On Wed, Feb 26, 2014 at 2:09 PM, arnaud gaboury <arnaud.gaboury@xxxxxxxxx> wrote: > On Wed, Feb 26, 2014 at 1:37 PM, arnaud gaboury > <arnaud.gaboury@xxxxxxxxx> wrote: >> -- >>> >>> Now: >>> * Populate the iptables FORWARD chain to route traffic from your physical >>> interface to the bridge and back. >> >> I missed totally this part of the setup. I must admit this topic is a >> little bit new to me. >> Will try to go this way. After more test, I do think I start to understand where do my issues come from. First of all, my kernel is a custom (need user space set) 3.13.5-1. I realized that no iptable modules were loaded. Then, starting with a first basic dhcp netctl profile (systemd-networkd disabled, dhcpcd.service disabled), my network is working. ************** gabx@hortensia ➤➤ ~ % ip addr 2: enp7s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 14:da:e9:b5:7a:88 brd ff:ff:ff:ff:ff:ff inet 192.168.1.87/24 brd 192.168.1.255 scope global enp7s0 valid_lft forever preferred_lft forever **************** gabx@hortensia ➤➤ ~ % route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default dsldevice.lan 0.0.0.0 UG 202 0 0 enp7s0 192.168.1.0 * 255.255.255.0 U 202 0 0 enp7s0 hortensia.lan localhost.local 255.255.255.255 UGH 202 0 0 lo ************** Then, when starting a seond netctl profile, a bridge br0 with static IP, my network is down. gabx@hortensia ➤➤ ~ % ip addr 2: enp7s0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP group default qlen 1000 link/ether 14:da:e9:b5:7a:88 brd ff:ff:ff:ff:ff:ff 8: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 14:da:e9:b5:7a:88 brd ff:ff:ff:ff:ff:ff *************** gabx@hortensia ➤➤ ~ % route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface **************************** So now let's read about iptable or even nftables. IF I understand : < * Populate the iptables FORWARD chain to route traffic from your physical interface to the bridge and back.> , I am far from being comfortable doing this.