[mirror_iproute2.git] / man / man8 / bridge.8

.TH BRIDGE 8 "1 August 2012" "iproute2" "Linux"
.SH NAME
bridge \- show / manipulate bridge addresses and devices
.SH SYNOPSIS

.ad l
.in +8
.ti -8
.B bridge
.RI "[ " OPTIONS " ] " OBJECT " { " COMMAND " | "
.BR help " }"
.sp

.ti -8
.IR OBJECT " := { "
.BR link " | " fdb " | " mdb " | " vlan " | " monitor " }"
.sp

.ti -8
.IR OPTIONS " := { "
\fB\-V\fR[\fIersion\fR] |
\fB\-s\fR[\fItatistics\fR] |
\fB\-n\fR[\fIetns\fR] name }

.ti -8
.BR "bridge link set"
.B  dev
.IR DEV
.IR " [ "
.B  cost
.IR COST " ] [ "
.B  priority
.IR PRIO " ]  [ "
.B  state
.IR STATE "] ["
.BR guard " { " on " | " off " } ] [ "
.BR hairpin " { " on " | " off " } ] [ "
.BR fastleave " { " on " | " off " } ] [ "
.BR root_block " { " on " | " off " } ] [ "
.BR learning " { " on " | " off " } ] [ "
.BR flood " { " on " | " off " } ] [ "
.BR hwmode " { " vepa " | " veb " } ] "

.ti -8
.BR "bridge link" " [ " show " ] [ "
.B  dev
.IR DEV " ]"

.ti -8
.BR "bridge fdb" " { " add " | " append " | " del " } "
.I LLADDR
.B  dev
.IR DEV " { "
.BR local " | " temp " } { "
.BR self " } { " embedded " } { " router " } [ "
.B  dst
.IR IPADDR " ] [ "
.B vni
.IR VNI " ] ["
.B port
.IR PORT " ] ["
.B via
.IR DEVICE " ]"

.ti -8
.BR "bridge fdb" " [ " show " ] [ "
.B  dev
.IR DEV " ]"

.ti -8
.BR "bridge mdb" " { " add " | " del " } "
.B  dev
.IR DEV
.B port
.IR PORT
.B grp
.IR GROUP " [ "
.BR permanent " | " temp " ]"

.ti -8
.BR "bridge mdb show " [ "
.B  dev
.IR DEV " ]"

.ti -8
.BR "bridge vlan" " { " add " | " del " } "
.B  dev
.IR DEV
.B  vid 
.IR VID " [ "
.BR  pvid " ] [ " untagged " ]  [ "
.BR  self " ]  [ " master " ] "

.ti -8
.BR "bridge vlan" " [ " show " ] [ "
.B  dev
.IR DEV " ]"

.ti -8
.BR "bridge monitor" " [ " all " | " neigh " | " link " | " mdb " ]"

.SH OPTIONS

.TP
.BR "\-V" , " -Version"
print the version of the
.B bridge
utility and exit.

.TP
.BR "\-s" , " \-stats", " \-statistics"
output more information.  If this option
is given multiple times, the amount of information increases.
As a rule, the information is statistics or some time values.

.TP
.BR "\-n" , " \-net" , " \-netns " <NETNS>
switches
.B bridge
to the specified network namespace
.IR NETNS .
Actually it just simplifies executing of:

.B ip netns exec
.IR NETNS
.B bridge
.RI "[ " OPTIONS " ] " OBJECT " { " COMMAND " | "
.BR help " }"

to

.B bridge
.RI "-n[etns] " NETNS " [ " OPTIONS " ] " OBJECT " { " COMMAND " | "
.BR help " }"


.SH BRIDGE - COMMAND SYNTAX

.SS
.I OBJECT

.TP
.B link
- Bridge port.

.TP
.B fdb 
- Forwarding Database entry.

.TP
.B mdb
- Multicast group database entry.

.TP
.B vlan
- VLAN filter list.

.SS
.I COMMAND

Specifies the action to perform on the object.
The set of possible actions depends on the object type.
As a rule, it is possible to
.BR "add" , " delete"
and
.B show
(or
.B list
) objects, but some objects do not allow all of these operations
or have some additional commands.  The
.B help
command is available for all objects.  It prints
out a list of available commands and argument syntax conventions.
.sp
If no command is given, some default command is assumed.
Usually it is
.B list
or, if the objects of this class cannot be listed,
.BR "help" .

.SH bridge link - bridge port

.B link
objects correspond to the port devices of the bridge.

.P
The corresponding commands set and display port status and bridge specific
attributes.

.SS bridge link set - set bridge specific attributes on a port

.TP
.BI dev " NAME "
interface name of the bridge port

.TP
.BI cost " COST "
the STP path cost of the specified port.

.TP
.BI priority " PRIO "
the STP port priority.  The priority value is an unsigned 8-bit quantity
(number between 0 and 255).  This metric is used in the designated port an
droot port selectio algorithms.

.TP
.BI state " STATE "
the operation state of the port.  This is primarily used by user space STP/RSTP
implementation.  The following is a list of valid values:

.B 0
- port is DISABLED.  Make this port completely inactive.
.sp

.B 1
- STP LISTENING state.  Only valid if STP is enabled on the brige.  In this
state the port for list for STP BPDUs and drop all other traffic.
.sp

.B 2
- STP LEARNING state.  Only valid if STP is enabled on the bridge.  In this
state the port will accept traffic only for the purpose of updating MAC
adress tables.
.sp

.B 3
- STP FORWARDING state.  Port is fully active.
.sp

.B 4
- STP BLOCKING state.  Only valid if STP is enabled on the bridge.  This state
is used during the STP election process.  In this state, port will only process
STP BPDUs.
.sp

.TP
.BR "guard on " or " guard off "
Controls whether STP BPUDs will be processed by the bridge port.  By default,
the flag is turned off allowed BPDU processing.  Turning this flag on will
cause the port to stop processing STP BPDUs.

.TP
.BR "hairpin on " or " hairpin off "
Controls whether traffic may be send back out of the port on which it was
received.  By default, this flag is turned off and the bridge will not forward
traffic back out of the receiving port.

.TP
.BR "fastleave on " or " fastleave off "
This flag allows the bridge to immediately stop multicast traffic on a port
that receives IGMP Leave message.  It is only used with IGMP snooping is
enabled on the bridge.  By default the flag is off.

.TP
.BR "root_block on " or " root_block off "
Controls whether a given port is allowed to become root port or not.  Only used
when STP is enabled on the bridge.  By default the flag is off.

.TP
.BR "learning on " or " learning off "
Controls whether a given port will learn MAC addresses from received traffic or
not.  If learning if off, the bridge will end up flooding any traffic for which
it has no FDB entry.  By default this flag is on.

.TP
.BR "flooding on " or " flooding off "
Controls whether a given port will flood unicast traffic for which there is no FDB entry.  By default this flag is on.

.TP
.BI hwmode
Some network interface cards support HW bridge functionality and they may be
configured in different modes.  Currently support modes are:

.B vepa
- Data sent between HW ports is sent on the wire to the external
switch.

.B veb
- bridging happens in hardware.

.SS bridge link show - list bridge port configuration.

This command displays the current bridge port configuration and flags.

.SH bridge fdb - forwarding database management

.B fdb
objects contain known Ethernet addresses on a  link.

.P
The corresponding commands display fdb entries, add new entries,
append entries,
and delete old ones.

.SS bridge fdb add - add a new fdb entry

This command creates a new fdb entry.

.TP
.BI "LLADDR"
the Ethernet MAC address.

.TP
.BI dev " DEV"
the interface to which this address is associated.

.B self
- the address is associated with a software fdb (default)
.sp

.B embedded
- the address is associated with an offloaded fdb
.sp

.B router
- the destination address is associated with a router.
Valid if the referenced device is a VXLAN type device and has
route shortcircuit enabled.
.sp

.in -8
The next command line parameters apply only
when the specified device
.I DEV
is of type VXLAN.
.TP
.BI dst " IPADDR"
the IP address of the destination
VXLAN tunnel endpoint where the Ethernet MAC ADDRESS resides.

.TP
.BI vni " VNI"
the VXLAN VNI Network Identifier (or VXLAN Segment ID)
to use to connect to the remote VXLAN tunnel endpoint.
If omitted the value specified at vxlan device creation
will be used.

.TP
.BI port " PORT"
the UDP destination PORT number to use to connect to the
remote VXLAN tunnel endpoint.
If omitted the default value is used.

.TP
.BI via " DEVICE"
device name of the outgoing interface for the
VXLAN device driver to reach the
remote VXLAN tunnel endpoint. 

.SS bridge fdb append - append a forwarding database entry
This command adds a new fdb entry with an already known
.IR LLADDR .
Valid only for multicast link layer addresses.
The command adds support for broadcast and multicast
Ethernet MAC addresses.
The Ethernet MAC address is added multiple times into
the forwarding database and the vxlan device driver
sends a copy of the data packet to each entry found.

.PP
The arguments are the same as with
.BR "bridge fdb add" ,

.SS bridge fdb delete - delete a forwarding database entry
This command removes an existing fdb entry.

.PP
The arguments are the same as with
.BR "bridge fdb add" ,

.SS bridge fdb show - list forwarding entries.

This command displays the current forwarding table.

.PP
With the
.B -statistics
option, the command becomes verbose.  It prints out the last updated
and last used time for each entry.

.SH bridge mdb - multicast group database management

.B mdb
objects contain known IP multicast group addresses on a link.

.P
The corresponding commands display mdb entries, add new entries,
and delete old ones.

.SS bridge mdb add - add a new multicast group database entry

This command creates a new mdb entry.

.TP
.BI dev " DEV"
the interface where this group address is associated.

.TP
.BI port " PORT"
the port whose link is known to have members of this multicast group.

.TP
.BI grp " GROUP"
the IP multicast group address whose members reside on the link connected to
the port.

.B permanent
- the mdb entry is permanent
.sp

.B temp
- the mdb entry is temporary (default)
.sp

.in -8
.SS bridge mdb delete - delete a multicast group database entry
This command removes an existing mdb entry.

.PP
The arguments are the same as with
.BR "bridge mdb add" .

.SS bridge mdb show - list multicast group database entries

This command displays the current multicast group membership table. The table
is populated by IGMP and MLD snooping in the bridge driver automatically. It
can be altered by
.B bridge mdb add
and
.B bridge mdb del
commands manually too.

.TP
.BI dev " DEV"
the interface only whose entries should be listed. Default is to list all
bridge interfaces.

.PP
With the
.B -details
option, the command becomes verbose.  It prints out the ports known to have
a connected router.

.SH bridge vlan - VLAN filter list

.B vlan
objects contain known VLAN IDs for a link.

.P
The corresponding commands display vlan filter entries, add new entries,
and delete old ones.

.SS bridge vlan add - add a new vlan filter entry

This command creates a new vlan filter entry.

.TP
.BI dev " NAME"
the interface with which this vlan is associated.

.TP
.BI vid " VID"
the VLAN ID that identifies the vlan.

.TP
.BI pvid
the vlan specified is to be considered a PVID at ingress.
Any untagged frames will be assigned to this VLAN.

.TP
.BI untagged
the vlan specified is to be treated as untagged on egress.

.TP
.BI self
the vlan is configured on the specified physical device.  Required if the
device is the bridge device.

.TP
.BI master
the vlan is configured on the software bridge (default).

.SS bridge vlan delete - delete a forwarding database entry
This command removes an existing fdb entry.

.PP
The arguments are the same as with
.BR "bridge vlan add".
The
.BR "pvid " and " untagged"
flags are ignored.

.SS bridge vlan show - list vlan configuration.

This command displays the current VLAN filter table.

.SH bridge monitor - state monitoring

The
.B bridge
utility can monitor the state of devices and  addresses
continuously.  This option has a slightly different format.
Namely, the
.B monitor
command is the first in the command line and then the object list follows:

.BR "bridge monitor" " [ " all " |"
.IR OBJECT-LIST " ]"

.I OBJECT-LIST
is the list of object types that we want to monitor.
It may contain
.BR link ",  " fdb ", and " mdb "."
If no
.B file
argument is given,
.B bridge
opens RTNETLINK, listens on it and dumps state changes in the format
described in previous sections.

.P
If a file name is given, it does not listen on RTNETLINK,
but opens the file containing RTNETLINK messages saved in binary format
and dumps them.  Such a history file can be generated with the


.SH NOTES
This command uses facilities added in Linux 3.0.

Although the forwarding table is maintained on a per-bridge device basis
the bridge device is not part of the syntax. This is a limitation of the
underlying netlink neighbour message protocol. When displaying the
forwarding table, entries for all bridges are displayed.
Add/delete/modify commands determine the underlying bridge device
based on the bridge to which the corresponding ethernet device is attached.


.SH SEE ALSO
.BR ip (8)
.SH BUGS
.RB "Please direct bugreports and patches to: " <netdev@vger.kernel.org>

.SH AUTHOR
Original Manpage by Stephen Hemminger
Commit	Line	Data
d04bc300 SH	1	.TH BRIDGE 8 "1 August 2012" "iproute2" "Linux"
	2	.SH NAME
	3	bridge \- show / manipulate bridge addresses and devices
	4	.SH SYNOPSIS
	5
	6	.ad l
	7	.in +8
	8	.ti -8
	9	.B bridge
	10	.RI "[ " OPTIONS " ] " OBJECT " { " COMMAND " \| "
	11	.BR help " }"
	12	.sp
	13
	14	.ti -8
	15	.IR OBJECT " := { "
54e9c3a3	16	.BR link " \| " fdb " \| " mdb " \| " vlan " \| " monitor " }"
d04bc300 SH	17	.sp
	18
	19	.ti -8
	20	.IR OPTIONS " := { "
	21	\fB\-V\fR[\fIersion\fR] \|
527910c8 VK	22	\fB\-s\fR[\fItatistics\fR] \|
527910c8 VK	23	\fB\-n\fR[\fIetns\fR] name }
aa2f1335 VY	24
	25	.ti -8
	26	.BR "bridge link set"
	27	.B dev
	28	.IR DEV
	29	.IR " [ "
	30	.B cost
	31	.IR COST " ] [ "
	32	.B priority
	33	.IR PRIO " ] [ "
	34	.B state
	35	.IR STATE "] ["
	36	.BR guard " { " on " \| " off " } ] [ "
	37	.BR hairpin " { " on " \| " off " } ] [ "
	38	.BR fastleave " { " on " \| " off " } ] [ "
	39	.BR root_block " { " on " \| " off " } ] [ "
f0f4ab60 VY	40	.BR learning " { " on " \| " off " } ] [ "
f0f4ab60 VY	41	.BR flood " { " on " \| " off " } ] [ "
aa2f1335 VY	42	.BR hwmode " { " vepa " \| " veb " } ] "
	43
	44	.ti -8
	45	.BR "bridge link" " [ " show " ] [ "
	46	.B dev
	47	.IR DEV " ]"
d04bc300 SH	48
d04bc300 SH	49	.ti -8
7578ae88	50	.BR "bridge fdb" " { " add " \| " append " \| " del " } "
d04bc300 SH	51	.I LLADDR
	52	.B dev
	53	.IR DEV " { "
d611682a	54	.BR local " \| " temp " } { "
7578ae88 TR	55	.BR self " } { " embedded " } { " router " } [ "
	56	.B dst
	57	.IR IPADDR " ] [ "
	58	.B vni
	59	.IR VNI " ] ["
	60	.B port
	61	.IR PORT " ] ["
	62	.B via
	63	.IR DEVICE " ]"
d04bc300 SH	64
	65	.ti -8
	66	.BR "bridge fdb" " [ " show " ] [ "
	67	.B dev
	68	.IR DEV " ]"
	69
54e9c3a3 PP	70	.ti -8
	71	.BR "bridge mdb" " { " add " \| " del " } "
	72	.B dev
	73	.IR DEV
	74	.B port
	75	.IR PORT
	76	.B grp
	77	.IR GROUP " [ "
	78	.BR permanent " \| " temp " ]"
	79
	80	.ti -8
	81	.BR "bridge mdb show " [ "
	82	.B dev
	83	.IR DEV " ]"
	84
ab938710 VY	85	.ti -8
	86	.BR "bridge vlan" " { " add " \| " del " } "
	87	.B dev
	88	.IR DEV
	89	.B vid
	90	.IR VID " [ "
	91	.BR pvid " ] [ " untagged " ] [ "
	92	.BR self " ] [ " master " ] "
	93
	94	.ti -8
	95	.BR "bridge vlan" " [ " show " ] [ "
	96	.B dev
	97	.IR DEV " ]"
	98
d04bc300	99	.ti -8
54e9c3a3	100	.BR "bridge monitor" " [ " all " \| " neigh " \| " link " \| " mdb " ]"
d04bc300 SH	101
	102	.SH OPTIONS
	103
	104	.TP
	105	.BR "\-V" , " -Version"
	106	print the version of the
	107	.B bridge
	108	utility and exit.
	109
	110	.TP
	111	.BR "\-s" , " \-stats", " \-statistics"
49572501 KR	112	output more information. If this option
49572501 KR	113	is given multiple times, the amount of information increases.
d04bc300 SH	114	As a rule, the information is statistics or some time values.
d04bc300 SH	115
527910c8 VK	116	.TP
	117	.BR "\-n" , " \-net" , " \-netns " <NETNS>
	118	switches
	119	.B bridge
	120	to the specified network namespace
	121	.IR NETNS .
	122	Actually it just simplifies executing of:
	123
	124	.B ip netns exec
	125	.IR NETNS
	126	.B bridge
	127	.RI "[ " OPTIONS " ] " OBJECT " { " COMMAND " \| "
	128	.BR help " }"
	129
	130	to
	131
	132	.B bridge
	133	.RI "-n[etns] " NETNS " [ " OPTIONS " ] " OBJECT " { " COMMAND " \| "
	134	.BR help " }"
	135
d04bc300 SH	136
	137	.SH BRIDGE - COMMAND SYNTAX
	138
	139	.SS
	140	.I OBJECT
	141
aa2f1335 VY	142	.TP
	143	.B link
	144	- Bridge port.
	145
d04bc300 SH	146	.TP
	147	.B fdb
	148	- Forwarding Database entry.
	149
54e9c3a3 PP	150	.TP
	151	.B mdb
	152	- Multicast group database entry.
	153
ab938710 VY	154	.TP
	155	.B vlan
	156	- VLAN filter list.
	157
d04bc300 SH	158	.SS
	159	.I COMMAND
	160
	161	Specifies the action to perform on the object.
	162	The set of possible actions depends on the object type.
	163	As a rule, it is possible to
	164	.BR "add" , " delete"
	165	and
	166	.B show
	167	(or
	168	.B list
	169	) objects, but some objects do not allow all of these operations
	170	or have some additional commands. The
	171	.B help
	172	command is available for all objects. It prints
	173	out a list of available commands and argument syntax conventions.
	174	.sp
	175	If no command is given, some default command is assumed.
	176	Usually it is
	177	.B list
	178	or, if the objects of this class cannot be listed,
	179	.BR "help" .
	180
aa2f1335 VY	181	.SH bridge link - bridge port
	182
	183	.B link
	184	objects correspond to the port devices of the bridge.
	185
	186	.P
	187	The corresponding commands set and display port status and bridge specific
	188	attributes.
	189
	190	.SS bridge link set - set bridge specific attributes on a port
	191
	192	.TP
	193	.BI dev " NAME "
	194	interface name of the bridge port
	195
	196	.TP
	197	.BI cost " COST "
	198	the STP path cost of the specified port.
	199
	200	.TP
	201	.BI priority " PRIO "
	202	the STP port priority. The priority value is an unsigned 8-bit quantity
	203	(number between 0 and 255). This metric is used in the designated port an
	204	droot port selectio algorithms.
	205
	206	.TP
	207	.BI state " STATE "
	208	the operation state of the port. This is primarily used by user space STP/RSTP
	209	implementation. The following is a list of valid values:
	210
	211	.B 0
	212	- port is DISABLED. Make this port completely inactive.
	213	.sp
	214
	215	.B 1
	216	- STP LISTENING state. Only valid if STP is enabled on the brige. In this
	217	state the port for list for STP BPDUs and drop all other traffic.
	218	.sp
	219
	220	.B 2
	221	- STP LEARNING state. Only valid if STP is enabled on the bridge. In this
	222	state the port will accept traffic only for the purpose of updating MAC
	223	adress tables.
	224	.sp
	225
	226	.B 3
	227	- STP FORWARDING state. Port is fully active.
	228	.sp
	229
	230	.B 4
6274b0b7	231	- STP BLOCKING state. Only valid if STP is enabled on the bridge. This state
aa2f1335 VY	232	is used during the STP election process. In this state, port will only process
	233	STP BPDUs.
	234	.sp
	235
	236	.TP
	237	.BR "guard on " or " guard off "
	238	Controls whether STP BPUDs will be processed by the bridge port. By default,
	239	the flag is turned off allowed BPDU processing. Turning this flag on will
	240	cause the port to stop processing STP BPDUs.
	241
	242	.TP
	243	.BR "hairpin on " or " hairpin off "
	244	Controls whether traffic may be send back out of the port on which it was
	245	received. By default, this flag is turned off and the bridge will not forward
	246	traffic back out of the receiving port.
	247
	248	.TP
	249	.BR "fastleave on " or " fastleave off "
	250	This flag allows the bridge to immediately stop multicast traffic on a port
6274b0b7	251	that receives IGMP Leave message. It is only used with IGMP snooping is
aa2f1335 VY	252	enabled on the bridge. By default the flag is off.
	253
	254	.TP
	255	.BR "root_block on " or " root_block off "
	256	Controls whether a given port is allowed to become root port or not. Only used
	257	when STP is enabled on the bridge. By default the flag is off.
	258
f0f4ab60 VY	259	.TP
	260	.BR "learning on " or " learning off "
	261	Controls whether a given port will learn MAC addresses from received traffic or
	262	not. If learning if off, the bridge will end up flooding any traffic for which
	263	it has no FDB entry. By default this flag is on.
	264
	265	.TP
	266	.BR "flooding on " or " flooding off "
	267	Controls whether a given port will flood unicast traffic for which there is no FDB entry. By default this flag is on.
	268
aa2f1335 VY	269	.TP
	270	.BI hwmode
	271	Some network interface cards support HW bridge functionality and they may be
	272	configured in different modes. Currently support modes are:
	273
	274	.B vepa
	275	- Data sent between HW ports is sent on the wire to the external
	276	switch.
	277
	278	.B veb
	279	- bridging happens in hardware.
	280
	281	.SS bridge link show - list bridge port configuration.
	282
	283	This command displays the current bridge port configuration and flags.
	284
d04bc300 SH	285	.SH bridge fdb - forwarding database management
	286
	287	.B fdb
	288	objects contain known Ethernet addresses on a link.
	289
	290	.P
	291	The corresponding commands display fdb entries, add new entries,
7578ae88	292	append entries,
d04bc300 SH	293	and delete old ones.
d04bc300 SH	294
d611682a	295	.SS bridge fdb add - add a new fdb entry
d04bc300	296
d611682a	297	This command creates a new fdb entry.
d04bc300 SH	298
d04bc300 SH	299	.TP
7578ae88	300	.BI "LLADDR"
d04bc300 SH	301	the Ethernet MAC address.
	302
	303	.TP
7578ae88	304	.BI dev " DEV"
d04bc300 SH	305	the interface to which this address is associated.
d04bc300 SH	306
d611682a JF	307	.B self
	308	- the address is associated with a software fdb (default)
	309	.sp
	310
	311	.B embedded
	312	- the address is associated with an offloaded fdb
	313	.sp
	314
7578ae88 TR	315	.B router
	316	- the destination address is associated with a router.
	317	Valid if the referenced device is a VXLAN type device and has
	318	route shortcircuit enabled.
	319	.sp
	320
d04bc300	321	.in -8
7578ae88 TR	322	The next command line parameters apply only
	323	when the specified device
	324	.I DEV
	325	is of type VXLAN.
	326	.TP
	327	.BI dst " IPADDR"
	328	the IP address of the destination
	329	VXLAN tunnel endpoint where the Ethernet MAC ADDRESS resides.
	330
	331	.TP
	332	.BI vni " VNI"
	333	the VXLAN VNI Network Identifier (or VXLAN Segment ID)
	334	to use to connect to the remote VXLAN tunnel endpoint.
	335	If omitted the value specified at vxlan device creation
	336	will be used.
	337
	338	.TP
	339	.BI port " PORT"
	340	the UDP destination PORT number to use to connect to the
	341	remote VXLAN tunnel endpoint.
	342	If omitted the default value is used.
	343
	344	.TP
	345	.BI via " DEVICE"
	346	device name of the outgoing interface for the
	347	VXLAN device driver to reach the
	348	remote VXLAN tunnel endpoint.
	349
	350	.SS bridge fdb append - append a forwarding database entry
	351	This command adds a new fdb entry with an already known
	352	.IR LLADDR .
	353	Valid only for multicast link layer addresses.
	354	The command adds support for broadcast and multicast
	355	Ethernet MAC addresses.
	356	The Ethernet MAC address is added multiple times into
	357	the forwarding database and the vxlan device driver
	358	sends a copy of the data packet to each entry found.
	359
	360	.PP
	361	The arguments are the same as with
	362	.BR "bridge fdb add" ,
d04bc300 SH	363
	364	.SS bridge fdb delete - delete a forwarding database entry
	365	This command removes an existing fdb entry.
	366
	367	.PP
	368	The arguments are the same as with
	369	.BR "bridge fdb add" ,
	370
	371	.SS bridge fdb show - list forwarding entries.
	372
49572501	373	This command displays the current forwarding table.
d04bc300 SH	374
	375	.PP
	376	With the
	377	.B -statistics
	378	option, the command becomes verbose. It prints out the last updated
	379	and last used time for each entry.
	380
54e9c3a3 PP	381	.SH bridge mdb - multicast group database management
	382
	383	.B mdb
	384	objects contain known IP multicast group addresses on a link.
	385
	386	.P
	387	The corresponding commands display mdb entries, add new entries,
	388	and delete old ones.
	389
	390	.SS bridge mdb add - add a new multicast group database entry
	391
	392	This command creates a new mdb entry.
	393
	394	.TP
	395	.BI dev " DEV"
	396	the interface where this group address is associated.
	397
	398	.TP
	399	.BI port " PORT"
	400	the port whose link is known to have members of this multicast group.
	401
	402	.TP
	403	.BI grp " GROUP"
	404	the IP multicast group address whose members reside on the link connected to
	405	the port.
	406
	407	.B permanent
	408	- the mdb entry is permanent
	409	.sp
	410
	411	.B temp
	412	- the mdb entry is temporary (default)
	413	.sp
	414
	415	.in -8
	416	.SS bridge mdb delete - delete a multicast group database entry
	417	This command removes an existing mdb entry.
	418
	419	.PP
	420	The arguments are the same as with
	421	.BR "bridge mdb add" .
	422
	423	.SS bridge mdb show - list multicast group database entries
	424
	425	This command displays the current multicast group membership table. The table
	426	is populated by IGMP and MLD snooping in the bridge driver automatically. It
	427	can be altered by
	428	.B bridge mdb add
	429	and
	430	.B bridge mdb del
	431	commands manually too.
	432
	433	.TP
	434	.BI dev " DEV"
	435	the interface only whose entries should be listed. Default is to list all
	436	bridge interfaces.
	437
	438	.PP
	439	With the
	440	.B -details
	441	option, the command becomes verbose. It prints out the ports known to have
	442	a connected router.
	443
ab938710 VY	444	.SH bridge vlan - VLAN filter list
	445
	446	.B vlan
	447	objects contain known VLAN IDs for a link.
	448
	449	.P
	450	The corresponding commands display vlan filter entries, add new entries,
	451	and delete old ones.
	452
	453	.SS bridge vlan add - add a new vlan filter entry
	454
	455	This command creates a new vlan filter entry.
	456
	457	.TP
	458	.BI dev " NAME"
	459	the interface with which this vlan is associated.
	460
	461	.TP
	462	.BI vid " VID"
	463	the VLAN ID that identifies the vlan.
	464
	465	.TP
	466	.BI pvid
	467	the vlan specified is to be considered a PVID at ingress.
	468	Any untagged frames will be assigned to this VLAN.
	469
	470	.TP
	471	.BI untagged
	472	the vlan specified is to be treated as untagged on egress.
	473
	474	.TP
	475	.BI self
	476	the vlan is configured on the specified physical device. Required if the
	477	device is the bridge device.
	478
	479	.TP
	480	.BI master
6274b0b7	481	the vlan is configured on the software bridge (default).
ab938710 VY	482
	483	.SS bridge vlan delete - delete a forwarding database entry
	484	This command removes an existing fdb entry.
	485
	486	.PP
	487	The arguments are the same as with
	488	.BR "bridge vlan add".
	489	The
	490	.BR "pvid " and " untagged"
	491	flags are ignored.
	492
	493	.SS bridge vlan show - list vlan configuration.
	494
	495	This command displays the current VLAN filter table.
	496
d04bc300 SH	497	.SH bridge monitor - state monitoring
	498
	499	The
	500	.B bridge
	501	utility can monitor the state of devices and addresses
	502	continuously. This option has a slightly different format.
	503	Namely, the
	504	.B monitor
	505	command is the first in the command line and then the object list follows:
	506
	507	.BR "bridge monitor" " [ " all " \|"
49572501	508	.IR OBJECT-LIST " ]"
d04bc300 SH	509
	510	.I OBJECT-LIST
	511	is the list of object types that we want to monitor.
	512	It may contain
54e9c3a3	513	.BR link ", " fdb ", and " mdb "."
d04bc300 SH	514	If no
	515	.B file
	516	argument is given,
	517	.B bridge
	518	opens RTNETLINK, listens on it and dumps state changes in the format
	519	described in previous sections.
	520
	521	.P
	522	If a file name is given, it does not listen on RTNETLINK,
	523	but opens the file containing RTNETLINK messages saved in binary format
	524	and dumps them. Such a history file can be generated with the
	525
	526
	527	.SH NOTES
	528	This command uses facilities added in Linux 3.0.
	529
	530	Although the forwarding table is maintained on a per-bridge device basis
	531	the bridge device is not part of the syntax. This is a limitation of the
	532	underlying netlink neighbour message protocol. When displaying the
	533	forwarding table, entries for all bridges are displayed.
	534	Add/delete/modify commands determine the underlying bridge device
6274b0b7	535	based on the bridge to which the corresponding ethernet device is attached.
d04bc300 SH	536
	537
	538	.SH SEE ALSO
	539	.BR ip (8)
49572501	540	.SH BUGS
d04bc300 SH	541	.RB "Please direct bugreports and patches to: " <netdev@vger.kernel.org>
	542
	543	.SH AUTHOR
	544	Original Manpage by Stephen Hemminger