cannot get network bridges working in fedora server (sh.itjust.works)

submitted 4 days ago by muusemuuse@sh.itjust.works to c/linux@lemmy.ml

9 comments fedilink hide all child comments

I went back to fedora and picked a more boring but practical filesystem setup.

The server has a dual port intel i226v NIC and an onboard realtek NIC. The realtek NIC has a fixed IP address and is just for management. the intel NIC has one port going to WAN and the other to LAN.

Originally, I had the WAN and LAN ports thrown into bridges on the linux host. the host doesnt try to join the WAN port by claiming an IP or doing anythign else with it. it's just here for the OPNsense VM to jump onto and do what it wants. The LAN side was similar but also had a few VLANs I created on the host and passed to the VM as separate interfaces. the VLANs were just passed out from the host and the untagged was a bridge that the host could join.

This did not work. The bridges could not reach out to the world.

I set WAN as direct attachment type in mode bridge to the wan port side of the intel NIC and it created a macvlantap that did reach out of the machine. the LAN and VLAN side still did not work and I cannot do a vtap for that as I need containers on the host to use a few of these.

So I destroyed all the bridges and recreated the LAN. it works! recreate the vlans, WAN dies? reboot the machine, WAN works, VLANs work, but I cannot get the LAN to work as it just keeps dropping the VM's interface from that bridge.

WHYyYYYYY!!!!?!?ONE!!!/??

top 9 comments

sorted by: hot top controversial new old

[-] aarch0x40@piefed.social 5 points 4 days ago

This post is a bit difficult to follow without being able to examine actual configurations. The bridged VLAN setup is a chain of configs in the RedHat configuration methodology. One of those configs is definitely clobbering the others but it seems you're close. I'm sure a careful review of your work so far will be enough to find the error.

[-] muusemuuse@sh.itjust.works 1 points 3 days ago

I can paste in here whatever you want pulled off nmcli if that helps.

[-] aarch0x40@piefed.social 1 points 4 days ago

Starting to remember more about how this is done. It's been over 10 years since I had a similar setup working. Are you VLANing first then slaving to the VLANS?

[-] muusemuuse@sh.itjust.works 1 points 3 days ago

I create the VLANs off the parent interface. Then I create the bridges to each vlan and the untagged lan. Then I have the host set to get an IP from the untagged LAN and do not get IPs from the VLANs. Finally I set the VM to add its virtual interfaces to each of the VLANs and the untagged LAN.

For some reason, it’s not adding itself to the untagged lan. It adds itself to the VLANs but not the lan.

[-] muusemuuse@sh.itjust.works 1 points 3 days ago

To anyone following, I found part of the problem was a few stale interfaces cockpit lied about were still around. Cockpit still sucks. if you must use it, only tweak with it. do initial config from the CLI.

Now I just need to figure out how to keep the bridges from deactivating when the VM doesnt load fast enough for them. NetworkManager seems really impatient.

[-] frongt@lemmy.zip 3 points 4 days ago

I don't think you want a bridge in fedora. You probably want to pass the Intel card to opnsense and let it handle all the network stuff.

As always, I don't recommend virtualizing your router, because it's a huge pain to fix if either it or the host breaks.

[-] muusemuuse@sh.itjust.works 1 points 4 days ago* (last edited 4 days ago)

I have a failover so it’s not a risk. And I cannot pass the intel card to the VM because the passthrough on this motherboard only works on GPU and one of the NVMe slots. The goals of this build was to put everything in one box and get the fuck off the cloud.

[-] frongt@lemmy.zip 2 points 4 days ago

I'd still just give it the interfaces and let it do all the network stuff.

[-] muusemuuse@sh.itjust.works 1 points 3 days ago

Okay I did that with WAN and that can work there but it’s not possible to do that with LAN because the containers need to be able to talk to those networks too.

this post was submitted on 25 Nov 2025

14 points (100.0% liked)

Linux

57274 readers

699 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 6 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz