diff --git a/dist/rootfs/var/openlan/script/switch.sh b/dist/rootfs/var/openlan/script/switch.sh
index e99bee0..b82baa3 100755
--- a/dist/rootfs/var/openlan/script/switch.sh
+++ b/dist/rootfs/var/openlan/script/switch.sh
@@ -2,70 +2,68 @@
 
 set -ex
 
-## set this bridge as a root
-# ip link show  br-hello || brctl addbr br-hello
-# brctl setbridgeprio br-hello 0
+cs_dir="/etc/openlan/switch"
 
 sysctl -p /etc/sysctl.d/90-openlan.conf
 
-# clean older files.
+## START: clean older files.
 /usr/bin/env find /var/openlan/access -type f -delete
 /usr/bin/env find /var/openlan/openvpn -name '*.status' -delete
 /usr/bin/env find /var/openlan/openvpn -name '*client.ovpn' -delete
 /usr/bin/env find /var/openlan/openvpn -name '*client.tmpl' -delete
+## END
 
-cs_dir="/etc/openlan/switch"
+## START: prepare external dir.
+for dir in network acl findhop link output route qos dnat; do
+  [ -e "$cs_dir/$dir" ] || mkdir -p "$cs_dir/$dir"
+done
+## END
 
-if [ ! -e $cs_dir/switch.json ]; then
-  cat > $cs_dir/switch.json << EOF
+[ -e $cs_dir/switch.json ] || cat > $cs_dir/switch.json << EOF
 {
   "crypt": {
     "secret": "cb2ff088a34d"
   }
 }
 EOF
-fi
 
-if [ ! -e $cs_dir/network/ipsec.json ]; then
-  cat > $cs_dir/network/ipsec.json << EOF
+## START: install default network
+[ -e $cs_dir/network/ipsec.json ] || cat > $cs_dir/network/ipsec.json << EOF
 {
   "name": "ipsec",
   "provider": "ipsec"
 }
 EOF
-fi
 
-if [ ! -e $cs_dir/network/bgp.json ]; then
-  cat > $cs_dir/network/bgp.json << EOF
+[ -e $cs_dir/network/bgp.json ] || cat > $cs_dir/network/bgp.json << EOF
 {
   "name": "bgp",
   "provider": "bgp"
 }
 EOF
-fi
 
-if [ ! -e $cs_dir/network/proxy.json ]; then
-  cat > $cs_dir/network/proxy.json << EOF
+[ -e $cs_dir/network/ceci.json ] || cat > $cs_dir/network/ceci.json << EOF
 {
-  "name": "proxy",
-  "provider": "proxy"
+  "name": "ceci",
+  "provider": "ceci"
 }
 EOF
-fi
 
-for dir in acl findhop link output route network qos dnat; do
-  if [ -e "$cs_dir/$dir" ]; then
-    continue
-  fi
-  mkdir -p "$cs_dir/$dir"
-done
+[ -e $cs_dir/network/router.json ] || cat > $cs_dir/network/router.json << EOF
+{
+  "name": "router",
+  "provider": "router"
+}
+EOF
+## END
 
-# wait ipsec service
+## START: wait ipsec ready
 while true; do
   if ipsec status ; then
-      break
+    break
   fi
   sleep 5
 done
+## END
 
 exec /usr/bin/openlan-switch -conf:dir $cs_dir -log:level 20
diff --git a/pkg/network/bridge_linux.go b/pkg/network/bridge_linux.go
index 00dd581..12235e1 100755
--- a/pkg/network/bridge_linux.go
+++ b/pkg/network/bridge_linux.go
@@ -29,10 +29,10 @@ func GetPair(name string) (string, string) {
 	s1 := ""
 	if strings.HasPrefix(name, "br-") {
 		s0 = strings.Replace(name, "br-", "hi-", 1)
-		s1 = strings.Replace(name, "br-", "si-", 1)
+		s1 = strings.Replace(name, "br-", "bi-", 1)
 	} else {
 		s0 = fmt.Sprintf("hi-%s", name)
-		s1 = fmt.Sprintf("si-%s", name)
+		s1 = fmt.Sprintf("bi-%s", name)
 	}
 	return GetName(s0), GetName(s1)
 }