How to configure a Linux bridge

linux-bridge-demo.sh

#!/usr/bin/env bash
set -euo pipefail
IFS=$'\n\t'

# https://developers.redhat.com/blog/2018/10/22/introduction-to-linux-interfaces-for-virtual-networking

 # delete everything
sudo killall nc || true
sudo iptables -D FORWARD -i br1 -o br1 -j ACCEPT || true
sudo ip netns del ns1 || true
sudo ip netns del ns2 || true
sudo ip link del br1 || true
sudo ip link del veth1 || true
sudo ip link del veth2 || true

# add network namespaces
sudo ip netns add ns1
sudo ip netns add ns2

# configure bridge
sudo ip link add br1 type bridge
sudo ip addr add 172.16.42.3/24 brd + dev br1
sudo ip link set br1 up

# configure ns1 with veth device
sudo ip link add veth1 type veth peer name ceth1
sudo ip link set veth1 master br1
sudo ip link set ceth1 netns ns1
sudo ip netns exec ns1 ip addr add 172.16.42.1/24 dev ceth1
sudo ip netns exec ns1 ip link set ceth1 up
sudo ip link set veth1 up

# configure ns2 with veth device
sudo ip link add veth2 type veth peer name ceth2
sudo ip link set veth2 master br1
sudo ip link set ceth2 netns ns2
sudo ip netns exec ns2 ip addr add 172.16.42.2/24 dev ceth2
sudo ip netns exec ns2 ip link set ceth2 up
sudo ip link set veth2 up

# allow forwarding on the bridge
# https://superuser.com/questions/1211852/why-linux-bridge-doesnt-work#comment2484947_1211915
sudo iptables -A FORWARD -i br1 -o br1 -j ACCEPT

# listen in ns1
sudo ip netns exec ns1 nc -nklv4 172.16.42.1 1042 &

# access from ns2
sudo ip netns exec ns2 nc -nzv 172.16.42.1 1042

# access from host
nc -nzv 172.16.42.1 1042

sudo killall nc || true