mirror of https://github.com/tLDP/LDP
81 lines
2.3 KiB
XML
81 lines
2.3 KiB
XML
<!-- $Id$ -->
|
|
|
|
<chapter id="ch-bridging">
|
|
<title>Bridging</title>
|
|
<para>
|
|
Bridging, once the realm of hardware devices, can also be performed by a
|
|
linux machine. Along with bridging comes the capability of filtering
|
|
and transforming frames (or even higher layer protocols) via hooks
|
|
at the Ethernet layer with the <command>ebtables</command> and
|
|
<command>iptables</command> commands.
|
|
</para>
|
|
<para>
|
|
Linux can function as a bridge, the equivalent of an extremely
|
|
power-thirsty switch. For now, the best place to go is
|
|
<ulink url="http://bridge.sourceforge.net/">the main linux bridging
|
|
site</ulink>.
|
|
</para>
|
|
<para>
|
|
Often
|
|
<link linkend="bridging-ebtables"><command>ebtables</command></link> and
|
|
bridging are used
|
|
together.
|
|
</para>
|
|
<section id="bridging-intro">
|
|
<title>Concepts of Bridging</title>
|
|
<para>
|
|
</para>
|
|
</section>
|
|
<section id="bridging-stp">
|
|
<title>Bridging and Spanning Tree Protocol</title>
|
|
<para>
|
|
</para>
|
|
<para>
|
|
</para>
|
|
</section>
|
|
<section id="bridging-packet-filter">
|
|
<title>Bridging and Packet Filtering</title>
|
|
<para>
|
|
</para>
|
|
<para>
|
|
There is a
|
|
<ulink url="http://www.tldp.org/HOWTO/Ethernet-Bridge-netfilter-HOWTO.html">Bridge
|
|
and Netfilter HOWTO</ulink> which illustrates the use of a bridge as
|
|
a firewall.
|
|
</para>
|
|
<para>
|
|
</para>
|
|
<para>
|
|
</para>
|
|
</section>
|
|
<section id="bridging-tc">
|
|
<title>Traffic Control with a Bridge</title>
|
|
<para>
|
|
Yes, Virginia, it can be done.
|
|
</para>
|
|
<para>
|
|
</para>
|
|
</section>
|
|
<section id="bridging-ebtables">
|
|
<title><command>ebtables</command></title>
|
|
<para>
|
|
In order to take advantage of <command>ebtables</command> the machine
|
|
needs to be running as a bridge. (Accurate, nicht wahr?)
|
|
</para>
|
|
<para>
|
|
If you believe in really scary stuff, you can run the bridging code with
|
|
netfilter, so you can manipulate IP packets transparently on your
|
|
bridge. For more on this, see the documentation of
|
|
<ulink url="http://bridge.sourceforge.net/docs.html">bridging and
|
|
firewalling</ulink>. The firewall and bridge architecture is part of
|
|
the development branch of the kernel 2.5 series.
|
|
</para>
|
|
<para>
|
|
</para>
|
|
<para>
|
|
</para>
|
|
<para>
|
|
</para>
|
|
</section>
|
|
</chapter>
|