Routing issue creating second network bridge

jafinn · July 10, 2018, 6:19am

Is Webmin smart enough to set up a second network bridge on Debian? Or do you need to manually add routes? I’ve tried for a couple of months now setting up a second network bridge to set up VMs on a different subnet. Simply adding the bridge in Webmin does not work and I’m unable to ping the router/anything.

I’ve tried variations of post-up ip route add/rule add but can’t seem to find a working solution (I actually had a working setup at one stage but after a reboot it was gone, couldn’t get back to the same settings as I’ve tried so many different ones).

Debian Jessie (8.11)
Linux version 3.16.0-6-amd64
Webmin: 1.881

This is my starting point for /etc/network/interfaces


source /etc/network/interfaces.d/*
auto lo br0 br1 eth0 eth1

iface lo inet loopback

allow-hotplug eth0 eth1
iface eth0 inet manual
iface br0 inet static

address 192.168.1.100

netmask 255.255.255.0

network 192.168.1.0

broadcast 192.168.1.255

bridge_ports eth0

dns-nameservers 192.168.1.1

gateway 192.168.1.1
iface eth1 inet manual
iface br1 inet static

address 10.0.0.100

netmask 255.255.255.0

broadcast 10.0.0.255

network 10.0.0.0

bridge_ports eth1

bridge_stp on

ip route show
default via 192.168.1.1 dev br0 10.0.0.0/24 dev br1 proto kernel scope link src 10.0.0.100 192.168.1.0/24 dev br0 proto kernel scope link src 192.168.1.100

ping -c3 -Ibr0 192.168.1.1
— 192.168.1.1 ping statistics — 3 packets transmitted, 3 received, 0% packet loss, time 1998ms

ping -c3 -Ibr1 10.0.0.1
— 10.0.0.1 ping statistics — 3 packets transmitted, 0 received, +3 errors, 100% packet loss, time 2007ms pipe 3

ping -c3 -Ibr0 10.0.0.1
— 10.0.0.1 ping statistics — 3 packets transmitted, 3 received, 0% packet loss, time 1998ms rtt min/avg/max/mdev = 0.283/0.292/0.308/0.017 ms

scotwnw · July 11, 2018, 1:51pm

Shouldn’t br1 have a gateway in the interfaces file? 10.0.0.1 which would be the router for the subnet and have to exist.
From a home lan, you need two routers. One for eth0 and one for eth1. if you’re just trying to make a separate subnet on the machine itself, then you would have to add routes ‘to and from’ for each subnet pointing to the nexthop.

On subent 192.168.0.1 you need tell it how to get to 10.0.0.0/24, which would be via br1

On subent 10.0.0.0 you need to tell it how to get to 192.168.0.0/24, which would be via br0

jafinn · July 12, 2018, 6:18am

Should it? I think I’ve read that on Debian you should only have one gateway defined in the interfaces file but I might be wrong. If the gateway is needed on the second interface, why doesn’t webmin add it when you set it up?

I’ve already got separate subnets on my LAN so my router will do the routing between them. You can see in my question that br0 is connected to 192.168.1.0 but can ping the router at 10.0.0.1 just fine.

I’ve tried adding a second routing table with


        post-up ip route add 10.0.0.0/24 dev br1 src 10.0.0.100 table rt2
        post-up ip route add default via 10.0.0.1 dev br1 table rt2
        post-up ip rule add from 10.0.0.100/32 table rt2
        post-up ip rule add to 10.0.0.100/32 table rt2

which seems to do the right thing

ip route show table rt2
default via 10.0.0.1 dev br1 10.0.0.0/24 dev br1 scope link src 10.0.0.100
but still no joy. br0 can ping both subnets and br1 can’t access anything