Anchor | ||||
---|---|---|---|---|
|
Include Page | ||||
---|---|---|---|---|
|
...
- Using the "ncu" utility
- Manually
...
Include Page KBCOMMON:DOC-GoToToc KBCOMMON:DOC-GoToToc
Using "ncu" utility to establish CHARON virtual network
...
Enter "8" to quit the "ncu" utility.
...
Include Page | ||||
---|---|---|---|---|
|
Manual configuration of CHARON virtual network
...
- Login as "root" user.
Configure the physical network interface to run in promiscuous mode using the following command. This interface will be dedicated to the whole network bridge (created later).
# ifconfig eth<N> 0.0.0.0 promisc up
The promiscuous mode allows the physical (or virtual) network interface to accept the entire volume of incoming packets. This mode is essential for consistency of the information transfer.
In case the firewall is enabled on the host system, the following command should be executed to allow the bridge to forward IP packets:
Red Hat Enterprise Linux 6.x:
# /sbin/iptables -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT
This command can also be performed from the bridge configuration script. It has to be executed each time the iptables service is (re)started.
It is also possible to make this setting system-wide. Either:
Issue the given command from the firewall control panel.
Add the following line to the end of the "
/etc/sysconfig/iptables
"
file:-I FORWARD -m physdev --physdev-is-bridged -j ACCEPT
...
Red Hat Enterprise Linux 7.x and CentOS 7.x:
# firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 1 -m physdev --physdev-is-bridged -j ACCEPT
# firewall-cmd --permanent --direct --add-rule ipv6 filter INPUT 1 -m physdev --physdev-is-bridged -j ACCEPT
# firewall-cmd --reload
Include Page | ||||
---|---|---|---|---|
|
Virtual interface creation
...
|
...
Include Page | ||||
---|---|---|---|---|
|
Div | ||
---|---|---|
| ||
Bridge creation
...
Example:
|
The proposed configuration assumes one and only one network bridge so loops are not possible. It is required to turn off the spanning tree protocol with the following command:
|
Include Page | ||||
---|---|---|---|---|
|
Starting bridge
To start the created bridge “br0”, use the following command:
|
Include Page | ||||
---|---|---|---|---|
|
Usage of the virtual interface in CHARON-VAX configuration
Once the “tap<N>” interfaces have been created, the load command maps those interfaces to CHARON-VAX:
|
Include Page | ||||
---|---|---|---|---|
|