Linux nmcli: how to configure a bridge on a team interface

Discussion in 'Guides' started by BLinux, Jan 26, 2018.

  1. BLinux

    BLinux Well-Known Member

    Joined:
    Jul 7, 2016
    Messages:
    1,247
    Likes Received:
    256
    didn't see anything like this posted and just had to do this from my own notes so thought i'd share them here:

    the goal here is to combine 2 ethernets as a 'team' interface, and then add a bridge on top of that. i do this often for VM hosting on CentOS/kvm so the VMs vNICs can use the bridge.

    First, create the bridge interface:

    Code:
    # nmcli conn add type bridge con-name "Bridge connection 1 for DMZ" ifname bridge1-dmz1
    
    The string following "con-name" can be almost anything; it will be the name used to reference the connection when using nmcli. The string following "ifname" is the interface name as it will show in 'ip' or 'ifconfig'.

    Next, add a team interface and make bridge1-dmz1 above its master:

    Code:
    # nmcli conn add type team con-name "bridge1-dmz1 slave 1 team0" ifname team0 master bridge1-dmz1
    
    The next part is a little unusual and specific to doing "team" interfaces versus say "bond" interface. You have to create a JSON file for the configuration of the team. In the below sample, I'm going to team "eth0" and "eth1". So, create a file, let's call it "lacp_1.conf" and add the following content:

    Code:
    {
        "device":    "team0",
        "runner": {
            "name": "lacp",
            "active": true,
            "fast_rate": true,
            "tx_hash": ["eth", "ipv4", "tcp", "udp"]
        },
        "link_watch":    {"name": "ethtool"},
        "ports":        {"eth0": {}, "eth1": {}}
    }
    
    Using "lacp" means we're going to use 802.3ad, so configure the switch side accordingly. There are other options here if you want to not have to mess with the switch ports, but beyond the scope.

    Next, modify the team interface with this JSON config file:

    Code:
    # nmcli conn modify "bridge1-dmz1 slave 1 team0" team.config lacp_1.conf
    
    Next, we want to add the actual ethernet interfaces to the team0 interface:
    Code:
    # nmcli conn add type ethernet con-name "team0 slave 1" ifname eth0 master team0
    # nmcli conn add type ethernet con-name "team0 slave 2" ifname eth1 master team0
    
    Finally, to add an IP and other interface configuration for the local host on this bridge:
    Code:
    # nmcli conn modify "Bridge connection 1 for DMZ" ipv4.address 10.1.233.23/16
    # nmcli conn modify "Bridge connection 1 for DMZ" ipv4.gateway 10.1.1.7
    # nmcli conn modify "Bridge connection 1 for DMZ" ipv4.dns 172.16.200.1
    # nmcli conn modify "Bridge connection 1 for DMZ" ipv4.dns-search domain.com
    # nmcli conn modify "Bridge connection 1 for DMZ" ipv4.method manual
    
    The last method=manual has to be done after the ipv4.address is set or it will not allow the change, so I usually do it last.

    That's it.
     
    #1
    fishtacos and whitey like this.
Similar Threads: Linux nmcli
Forum Title Date
Guides Linux Desktop in Docker Running in 60 Seconds May 5, 2017
Guides Joining Linux to Active Directory for Windows Admins Mar 2, 2016
Guides How to run Linux-Bench Jan 5, 2016

Share This Page