OpenBSD: Configure Network Interface As A Bridge / Network Switch

Author: Vivek Gite Last updated: August 9, 2020 4 comments

I have Soekris single board communication embedded computer which is optimized for low power and network usage. The server has four Ethernet ports. How do I setup IPv4 software bridge using the OpenBSD operating system so that the rest of four ports act as a network switch?

[donotprint]

Tutorial details
Difficulty	Intermediate (rss)
Root privileges	Yes
Requirements	OpenBSD v2.5+
Time	10m

[/donotprint] The OpenBSD operating system comes with the bridge device support. A bridge interface can be created at runtime using the ifconfig bridge0 command or by setting up a /etc/hostname.N configuration file for netstart command. A bridge interface creates a logical link between two or more Ethernet interfaces or encapsulation interfaces. This link between the interfaces selectively forwards frames from each interface on the bridge to every other interface on the bridge. A bridge can serve several services, including isolation of traffic between sets of machines so that traffic local to one set of machines is not available on the wire of another set of machines, and it can act as a transparent filter for IP datagrams.

How do I setup bridge0?

Create a file called /etc/hostname.bridge0, enter:
# vi /etc/hostname.bridge0
Append the following interface names:

add vr0
add vr1
add vr2
add vr3
add rl0
up

Save and close the file. This is saying set up a bridge consisting of the five NICs, vr0, vr1, vr2, vr3, and rl0 and activate it. The order the cards are listed does not matters. Make sure each NICs is configured as per your requirements:
# cat /etc/hostname.vr0
Sample outputs:
up media autoselect
The rest of the config:
# cat /etc/hostname.vr1 up media autoselect


# cat /etc/hostname.vr2

up media autoselect

# cat /etc/hostname.vr3 up media autoselect
However, NIC rl0 has static IP address configuration as follows:
# vi /etc/hostname.rl0
Sample outputs:

inet 192.168.1.254 255.255.255.0 192.168.1.255

Save and close the file. Reboot the server to test new settings:
# reboot
Verify new switch settings:
# ifconfig bridge0
Sample outputs:

bridge0: flags=41<UP,RUNNING>
        groups: bridge
        priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp
        designated: id 00:00:00:00:00:00 priority 0
        run0 flags=3<LEARNING,DISCOVER>
                port 8 ifpriority 0 ifcost 0
        vr3 flags=3<LEARNING,DISCOVER>
                port 4 ifpriority 0 ifcost 0
        vr2 flags=3<LEARNING,DISCOVER>
                port 3 ifpriority 0 ifcost 0
        vr1 flags=3<LEARNING,DISCOVER>
                port 2 ifpriority 0 ifcost 0
        vr0 flags=3<LEARNING,DISCOVER>
                port 1 ifpriority 0 ifcost 0
        rl0 flags=3<LEARNING,DISCOVER>
                port 5 ifpriority 0 ifcost 0
        Addresses (max cache: 100, timeout: 240):
                74:44:01:40:57:fb vr0 0 flags=0<>

To see rl0 config:
# ifconfig rl0

References:

This entry is 2 of 11 in the Linux and Unix Network Bridging Tutorial series. Keep reading the rest of the series:

🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source/DevOps topics:

RSS feed or Weekly email newsletter
Share on Twitter • Facebook • 4 comments... add one ↓

UP NEXT

Category	List of Unix and Linux commands
File Management	cat
Firewall	Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04
Network Utilities	dig • host • ip • nmap
OpenVPN	CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04
Package Manager	apk • apt
Processes Management	bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time
Searching	grep • whereis • which
User Information	groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w
WireGuard VPN	Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04