Under Debian I need to bridge a vlan eth0.1 and tap tap0. Usually, when bridging a normal ethernet adapter with a tap I would include something along the lines of this in /etc/network/interfaces:
auto br0
iface br0 inet static
pre-up /usr/sbin/openvpn --mktun --dev tap0
pre-up /usr/sbin/brctl addbr br0
address 10.0.0.254
network 10.0.0.0
netmask 255.255.255.0
post-up /sbin/ip link set tap0 up
post-up /usr/sbin/brctl addif br0 tap0
post-up /sbin/ip link set eth0 up
post-up /usr/sbin/brctl addif br0 eth0
post-down /sbin/ip link set br0 down
post-down /usr/sbin/brctl delbr br0
post-down /usr/sbin/openvpn --rmtun tap0
post-down /sbin/ip link set eth0 down
Now, I will admit it is not pretty (we manually create the tun and the bridge using the raw commands) although it is the most Debian-like means I've found. The problem comes when I want to replace eth0 with a vlan, such as eth0.1. The only way I can think of is manually adding pre-up and post-down commands to manually create the eth0.1 vlan (with all others being configured the Debian way).
However, I am not totally sure then as the post-down /sbin/ip link set eth0 down may break other eth0.x vlans. Can someone suggest a cleaner means of accomplishing my goals?
Best Answer
"the most Debian-like means I've found" -- you need to look harder, possibly in the
bridge-utils-interfaces(5) man page.Bridging VLAN interfaces is trivial; you just put the VLAN interface in as a manual one (ie
iface eth0.1 inet manual) and then addeth0.1into thebridge_portslist.A quick note on OpenVPN and it's Ethernet mode -- don't.