This guide outlines the steps to set up a Linux bridge device connected to a physical Ethernet interface with a specific VLAN tag. In this article the VLAN tag will be assumed as 170 but it can be any valid VLAN tag/id.

In the world of networking, a Linux bridge device is a powerful tool that acts as a virtual switch, connecting different network segments seamlessly. It operates at the data link layer (Layer 2) of the OSI model, forwarding traffic between connected interfaces based on their MAC addresses. This guide will walk you through the process of setting up a Linux bridge device linked to a physical Ethernet interface, with the added complexity of binding its traffic to a specific VLAN. In this article the physical Ethernet interface will be enp12s0 but it can be any valid Ethernet interface.

The goal is that bridge will be accessible to both Proxmox virtual machines and Podman containers, providing seamless network connectivity.

Step 1: Create VLAN Subinterface

Create a VLAN subinterface on the physical Ethernet device (e.g., enp12s0) to segment network traffic using a specific VLAN ID. A VLAN subinterface is a virtual interface that operates on top of a physical network interface. It enables the separation of network traffic into distinct VLANs, allowing different segments of your network to communicate while maintaining isolation. This subinterface will be named enp12s0.170 to reflect its connection to the original interface (e.g., enp12s0) and the chosen VLAN ID (e.g., 170).

ip link add link enp12s0 name enp12s0.170 type vlan id 170
ip link set dev enp12s0.170 up

Step 2: Create a Bridge

In networking, a bridge connects multiple network segments, acting as a junction that enables seamless communication. In this step, we will create a bridge interface named vmbr170. The naming convention for this bridge reflects its use in virtualized environments (e.g., vm), its role as a bridge (e.g., br), and reflects its connection to the chosen VLAN ID (e.g., 170).

Creating the bridge interface is as simple as running the following command:

ip link add name vmbr170 type bridge

Step 3: Add VLAN Subinterface to the Bridge

Add the VLAN subinterface to the bridge:

ip link set enp12s0.170 master vmbr170

Step 4: Activate the Bridge

Bring up the bridge interface:

ip link set vmbr170 up

Step 5: Configure IP Address (Optional) using DHCP and /etc/network/interfaces

If you want to assign an IP address to the bridge interface (vmbr170) dynamically using DHCP, you can use the dhclient command.

dhclient vmbr170

Additionally, to ensure that the configuration persists across reboots, you can set up the /etc/network/interfaces file. The Bash snippet below can append the requisite information into the file using the cat command with HEREDOC syntax.

auto vmbr170
iface vmbr170 inet dhcp

Step 6: Create Podman Network (Macvlan)

To enable connectivity for Podman containers, create a macvlan network named “cameras” connected to the vmbr170 bridge:

podman network create cameras --driver macvlan --ipam-driver=dhcp --master=vmbr170

Conclusion

The resulting Linux bridge device should now be usable by Proxmox guests as well as Podman containers.