Scroll to navigation

interfaces-bridge(5) File Formats Manual interfaces-bridge(5)

NAME

interfaces-bridge - Bridge extensions for the interfaces(5) file format

DESCRIPTION

Linux has support for Ethernet bridging interfaces which act like an Ethernet switch within the Linux Kernel. The following options allow to set up Ethernet bridges and adding configured interfaces to bridges.

See ip-link(8) for more details about the options listed below.

BRIDGE-RELATED OPTIONS

bridge-ports list of interfaces

A space separated list of interfaces which should be configured as member interfaces of this bridge. This option must be set for the bridge to be configured.

bridge-hw MAC address

Denotes the MAC address the bridge should use.

bridge-ageing seconds

Denotes the time in seconds after which a MAC address will be removed from the Forwarding DataBase (FDB) after not having seen a frame with this source address.

bridge-vlan-aware bool

Denotes wether or not the bridge should be aware of 802.1q VLANs. bool can be given as yes/no or 0/1. The defaul is no. See related options for configuring vlan-aware bridges, below.

SPANNING TREE RELATED BRIDGE OPTIONS

bridge-stp state

Activates or deactivates IEEE 802.1d Spanning Tree Protocol (STP) support of the bridge. Valid values are on/off.

bridge-bridgeprio priority

Sets the bridge's priority to priority. The priority value is a number between 0 and 65535. Lower priority values are better. The bridge with the lowest priority will be elected root bridge.

bridge-fd seconds

Denotes the bridge forward delay in seconds. Valid values are between 2 and 30.

bridge-hello seconds

Denotes the bridge hello time in seconds. Valid values are between 1 and 10.

bridge-maxage seconds

Denotes the seconds until another bridge is considerd dead after reception of its last STP hello message. Valid values are between 6 and 40.

OPTIONS FOR VLAN-AWARE-BRIDGES

The following options only have an effect on vlan-aware bridges and their ports.

All settings can be applied on the bridge interface itself and all member port iface stanzas. If applied on the bridge interface they take effect for the bridge interface itself and might be inherited to bridge-ports depending on the compatibility settings configured in ifupdown-ng.conf(5).

Configuring VLAN options on the bridge interface might be required for setting up a VLAN interface to one of the VLANs carried within the bridge. See the EXAMPLES section for an example for this scenario.

See ifupdown-ng.conf(5) for more information about compatiblity settings mentioned below.

bridge-access vlan ID

Configure the given vlan ID for untagged ingress and egress on this interface. The common description for this kind of configuration is called "access port".

bridge-pvid vlan ID

Denotes the vlan ID to considered a PVID at ingress. Any untagged frames received on this interface will be assigned to this vlan ID. The default PVID is 1.

If compatibility to ifupdown2 bridge port inheritance is active a bridge-pvid set on the bridge will be inherited to any interface configured in bridge-ports without a bridge-pvid set.

bridge-vids list of vlan IDs

Denotes the space separated list of VLANs to be allowed tagged ingress/egress on this interface.

If compatibility to ifupdown2 bridge port inheritance is active a bridge-vids set on the bridge will be inherited to any interface configured in bridge-ports without bridge-vids set.

bridge-allow-untagged bool

Denotes wether or not the bridge should allow untagged frames on ingress as well as egress. If set to no untagged frames will be droppped on ingress and none will be sent. bool can be given as yes/no or 0/1. The defaul is yes.

EXAMPLES

A simple layer 2 only bridge:

auto br0
iface br0
	bridge-ports eth0 veth-vm1 tap0
	bridge-fd 0
	bridge-stp off

A bridge with layer 3 configuration:

auto br0
iface br0
	bridge-ports eth0 veth-vm1 tap0
	bridge-fd 0
	bridge-stp off
	#
	address 192.0.2.42/24
	address 2001:db8::42/64

A layer 2 only vlan-aware bridge:

auto bond0
iface bond0
	bond-members eth0 eth1
	bridge-vids 23 42 84 1337
auto br0
iface br0
	bridge-ports bond0

A vlan-aware bridge with a VLAN interface on top:

auto eth0
iface eth0
	bridge-vids 23 42 84 1337
auto br0
iface br0
	bridge-ports eth0
	bridge-vlan-aware yes
	bridge-vids 42
auto vlan42
iface vlan42
	vlan-raw-device br0
	#
	address 192.0.2.42/24
	address 2001:db8::42/64

SEE ALSO

interfaces(5) ifupdown-ng.conf(5) ip-link(8) bridge(8)

AUTHORS

Maximilian Wilhelm <max@sdn.clinic>

2024-03-13