Network bridging on bonders

Bonders frequently have unused Ethernet ports. For example, a CPE may have six Ethernet ports but only two legs. One interface is required to connect to the customer’s LAN through a switch, but it is also possible to use the other three ports to connect customer devices to the bonded network. This is known as bridging, and can in some cases eliminate the need for an Ethernet switch at the customer’s site.

The default configuration of a bonder with six Ethernet ports and only two legs is as follows:

image0

In this layout, three of the six Ethernet ports are unused.

With some manual configuration, the configuration can be set up as follows:

image1

A virtual interface br0 has been created, which hosts the connected IP. Eth1 and eth3 are bridged to br0. Eth4 and eth5 could be added to the bridge as well, although this is not shown in the example.

Limitations

Bridged interfaces do not work with TCP proxy. This will be addressed in a future version of Bonded Internet.

Configuration

Follow these instructions to configure a bridge on a CPE.

Bonder configuration

Install the bridge-utils package.

apt-get install bridge-utils

Configure the bridge in /etc/network/interfaces. Add a block defining the bridge br0, listing the member interfaces.

auto br0
iface br0 inet manual
    bridge_ports eth0 eth3

This block defines the bridge br0 that includes the interfaces eth0 and eth3.

Add a definition for each of the member interfaces.

iface <member interface> inet manual

For example:

iface eth3 inet manual

For example, the interfaces file for a bonder with eth0 and eth3 bridged would be as follows:

/etc/network/interfaces

# Installed by bonding package
auto lo
iface lo inet loopback

iface eth0 inet manual

iface eth3 inet manual

auto br0
iface br0 inet static
    address 10.207.35.254
    netmask 255.255.255.248
    bridge_ports eth0 eth3

Interfaces that are part of a bridge cannot have any other IPs assigned to them. If eth0 is bridged, it will no longer have the 10.207.35.254/29 troubleshooting IP assigned to it. However, with the above configuration, that IP is added to the bridge.

By default, Spanning Tree Protocol (STP) is disabled on the bridge. To change STP and other bridge settings, refer to this Debian guide: https://wiki.debian.org/BridgeNetworkConnections.

Routing configuration

In the management server, add or change the connected IP. Instead of setting it to an Ethernet interface such as eth0, set the interface to br0. For example:

image2

To finalize the configuration, reboot the CPE.

reboot

Test

On the bonder, verify that the bridge has been configured and the interface has the expected IP.

root@example:~# ip addr show dev br0
5: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
 link/ether 00:0d:b9:2c:5b:18 brd ff:ff:ff:ff:ff:ff
 inet 10.207.35.254/29 brd 10.207.35.255 scope global br0
 inet 203.0.113.1/28 brd 203.0.113.15 scope global br0
 inet6 fe80::20d:b9ff:fe2c:5b18/64 scope link
     valid_lft forever preferred_lft forever
root@example:~# brctl show br0
bridge name bridge id         STP enabled interfaces
br0         8000.000db92c5b18 no          eth0
                                          eth3

Configure a host with an IP in the connect IP subnet and connect it to one of the bridged interfaces. Verify that it can ping the connected IP. Disconnect it, give it a different IP in the subnet, and connect it to one of the other bridged interfaces. Again, verify that it can ping the connected IP.