如何在Ubuntu14.04和16.04主机上搭建网桥?顾名思义,网桥的作用就是通过物理接口连接内外网络。这对于虚拟端口或LXC/KVM/Xen/容器非常有用。网桥虚拟端口似乎是网络上的常规设备。在本教程中,我将解释如何通过bridge-utils(brctl)命令行在Ubuntu服务器上配置Linux网桥。桥接网络示例图01:Kvm/Xen/LXC容器桥接示例(br0)在这个示例中,eth0和eth1是物理网络接口。eth0连接局域网,eth1连接上游路由器和互联网。Installbridge-utilsInstallbridge-utilsusingtheapt-getcommand:$sudoapt-getinstallbridge-utilsor$sudoaptinstallbridge-utilsSampleoutput:Figure02:Ubuntuinstallsthebridge-utilspackageCreateabridgeonanUbuntuserverUseyourfamiliartextEdit/etc/network/interfaces,suchasviornano:$sudocp/etc/network/interfaces/etc/network/interfaces.bakup-1-july-2016$sudovi/etc/network/interfacesNextseteth1andMapittobr1,enterthefollowing(deleteorcommentalleth1relatedconfiguration):###br1usesastaticpublicIPaddress,andusestheISProuterasagatewayautobr1ifacebr1inetstaticaddress208.43.222.51network255.255.255.248netmask255.255.255.0broadcast208.43.222.55gateway208.43.222.49bridge_portseth1bridge_stpoffbridge_fd0bridge_maxwait0接下来设置eth0并将它映射到br0,输入如下(删除或者注释所有eth0相关配置):autobr0ifacebr0inetstaticaddress10.18.44.26netmask255.255.255.192broadcast10.18.44.63dns-nameservers10.0.80.1110.0.80.12#setstaticrouteforLANpost-uprouteadd-net10.0.0.0netmask255.0.0.0gw10.18.44.1post-uprouteadd-net161.26.0.0netmask255.255.0.0gw10.18.44.1bridge_portseth0bridge_stpoffbridge_fd0bridge0bridge0netmask255.255.0.0gw10.18.44.1bridge_portseth0bridge_stpoffbridge_fd0bridge0br0ifusingCPabout配置选项如下:autobr0ifacebr0inetdhcpbridge_portseth0bridge_stpoffbridge_fd0bridge_maxwait0保存并关闭文件重启服务器或网络服务您需要重启服务器或输入以下命令来重启网络服务(这在SSH登录会话中可能不起作用):$sudosystemctlrestartnetworking如果你使用Ubuntu14.04LTS或者对于没有systemd的旧系统,输入:$sudo/etc/init.d/restartnetworking验证网络配置是否成功使用ping/ip命令验证LAN和WAN网络接口是否正常运行:###Viewbr0和br1ipashow###查看路由信息ipr###ping外部站点ping-c2cyberciti.biz###ping局域网服务器ping-c210.0.80.12示例输出:图03:验证网桥的以太网连接现在您可以配置br0br1允许XEN/KVM/LXC容器访问Internet或私有LAN。不再需要设置特定的路由或iptablesSNAT规则。
