Setting up a Software Bridge on Top of a Teamed Device on RHEL 7 | Lisenet.com :: Linux | Security

We are going to setup a bridged network interface on top of a teamed link.

Before We Begin

We use a RHEL 7.1 virtual machine with a teamed interface that we configured some time ago.

# nmcli c
NAME     UUID                                  TYPE            DEVICE
slave2   eabb15cc-2bb7-4fc1-a52f-47268137cb09  802-3-ethernet  enp0s8
slave1   6d420cc6-cba4-4561-b9ae-17af025987ce  802-3-ethernet  enp0s17
myteam0  9691a92f-03dc-48b2-951d-a2b73721f8bc  team            myteam0

# ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp0s8: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master myteam0 state UP qlen 1000
    link/ether 08:00:27:ff:72:02 brd ff:ff:ff:ff:ff:ff
3: enp0s17: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master myteam0 state UP qlen 1000
    link/ether 08:00:27:ff:72:02 brd ff:ff:ff:ff:ff:ff
4: myteam0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
    link/ether 08:00:27:ff:72:02 brd ff:ff:ff:ff:ff:ff
    inet 10.8.8.72/24 brd 10.8.8.255 scope global myteam0
       valid_lft forever preferred_lft forever
    inet6 fc00::a:b:c:72/64 scope global
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:feff:7202/64 scope link
       valid_lft forever preferred_lft forever

Configure Software Bridge

Be advised that we use console and not Secure Shell (SSH). If we misconfigure something, network connection might and likely will be dropped.

Install the bridge-utils package:

# yum install -y bridge-utils

Add a new mybr0 connection:

# nmcli c add type bridge con-name mybr0 ifname mybr0

Modify the newly created mybr0 connection to match our configuration (see the teamed configuration for IPs etc):

# nmcli c mod mybr0 ipv4.method manual ipv6.method manual \
  ipv4.addresses 10.8.8.72/24 ipv4.gateway 10.8.8.70 \
  ipv4.dns 10.8.8.70 ipv6.addresses fc00::a:b:c:72/64 \
  bridge.stp no

Verify:

# nmcli c
NAME     UUID                                  TYPE            DEVICE
slave2   eabb15cc-2bb7-4fc1-a52f-47268137cb09  802-3-ethernet  enp0s8
slave1   6d420cc6-cba4-4561-b9ae-17af025987ce  802-3-ethernet  enp0s17
myteam0  9691a92f-03dc-48b2-951d-a2b73721f8bc  team            myteam0
mybr0    558eb416-de58-4b44-a545-8959cdc81e66  bridge          mybr0

Change to:

# cd /etc/sysconfig/network-scripts/

Open ifcfg-myteam0 for editing. Add the following line at the end of the file:

BRIDGE=mybr0

Also remove IP address configuration as it’s now set up on the bridge. We can use sed:

# sed -i '/IPADDR/d;/PREFIX/d;/GATEWAY/d;/DNS/d;/IPV6ADDR/d' ./ifcfg-myteam0

Disable DAD on the bridged interface:

# echo "net.ipv6.conf.mybr0.accept_dad=0" >>/etc/sysctl.d/dad.conf
# sysctl -w net.ipv6.conf.mybr0.accept_dad=0

Network Manager does not support bridges on bonded or teamed interfaces:

# systemctl disable NetworkManager && systemctl stop NetworkManager

The network service should be started and enabled:

# systemctl enable network && systemctl restart network

Verify:

# brctl show
bridge name     bridge id               STP enabled     interfaces
mybr0           8000.080027ff7201       no              myteam0

# ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp0s8: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master myteam0 state UP qlen 1000
    link/ether 08:00:27:ff:72:01 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::a00:27ff:feff:7201/64 scope link
       valid_lft forever preferred_lft forever
3: enp0s17: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master myteam0 state UP qlen 1000
    link/ether 08:00:27:ff:72:01 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::a00:27ff:feff:7201/64 scope link
       valid_lft forever preferred_lft forever
6: myteam0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master mybr0 state UP
    link/ether 08:00:27:ff:72:01 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::a00:27ff:feff:7201/64 scope link
       valid_lft forever preferred_lft forever
7: mybr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
    link/ether 08:00:27:ff:72:01 brd ff:ff:ff:ff:ff:ff
    inet 10.8.8.72/24 brd 10.8.8.255 scope global mybr0
       valid_lft forever preferred_lft forever
    inet6 fc00::a:b:c:72/64 scope global
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:feff:7201/64 scope link
       valid_lft forever preferred_lft forever

9 thoughts on “Setting up a Software Bridge on Top of a Teamed Device on RHEL 7”

Eryk says:

03/10/2016 at 8:49 pm

Hi
I had to do “nmcli dev disconnect myteam0” before stopping NetworkManager and starting network. It failed with eno devices disapearing and bridge in wired state.

Ray Ros says:

07/04/2018 at 1:49 pm

Hello Tomas, After both Teaming and now placing Bridge on the Team, can I now install Centos 7.3 KVM after doing these tasks? what will happen to the KVM Bridge that gets automatically added during KVM installation. Or should I install KVM First ? destroy the default bridge and start from there, been searching all over for a complete solution on this with no luck

Thanks
Ray

- Tomas says:
  
  07/04/2018 at 6:08 pm
  
  Hi Ray, I’m not sure I understand your question. Are you setting up teaming and bridging on a KVM hypervisor, and are asking about installing a KVM guest on said hypervisor?
  
  What I usually do is I set up a KVM hypervisor first, it comes with a NAT interface which I don’t really need, so I get that disabled and configure a network bridge. Once that’s done I start creating KVM guests.
Ray Ros says:

07/04/2018 at 9:10 pm

Thanks for quick response and great site! I want to set up a KVM Virtual Host server to provide VMS as normal I just don’t know what I should do first Like
Install KVM first
or
Create Network Team first ( 2 1GB Ethernet interfaces )
Then create software Bridge next as you described
Then install KVM?
Thank you Hope that makes more sense
Ray

- Tomas says:
  
  07/04/2018 at 9:21 pm
  
  Install a KVM hypervisor, then configure network bridging, then create VMs.
- Ray Ros says:
  
  21/04/2018 at 4:29 am
  
  Tom Had a Problem with congiuration can I follow These Steps
  1 Create Network Team ( 2 1GB Nics)
  2 Install KVM Hypervisor
  3 Remove Default KVM Bridge Then Create my own Network Bridge
  4 Create VMs
  
  Thanks Tom
  Ray
- Tomas says:
  
  21/04/2018 at 11:28 am
  
  It’s not the order that I’d go for, but test it out. It should work.
Ray Ros says:

08/04/2018 at 7:44 am

Thank you I will do that, and thanks again to The Best Linux Web Site I have Found in Years! Information you provide here helps others, on Difficult Topics, That I can speak for myself is Not covered by Major CBT Training Courses and a ton of Linux Books I have bought last several years!!!

Thanks For Caring
Ray

- Tomas says:
  
  08/04/2018 at 12:10 pm
  
  Thank you Ray, your feedback is greatly appreciated!

Before We Begin

Configure Software Bridge

9 thoughts on “Setting up a Software Bridge on Top of a Teamed Device on RHEL 7”

Leave a Reply Cancel reply