====== Ubuntu - Networking - Netplan - Anonymous bridges in netplan ======

**Netplan** is the default network configuration system for new installs of Ubuntu 18.04 (Bionic).  Introduced as the default in Artful, it replaces **/etc/network/interfaces**.

An anonymous bridge is where the bridge doesn't have an IP address; it's more akin to a switch or hub.

If you're trying to create a bridge without an IP address, the obvious first thing to try is this:

<code bash>
network:
    version: 2
    ethernets:
        ens8:
            match:
                macaddress: 52:54:00:f9:e9:dd
        ens9:
            match:
                macaddress: 52:54:00:56:0d:ce
    bridges:
        br0:
           interfaces: [ens8, ens9]
</code>

This is neat, plausible, and wrong - the bridge will be created but will stay 'down'. 

Checking this:

<code bash>
ip a
</code>

displays:

<code bash>
5: br0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 0e:e3:1c:83:f8:e8 brd ff:ff:ff:ff:ff:ff
</code>

This is because systemd requires a 'network file' to bring up an interface, and netplan doesn't generate a systemd network file for the bridge. 
 If you look at //src/generate.c//, in particular at //write_network_file//, you need at least one of a set of properties to trigger generation of a network file, and an anonymous bridge has none of them.  This is clearly a bug - [[https://bugs.launchpad.net/ubuntu/+source/nplan/+bug/1736975|LP: #1736975]].

There's no fix yet, but in the mean time, you can work around it by just manually telling systemd-networkd to bring up the interface.  I created ///etc/systemd/network/br0.network//, containing the following:

<file bash /etc/systemd/network/br0.network>
[Match]
Name=br0

[Network]
LinkLocalAddressing=no
IPv6AcceptRA=no
</file>

Then upon restarting networking (netplan apply or just reboot), you will see that the bridge comes up, and - as desired - has no address:

<code bash>
5: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
    link/ether 0e:e3:1c:83:f8:e8 brd ff:ff:ff:ff:ff:ff
</code>

Don't forget to include a comment in your netplan YAML to remind you that this extra file exists!

----

====== Comments ======

An alternate way, just add an systemd service.

<file bash /etc/systemd/system/up-bridge-100-interface.service>
[Unit]
Description=Bring br100 interface up after network settings are done (bug: anonymous bridges do not came up at boot-time)
Wants=network-online.target
After=network-online.target

[Service]
Type=simple
ExecStart=/bin/ip link set br100 up

[Install]
WantedBy=multi-user.target
</file>


<code bash>
sudo systemctl start up-bridge-100-interface
sudo systemctl status up-bridge-100-interface
sudo systemctl enable up-bridge-100-interface
</code>


You might find you get IPv6 link local addressing in that case though.

----

===== References =====

  https://djanotes.blogspot.com/2018/04/anonymous-bridges-in-netplan.html