Steve Totaro wrote:
>My only wish is that Linux had a facility like XP to bridge NICs without
>running all sorts of commands for brctl. Just a GUI like XP. Last time I
>setup a bridge in Linux, I had to change many kernel options and rebuild the
>entire kernel to get bridging working properly. With XP, you just select
>the NICS, right click and select add to bridge.
>For linux, I find that running firestarter, ICS/Firewall is fine, my end
>game is to get all of my traffic to go over an OpenVPN tunnel at my colo
>which is the default gateway over OpenVPN. Windows seems to have the
>easiest method of getting this done.
I've taken to using Debian derivatives lately, so your YMMV, but maybe
this is helpful to you...
I haven't had to rebuild any recent kernels for bridging. I do have to
apt-get bridge-utils, but that's a trivial thing I do on any box I
install. I also typically apt-get other userspace stuff like vlan,
nmap, tcpdump and wireshark, etc.
I've been using the following type of code in /etc/network/interfaces to
effect bridges. When I want to bridge a tap device with openvpn, I do
something similar to establish a bridge at boot time with only one
physical ether attached. Then I put the final brctl add into a script
which is invoked via the up option line in the openvpn conf file. Then
it's all automatic. I don't (yet) know how to do it on other distros.
The following fragment is used to connect to a redundant pair of
asterisks for failover:
# bridge of two ethers for alternative paths to SIP clients
auto eth1
iface eth1 inet static
address 0.0.0.0
netmask 255.255.255.0
auto eth2
iface eth2 inet static
address 0.0.0.0
netmask 255.255.255.0
auto sipbr0
iface sipbr0 inet static
address 192.168.1.13
netmask 255.255.255.0
broadcast 192.168.1.255
network 192.168.1.0
bridge-ports eth1 eth2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3234 bytes
Desc: S/MIME Cryptographic Signature
Url :
http://lists.digium.com/pipermail/asterisk-users/attachments/20081011/053dd71a/attachment.bin