NetBSD: Setting up a bridge using two NICs
I've got an odd network setup here at the house. I've got one room that is my "computer room", where I do all of my testing. Then, the rest of the house has numerous computers that the rest of my family uses for the the Internet and other functions. So I won't clog up the network with any funky networking kludge I may do in my computer room, I decided to implement a bridge to segment my network traffic from the rest of my LAN. Normally, I'd use FreeBSD to do something like this, but because of some driver issues, I chose NetBSD for this implementation.
Here are the specs of my machine. I'm sure you could use less for this project, but I had this box laying around:
- Pentium MMX 200 Mhz
- an old Intel motherboard with 4 PCI/ 3 ISA slots
- 128MB PC66 SDRAM
- 2.1 GB 5400 RPM IDE drive.
- 2 D-Link DFE-530TX+ NICs
As mentioned before, I used NetBSD 1.6.1 for the install. One of the benefits of NetBSD is that it is a very minimal install right out of the box. Since all this box will do is bridging, it doesn't need much software at all on it. I did a default install on the box, and I allowed NetBSD to create all of the partitions automatically. Even a default install will put very little software on the system, so disk space wasn't a concern, even with only 2GB of disk space total. I'll leave the reader to check out the http://www.netbsd.org/guide/en/chap-inst.html]NetBSD Installation Guide[/url] to learn how to install NetBSD.
Once the system was installed, I went to work configuring the interfaces. For each interface you need an /etc/ifconfig.foo0 file, where foo0 is the name of the interface. In my case, the D-Link cards use the rtk driver, so I had create two files for my NICs. As root:
You can find the names of your NICs by typing
to view all of your network interfaces.
We'll come back to those files a little later, because we'll need to configure them later. Now that we know what interfaces we'll be using, we need to set up a bridge pseudo-interface. Interestingly enough, the stock NetBSD kernel includes the bridge driver built in, so there's no kernel to rebuild. To create the interface, as root, you would enter:
ifconfig create bridge0
Since the bridge is now an interface, you'd need to make an /etc/ifconfig. file for it:
Since we've got the groundwork laid out, we have to go into some detail here. I want to be able to SSH into this box, so it needs an IP address. Because of how a bridge works, I can assign an IP address to only one interface of the bridge. That's because once the bridge is functioning, a machine on one side of the bridge will be able to ping the IP address of any machine on the other side of the bridge. If you don't need an IP address on your bridge, then you can skip this step. I decided to give my rtk0 interface the IP address:
ifconfig rtk0 inet 192.168.0.20 netmask 255.255.255.0
If we want the machine to retain this IP address after boot, we now need to edit /etc/ifconfig.rtk0 and add the IP address. Mine looks like this:
If you don't need an IP address, then you can simply use ifconfig to bring the interfaces up:
#interface configuration for rtk0:
inet 192.168.0.20 netmask 255.255.255.0
ifconfig rtk0 up
ifconfig rtk1 up
NOTE: If you don't remember to bring your interfaces up, the bridge will not work until you do. For each interface that doesn't have an IP address, you can do this:
echo "up" > /etc/ifconfig.rtk1
where rtk1 is the actual name of your interface.
Now that we're sure our interfaces will stay up, we can now go forward with configuring the bridge0 interface. To do this, we use the brconfig command. This command gives us control over the bridge interface, to add ethernet interfaces or change various options related to the bridge interface's function. To add the ethernet interfaces to the bridge, as root, we'd use this command:
brconfig bridge0 add rtk0 add rtk1
brconfig bridge0 up
The first command adds the interfaces to the bridge, and the second one actually activates the bridge, beginning packet forwarding between the segments. To view the configuration of your newly configured bridge, simply type brconfig -a.
Now, your bridge is up and running. To keep the bridge configuration after a reboot, edit /etc/ifconfig.bridge0:
Now, your bridge will function after a reboot.
# interface configuration for bridge0:
!brconfig bridge0 add rtk0 add rtk1
!brconfig bridge0 up
This bridge has performed quite well for me. I'm thinking that a 486 with less RAM would have been able to do the trick, but I'm working with things I found in my basement. Feel free to PM me with any questions; hopefully I can be of more help.
edited 11-16-03, thanks to James K. Lowden for stylistic advice
< searching keywords >
Registered Linux user #230403! Since March 2001! YAY.
Try doing a forum search or a google search before asking a question. And please don't use HELP! in the topic of your post... it's so lame... Please don't PM me for help-- post a question in the forum instead.
...check out another great forum:
Daniweb.com: where the cool techies unite