How to create and configure network bridge using nmcli (static & dhcp)


Network, How To, Tips and Tricks

nmcli bridge. nmcli restart network. nmcli reload. nmcli configure network bridge in RHEL. create network bridge using nmcli. configure network bridge using nmcli in linux. nmcli network restart. nmcli connection restart. configure static ip address using nmcli. configure dhcp ip using nmcli. configure network bridge using nmcli.

configure network bridge using nmcli

 

The nmcli (NetworkManager Command Line Interface) command-line utility is used for controlling NetworkManager and reporting network status. nmcli is used to create, display, edit, delete, activate, and deactivate network connections, as well as control and display network device status. In this article I will share the steps to create and configure network bridge using nmcli in RHEL/CentOS 7/8. You can configure persistent both static and DHCP IP using nmcli tool.

I have already written another article with the steps to configure network bridge using nmtui.

I am using CentOS 7 to create and configure network bridge but the same steps will work with RHEL/CentOS 8. Please share your feedback if you face any issues while implementing the same on CentOS/RHEL 8.

 

What is Network Bridge?

  • A network bridge consolidates the resources of multiple physical interfaces into one virtual interface.
  • A network bridge is similar to a virtual LAN interface but sort of the opposite.
  • Network bridges join network adapters to a single subnet and present a unified network to all bridge clients.
  • For instance, if you have a 16 port unmanaged switch and it is full and you need to add additional clients to the same network, then you could add a network adapter to your pfSense installation and then create a network bridge to join a new switch full of clients to the same network.

The basic format of a nmcli command is as follows:

nmcli [OPTIONS] OBJECT { COMMAND | help }

where OBJECT can be one of the following options: general, networking, radio, connection, device, agent, and monitor. You can use any prefix of these options in your commands. For example, nmcli con help, nmcli c help, nmcli connection help generate the same output.

Follow man page of nmcli to get more details.

 

Check if Bridging Kernel Module is installed

In CentOS/RHEL 7/8, the bridging module is loaded by default. If necessary, you can make sure that the module is loaded by issuing the following command as root:

# lsmod | grep bridge
bridge                136173  0

If the module is not loaded, to install the module you can use

# modprobe --first-time bridge

To display information about the module, issue the following command:

# modinfo bridge

 

Configure network bridge using nmcli in RHEL/CentOS 7

The first step in create and configure network bridge using nmcli is to create the actual bridge interface and then we assign physical devices to the bridge.

 

Create bridge interface

To create a bridge, named bridge-app-br0, issue a command as follows as root:

[root@centos-7 ~]# nmcli connection add type bridge ifname app-br0
Connection 'bridge-app-br0' (39b1a2d0-23ab-4c9d-9cb5-a2ec32a21075) successfully added.

 

Create slave interface for bridge

To create and configure network bridge using nmcli we would also need to add, or enslave interface. To enslave first interface, for example eno51, to the bridge app-br0, issue a command as follows:

[root@centos-7 ~]# nmcli con add type ethernet con-name br-slave-1 ifname eno51 master app-br0
Connection 'br-slave-1' (5dd3f7d7-e618-4850-b2d6-29c889d19937) successfully added.

Similarly to add second slave interface to bridge app-br0

[root@centos-7 ~]# nmcli con add type ethernet con-name br-slave-2 ifname eno52 master app-br0
Connection 'br-slave-2' (092d51b9-0807-45ea-b0bb-9cf0da9995b5) successfully added.

 

Assign static or dhcp IP and configure network bridge using nmcli

There are various configurable options with network bridge interface, which you can modify using nmcli. For example, Spanning tree protocol (STP) is enabled by default. The values used are from the IEEE 802.1D-1998 standard. To disable STP for this bridge, issue a command as follows as root:

[root@centos-7 ~]# nmcli con modify bridge-app-br0 bridge.stp no

To view the bridge settings, issue the following command:

[root@centos-7 ~]# nmcli -f bridge con show bridge-app-br0
bridge.mac-address:                     --
bridge.stp:                             no
bridge.priority:                        32768
bridge.forward-delay:                   15
bridge.hello-time:                      2
bridge.max-age:                         20
bridge.ageing-time:                     300
bridge.multicast-snooping:              yes

Syntax to assign DHCP IP using nmcli

# nmcli connection add type ethernet ifname  con-name  ipv4.method auto

Syntax to assign static IP using nmcli

# nmcli connection add type ethernet ifname  con-name  ipv4.method manual ipv4.address / ipv4.gateway

To setup ethernet, configure following command options:

  • con-name - The connection name is the name of a connection profile and should not be confused with the interface name that denotes a device
  • ifname - Interface name
  • type - Allowed values are: ethernet, wifi, wimax, gsm, cdma, infiniband, bluetooth, vlan, bond, bond-slave
  • ipv4.method - To specific if interface configuration is via dhcp (auto) or static (manual).
  • ipv4.address - IPv4 address in CIDR representation.
  • ipv4.gateway - IPv4 Gateway address.
  • ipv6.address - IPv6 address(optional if IPv6 enabled)
[root@centos-7 ~]# nmcli con modify bridge-app-br0 ipv4.method manual ipv4.address "192.151.12.6/26" ipv4.gateway "192.151.12.62"  ipv4.dns 8.8.8.8 ipv4.dns-search example.com

Here I have assigned a static IP Address of 192.151.12.6 with a Netmask prefix of 26, gateway of 192.151.12.62 and DNS server IP as 8.8.8.8 to the network bridge app-br0 interface.

To view the connections, issue the following command:

[root@centos-7 ~]# nmcli con show
NAME                   UUID                                  TYPE            DEVICE
Ethernet connection 2  b9bcd5b2-0342-4c35-9800-0c9436d2fe60  802-3-ethernet  eno49
br-slave-1             5dd3f7d7-e618-4850-b2d6-29c889d19937  802-3-ethernet  eno51
br-slave-2             092d51b9-0807-45ea-b0bb-9cf0da9995b5  802-3-ethernet  eno52
bridge-app-br0         39b1a2d0-23ab-4c9d-9cb5-a2ec32a21075  bridge          app-br0
eno50                  5215c9b8-6f7d-4caa-9792-81dc099f41fc  802-3-ethernet  eno50
eno55                  0d918152-fdf6-4b87-9ac0-cb91fbb621c7  802-3-ethernet  eno55
virbr0                 b9030451-b81a-4727-86f6-6f2fbe9f7118  bridge          virbr0
virbr1                 12996be2-6d66-423a-8882-1533633a4a7e  bridge          virbr1
eno49                  2ff6c44e-f016-4359-8eaf-121071bc612d  802-3-ethernet  --
eno51                  a9031c75-f1f4-481e-bdc3-942b89a554c1  802-3-ethernet  --

As you see out newly created bridge and slave interface are visible in the list of available connections.

brctl is used to set up, maintain, and inspect the ethernet bridge configuration in the linux kernel. The command brctl show shows all current instances of the ethernet bridge

[root@centos-7 ~]# brctl show
bridge name     bridge id               STP enabled     interfaces
app-br0         8000.9cdc7177ef51       no              eno51
                                                        eno52

 

Verify network bridge configuration

Now we are all done with the steps to create and configure network bridge using nmcli in RHEL/CentOS 7. To verify our configuration, we can check if app-br0 has been assigned with the IP Address.

[root@centos-7 ~]# ip addr show dev app-br0
23: app-br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
    link/ether 9c:dc:71:77:ef:51 brd ff:ff:ff:ff:ff:ff
    inet 192.151.12.6/26 brd 192.151.12.63 scope global app-br0
       valid_lft forever preferred_lft forever
    inet6 fe80::f479:8a1:4dd0:1df0/64 scope link
       valid_lft forever preferred_lft forever

Next try to ping the gateway of the bridge interface and make sure it is reachable

[root@centos-7 ~]# ping 192.151.12.62
PING 192.151.12.62 (192.151.12.62) 56(84) bytes of data.
64 bytes from 192.151.12.62: icmp_seq=1 ttl=64 time=19.0 ms
64 bytes from 192.151.12.62: icmp_seq=2 ttl=64 time=0.706 ms
64 bytes from 192.151.12.62: icmp_seq=3 ttl=64 time=19.6 ms
^C
--- 192.151.12.62 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 0.706/13.134/19.671/8.792 ms

Since nmcli makes persistent changes to the network configuration, you can also verify the network configuration files created by nmcli. The bridge interface configuration file is "ifcfg-bridge-app-br0"

[root@centos-7 ~]# cd /etc/sysconfig/network-scripts/
[root@centos-7 network-scripts]# cat ifcfg-bridge-app-br0
DEVICE=app-br0
STP=no
TYPE=Bridge
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=bridge-app-br0
UUID=39b1a2d0-23ab-4c9d-9cb5-a2ec32a21075
ONBOOT=yes
IPADDR=192.151.12.6
PREFIX=26
GATEWAY=192.151.12.62
DNS1=8.8.8.8
DOMAIN=example.com

Similarly verify the configuration file of the slave interface of network bridge.

[root@centos-7 ~]# cat ifcfg-br-slave-1
TYPE=Ethernet
NAME=br-slave-1
UUID=5dd3f7d7-e618-4850-b2d6-29c889d19937
DEVICE=eno51
ONBOOT=yes
BRIDGE=app-br0

[root@centos-7 ~]# cat ifcfg-br-slave-2
TYPE=Ethernet
NAME=br-slave-2
UUID=092d51b9-0807-45ea-b0bb-9cf0da9995b5
DEVICE=eno52
ONBOOT=yes
BRIDGE=app-br0

Check your default gateway

[root@centos-7 ~]# ip route
default via 192.151.12.62 dev app-bridge proto static metric 426

 

Restart Network Manager Connections

To reload the connection interface

[root@centos-7 ~]# nmcli connection reload

You can do much more than create and configure network bridge nmcli, for the complete list of options follow the man page of nmcli tool.

 

Lastly I hope the steps from the article to create and configure network bridge using nmcli on Linux was helpful. So, let me know your suggestions and feedback using the comment section.

 

Deepak Prasad

Deepak Prasad

He is the founder of GoLinuxCloud and brings over a decade of expertise in Linux, Python, Go, Laravel, DevOps, Kubernetes, Git, Shell scripting, OpenShift, AWS, Networking, and Security. With extensive experience, he excels in various domains, from development to DevOps, Networking, and Security, ensuring robust and efficient solutions for diverse projects. You can connect with him on his LinkedIn profile.

Can't find what you're searching for? Let us assist you.

Enter your query below, and we'll provide instant results tailored to your needs.

If my articles on GoLinuxCloud has helped you, kindly consider buying me a coffee as a token of appreciation.

Buy GoLinuxCloud a Coffee

For any other feedbacks or questions you can send mail to admin@golinuxcloud.com

Thank You for your support!!

Leave a Comment