============================
Network bridging on bonders
============================

Bonders frequently have unused Ethernet ports. For example, a CPE may
have six Ethernet ports but only two legs. One interface is required to
connect to the customer's LAN through a switch, but it is also possible
to use the other three ports to connect customer devices to the bonded
network. This is known as bridging, and can in some cases eliminate the
need for an Ethernet switch at the customer's site.

The default configuration of a bonder with six Ethernet ports and only
two legs is as follows:

|image0|

In this layout, three of the six Ethernet ports are unused.

With some manual configuration, the configuration can be set up as
follows:

|image1|

A virtual interface br0 has been created, which hosts the connected IP.
Eth1 and eth3 are bridged to br0. Eth4 and eth5 could be added to the
bridge as well, although this is not shown in the example.

Limitations
------------

Bridged interfaces do not work with TCP proxy. This will be addressed in
a future version of Bonded Internet.

Configuration
--------------

Follow these instructions to configure a bridge on a CPE.

Bonder configuration
+++++++++++++++++++++

Install the ``bridge-utils`` package.

::

    apt-get install bridge-utils

Configure the bridge in /etc/network/interfaces. Add a block defining
the bridge br0, listing the member interfaces.

::

    auto br0
    iface br0 inet manual
        bridge_ports eth0 eth3

This block defines the bridge br0 that includes the interfaces eth0 and
eth3.

Add a definition for each of the member interfaces.

::

    iface <member interface> inet manual

For example:

::

    iface eth3 inet manual

For example, the interfaces file for a bonder with eth0 and eth3 bridged
would be as follows:

**/etc/network/interfaces**

::

    # Installed by bonding package
    auto lo
    iface lo inet loopback

    iface eth0 inet manual

    iface eth3 inet manual

    auto br0
    iface br0 inet static
        address 10.207.35.254
        netmask 255.255.255.248
        bridge_ports eth0 eth3

Interfaces that are part of a bridge cannot have any other IPs assigned
to them. If eth0 is bridged, it will no longer have the
`10.207.35.254/29 troubleshooting IP <../nodes/accessing-a-node.html>`__
assigned to it. However, with the above configuration, that IP is added
to the bridge.

By default, Spanning Tree Protocol (STP) is disabled on the bridge. To
change STP and other bridge settings, refer to this Debian
guide: https://wiki.debian.org/BridgeNetworkConnections.

Routing configuration
++++++++++++++++++++++

In the management server, add or change the connected IP. Instead of
setting it to an Ethernet interface such as eth0, set the interface to
br0. For example:

|image2|

To finalize the configuration, reboot the CPE.

::

    reboot

Test
-----

On the bonder, verify that the bridge has been configured and the
interface has the expected IP.

::

    root@example:~# ip addr show dev br0
    5: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
     link/ether 00:0d:b9:2c:5b:18 brd ff:ff:ff:ff:ff:ff
     inet 10.207.35.254/29 brd 10.207.35.255 scope global br0
     inet 203.0.113.1/28 brd 203.0.113.15 scope global br0
     inet6 fe80::20d:b9ff:fe2c:5b18/64 scope link
         valid_lft forever preferred_lft forever
    root@example:~# brctl show br0
    bridge name bridge id         STP enabled interfaces
    br0         8000.000db92c5b18 no          eth0
                                              eth3

Configure a host with an IP in the connect IP subnet and connect it to
one of the bridged interfaces. Verify that it can ping the connected IP.
Disconnect it, give it a different IP in the subnet, and connect it to
one of the other bridged interfaces. Again, verify that it can ping the
connected IP.


.. |image0| image:: /attachments/3670419/3932167.png
.. |image1| image:: /attachments/3670419/3932168.png
.. |image2| image:: /attachments/3670419/3932166.png
