0

Already tried pulling answers out of the debian docs, but it's a rare combination, so I'm asking this here; A small business I work for has a mini computer, running a minimal Debian 11 and some LAN services (pihole, unbound, ssh and some others) on it. This unit has 4 physical NICs on it, of which I'm currently only using 2 as bond0 (those are connected to an internet router that also supports LACP, bond mode 4). Its current /etc/network/interfaces is:

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback
    
# Frontend bond interface
auto bond0
iface bond0 inet static
address 192.168.1.8
netmask 255.255.255.0
gateway 192.168.1.1
dns-nameservers 127.0.0.1
bond-slaves enp1s0 enp2s0
bond-mode 802.3ad
bond-miimon 100
bond-lacp-rate 1

This works perfectly fine. But, I would very much like to put the left-over extra 2 ethernet ports (enp3s0 enp4s0) to use, extending the LAN, as a switch. So they only need to pass through the bond0 interface, and see this server too of course. Can I just add a bridge to the interfaces file? Something like this?

auto br0
iface br0 inet static
bridge_ports enp1s0 enp3s0 enp4s0
address 192.168.1.8
netmask 255.255.255.0
gateway 192.168.1.1
dns-nameservers 127.0.0.1
hwaddress ether 00:a0:c9:00:20:7b

About the correct config for this I'm not seeing good answers for this particular setup;

  • Do I bridge all 4 ports, or just the 3 in my example here? Or maybe even the 2 unused only, but I doubt that, because then these interfaces don't know what to bridge with, no?
  • Do I specify a different static IPv4 address than that of bond0 ?
  • Do I have to put a hwaddress in config for the bridge, if so which NIC's MAC should that be?
  • Do I need to specify allow-hotplug for each iface ?

I already installed bridge-utils. Thanks in advance for any clarity on these questions.

Improve this question
4
  • Why are you planning to add to the bridge one of the physical interfaces that are bonded? Don't you want to use the bond0 interface?
    – Daniel B
    Commented Nov 22, 2021 at 13:13
  • I assumed I would have to, otherwise how does br0 know what to bridge with? Do you mean I would have to put bridge_ports bond0 enp3s0 enp4s0 there instead? I guess that makes sense. Thanks!
    – Julius
    Commented Nov 22, 2021 at 13:15
  • Software bridges may have terrible performance. Unless you're cramped for space or power, just add a simple hardware switch.
    – Zac67
    Commented Nov 26, 2021 at 10:54
  • They're for two 100M speed devices, performance is not an issue. Either way, the above did not work, not sure why not.
    – Julius
    Commented Nov 26, 2021 at 15:21

1 Answer 1

Reset to default
0

The /etc/network/interfaces below works as required; Had to move the static ipv4 network lines from bond0 to br0, and also add bond-updelay to be (at least) double that of the miimon entry. Also silly to know that the bridge config uses underscores, while the bond one uses dashes. Talk about accidents waiting to happen..

source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

auto bond0
iface bond0 inet manual
bond-slaves enp1s0 enp2s0
bond-mode 802.3ad
bond-miimon 100
bond-updelay 200
bond-downdelay 200
bond-lacp-rate 0
bond-xmit_hash_policy layer3+4

auto br0
iface br0 inet static
address 192.168.1.8
netmask 255.255.255.0
gateway 192.168.1.1
dns-nameservers 127.0.0.1
bridge_ports bond0 enp3s0 enp4s0
bridge_waitport 0
bridge_fd 0
Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .