How to create a bridge / tun tap under linux inside /etc/network/interfaces?

I need to create a network bridge for my qemu virtual machines under linux .

I'm reading manpages, official documentations and tutorials but I still find impossible to understand the steps.

For example ( from https://wiki.ubuntu.com/KvmWithBridge )

# The primary network interface
auto br0
iface br0 inet static
        address 192.168.0.101
        netmask 255.255.255.0
        network 192.168.0.0
        broadcast 192.168.0.255
        gateway 192.168.0.1
        bridge_ports eth0
        bridge_stp off
        bridge_maxwait 5
        # dns-* options are implemented by the resolvconf package, if installed
        dns-nameservers 192.168.0.4
        dns-search mydomain.net

this makes 0 sense to me :

• why a bridge needs an IP ? why I can work with bridges and IPs at all since it should be just a datalink path
• why I need to take down eth0 ? a bridge it's a connection between 2 physical devices, why it makes sense to take down an ethernet card to create an interconnection with said card ?
• who or what is getting the IP here ? 192.168.0.101 is what exactly ?

This is a pattern that repeats itself with many tutorials, guides and documentation mixing words with no apparent meaning ( apparently a bridge is supposed to deal with IPs ... ) .

So I'm asking : how do I create a bridge so my qemu instance can connect itself through my eth0 via a bridge ? I would like to use iproute2 and /etc/network/interfaces and nothing else for simplicity sakes .

Solution 1:

I'll try to answer your questions.

1. A bridge interface doesn't require an ip address to switch frames between ports. Sure, you can configure a bridge interface without an ip address. In this case your linux host will work as a simple L2 switch. When you assign an ip address on a bridge interface, you can consider your linux host as a advanced L3 switch.

2. You don't need disable the interface to add it into the bridge.

3. After ifup br0 in your linux system the br0 interface will be created. Address 192.168.0.101 will be assigned to it.

4. After running a qemu VM with appropriate options in your system an additional interface should be apprears. After that you can add it into the br0 interface manually with command

ip link set dev <tap-iface> master br0

5. You can write the short script to add new tap interface into the bridge. This script can be placed in special directory and will be executed after start of new qemu host.

6. If you prefer the iproute2, you can use it in the interfaces file, using inside pre-up, up, post-up and other statements.

7. If I've understood your correctly, you can add something like into /etc/network/interfaces file to bring up tap interface and add it into the bridge:

iface tap10 inet manual
    pre-up /sbin/tunctl -t $IFACE -u root || true
    pre-up /sbin/ip link set dev $IFACE master br0
    up /sbin/ip link set dev $IFACE up
    post-down /sbin/tunctl -d $IFACE || true

Newer versions of iproute2 has own support of tun/tap interfaces, so usage of the tunctl binary is unnecessary.

iface tap10 inet manual
  pre-up /sbin/ip tuntap add mode tap user root name $IFACE || true
  pre-up /sbin/ip link set dev $IFACE master br0
  up /sbin/ip link set dev $IFACE up
  post-down /sbin/ip link del dev $IFACE || true

In the qemu VM start command line you should use something like that:

-netdev tap,id=mynet0,ifname=tap10,script=no,downscript=no