Sometimes you may need to setup network bridge adapter in Linux; particularly during the configuration of KVM (Kernel-based Virtual Machine), and, also while setting up Linux containers.
This network bridge allows virtual machines to have access to the external network and vice-versa, follow this guide to setup network bridge on CentOS 7 / RHEL 7.
Install Module
CentOS 7 comes with bridging module loaded on system boot by default. Use the following command to verify whether the module is loaded or not.
# modinfo bridge filename: /lib/modules/3.10.0-327.el7.x86_64/kernel/net/bridge/bridge.ko alias: rtnl-link-bridge version: 2.3 license: GPL rhelversion: 7.2 srcversion: 905847C53FF43DEFAA0EB3C depends: stp,llc intree: Y vermagic: 3.10.0-327.el7.x86_64 SMP mod_unload modversions signer: CentOS Linux kernel signing key sig_key: 79:AD:88:6A:11:3C:A0:22:35:26:33:6C:0F:82:5B:8A:94:29:6A:B3 sig_hashalgo: sha256
If the module is not loaded, you can load it using the following command.
# modprobe --first-time bridge
Install bridge-utils for controlling the network adaptors.
# yum install bridge-utils -y
Create a Network Bridge on CentOS 7
To create a network bridge, create a file called “ifcfg-virbrN” replacing “N” with a number, such as “0” in the “/etc/sysconfig/network-scripts/“.
# vi /etc/sysconfig/network-scripts/ifcfg-virbr0
If you would like to use the different name for network bridge, then create a file like ifcfg-<bridgename>. Also, update the DEVICE=”<bridgename>” line in the configuration file.
Place the following content into that file, modify it according to your environment.
DEVICE="virbr0" BOOTPROTO="static" IPADDR="192.168.12.10" NETMASK="255.255.255.0" GATEWAY="192.168.12.2" DNS1=192.168.12.2 ONBOOT="yes" TYPE="Bridge" NM_CONTROLLED="no"
Now, it’s the time to modify the network configuration of the existing adaptor in such a way that it points to a bridge interface.
In this guide, I will use my existing adaptor “eno16777736” for bridging.
# vi /etc/sysconfig/network-scripts/ifcfg-eno16777736
Place the content like below.
DEVICE=eno16777736 TYPE=Ethernet BOOTPROTO=none ONBOOT=yes NM_CONTROLLED=no BRIDGE=virbr0
Restart the network using the following command.
# systemctl restart network
Use ifconfig command to see interface details.
# ifconfig eno16777736: flags=4163 mtu 1500 inet6 fe80::20c:29ff:fe6a:692 prefixlen 64 scopeid 0x20 ether 00:0c:29:6a:06:92 txqueuelen 1000 (Ethernet) RX packets 3822 bytes 302382 (295.2 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 192 bytes 42924 (41.9 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73 mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10 loop txqueuelen 0 (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 virbr0: flags=4163 mtu 1500 inet 192.168.12.10 netmask 255.255.255.0 broadcast 192.168.12.255 inet6 fe80::20c:29ff:fe6a:692 prefixlen 64 scopeid 0x20 ether 00:0c:29:6a:06:92 txqueuelen 0 (Ethernet) RX packets 1454 bytes 109258 (106.6 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 179 bytes 34372 (33.5 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Reference:
Redhat Documentation
Thanks for reading. Do let us know your thoughts in comments section.
And if the interface is has a dynamic IP?
Replace it with this.
DEVICE=”virbr0″
BOOTPROTO=”dhcp”
ONBOOT=”yes”
TYPE=”Bridge”
NM_CONTROLLED=”no”
Thanks very a very interesting and useful article. Just two small points:
1. If you set NM_CONTROLLED to No you don’t see the entry under nmcli.
2. Disabling NM_CONTROLL also breaks libvirt connections if the interface/connection is now hidden.
I spent a long time getting this to work and found it best to create the bridge script first with a temporary IP and then reboot and check you can access both addresses. Make a copy of your work ethernet connection script from /etc/sysconfig/network-scripts, and then edit it as above.
This way if you restart the network you should still be able to get in using the temp. IP.
Reboot again and check, and if everything is working, just change the bridge IP back to the proper one and comment-out or remove the NM_CONTROLLED entries and reboot again and everything should be working as expected.