Setting up a bridge disables IP networking?

I have a Linux box with an ethernet adaptor (eth0) that connects into
the local (TCP/IP) LAN. This works.

If I do "brctl addbr br0; brctl addif br0 eth0; ifconfig br0 up", that
IP connection goes dead immediately. No IP packets can be received or
transmitted on eth0, neither pings nor TCP nor anything else. However,
I can still transmit and receive other ethernet frames on eth0 without
problems. I used Scapy and Wireshark to confirm that I can send ARP
frames via eth0 to another host in the LAN, that host receives the
frame and sends back a reply frame, which is received on eth0 on the
bridge host again. No problems there.

How is that even possible? The bridge code should know nothing about
ARP or IP, so how can it make a difference whether I send ARP or IP
over the ethernet interface?

(everything in /proc/sys/net/bridge/bridge-nf-* is set to 0, so no
netfiltering should be done)

(as soon as I "brctl delif br0 eth0", the IP connection starts working
again)

Olaf Klischat wrote:
> I have a Linux box with an ethernet adaptor (eth0) that connects into
> the local (TCP/IP) LAN. This works.
>
> If I do "brctl addbr br0; brctl addif br0 eth0; ifconfig br0 up", that
> IP connection goes dead immediately. No IP packets can be received or
> transmitted on eth0, neither pings nor TCP nor anything else. However,
> I can still transmit and receive other ethernet frames on eth0 without
> problems. I used Scapy and Wireshark to confirm that I can send ARP
> frames via eth0 to another host in the LAN, that host receives the
> frame and sends back a reply frame, which is received on eth0 on the
> bridge host again. No problems there.
>
> How is that even possible? The bridge code should know nothing about
> ARP or IP, so how can it make a difference whether I send ARP or IP
> over the ethernet interface?
>
> (everything in /proc/sys/net/bridge/bridge-nf-* is set to 0, so no
> netfiltering should be done)
>
> (as soon as I "brctl delif br0 eth0", the IP connection starts working
> again)


Did you remember to set up the IP address and
netmask to br0? Also, did you change the routing
previously set to eth0 to go via br0 now?

When you build a bridge, the components are not
used directly as IP interfaces. The IP parameters
belong to the aggregated interface (here: br0).

--

Tauno Voipio
tauno voipio (at) iki fi

Tauno Voipio <tauno.voipio@INVALIDiki.fi> writes:

> Olaf Klischat wrote:
>> I have a Linux box with an ethernet adaptor (eth0) that connects into
>> the local (TCP/IP) LAN. This works.
>>
>> If I do "brctl addbr br0; brctl addif br0 eth0; ifconfig br0 up", that
>> IP connection goes dead immediately. No IP packets can be received or
>> transmitted on eth0, neither pings nor TCP nor anything else. However,
>> I can still transmit and receive other ethernet frames on eth0 without
>> problems. I used Scapy and Wireshark to confirm that I can send ARP
>> frames via eth0 to another host in the LAN, that host receives the
>> frame and sends back a reply frame, which is received on eth0 on the
>> bridge host again. No problems there.
>>
>> How is that even possible? The bridge code should know nothing about
>> ARP or IP, so how can it make a difference whether I send ARP or IP
>> over the ethernet interface?
>>
>> (everything in /proc/sys/net/bridge/bridge-nf-* is set to 0, so no
>> netfiltering should be done)
>>
>> (as soon as I "brctl delif br0 eth0", the IP connection starts working
>> again)
>
>
> Did you remember to set up the IP address and
> netmask to br0?

I did exactly what I wrote and nothing more, so no, I didn't reassign
IP addresses. I know that I'm supposed to assign the IP address to the
bridge device, not to the constituent devices. Before mindlessly
copying scripts from tutorials though, I thought I'd like to
understand what's actually going on here. So, I'd love it if you or
somebody else could explain how the bridge code actually works here,
how the behaviour I observed (ARP goes through, IP doesn't) comes
about and, ideally, why it is logical and correct for the code to work
the way it does here.