On Thu, Oct 03, 2013 at 09:44:31AM -0700, Ross Boylan wrote: > Greg, thanks for explaining this. I'm still puzzled about one point, below. > > > On Wed, Oct 2, 2013 at 4:10 PM, Gregory Nowak <g...@gregn.net> wrote: > > > On Wed, Oct 02, 2013 at 12:40:26PM -0700, Ross Boylan wrote: > > > Can anyone explain to me what difference between tap and the bridge is? > > > They both seem to do the same thing*, but apparently tap needs to be > > hooked > > > in to a bridge. And for some reason the qemu/kvm docs seems to recommend > > > tap. > > > > Ok, let me try to explain. If I'm wrong here, then someone who knows > > better please jump in and correct me. Let's use a physical analogy. A > > tap device is a virtual network device VS. a physical eth device which > > is a card/chip in your computer. They both pass ethernet traffic, but > > ethx is physical, and tapx is virtual. > > > > Now, sticking to physical analogies, pretend you have standard > > ethernet cables, and an ethernet switch. Your ethx, and tapx devices > > are ethernet cables. Your brx device is the network switch. When you > > bridge ethernet interfaces like eth0 and tap0 into a single bridge > > device like br0, you're doing the equivalent of plugging your ethernet > > cables into an ethernet switch. When you do that, your bridge becomes > > a single network device. Traffic from any of the eth/tap interfaces > > bridged together is seen by all other eth/tap interfaces on that > > bridge. So, maybe I should have compared the bridge to a network hub, > > instead of a switch. > > > > Ok, here's where my analogy breaks down. When you bridge an ethx > > interface, you don't use that interface anymore. So, if you bridge > > your eth0 interface into an br0 bridge a line like iface eth0 in your > > /etc/network/interfaces line becomes iface br0 instead. > > > > I think this means eth2 will not have an IP address, but br0 will.
Correct. > But how do packets reach the host machine? By analogy with hub, packets > enter and go to all machines, which pick out the IP address meant for > them. But if the IP address is that of the hub, how does the host machine > know the packets are for it. > > I guess this is why you say the analogy breaks down. And I guess the > bridge IP serves as the IP address of the host machine, whether it is being > contacted by the guest or other physical machines on the network. > Correct again. > > > You have a line that says bridge_ports all tap0 in your interfaces > > file, and that worries me. If I understand correctly, that line > > combines all ethx interfaces on your system into a single bridge, > > > that's my understanding > > > which likely isn't what you want. You also seem to have eth0 through > > eth2 on your system. > > At the moment there's only one cable going into the machine at eth2. But > that won't always be the case, > so I think I should change it as you suggest. > If you have only one of your ethx cards connected, then it won't matter. You will probably want to change things though if you connect cables to eth0/eth1. > > Do you really want the virtual machine to be able > > to communicate over all three interfaces? > > I might want to attach to the LAN and WAN in the future; I guess I should > create 2 bridges in that case. > That's what I would do myself, since I want to keep my LAN and WAN separated from each other. Greg -- web site: http://www.gregn..net gpg public key: http://www.gregn..net/pubkey.asc skype: gregn1 (authorization required, add me to your contacts list first) -- Free domains: http://www.eu.org/ or mail dns-mana...@eu.org -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20131003203831.ga7...@gregn.net
