Side Gadgets

Networking 101 : Linux Tap interface and virtual bridges


ByPosted at
Share

A virtual Linux bridge is a software bridge that forwards data between virtual machines or between different namespaces as it is the case with docker namespaces for example.

The virtual network cards expect Ethernet frames just like the physical network cards, but because the physical Ethernet card (eth0 in the example below) removes the Ethernet "wrapping" from the incoming network packets and pushes them to the IP layer for further processing.

The virtual Ethernet interface on the virtual machine can't process the packet because it is an IP packet ( layer 3 packet ). 

The virtual Ethernet interface on the virtual machine needs a layer 2 packet ( link layer ).
So we would need to "simulate" the Ethernet layer for he "unwrapped" IP packets, that's what the tap interface does.


The packet goes from the tap interface to the Virtual machine network manager, which then manages the handing of the packet to the corresponding virtual network interface on the virtual machine.

The tap interface connects the virtual bridge to the virtual machine.

Installing the bridge utilities (Debian):

To create and manage the bridge interface, we will be using the bridge utility. We can install it using:


Creating a bridge :

We create a bridge named bridge_1:


We, then check if the bridge (bridge_1) was created:


We can also check by displaying the network devices on the host:


We create tap devices named Tap_1 and Tap_2:


We check if they were created, using the below commands:


Now we need to add these interfaces (Tap_1 and Tap_2 ) to the bridge (it's like connecting a physical cable to the bridge):


We check whether the interfaces Tap_1 and Tap_2 were added to the bridge "bridge_1" using:


The diagram below shows the bridge and the tap interface that will connect to the virtual machines virtual network interface.


The eth0 interface can communicate with bridge_1 using the bridge IP address. 
We can give the bridge (bridge_1) an IP address using the below command, since the bridge is an interface that can also be displayed using the "ip addr show" command.



Post a Comment
Labels
Random thoughts, and observations about our daily lives, to make us reflect about life in general.

Comments

Leave as a comment:

Archive