How do I configure my CentOS 8 and add network bridge (br0) with the nmcli command? How can I create a Linux network bridge on CentOS Linux 8 server for KVM (Kernel-based Virtual Machine)?

A network bridge is nothing but a device that joins two local networks into one network. It works at the data link layer (layer 2 of the OSI model). Network bridges often used with virtualization software. Network bridges often used with virtualization software. For example, popular software such as KVM, LXD, or Docker users can configure bridges instead of NAT-based networking. The nmcli command-line tool can create a persistent bridge configuration without editing any files. This page shows how to create a bridge interface using the Network Manager command-line tool called nmcli on CentOS 8 Enterprise Linux.

CentOS 8 add network bridge (br0) with nmcli

The procedure to create and add a bridge interface on CentOS 8 is as follows when you want to use Network Manager:
Open the Terminal app or log in using the [nixmcd name=”ssh”]

1. Find out informmation about the current CentOS 8 network connection:
   sudo nmcli con show
2. Then, add a new bridge called br0:
   sudo nmcli con add type bridge ifname br0
3. Create a slave interface for br0:
   sudo nmcli con add type bridge-slave ifname eno1 master br0
4. Turn on br0 interface to get an IP via DHCP:
   sudo nmcli con up br0
5. Static IP settings are discussed below for the br0 interface

Let us see all examples and instructions in detail to create a network bridge in CentOS 8.

Warning: These instructions make critical network changes to your existing server, and wrong commands might lose network/ssh connectivity to the server. Hence, running these commands over ssh based sessions not recommended. Further, you may need to update firewall rules to match the network bridge settings. For remote servers, I recommend using KVM over IP or IPMI based remote sessions.

How to create a Linux Network Bridge on CentOS 8

First thing, obtain information about the current CentOS Linux 8 interface and IP address as we need this information later. Hence, type the following command:
$ nmcli con show
$ nmcli connection show --active
Outputs:

NAME  UUID                                  TYPE      DEVICE 
eno1  71a189f2-9cb9-49f0-8464-37a6801740e3  ethernet  eno1  

So my server has an “eno1” which uses the eno1 Ethernet interface. I am going to set up a bridge interface named br0 and add (enslave) an interface to eno1.

Step 1 – Create a network bridge named br0

The syntax is:
$ sudo nmcli con add ifname br0 type bridge con-name br0
$ sudo nmcli con add type bridge-slave ifname eno1 master br0
$ nmcli connection show

Step 2 – Disable or enable STP for network bridge

The primary purpose of Spanning Tree Protocol (STP) is to ensure that you do not create loops when you have redundant paths in your network. We can disable STP or enable as follows for br0:
$ sudo nmcli con modify br0 bridge.stp no
## CentOS 8 nmcli command to enable STP with br0 ##
$ sudo nmcli con modify br0 bridge.stp yes
## Verification ##
$ nmcli con show
$ nmcli -f bridge con show br0
Outputs:

bridge.mac-address:                     --
bridge.stp:                             no
bridge.priority:                        32768
bridge.forward-delay:                   15
bridge.hello-time:                      2
bridge.max-age:                         20
bridge.ageing-time:                     300
bridge.group-forward-mask:              0
bridge.multicast-snooping:              yes
bridge.vlan-filtering:                  no
bridge.vlan-default-pvid:               1
bridge.vlans:                           --

Step 3 – Set up static or DHCP based IP for network bridge interface

We have not allocated any static IP address to our br0 interface. Hence, if the DHCP server is available, it should provide IP addresses and other settings. However, on servers, we typically set up a static IP address. In this example, I am converting existing eno1 IP network settings to br0 settings as follows:

IPv4 br0 settings

$ sudo nmcli connection modify br0 ipv4.addresses '192.168.2.19/24'
$ sudo nmcli connection modify br0 ipv4.gateway '192.168.2.254'
$ sudo nmcli connection modify br0 ipv4.dns '192.168.2.254'
$ sudo nmcli connection modify br0 ipv4.dns-search 'sweet.home'
$ sudo nmcli connection modify br0 ipv4.method manual

IPv6 br0 settings

$ sudo nmcli connection modify bridge0 ipv6.addresses 'Your-Static-IPv6-Address'
$ sudo nmcli connection modify br0 ipv6.gateway 'Your-Static-IPv6-Gateway-Address'
$ sudo nmcli connection modify br0 ipv6.dns 'Your-Static-IPv6-DNS'
$ sudo nmcli connection modify br0 ipv6.dns-search 'sweet.home'
$ sudo nmcli connection modify br0 ipv6.method manual

Step 4 – Enable br0 network bridge interface on CentOS 8

So far, we configured required network settings. It is time to turn it on our br0:
$ sudo nmcli con up br0
$ nmcli con show
Wait for some time to activate settings.

Step 5 – Verification network bridge settings

Use the ip command to view the IP settings for br0:
$ ip a s
$ ip a s br0
You can remove eno1 as br0 got a static IP address itself as eno1 will be in forwarding state:
$ sudo nmcli connection delete eno1
Here is how it looks using the ip command:
$ nmcli connection show
$ ip a show br0
$ nmcli device
## interface active and works with br0 ##
$ ip a show eno1
$ ip r
## Check Internet and local LAN connectivity using ping command ##
$ ping -c 4 www.cyberciti.biz
$ ping -c 4 192.168.2.25
Show the link status of Ethernet devices and bridge devices on CentOS 8 Linux machine:
$ ip link show master br0
$ bridge link show
$ bridge link show dev eno1

Conclusion

In this tutorial, you learned how to add and create a Linux Network Bridge on CentoS 8 server. See nmcli docs here for more info.