Linux Ethernet Bridging - Jun 2010 - [Bridge] What are actually ethernet devices (and what does a bridge do?).

Hello,

I'm trying to set up bridged interfaces for my LinuxFromScratch
machine, to make it possible to run virtual machines
which should have direct access to the network.

The way to do is to use a bridge, which allows to attach more than one
(virtual) device to a (physical) device.

Now when reading on the internet all about sollutions to to that,
there are a lot, and I am losing the oversight:
do not see the wood through the trees like we use to say in Holland.

Now what strikes me first is that in a lot of cases a bridge is
getting an ip address, which is (I think) not right.
An bridge connects connects devices, and these devices should get the
ip address, not the bridge self!

Looking futher at what an ethernet device is (in Linux), is that it
actually two things at the same time. When
making the Linux host set up the network ethernet devices, it does two
things: bring up the hardware link with

ip link set eth0 up

(when the ethernet device is eth0)

This command is doing something in what is defined in the OSI model as
physical layer.

When success, the device is assigned an ip address, in my case an ipv4 address:

ip addr add 192.168.0.13/255.255.255.0 dev eth0

This has only meaning in another layer, I'm not sure which, probably
the Network Layer.
On my system this operation is called service ipv4-static.

Its working on the eth0 interface which happens to have the same name
as the hardware link.

I'm only thinking out loud, please correct me if I'm on the wrong track.

So it's good to know this command is doing something in that layer.

So what does a bridge do when chaining a virtual device to an physical device?
It creates an interface in the network layer, and linking it to an
existing physical device.

Now every service, like the assigning of an ipv4 address, is possible
on the virtual device.

So again, I do not understand why the bridge self is getting an ip
address. It's a network device
to connect other devices to, replacing the original phyical device.

It does exist in the network layer, and not in the hardware layer.

Does my analysis make sense?

Stef

The host processor which does the bridging, can also act as a node
sending and receiving traffic to the bridged network.  What you see as
the "IP address of the bridge" is actually the configuration of the
interface representing this connection to the host processor.

Packets generated on the bridge host use this IP address as the source
address, packets sent to this IP address are processed locally on the
bridge host and not forwarded.

On Wed, Jun 30, 2010 at 4:37 AM, Stef Bon <stefbon at gmail.com>
wrote:
> Hello,
>
> I'm trying to set up bridged interfaces for my LinuxFromScratch
> machine, to make it possible to run virtual machines
> which should have direct access to the network.
>
> The way to do is to use a bridge, which allows to attach more than one
> (virtual) device to a (physical) device.
>
> Now when reading on the internet all about sollutions to to that,
> there are a lot, and I am losing the oversight:
> do not see the wood through the trees like we use to say in Holland.
>
> Now what strikes me first is that in a lot of cases a bridge is
> getting an ip address, which is (I think) not right.
> An bridge connects connects devices, and these devices should get the
> ip address, not the bridge self!
>
> Looking futher at what an ethernet device is (in Linux), is that it
> actually two things at the same time. When
> making the Linux host set up the network ethernet devices, it does two
> things: bring up the hardware link with
>
> ip link set eth0 up
>
> (when the ethernet device is eth0)
>
> This command is doing something in what is defined in the OSI model as
> physical layer.
>
> When success, the device is assigned an ip address, in my case an ipv4
address:
>
> ip addr add 192.168.0.13/255.255.255.0 dev eth0
>
> This has only meaning in another layer, I'm not sure which, probably
> the Network Layer.
> On my system this operation is called service ipv4-static.
>
> Its working on the eth0 interface which happens to have the same name
> as the hardware link.
>
> I'm only thinking out loud, please correct me if I'm on the wrong
track.
>
> So it's good to know this command is doing something in that layer.
>
> So what does a bridge do when chaining a virtual device to an physical
device?
> It creates an interface in the network layer, and linking it to an
> existing physical device.
>
> Now every service, like the assigning of an ipv4 address, is possible
> on the virtual device.
>
> So again, I do not understand why the bridge self is getting an ip
> address. It's a network device
> to connect other devices to, replacing the original phyical device.
>
> It does exist in the network layer, and not in the hardware layer.
>
> Does my analysis make sense?
>
> Stef
> _______________________________________________
> Bridge mailing list
> Bridge at lists.linux-foundation.org
> https://lists.linux-foundation.org/mailman/listinfo/bridge
>

On 06/30/2010 05:37 AM, Stef Bon wrote:
> Now what strikes me first is that in a lot of cases a bridge is
> getting an ip address, which is (I think) not right.
> An bridge connects connects devices, and these devices should get the
> ip address, not the bridge self!
It depends what you're trying to do.

Giving the bridge an IP address can allow you to do some things that 
might otherwise be difficult, by allowing you to do interesting things 
to the underlying interfaces and the bridge itself.

For instance, you could do this to receive packets destined for that IP 
address on any interface in the bridge.

Another use would be to ensure (by setting the ageing to zero) that any 
packet sent from your IP address goes out all of the interfaces. This is 
useful for mirroring/sniffing setups.

--Jeff