How to Create a Linux Network Bridge Using nmcli tool on CentOS 7

A Linux bridge is used to connect two or more network segments. It is commonly used in Virtualization to pass multiple VLANs through a physical network.

nmcli (network manager command line) is a command line tool to manage Linux networking.

Step 1: Create a Linux Bridge: Use the nmcli to list all available connections:

[root@linuxcnf ~]# nmcli connection show NAME   UUID                                  TYPE      DEVICE ens33  75307236-11fd-4723-bff0-eedad999257c  ethernet  ens33 ens34  576d4c3b-4ed7-46d2-a442-ec9b48f746b8  ethernet  -- [root@linuxcnf ~]#

I will use the second device ens34 for bridge creation.

Step 2: Delete the existing configuration from ens34 device for new bridge configuration:

[root@linuxcnf ~]# nmcli connection delete 576d4c3b-4ed7-46d2-a442-ec9b48f746b8 Connection 'ens34' (576d4c3b-4ed7-46d2-a442-ec9b48f746b8) successfully deleted. [root@linuxcnf ~]#

Step 3: Define new bridge connection named br0 using below command:

[root@linuxcnf ~]# nmcli connection add type bridge autoconnect yes con-name br0 ifname br0 Connection 'br0' (b0c1c851-0df8-4906-9a76-3ef2253c7ff8) successfully added. [root@linuxcnf ~]#

Step 4: Assigning the ipv4 IP address to the bridge interface. Change the values according to your environment:

[root@linuxcnf ~]# nmcli connection modify br0 ipv4.addresses 192.168.43.56/24 ipv4.method manual [root@linuxcnf ~]# nmcli connection modify br0 ipv4.gateway 192.168.43.1 [root@linuxcnf ~]#

Step 5: Attaching interfaces to the bridge as slave:

[root@linuxcnf ~]# nmcli connection add type bridge-slave autoconnect yes con-name ens34 ifname ens34 master br0 Connection 'ens34' (a325e038-1f31-469d-a8e9-00c517954351) successfully added. [root@linuxcnf ~]#

Step 6: Verify the connections using following command:

[root@linuxcnf ~]# nmcli connection show NAME   UUID                                  TYPE      DEVICE ens33  75307236-11fd-4723-bff0-eedad999257c  ethernet  ens33 ens34  a325e038-1f31-469d-a8e9-00c517954351  ethernet  ens34 br0    b0c1c851-0df8-4906-9a76-3ef2253c7ff8  bridge    br0 [root@linuxcnf ~]#

Step 7: Bring up the connection profile:

[root@linuxcnf ~]# nmcli connection up br0 Connection successfully activated (master waiting for slaves) (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/6) [root@linuxcnf ~]#

Step 8: View bridge configuration using following command:

[root@linuxcnf ~]#  nmcli connection show NAME   UUID                                  TYPE      DEVICE br0    b0c1c851-0df8-4906-9a76-3ef2253c7ff8  bridge    br0 ens33  75307236-11fd-4723-bff0-eedad999257c  ethernet  ens33 ens34  a325e038-1f31-469d-a8e9-00c517954351  ethernet  ens34 [root@linuxcnf ~]# [root@linuxcnf ~]# nmcli connection show br0 connection.id:                          br0 connection.uuid:                        b0c1c851-0df8-4906-9a76-3ef2253c7ff8 connection.stable-id:                   -- connection.type:                        bridge connection.interface-name:              br0 connection.autoconnect:                 yes connection.autoconnect-priority:        0 connection.autoconnect-retries:         -1 (default) connection.auth-retries:                -1 connection.timestamp:                   1558563920 connection.read-only:                   no

connection.permissions:                 -- connection.zone:                        -- connection.master:                      -- connection.slave-type:                  -- connection.autoconnect-slaves:          -1 (default) connection.secondaries:                 -- connection.gateway-ping-timeout:        0 connection.metered:                     unknown connection.lldp:                        default connection.mdns:                        -1 (default) 802-3-ethernet.port:                    -- 802-3-ethernet.speed:                   0 802-3-ethernet.duplex:                  -- 802-3-ethernet.auto-negotiate:          no 802-3-ethernet.mac-address:             -- 802-3-ethernet.cloned-mac-address:      -- 802-3-ethernet.generate-mac-address-mask:-- 802-3-ethernet.mac-address-blacklist:   -- 802-3-ethernet.mtu:                     auto 802-3-ethernet.s390-subchannels:        -- 802-3-ethernet.s390-nettype:            -- 802-3-ethernet.s390-options:            -- 802-3-ethernet.wake-on-lan:             default 802-3-ethernet.wake-on-lan-password:    -- ipv4.method:                            manual ipv4.dns:                               -- ipv4.dns-search:                        -- ipv4.dns-options:                       "" ipv4.dns-priority:                      0 ipv4.addresses:                         192.168.43.56/24 ipv4.gateway:                           192.168.43.1 ipv4.routes:                            -- [root@linuxcnf ~]# [root@linuxcnf ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00     inet 127.0.0.1/8 scope host lo        valid_lft forever preferred_lft forever     inet6 ::1/128 scope host        valid_lft forever preferred_lft forever

2: ens34: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP group default qlen 1000     link/ether 00:0c:29:41:b1:d9 brd ff:ff:ff:ff:ff:ff 3: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000     link/ether 00:0c:29:41:b1:cf brd ff:ff:ff:ff:ff:ff     inet 192.168.43.55/24 brd 192.168.43.255 scope global noprefixroute ens33        valid_lft forever preferred_lft forever     inet6 fe80::c3fe:1825:631e:f1cb/64 scope link noprefixroute        valid_lft forever preferred_lft forever 5: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000     link/ether 00:0c:29:41:b1:d9 brd ff:ff:ff:ff:ff:ff     inet 192.168.43.56/24 brd 192.168.43.255 scope global noprefixroute br0        valid_lft forever preferred_lft forever     inet6 fe80::6960:f1aa:56da:bf4a/64 scope link noprefixroute        valid_lft forever preferred_lft forever [root@linuxcnf ~]#

Now bridge is active!!!