1 .TH BRIDGE 8 "1 August 2012" "iproute2" "Linux"
3 bridge \- show / manipulate bridge addresses and devices
10 .RI "[ " OPTIONS " ] " OBJECT " { " COMMAND " | "
16 .BR link " | " fdb " | " mdb " | " vlan " | " monitor " }"
21 \fB\-V\fR[\fIersion\fR] |
22 \fB\-s\fR[\fItatistics\fR] |
23 \fB\-n\fR[\fIetns\fR] name }
24 \fB\-b\fR[\fIatch\fR] filename }
37 .BR guard " { " on " | " off " } ] [ "
38 .BR hairpin " { " on " | " off " } ] [ "
39 .BR fastleave " { " on " | " off " } ] [ "
40 .BR root_block " { " on " | " off " } ] [ "
41 .BR learning " { " on " | " off " } ] [ "
42 .BR learning_sync " { " on " | " off " } ] [ "
43 .BR flood " { " on " | " off " } ] [ "
44 .BR hwmode " { " vepa " | " veb " } ] [ "
45 .BR self " ] [ " master " ] "
48 .BR "bridge link" " [ " show " ] [ "
53 .BR "bridge fdb" " { " add " | " append " | " del " | " replace " } "
57 .BR local " | " temp " } [ "
58 .BR self " ] [ " master " ] [ " router " ] [ " use " ] [ "
69 .BR "bridge fdb" " [ " show " ] [ "
74 .BR "bridge mdb" " { " add " | " del " } "
81 .BR permanent " | " temp " ] [ "
86 .BR "bridge mdb show " [ "
91 .BR "bridge vlan" " { " add " | " del " } "
96 .BR pvid " ] [ " untagged " ] [ "
97 .BR self " ] [ " master " ] "
100 .BR "bridge vlan" " [ " show " ] [ "
105 .BR "bridge monitor" " [ " all " | " neigh " | " link " | " mdb " ]"
110 .BR "\-V" , " -Version"
111 print the version of the
116 .BR "\-s" , " \-stats", " \-statistics"
117 output more information. If this option
118 is given multiple times, the amount of information increases.
119 As a rule, the information is statistics or some time values.
122 .BR "\-n" , " \-net" , " \-netns " <NETNS>
125 to the specified network namespace
127 Actually it just simplifies executing of:
132 .RI "[ " OPTIONS " ] " OBJECT " { " COMMAND " | "
138 .RI "-n[etns] " NETNS " [ " OPTIONS " ] " OBJECT " { " COMMAND " | "
142 .BR "\-b", " \-batch " <FILENAME>
143 Read commands from provided file or standard input and invoke them.
144 First failure will cause termination of bridge command.
148 Don't terminate bridge command on errors in batch mode.
149 If there were any errors during execution of the commands, the application
150 return code will be non zero.
152 .SH BRIDGE - COMMAND SYNTAX
163 - Forwarding Database entry.
167 - Multicast group database entry.
176 Specifies the action to perform on the object.
177 The set of possible actions depends on the object type.
178 As a rule, it is possible to
179 .BR "add" , " delete"
184 ) objects, but some objects do not allow all of these operations
185 or have some additional commands. The
187 command is available for all objects. It prints
188 out a list of available commands and argument syntax conventions.
190 If no command is given, some default command is assumed.
193 or, if the objects of this class cannot be listed,
196 .SH bridge link - bridge port
199 objects correspond to the port devices of the bridge.
202 The corresponding commands set and display port status and bridge specific
205 .SS bridge link set - set bridge specific attributes on a port
209 interface name of the bridge port
213 the STP path cost of the specified port.
216 .BI priority " PRIO "
217 the STP port priority. The priority value is an unsigned 8-bit quantity
218 (number between 0 and 255). This metric is used in the designated port an
219 droot port selectio algorithms.
223 the operation state of the port. This is primarily used by user space STP/RSTP
224 implementation. One may enter a lowercased port state name, or one of the
225 numbers below. Negative inputs are ignored, and unrecognized names return an
229 - port is DISABLED. Make this port completely inactive.
233 - STP LISTENING state. Only valid if STP is enabled on the brige. In this
234 state the port for list for STP BPDUs and drop all other traffic.
238 - STP LEARNING state. Only valid if STP is enabled on the bridge. In this
239 state the port will accept traffic only for the purpose of updating MAC
244 - STP FORWARDING state. Port is fully active.
248 - STP BLOCKING state. Only valid if STP is enabled on the bridge. This state
249 is used during the STP election process. In this state, port will only process
254 .BR "guard on " or " guard off "
255 Controls whether STP BPUDs will be processed by the bridge port. By default,
256 the flag is turned off allowed BPDU processing. Turning this flag on will
257 cause the port to stop processing STP BPDUs.
260 .BR "hairpin on " or " hairpin off "
261 Controls whether traffic may be send back out of the port on which it was
262 received. By default, this flag is turned off and the bridge will not forward
263 traffic back out of the receiving port.
266 .BR "fastleave on " or " fastleave off "
267 This flag allows the bridge to immediately stop multicast traffic on a port
268 that receives IGMP Leave message. It is only used with IGMP snooping is
269 enabled on the bridge. By default the flag is off.
272 .BR "root_block on " or " root_block off "
273 Controls whether a given port is allowed to become root port or not. Only used
274 when STP is enabled on the bridge. By default the flag is off.
277 .BR "learning on " or " learning off "
278 Controls whether a given port will learn MAC addresses from received traffic or
279 not. If learning if off, the bridge will end up flooding any traffic for which
280 it has no FDB entry. By default this flag is on.
283 .BR "learning_sync on " or " learning_sync off "
284 Controls whether a given port will sync MAC addresses learned on device port to
288 .BR "flooding on " or " flooding off "
289 Controls whether a given port will flood unicast traffic for which there is no FDB entry. By default this flag is on.
293 Some network interface cards support HW bridge functionality and they may be
294 configured in different modes. Currently support modes are:
297 - Data sent between HW ports is sent on the wire to the external
301 - bridging happens in hardware.
305 link setting is configured on specified physical device
309 link setting is configured on the software bridge (default)
312 .BR "\-t" , " \-timestamp"
313 display current time when using monitor option.
315 .SS bridge link show - list bridge port configuration.
317 This command displays the current bridge port configuration and flags.
319 .SH bridge fdb - forwarding database management
322 objects contain known Ethernet addresses on a link.
325 The corresponding commands display fdb entries, add new entries,
329 .SS bridge fdb add - add a new fdb entry
331 This command creates a new fdb entry.
335 the Ethernet MAC address.
339 the interface to which this address is associated.
342 - the address is associated with the port drivers fdb. Usually hardware.
346 - the address is associated with master devices fdb. Usually software (default).
350 - the destination address is associated with a router.
351 Valid if the referenced device is a VXLAN type device and has
352 route shortcircuit enabled.
356 - the address is in use. User space can use this option to
357 indicate to the kernel that the fdb entry is in use.
361 The next command line parameters apply only
362 when the specified device
367 the IP address of the destination
368 VXLAN tunnel endpoint where the Ethernet MAC ADDRESS resides.
372 the VXLAN VNI Network Identifier (or VXLAN Segment ID)
373 to use to connect to the remote VXLAN tunnel endpoint.
374 If omitted the value specified at vxlan device creation
379 the UDP destination PORT number to use to connect to the
380 remote VXLAN tunnel endpoint.
381 If omitted the default value is used.
385 device name of the outgoing interface for the
386 VXLAN device driver to reach the
387 remote VXLAN tunnel endpoint.
389 .SS bridge fdb append - append a forwarding database entry
390 This command adds a new fdb entry with an already known
392 Valid only for multicast link layer addresses.
393 The command adds support for broadcast and multicast
394 Ethernet MAC addresses.
395 The Ethernet MAC address is added multiple times into
396 the forwarding database and the vxlan device driver
397 sends a copy of the data packet to each entry found.
400 The arguments are the same as with
401 .BR "bridge fdb add" .
403 .SS bridge fdb delete - delete a forwarding database entry
404 This command removes an existing fdb entry.
407 The arguments are the same as with
408 .BR "bridge fdb add" .
410 .SS bridge fdb replace - replace a forwarding database entry
411 If no matching entry is found, a new one will be created instead.
414 The arguments are the same as with
415 .BR "bridge fdb add" .
417 .SS bridge fdb show - list forwarding entries.
419 This command displays the current forwarding table.
424 option, the command becomes verbose. It prints out the last updated
425 and last used time for each entry.
427 .SH bridge mdb - multicast group database management
430 objects contain known IP multicast group addresses on a link.
433 The corresponding commands display mdb entries, add new entries,
436 .SS bridge mdb add - add a new multicast group database entry
438 This command creates a new mdb entry.
442 the interface where this group address is associated.
446 the port whose link is known to have members of this multicast group.
450 the IP multicast group address whose members reside on the link connected to
454 - the mdb entry is permanent
458 - the mdb entry is temporary (default)
463 the VLAN ID which is known to have members of this multicast group.
466 .SS bridge mdb delete - delete a multicast group database entry
467 This command removes an existing mdb entry.
470 The arguments are the same as with
471 .BR "bridge mdb add" .
473 .SS bridge mdb show - list multicast group database entries
475 This command displays the current multicast group membership table. The table
476 is populated by IGMP and MLD snooping in the bridge driver automatically. It
481 commands manually too.
485 the interface only whose entries should be listed. Default is to list all
491 option, the command becomes verbose. It prints out the ports known to have
494 .SH bridge vlan - VLAN filter list
497 objects contain known VLAN IDs for a link.
500 The corresponding commands display vlan filter entries, add new entries,
503 .SS bridge vlan add - add a new vlan filter entry
505 This command creates a new vlan filter entry.
509 the interface with which this vlan is associated.
513 the VLAN ID that identifies the vlan.
517 the vlan specified is to be considered a PVID at ingress.
518 Any untagged frames will be assigned to this VLAN.
522 the vlan specified is to be treated as untagged on egress.
526 the vlan is configured on the specified physical device. Required if the
527 device is the bridge device.
531 the vlan is configured on the software bridge (default).
533 .SS bridge vlan delete - delete a forwarding database entry
534 This command removes an existing fdb entry.
537 The arguments are the same as with
538 .BR "bridge vlan add".
540 .BR "pvid " and " untagged"
543 .SS bridge vlan show - list vlan configuration.
545 This command displays the current VLAN filter table.
547 .SH bridge monitor - state monitoring
551 utility can monitor the state of devices and addresses
552 continuously. This option has a slightly different format.
555 command is the first in the command line and then the object list follows:
557 .BR "bridge monitor" " [ " all " |"
561 is the list of object types that we want to monitor.
563 .BR link ", " fdb ", and " mdb "."
568 opens RTNETLINK, listens on it and dumps state changes in the format
569 described in previous sections.
572 If a file name is given, it does not listen on RTNETLINK,
573 but opens the file containing RTNETLINK messages saved in binary format
577 This command uses facilities added in Linux 3.0.
579 Although the forwarding table is maintained on a per-bridge device basis
580 the bridge device is not part of the syntax. This is a limitation of the
581 underlying netlink neighbour message protocol. When displaying the
582 forwarding table, entries for all bridges are displayed.
583 Add/delete/modify commands determine the underlying bridge device
584 based on the bridge to which the corresponding ethernet device is attached.
590 .RB "Please direct bugreports and patches to: " <netdev@vger.kernel.org>
593 Original Manpage by Stephen Hemminger