Bridging over VLAN’s

What?

As if you weren’t confused enough already, now let’s combine the two concepts and create a bridge across a VLAN. That would be a bridge between two ethernet interfaces, where one is a real ethernet card in the PC (or a wifi, or some other regular type of ethernet interface), and the other will be a VLAN interface.

Why?

Let’s say you have a piece of equipment which by itself doesn’t know how to talk VLAN -but you want to connect it to a VLAN. By constructing a bridge between a “normal” and a “VLAN” ethernet interface, the Linux computer will add and remove the VLAN headers on behalf of any other device(s) plugged into the “normal” card.

How?

Okay, now for the tricky part. It takes a slight modification of the procedures above.  For this example, let’s presume we have an ethernet interface eth0 connected to the network where a VLAN id 2 is present, and we have a device or devices on eth1 that need to be bridged into that VLAN 2.

Go ahead and first construct the VLAN interface like we did before (copy ifcfg-eth#, change DEVICE, add VLAN=yes), except also remove the BOOTPROTO, IPADDR, NETMASK, and GATEWAY lines if present.  Add a line BRIDGE=br2 (or a different named bridge device of your choice).

Then edit the ifcfg-eth1 file and make the same changes (remove BOOTPROTO, IPADDR, NETMASK, GATEWAY, add BRIDGE=br2).

Now create one last interface to tie them together (the bridge).  Because of the order in which the interfaces come up, it’s probably best to use only the static method to prevent the DHCP client from having errors.  Of course, put your own values in for the IP addresses, and make sure that the bridge name matches the interfaces.

And that’s it.  Use the command service network restart to cause the network to be reloaded, and you should see eth1 interface tied to the VLAN2 network.  Also, the Linux box will be connected to the VLAN2 on the IP address specified, at the same time that it’s connected to eth1 on a separate address.