interfaces-bridge - Bridge extensions for the interfaces(5) file format

Maximilian Wilhelm <max@sdn.clinic> 2025-03-25 interfaces-bridge(5)

bridge-portslistofinterfaces A space separated list of interfaces which should be configured as member interfaces of this bridge. This option must be set for the bridge to be configured. bridge-hwMACaddress Denotes the MACaddress the bridge should use. bridge-ageingseconds Denotes the time in seconds after which a MAC address will be removed from the Forwarding DataBase (FDB) after not having seen a frame with this source address. bridge-vlan-awarebool Denotes wether or not the bridge should be aware of 802.1q VLANs. bool can be given as yes/no or 0/1. The defaul is no. See related options for configuring vlan-aware bridges, below.

Linux has support for Ethernet bridging interfaces which act like an Ethernet switch within the Linux Kernel. The following options allow to set up Ethernet bridges and adding configured interfaces to bridges. See ip-link(8) for more details about the options listed below.

A simple layer 2 only bridge: auto br0 iface br0 bridge-ports eth0 veth-vm1 tap0 bridge-fd 0 bridge-stp off A bridge with layer 3 configuration: auto br0 iface br0 bridge-ports eth0 veth-vm1 tap0 bridge-fd 0 bridge-stp off # address 192.0.2.42/24 address 2001:db8::42/64 A layer 2 only vlan-aware bridge: auto bond0 iface bond0 bond-members eth0 eth1 bridge-vids 23 42 84 1337 auto br0 iface br0 bridge-ports bond0 A vlan-aware bridge with a VLAN interface on top: auto eth0 iface eth0 bridge-vids 23 42 84 1337 auto br0 iface br0 bridge-ports eth0 bridge-vlan-aware yes bridge-vids 42 auto vlan42 iface vlan42 vlan-raw-device br0 # address 192.0.2.42/24 address 2001:db8::42/64

interfaces-bridge - Bridge extensions for the interfaces(5) file format

The following options only have an effect on vlan-aware bridges and their ports. All settings can be applied on the bridge interface itself and all member port iface stanzas. If applied on the bridge interface they take effect for the bridge interface itself and might be inherited to bridge-ports depending on the compatibility settings configured in ifupdown-ng.conf(5). Configuring VLAN options on the bridge interface might be required for setting up a VLAN interface to one of the VLANs carried within the bridge. See the EXAMPLES section for an example for this scenario. See ifupdown-ng.conf(5) for more information about compatiblity settings mentioned below. bridge-accessvlanID Configure the given vlanID for untagged ingress and egress on this interface. The common description for this kind of configuration is called "access port". bridge-pvidvlanID Denotes the vlanID to considered a PVID at ingress. Any untagged frames received on this interface will be assigned to this vlanID. The default PVID is 1. If compatibility to ifupdown2 bridge port inheritance is active a bridge-pvid set on the bridge will be inherited to any interface configured in bridge-ports without a bridge-pvid set. bridge-vidslistofvlanIDs Denotes the space separated list of VLANs to be allowed tagged ingress/egress on this interface. If compatibility to ifupdown2 bridge port inheritance is active a bridge-vids set on the bridge will be inherited to any interface configured in bridge-ports without bridge-vids set. bridge-allow-untaggedbool Denotes wether or not the bridge should allow untagged frames on ingress as well as egress. If set to no untagged frames will be droppped on ingress and none will be sent. bool can be given as yes/no or 0/1. The defaul is yes.

interfaces(5) ifupdown-ng.conf(5) ip-link(8) bridge(8)

bridge-stpstate Activates or deactivates IEEE 802.1d Spanning Tree Protocol (STP) support of the bridge. Valid values are on/off. bridge-bridgepriopriority Sets the bridge's priority to priority. The priority value is a number between 0 and 65535. Lower priority values are better. The bridge with the lowest priority will be elected rootbridge. bridge-fdseconds Denotes the bridge forward delay in seconds. Valid values are between 2 and 30. bridge-helloseconds Denotes the bridge hello time in seconds. Valid values are between 1 and 10. bridge-maxageseconds Denotes the seconds until another bridge is considerd dead after reception of its last STP hello message. Valid values are between 6 and 40.