Bridge

오픈소스 비즈니스 컨설팅
이동: 둘러보기, 검색

Bridge를 정리 합니다.

Bridge 개요

  • OSI Layer 2 계층에서 네트워크를 연결

Linux Bridge

Linux Bridge 설치

yum install bridge-utils
  • vi /etc/sysctl.conf : IP Forward 설정
net.ipv4.ip_forward = 1			#--- Enable Routing, Enable NAT
### net.ipv4.conf.eth0.proxy_arp = 1	#--- Enable Routing

### net.bridge.bridge-nf-call-ip6tables = 0	#--- Disable NetFilter on Bridge
### net.bridge.bridge-nf-call-iptables = 0	#--- Disable NetFilter on Bridge
### net.bridge.bridge-nf-call-arp6tables = 0	#--- Disable NetFilter on Bridge
  • Linux Bridge 사용
sysctl -p /etc/sysctl.conf			#--- 변경한 설정 반영
sysctl -a | grep net.ipv4.ip_forward		#--- 설정 조회

service NetworkManager stop
chkconfig NetworkManager off

service network restart
chkconfig network on

brctl 명령

brctl show             #--- Bridge 조회
brctl addbr br0        #--- br0 Bridge 추가
brctl delbr br0        #--- br0 Bridge 삭제
brctl addif br0 eth0   #--- br0 Bridge에 eth0 NIC 추가
brctl delif br0 eth0   #--- br0 Bridge에 eth0 NIC 삭제
brctl stp br0 off      #--- br0 Bridge에서 stp off (off : default)

Bridge 설정

  • br0 Bridge 추가
brctl addbr br0
  • vi /etc/sysconfig/network-scripts/ifcfg-br0
DEVICE=br0
TYPE=Bridge
BOOTPROTO=static
IPADDR=192.168.100.101
NETMASK=255.255.255.0
GATEWAY=192.168.100.1
ONBOOT=yes
DNS1=164.124.101.2
DNS2=203.231.11.118
  • vi /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
TYPE=Ethernet
BOOTPROTO=static
ONBOOT=yes
BRIDGE=br0
USRCTL=no
IP6INIT=no
  • vi /etc/sysconfig/network-scripts/ifcfg-eth2
DEVICE=eth2
TYPE=Ethernet
BOOTPROTO=static
ONBOOT=yes
BRIDGE=br0
USRCTL=no
IP6INIT=no
  • 네트워크 서비스 재기동
service network restart
ifconfig -a
brctl show			#--- Bridge 정보 조회

Linux VLAN

  • vlan101 (id = 101) VLAN 생성
  • vlan101@eth0
ip link add link eth0 name vlan101 type vlan id 101
ip link set vlan101 up
ip -d link show vlan101
  • vlan101 VLAN 삭제
ip link set vlan101 down
ip link delete vlan101
ip -d link show vlan101
  • vi /etc/sysconfig/network-scripts/ifcfg-vlan5 (id = 5)
  • vlan5@eth0
DEVICE=vlan5
VLAN=yes
PHYSDEV=eth0
TYPE=Ethernet
BOOTPROTO=static
IPADDR=10.254.5.254
NETMASK=255.255.255.0
VLAN_NAME_TYPE=VLAN_PLUS_VID_NO_PAD
ONBOOT=yes
  • vi /etc/sysconfig/network-scripts/ifcfg-eth0.5 (id = 5)
  • vlan5@eth0
DEVICE=eth0.5
VLAN=yes
TYPE=Ethernet
BOOTPROTO=static
IPADDR=10.254.5.254
NETMASK=255.255.255.0
ONBOOT=yes

참고 문헌