How to link a private subnet to a default gateway through a transparent ethernet bridging firewall using iproute2
Is there such a thing ???
i have a private uml subnet with a tap interface
i can bring the uml and tap interface up fine
this allows me to use my droplet as a routing server and the uml as a backend server in this case for web browsing .
i can access the web fine from inside the uml with the right nat configuration on the main droplet .
i was reading up on bridging and i read that a bridge interface will join to interfaces together and if it has no ip address then it is transparent so cannot be hacked form the web .
eth0 default gw
tap1 droplet interface to uml from the droplet
eth1 interface to the droplet from the uml
i can bring up a bridge interface with iproute
i can link eth0 ( default gateway ) to the bridge and
i can link tap1 ( uml subnet to ) to the bridge
but then my routing seems to go to pot and i can no longer ping anything ???
ip link add br1 type bridge
ip link set eth0 promisc on
ip link set dev eth0 master br1
ip link set eth1 promisc on
ip link set dev eth1 master br1
ip link set dev br1 up
the commands all go through
but i can no longer ping
eth1 inside the uml from the droplet
or ping tap1 from inside the uml
some tutorials suggest adding an ip address to the bridge
but whats the point in that as it s no longer transparent
what i am missing so i can get the picture straight in my head