Can a single physical interface act as a “slave” for multiple bridge interfaces

bridgeslave

Can a single physical interface act as “slave” for multiple bridge interfaces? For example, br0 and br1 would use eno1 physical.

Got KVM host with 4 physical nics, each nic assigned to a different vlan (en0=vlan1,en1=vlan2,en2=vlan3,en3=vlan3).

What I want to achieve is:

First nic (en0) use for iLO and KVM host IPs (nic is shared on hp server).
Second nic (en1) would like to share between three KVM VMs (so not sure if I can use same bridge or I need to create multiple bridges with single slave – "en1").
For Third and Fourth nics – will assign new bridge interfaces as VMs will be load balanced later.

Best Answer

I believe you should be able to create multiple bridges to the same physical adapter, you would define the bridge in the same way, create a new bridge but bridge it back to the same adapter...

However: This would not gain you any real advantages. A single bridge would still be preferable.

In your comments you mentioned security concerns using the same bridged connection for multiple vm's, but at the end of the day, no matter how many times you bridge a single physical connection, it is still a single physical connection. Your security concerns would be the same from one bridge as it would with say 7 bridges.

Related Solutions

Linux – Proper network configuration for a KVM guest to be on the same networks at the host

why do you need an alias on br1:0? this might be in the way there
besides the alias, the idea is to use the following scheme:
eth0->br0 <--VM's tap device
the host should be able to use br0 as it's IF and the VMs will be using the tap devices as virtual NICs plugged into a virtual switch (which br0 effectively becomes here)

the same goes for every network of course, so for eth1, you'll have to set up an br1, and bring up the VMs to be plugged into br1

Debian – Should VLAN Interface Be Added into Bridge for KVM?

As far as I understand Debian network configuration infrastructure, using brX.YYY should not work as it would create a VLAN pseudo interface "above" the bridge, for which support has just begun being added to the kernel: https://lwn.net/Articles/513710/

Here is the kind of config I use:

# Bring up physical interface
iface eth0 inet manual

# Create VLAN interfaces
iface eth0.10 inet manual
         vlan_raw_device eth0

iface eth0.20 inet manual
...

# Create bridges
auto vmbr10
iface vmbr10 inet static
        address  10.10.10.81
        netmask  255.255.255.0
        #gateway  10.10.10.254
        bridge_ports eth0.10
        bridge_stp off
        bridge_fd 0

auto vmbr20
iface vmbr20 inet static
        address  10.10.20.81
...

If you want to use agregated/bonded interfaces:

bond the physical interfaces
create the VLAN interfaces on the bondX interface (bondX.YYY)
use the bondX.YYY as bridge_ports

Best Answer

Related Solutions

Linux – Proper network configuration for a KVM guest to be on the same networks at the host

Debian – Should VLAN Interface Be Added into Bridge for KVM?

Related Topic