Skip to content

Bridge network interface configuration

A Bridge network interface operates at the data link layer to connect multiple network segments into a single aggregate network. This configuration is commonly used to integrate physical network interfaces with virtual interfaces, such as those used by containers.^[600-developer__docker__docker-bridge.md]

Command Line Configuration

The brctl utility (provided by bridge-utils) is used to manage network bridges from the command line.^[600-developer__docker__docker-bridge.md]

  • Create a bridge: brctl addbr <name>^[600-developer__docker__docker-bridge.md]
  • Add an interface: brctl addif <bridge> <device>^[600-developer__docker__docker-bridge.md]
  • Remove an interface: brctl delif <bridge> <device>^[600-developer__docker__docker-bridge.md]
  • Delete a bridge: brctl delbr <name>^[600-developer__docker__docker-bridge.md]
  • Show configuration: brctl show^[600-developer__docker__docker-bridge.md]

File-based Configuration (RHEL/CentOS)

On Red Hat-based systems, a persistent bridge interface (e.g., br0) is configured by creating a script in /etc/sysconfig/network-scripts/.^[600-developer__docker__docker-bridge.md]

The bridge script (ifcfg-br0) defines the virtual interface with the network parameters: 

DEVICE="br0"
ONBOOT="yes"
TYPE="Bridge"
BOOTPROTO=static
IPADDR=192.168.15.49
NETMASK=255.255.255.0
GATEWAY=192.168.15.1
DNS1=192.168.15.1

To bind the bridge to a physical device, the configuration file for the physical NIC must be modified to include the BRIDGE parameter, pointing to the bridge interface name^[600-developer__docker__docker-bridge.md]: 

BRIDGE=br0

Docker Integration

Custom bridges can replace the default docker0 bridge to allow containers to exist on the same network segment as the host^[600-developer__docker__docker-bridge.md]. This requires two steps:

  1. Create and configure the bridge: Assign an IP address from the desired subnet to the new bridge (e.g., br1)[^[600-developer__docker__docker-bridge.md]].
  2. Configure the Docker daemon: Modify the Docker options (e.g., in /etc/sysconfig/docker) to specify the bridge name (-b=br1) and restrict the IP allocation range for containers using --fixed-cidr^[600-developer__docker__docker-bridge.md].

Sources

^[600-developer__docker__docker-bridge.md]

  • [[Network interface]]
  • [[Docker]]
  • [[Subnet]]