bridge not working on centos 8
bridge not working on centos 8
I followed this page to set up a bridge under CentOS 8 but unfortunately nothing can communicate outside the host: https://computingforgeeks.com/how-to-cr ... -centos-8/
I can see that the bridge is up. And it appears the ethernet interface is connected to the bridge. Has anyone gotten the bridge to work on centos 8? what do your ifcfg-* files looks like? Unfortunately, because the interface isn't working I cannot cut and paste.
I can see that the bridge is up. And it appears the ethernet interface is connected to the bridge. Has anyone gotten the bridge to work on centos 8? what do your ifcfg-* files looks like? Unfortunately, because the interface isn't working I cannot cut and paste.
Re: bridge not working on centos 8
Did a test. Had a "simple connection" enp0s31f6. Took it down:
Then followed man nmcli-examples:
Result: I'm posting this.
As for ifcfg-*, I don't care what NM writes and where.
Code: Select all
sudo nmcli con down enp0s31f6
Code: Select all
sudo nmcli con add type bridge con-name TowerBridge ifname TowerBridge
sudo nmcli con add type ethernet con-name br-slave-1 ifname enp0s31f6 master TowerBridge
As for ifcfg-*, I don't care what NM writes and where.
Re: bridge not working on centos 8
It still doesn't work for me with your example (exchanging device name with what I have on my system). I'm assuming you're using DHCP but you're not setting the IP address info. Ordinarily, in CentOS 7 and below, IP config is set on the bridge interface but I'm not sure how that's supposed to work in CentOS8. Everything seems to be correct as far as I can tell but I still cannot communicate outside of the host. I wanted to see the ifcfg-* files because I want to be able to compare what was generated in a working system vs what I have. Or maybe provide the output from your nmcli config.
Re: bridge not working on centos 8
It might not be the setup. The interface doesn't seem to be connected which is strange because it was working just fine prior to the bridge setup.
Could be something environmental.
Could be something environmental.
Re: bridge not working on centos 8
I'm not able to get the bridge to work. I moved the testing to a different server where I verified that the interface is able to communicate with other hosts on the network. After adding the bridge and connecting/enslaving the ethernet interace to it, all communications with other hosts on the network no longer works.
In CentOS 6 and 7, I normally put the IP configuration on the bridge itself. WIth nmcli, after running the commands to add the bridge and enslaving the ethernet interface to it, I see that the IP config remains with the ethernet interface.
I did check the nmcli-examples man page and it basically provides the example you gave. I'm at a loss as to why my setup doesn't work.
In CentOS 6 and 7, I normally put the IP configuration on the bridge itself. WIth nmcli, after running the commands to add the bridge and enslaving the ethernet interface to it, I see that the IP config remains with the ethernet interface.
I did check the nmcli-examples man page and it basically provides the example you gave. I'm at a loss as to why my setup doesn't work.
Re: bridge not working on centos 8
Okay, ran the example again. (Note: It takes a while for the bridge to come up, perhaps due to stp.)
Yes, I have DHCP server on my network and yes, the connections created by NM use DHCP by default.
Connections, devices and routes (I won't delete my enp0s31f6):
The slave:
and its NM-generated file:
The bridge (without IPv6 bits):
and file:
One could/should append bridge.stp no to the nmcli con add type bridge ... command.
You could listen the interface with tcpdump while you create/start the connections to see whether there are (dhcp) traffic.
Yes, I have DHCP server on my network and yes, the connections created by NM use DHCP by default.
Connections, devices and routes (I won't delete my enp0s31f6):
Code: Select all
$ nmcli c s
NAME UUID TYPE DEVICE
br-slave-1 22353850-cabe-4c4a-b354-b078832b45e7 ethernet enp0s31f6
TowerBridge 44123894-8fb3-41a5-9a1e-ddf35d0ac9d1 bridge TowerBridge
enp0s31f6 8ad6b747-bf97-4ccb-a72b-0ed4e6eedb16 ethernet --
$ nmcli d s
DEVICE TYPE STATE CONNECTION
TowerBridge bridge connected TowerBridge
enp0s31f6 ethernet connected br-slave-1
lo loopback unmanaged --
$ ip ro
default via 10.20.30.1 dev TowerBridge proto dhcp metric 425
10.20.30.0/24 dev TowerBridge proto kernel scope link src 10.20.30.40 metric 425
Code: Select all
$ nmcli c s br-slave-1
connection.id: br-slave-1
connection.uuid: 22353850-cabe-4c4a-b354-b078832b45e7
connection.stable-id: --
connection.type: 802-3-ethernet
connection.interface-name: enp0s31f6
connection.autoconnect: yes
connection.autoconnect-priority: 0
connection.autoconnect-retries: -1 (default)
connection.multi-connect: 0 (default)
connection.auth-retries: -1
connection.timestamp: 1573575817
connection.read-only: no
connection.permissions: --
connection.zone: --
connection.master: TowerBridge
connection.slave-type: bridge
connection.autoconnect-slaves: -1 (default)
connection.secondaries: --
connection.gateway-ping-timeout: 0
connection.metered: unknown
connection.lldp: default
connection.mdns: -1 (default)
connection.llmnr: -1 (default)
802-3-ethernet.port: --
802-3-ethernet.speed: 0
802-3-ethernet.duplex: --
802-3-ethernet.auto-negotiate: no
802-3-ethernet.mac-address: --
802-3-ethernet.cloned-mac-address: --
802-3-ethernet.generate-mac-address-mask:--
802-3-ethernet.mac-address-blacklist: --
802-3-ethernet.mtu: auto
802-3-ethernet.s390-subchannels: --
802-3-ethernet.s390-nettype: --
802-3-ethernet.s390-options: --
802-3-ethernet.wake-on-lan: default
802-3-ethernet.wake-on-lan-password: --
bridge-port.priority: 32
bridge-port.path-cost: 100
bridge-port.hairpin-mode: no
GENERAL.NAME: br-slave-1
GENERAL.UUID: 22353850-cabe-4c4a-b354-b078832b45e7
GENERAL.DEVICES: enp0s31f6
GENERAL.STATE: activated
GENERAL.DEFAULT: no
GENERAL.DEFAULT6: no
GENERAL.SPEC-OBJECT: --
GENERAL.VPN: no
GENERAL.DBUS-PATH: /org/freedesktop/NetworkManager/ActiveConnection/3
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/Settings/3
GENERAL.ZONE: --
GENERAL.MASTER-PATH: /org/freedesktop/NetworkManager/Devices/3
IP4.GATEWAY: --
IP6.GATEWAY: --
Code: Select all
$ cat /etc/sysconfig/network-scripts/ifcfg-br-slave-1
TYPE=Ethernet
NAME=br-slave-1
UUID=22353850-cabe-4c4a-b354-b078832b45e7
DEVICE=enp0s31f6
ONBOOT=yes
BRIDGE=TowerBridge
Code: Select all
$ nmcli c s TowerBridge
connection.id: TowerBridge
connection.uuid: 44123894-8fb3-41a5-9a1e-ddf35d0ac9d1
connection.stable-id: --
connection.type: bridge
connection.interface-name: TowerBridge
connection.autoconnect: yes
connection.autoconnect-priority: 0
connection.autoconnect-retries: -1 (default)
connection.multi-connect: 0 (default)
connection.auth-retries: -1
connection.timestamp: 1573575817
connection.read-only: no
connection.permissions: --
connection.zone: --
connection.master: --
connection.slave-type: --
connection.autoconnect-slaves: -1 (default)
connection.secondaries: --
connection.gateway-ping-timeout: 0
connection.metered: unknown
connection.lldp: default
connection.mdns: -1 (default)
connection.llmnr: -1 (default)
802-3-ethernet.port: --
802-3-ethernet.speed: 0
802-3-ethernet.duplex: --
802-3-ethernet.auto-negotiate: no
802-3-ethernet.mac-address: --
802-3-ethernet.cloned-mac-address: --
802-3-ethernet.generate-mac-address-mask:--
802-3-ethernet.mac-address-blacklist: --
802-3-ethernet.mtu: auto
802-3-ethernet.s390-subchannels: --
802-3-ethernet.s390-nettype: --
802-3-ethernet.s390-options: --
802-3-ethernet.wake-on-lan: default
802-3-ethernet.wake-on-lan-password: --
ipv4.method: auto
ipv4.dns: --
ipv4.dns-search: --
ipv4.dns-options: ""
ipv4.dns-priority: 0
ipv4.addresses: --
ipv4.gateway: --
ipv4.routes: --
ipv4.route-metric: -1
ipv4.route-table: 0 (unspec)
ipv4.ignore-auto-routes: no
ipv4.ignore-auto-dns: no
ipv4.dhcp-client-id: --
ipv4.dhcp-timeout: 0 (default)
ipv4.dhcp-send-hostname: yes
ipv4.dhcp-hostname: --
ipv4.dhcp-fqdn: --
ipv4.never-default: no
ipv4.may-fail: yes
ipv4.dad-timeout: -1 (default)
bridge.mac-address: --
bridge.stp: yes
bridge.priority: 32768
bridge.forward-delay: 15
bridge.hello-time: 2
bridge.max-age: 20
bridge.ageing-time: 300
bridge.group-forward-mask: 0
bridge.multicast-snooping: yes
proxy.method: none
proxy.browser-only: no
proxy.pac-url: --
proxy.pac-script: --
GENERAL.NAME: TowerBridge
GENERAL.UUID: 44123894-8fb3-41a5-9a1e-ddf35d0ac9d1
GENERAL.DEVICES: TowerBridge
GENERAL.STATE: activated
GENERAL.DEFAULT: yes
GENERAL.DEFAULT6: yes
GENERAL.SPEC-OBJECT: --
GENERAL.VPN: no
GENERAL.DBUS-PATH: /org/freedesktop/NetworkManager/ActiveConnection/2
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/Settings/2
GENERAL.ZONE: --
GENERAL.MASTER-PATH: --
IP4.ADDRESS[1]: 10.20.30.40/24
IP4.GATEWAY: 10.20.30.1
IP4.ROUTE[1]: dst = 0.0.0.0/0, nh = 10.20.30.1, mt = 425
IP4.ROUTE[2]: dst = 10.20.30.0/24, nh = 0.0.0.0, mt = 425
IP4.DNS[1]: 10.20.30.1
IP4.DOMAIN[1]: fubar.xxx
DHCP4.OPTION[1]: domain_name = fubar.xxx
DHCP4.OPTION[2]: domain_name_servers = 10.20.30.1
DHCP4.OPTION[3]: domain_search = fubar.xxx
DHCP4.OPTION[4]: expiry = 1573662014
DHCP4.OPTION[5]: ip_address = 10.20.30.40
DHCP4.OPTION[6]: requested_broadcast_address = 1
DHCP4.OPTION[7]: requested_dhcp_server_identifier = 1
DHCP4.OPTION[8]: requested_domain_name = 1
DHCP4.OPTION[9]: requested_domain_name_servers = 1
DHCP4.OPTION[10]: requested_domain_search = 1
DHCP4.OPTION[11]: requested_host_name = 1
DHCP4.OPTION[12]: requested_interface_mtu = 1
DHCP4.OPTION[13]: requested_ms_classless_static_routes = 1
DHCP4.OPTION[14]: requested_nis_domain = 1
DHCP4.OPTION[15]: requested_nis_servers = 1
DHCP4.OPTION[16]: requested_ntp_servers = 1
DHCP4.OPTION[17]: requested_rfc3442_classless_static_routes = 1
DHCP4.OPTION[18]: requested_routers = 1
DHCP4.OPTION[19]: requested_static_routes = 1
DHCP4.OPTION[20]: requested_subnet_mask = 1
DHCP4.OPTION[21]: requested_time_offset = 1
DHCP4.OPTION[22]: requested_wpad = 1
DHCP4.OPTION[23]: routers = 10.20.30.1
DHCP4.OPTION[24]: subnet_mask = 255.255.255.0
Code: Select all
$ cat /etc/sysconfig/network-scripts/ifcfg-TowerBridge
STP=yes
BRIDGING_OPTS=priority=32768
TYPE=Bridge
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=dhcp
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=TowerBridge
UUID=44123894-8fb3-41a5-9a1e-ddf35d0ac9d1
DEVICE=TowerBridge
ONBOOT=yes
You could listen the interface with tcpdump while you create/start the connections to see whether there are (dhcp) traffic.
Re: bridge not working on centos 8
As a test, I tried to remove the bridge and could not get the machine to communicate on the network anymore. I had the networking team look on their switch to determine why nothing is working. Turns out, the switch received an unknown BPDU packet and shut down the port to avoid STP topology recalculation. Is there a command to disable this while setting up the bridge ? It could do it afterward but by that time the port would’ve been disabled.
Re: bridge not working on centos 8
If BPDU's come from the STP and you know that you won't add a loop with your "switch", then creating bridge without STP should ...
You can give most nm-settings on the "add" command:
You can give most nm-settings on the "add" command:
Code: Select all
sudo nmcli con add type bridge con-name TowerBridge ifname TowerBridge bridge.stp no
Re: bridge not working on centos 8
With STP disabled from the get-go, everything works now. I was chasing a red herring. The issue was because the switch actually disabled the port.
Thank you for all your inputs.
Thank you for all your inputs.