About bridges and TAP devices

One of the things on my TODO list for this week is to review a patchset to test TAP device networking on qemu. While I was researching on the subject, This link has proven to be very useful. Summarizing things:

* A TAP device for the host operating system behaves as a normal network interface. A TAP device is the portal for a given virtual lan composed by qemu hosts.
* In order to make the virtual lan hosts to be able to connect to the internet, one could try several approaches, and Linux Bridging is the most popular among them.

A bridge consists in ‘glueing together’ different network interfaces into a bridge device. When you add your current main network interface (usually called eth0) to the bridge, the network will be unavailable for some time. Also, when you need to use network services such as NFS, you might use a more convenient solution of naming your bridge eth0, but for that you need to rename the original eth0 interface first. The following shell script can set this up for you on Red Hat based systems:

# Release the current dhcp lease
dhclient -r eth0
# Put the original eth0 interface down
ip addr flush eth0
ip link set eth0 down
# Make sure /etc/mactab has an appropriate MAC - interface name pair so
# eth0 gets renamed to reth0 (stands for real eth0):
# [root@myhost ~]# cat /etc/mactab
# reth0 00:21:5E:55:28:7C
# Bring reth0 up again
ip link set reth0 up
# Create the bridge
brctl addbr eth0
# Add reth0 to it
brctl addif eth0 reth0
# Bring the new eth0 bridge up
ip link set eth0 up
dhclient eth0

Make sure you execute this script in the background:

./bridge.sh &

or as a init script. This way you will get your bridge setup and then add your tap device later simply by doing a

brctl addif eth0 tap0

If you don’t want the mess of renaming your interface, you could use a much simpler approach:

brctl addbr kvmbr0
brctl stp kvmbr0 off
brctl addif kvmbr0 eth0
ifconfig kvmbr0 up
dhclient kvmbr0

But I found this to cause problem with my services configuration (probably due to firewall rules).
That’s it, bridge is already set with your tap device. This post was brought to you by Lazy Lucas (TM) enterprises 🙂


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s