I've got an odd network setup here at the house. I've got one room that is my "computer room", where I do all of my testing. Then, the rest of the house has numerous computers that the rest of my family uses for the the Internet and other functions. So I won't clog up the network with any funky networking kludge I may do in my computer room, I decided to implement a bridge to segment my network traffic from the rest of my LAN. Normally, I'd use FreeBSD to do something like this, but because of some driver issues, I chose NetBSD for this implementation.

Here are the specs of my machine. I'm sure you could use less for this project, but I had this box laying around:

  • Pentium MMX 200 Mhz
  • an old Intel motherboard with 4 PCI/ 3 ISA slots
  • 128MB PC66 SDRAM
  • 2.1 GB 5400 RPM IDE drive.
  • 2 D-Link DFE-530TX+ NICs

As mentioned before, I used NetBSD 1.6.1 for the install. One of the benefits of NetBSD is that it is a very minimal install right out of the box. Since all this box will do is bridging, it doesn't need much software at all on it. I did a default install on the box, and I allowed NetBSD to create all of the partitions automatically. Even a default install will put very little software on the system, so disk space wasn't a concern, even with only 2GB of disk space total. I'll leave the reader to check out the http://www.netbsd.org/guide/en/chap-inst.html]NetBSD Installation Guide[/url] to learn how to install NetBSD.

Once the system was installed, I went to work configuring the interfaces. For each interface you need an /etc/ifconfig.foo0 file, where foo0 is the name of the interface. In my case, the D-Link cards use the rtk driver, so I had create two files for my NICs. As root:

touch /etc/ifconfig.rtk0
touch /etc/ifconfig.rtk1

You can find the names of your NICs by typing

ifconfig -a

to view all of your network interfaces.

We'll come back to those files a little later, because we'll need to configure them later. Now that we know what interfaces we'll be using, we need to set up a bridge pseudo-interface. Interestingly enough, the stock NetBSD kernel includes the bridge driver built in, so there's no kernel to rebuild. To create the interface, as root, you would enter:

ifconfig create bridge0

Since the bridge is now an interface, you'd need to make an /etc/ifconfig. file for it:

touch /etc/ifconfig.bridge0

Since we've got the groundwork laid out, we have to go into some detail here. I want to be able to SSH into this box, so it needs an IP address. Because of how a bridge works, I can assign an IP address to only one interface of the bridge. That's because once the bridge is functioning, a machine on one side of the bridge will be able to ping the IP address of any machine on the other side of the bridge. If you don't need an IP address on your bridge, then you can skip this step. I decided to give my rtk0 interface the IP address:

ifconfig rtk0 inet netmask

If we want the machine to retain this IP address after boot, we now need to edit /etc/ifconfig.rtk0 and add the IP address. Mine looks like this:

#interface configuration for rtk0:
inet netmask
If you don't need an IP address, then you can simply use ifconfig to bring the interfaces up:

ifconfig rtk0 up
ifconfig rtk1 up

NOTE: If you don't remember to bring your interfaces up, the bridge will not work until you do. For each interface that doesn't have an IP address, you can do this:

echo "up" > /etc/ifconfig.rtk1

where rtk1 is the actual name of your interface.

Now that we're sure our interfaces will stay up, we can now go forward with configuring the bridge0 interface. To do this, we use the brconfig command. This command gives us control over the bridge interface, to add ethernet interfaces or change various options related to the bridge interface's function. To add the ethernet interfaces to the bridge, as root, we'd use this command:

brconfig bridge0 add rtk0 add rtk1
brconfig bridge0 up

The first command adds the interfaces to the bridge, and the second one actually activates the bridge, beginning packet forwarding between the segments. To view the configuration of your newly configured bridge, simply type brconfig -a.

Now, your bridge is up and running. To keep the bridge configuration after a reboot, edit /etc/ifconfig.bridge0:

# interface configuration for bridge0:
!brconfig bridge0 add rtk0 add rtk1
!brconfig bridge0 up
Now, your bridge will function after a reboot.

This bridge has performed quite well for me. I'm thinking that a 486 with less RAM would have been able to do the trick, but I'm working with things I found in my basement. Feel free to PM me with any questions; hopefully I can be of more help.

edited 11-16-03, thanks to James K. Lowden for stylistic advice

< searching keywords >