定bridge mode，必需先將bridge編入kernel，而不是module

Networking —>
    Networking Options —>
        [*] Network packet filtering (replaces ipchains) —>
            [*] Bridge IP/ARP packets filtering
                Bridge: Netfilter Configuration —>
                    <*> Ethernet Bridge tables (ebtables) support

        [*] 802.1d Ethernet Bridging

vi ifcfg-br0

DEVICE=br0
TYPE=Bridge
IPADDR=192.168.1.254
NETMASK=255.255.255.0
ONBOOT=yes

vi ifcfg-eth0

DEVICE=eth0
TYPE=ETHER
BRIDGE=br0
ONBOOT=yes

vi ifcfg-eth1

DEVICE=eth1
TYPE=ETHER
BRIDGE=br0
ONBOOT=yes

附註

記得安裝bridge-utils

[Q1.] 在/etc/sysconfig/network-scripts，使用ifcfg-br0:111設定alias

[A1.] 失敗?

[Q2.] more /var/log/messages

kernel: Dead loop on virtual device br0, fix it urgently!

[A2.] >>>???