OpenBSD: Configure Network Interface As A Bridge / Network Switch

Posted on in Categories , , , last updated May 3, 2017

I have Soekris single board communication embedded computer which is optimized for low power and network usage. The server has four Ethernet ports. How do I setup IPv4 software bridge using the OpenBSD operating system so that the rest of four ports act as a network switch?


The OpenBSD operating system comes with the bridge device support. A bridge interface can be created at runtime using the ifconfig bridge0 command or by setting up a /etc/hostname.N configuration file for netstart command. A bridge interface creates a logical link between two or more Ethernet interfaces or encapsulation interfaces. This link between the interfaces selectively forwards frames from each interface on the bridge to every other interface on the bridge. A bridge can serve several services, including isolation of traffic between sets of machines so that traffic local to one set of machines is not available on the wire of another set of machines, and it can act as a transparent filter for IP datagrams.

How do I setup bridge0?

Create a file called /etc/hostname.bridge0, enter:
# vi /etc/hostname.bridge0
Append the following interface names:

add vr0
add vr1
add vr2
add vr3
add rl0
up

Save and close the file. This is saying set up a bridge consisting of the five NICs, vr0, vr1, vr2, vr3, and rl0 and activate it. The order the cards are listed does not matters. Make sure each NICs is configured as per your requirements:
# cat /etc/hostname.vr0
Sample outputs:
up media autoselect
The rest of the config:
# cat /etc/hostname.vr1
up media autoselect

# cat /etc/hostname.vr2
up media autoselect

# cat /etc/hostname.vr3
up media autoselect

However, NIC rl0 has static IP address configuration as follows:
# vi /etc/hostname.rl0
Sample outputs:

inet 192.168.1.254 255.255.255.0 192.168.1.255

Save and close the file. Reboot the server to test new settings:
# reboot
Verify new switch settings:
# ifconfig bridge0
Sample outputs:

bridge0: flags=41<UP,RUNNING>
        groups: bridge
        priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp
        designated: id 00:00:00:00:00:00 priority 0
        run0 flags=3<LEARNING,DISCOVER>
                port 8 ifpriority 0 ifcost 0
        vr3 flags=3<LEARNING,DISCOVER>
                port 4 ifpriority 0 ifcost 0
        vr2 flags=3<LEARNING,DISCOVER>
                port 3 ifpriority 0 ifcost 0
        vr1 flags=3<LEARNING,DISCOVER>
                port 2 ifpriority 0 ifcost 0
        vr0 flags=3<LEARNING,DISCOVER>
                port 1 ifpriority 0 ifcost 0
        rl0 flags=3<LEARNING,DISCOVER>
                port 5 ifpriority 0 ifcost 0
        Addresses (max cache: 100, timeout: 240):
                74:44:01:40:57:fb vr0 0 flags=0<>

To see rl0 config:
# ifconfig rl0

References:

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

Share this on (or read 4 comments/add one below):

4 comment

  2. Well, if you need to give bridge an address, don’t do it on physical interface. Once this particular interface goes down, you won’t be able to connect to bridge via any other interface.

    Use vether* for this purpose. Give it address and add to a bridge. It is always-up and will be reachable as long as at least one physical interface of bridge is up.

    Have a question? Post it on our forum!

Tagged as: Tags , , , , , ,