Home Lab Essentials: The Network Bridge

Introduction

Network bridges are essential for home labs as they allow for seamless communication between virtual machines and physical network devices. This enables home lab enthusiasts to create complex network topologies, test network configurations, and experiment with various networking technologies, all within a controlled home environment. By using network bridges, home labs can mimic real-world network scenarios, providing valuable hands-on experience and knowledge for IT professionals and hobbyists alike.

What are the most common network bridge technologies in Linux ?

1. Linux Bridge: This is a kernel-level bridge that provides basic bridging functionality. It's configured and managed using the ip command-line tool. Linux bridges are suitable for simple bridging scenarios and are often used in virtualization environments.  
2. Open vSwitch (OVS): OVS is a high-performance, open-source software switch that can be used as a network bridge. It offers advanced features like VLAN tagging, flow-based traffic management, and support for various network protocols. OVS is commonly used in large-scale network deployments and software-defined networking (SDN) environments.  

In my home lab environment, I use Linux bridges for the bare metal machines. Depending on the type of virtual infrastructure, whether that is OpenStack and/or OpenShift/Kubernetes, they each provide the irrespective types of software defined network implementations which are built on top of the virtualized network interfaces presented to the machines by the the magical glue of Linux bridges.

An important thought to keep in mind is that my application of network bridges and more specific, Linux Bridges implemented in my home lab are used for the purpose of enabling my infrastructure to allow for certain characteristics or capabilities. Some those capabilities include:

• To present one or multiple networks within a virtualization host.
• To present one or multiple networks between multiple virtualization hosts.
• To extend access to a single network (routable or non-routable) to virtual guests within the virtualization host.
• To extend access to multiple networks (routable or non-routable) to virtual machines within the virtualization host using a single or multiple interfaces, usually through VLAN segmentation.

In addition, network management functions for my home lab are handled by network infrastructure based on Ubiquiti Unifi gear. The routing, switching, and access controls for my entire home network is all powered by Unifi. I do utilize my home lab to test virtualized networking components like load balancers or firewalls from time to time, but for the most part the network infrastructure is used to manage all of my networking needs.

Below is a high level representation of my home lab environment:

Another important note is bridging technology is not used much at the network infrastructure level these days, but it does remain an fundamental technology in software defined networking, virtualization, and network segmentation at the compute layer. At the data center or service provider level, network architectures primarily utilize layer 3 or routable network implementations based on most network vendors recommended topologies. Most of these modern network architectures also take advantage of network technologies and practices which have been extended into the compute layer which include the use of standard Layer 2 and Layer 3 Network protocol implementations, the use of Software Defined Networks, Network Function Virtualization and in cases even Cloud Native Network Functions.

Why should anyone bother learning any of this ?

Technically you don't have to, nowadays with the proliferation of cloud computing providers your expertise in networking is applicable to each respective vendors implementation of network functions available to you as the consumer of the platform where its implementation will be based on the needs of your virtual infrastructure and workloads. But if any of you at some point are interested to be the person that wants to work for any of these cloud compute providers, specially managing their cloud compute infrastructure, I guarantee you that no matter what runs on it, there will be a network bridge somewhere deep within the guts of your compute infrastructure. Bridges still remain an important layer 2 network technology used at the compute virtualization layer.

How am I using Linux bridges to extend networks to my KVM/Libvirt based virtualization infrastructure ?

Take for instance in this diagram where there are 5 distinct virtual machines running in a single virtualization host. Each virtual machine utilizes one or more virtual interface with each vif belonging into a single network. In other cases these vifs can carry traffic for more than one network and my virtualization host only has two physical interfaces:

While this example is relevant to my home lab, when dealing with virtualization of nearly any type when it comes to infrastructure components, it is expected if not a guarantee that the number of virtual networks will exceed the number of physical links available on your compute hosts no matter the software/hypervisor vendor and in order to take advantage of this, the use of network virtualization techniques such as bridges exists in addition to other encapsulation technologies where it allows for the virtualizing networking functionality over an existing physical fabric.

On a next follow up post, I will be showing you in detail how is this being accomplished so that you too can use this in practice for your own home lab adventures.

References

Wikipedia: Network Bridge
Linux Kernel Documentation: Network Bridge
RHEL 9 Documentation: Configuring a Network Bridge