10 Linux brctl command examples for Ethernet bridging

brctl stands for Bridge Control.

On Linux, this command is used to create and manage an Ethernet bridge.

This is usually used when you have multiple ethernet networks on your servers and you want to combine them and present them as one logical network.

For example, if you have eth0 and eth1, you can combine them and represent them as just br0, which will use both eth0 and eth1 for network traffic.

In this article, we’ll cover the following:

  1. Creating a new ethernet bridge with addbr
  2. Show available Ethernet bridge using show
  3. Remove existing ethernet bridge with delbr
  4. Add interface to existing bridge
  5. Adding multiple interfaces to an existing bridge
  6. Bridge MAC Address Tracking
  7. Set aging time for Mac address on the bridge
  8. Configuring Spanning Tree on an Ethernet Bridge
  9. Displaying STP Parameter Values ​​for a Bridge
  10. Change Bridge Parameter Values

1. Create a new Ethernet bridge using addbr

Using brctl addbr, we can create a new Ethernet bridge.

In the following example, we have created three network bridges on this server: dev, stage, and prod.

brctl addbr dev

brctl addbr stage

brctl addbr prod

Note that at this stage it is just an empty Ethernet bridge with no other Ethernet.

2. Show available Ethernet bridge using show

Using brctl show, we can view all the available network bridges on your server.

The following example will display all the current instances of the three bridges we just created.

# brctl show
bridge name     bridge id               STP enabled     interfaces
dev             8000.000000000000       no
prod            8000.000000000000       no
stage           8000.000000000000       no

If you notice that the last column “interfaces” has no meaning. This means that none of these bridges currently have an Ethernet device associated with it.

3. Remove the existing Ethernet bridge with delbr

Using brctl delbr, we can remove the existing ethernet bridge.

The following example removes the “stage” instance of an ethernet bridge.

brctl delbr stage

As you can see from the show command, we no longer see the “stage” of the ethernet bridge.

# brctl show
bridge name     bridge id               STP enabled     interfaces
dev             8000.000000000000       no
prod            8000.000000000000       no

Note that when a bridge is active (ie raised), it can be removed. First you need to demolish the bridge and then remove it.

Also note that the brctl command was previously called brcfg.

4. Add the interface to the existing bridge

Using brctl addif, we can add an interface to the existing Ethernet bridge.

The following example will add ethernet eth0 to the “dev” bridge we just created.

Warning. Do not try to use this on any critical machines, as you can lose the network connection to that machine when something goes wrong. Try this only on a test instance where you have console access.

brctl addif dev eth0

In the above:

  • This will actually make eth0 the “dev” bridge port.
  • This way, all packets that arrive on eth0 will be treated as if they were actually arriving on the bridge.
  • Also, when packets are sent to the “dev” bridge, it will use eth0. When multiple interfaces are part of the “dev” bridge, eth0 will be a potential candidate for sending outgoing frames from the bridge.

After adding the eth0 bridge to “dev”, the brctl show command will display the following.

# brctl show
bridge name     bridge id               STP enabled     interfaces
dev             8000.0050568954bc       no              eth0
prod            8000.000000000000       no

As you can see from the above output, the last column “interfaces” is eth0 for bridge “dev”.

Note. If something goes wrong by adding eth0 to the “dev” bridge, run the following command from the console to remove the dev bridge.

# brctl delbr dev

Note that if you try to add the loopback interface to the bridge, you will receive the following command with an invalid argument.

# brctl addif dev lo
can’t add lo to bridge dev: Invalid argument

As you can imagine, you cannot add an interface that does not exist on the system for the bridge.

# brctl addif dev eth2
interface eth2 does not exist!

5. Add multiple interfaces to the existing bridge.

In the above example, we have added only one Ethernet device (eth0) to the bridge.

But the whole idea of ​​using a bridge is to add additional interfaces to the bridge.

In the following example, we add both eth0 and eth1 to the “dev” bridge.

# brctl addif dev eth0 eth1

As you can see from the following output, we see two lines for the dev bridge. In the last column “interfaces” we see both eth0 and eth1 for the “dev” ethernet bridge.

# brctl show
bridge name     bridge id               STP enabled     interfaces
dev             8000.0050568954bc       no              eth0
                                                        eth1
prod            8000.000000000000       no

Note If a particular Ethernet interface is already part of a bridge, you cannot add it to another bridge.

In principle, one network can only be part of one bridge. If not, we will receive the following error when we try to add it to another bridge.

# brctl addif prod eth1
device eth1 is already a member of a bridge; can't enslave it to bridge prod

6. Tracking the MAC address of the bridge

Using brctl showmacs, we can see all the MAC addresses of the bridge.

In the following example, for now, the following are two mac addresses that are connected to the “prod” ethernet bridge. This data will change depending on the current state of what is associated with the bridge.

# brctl showmacs prod
port no mac addr                is local?       ageing timer
1       00:50:56:89:54:bc       yes                0.00
2       00:60:50:46:bc:40       no                 0.00

7. Set the aging time for the Mac address on the bridge

In the following example, we set the mac address aging time to 120 seconds on the “dev” modem.

brctl setaging dev 120

In the above:

  • dev is the name of the bridge where we set this value
  • 120 seconds
  • So, if the packet doesn’t show up for the “dev” bridge in 120 seconds, then the “dev” bridge will remove the mac address from the forwarding database.

8. Install Spanning Tree on an Ethernet Bridge

Using brctl stp, we can set up a spanning tree on the Ethernet bridge.

But by default, spanning tree is not enabled when we create a bridge.

Spanning tree is useful when you have multiple bridges on your network and they can all work together to find the shortest path between two ethernets.

In the following example, we enable spanning tree on the “dev” ethernet bridge.

We can use on or yes to enable the spanning tree. Thus, both of the following commands will do the same.

brctl stp dev on

brctl stp dev yes

As you can see from the following screen output, the values ​​in the “STP enabled” column for the “dev” bridge are now “yes”.

# brctl show
bridge name     bridge id               STP enabled     interfaces
dev             8000.000000000000       yes
prod            8000.000000000000       no

To disable Spanning Tree on an Ethernet bridge, follow these steps:

# brctl stp dev off

# brctl show
bridge name     bridge id               STP enabled     interfaces
dev             8000.000000000000       no
prod            8000.000000000000       no

9. Display of STP parameter values ​​for the bridge

STP stands for Spanning Tree Protocol.

After you have enabled stp on your bridge, you can use showstp as shown below to view all the stp parameter values ​​for your bridge.

The stp parameter and its current value for the “dev” bridge will be shown below.

# brctl showstp dev
dev
 bridge id              000a.000000000000
 designated root        000a.000000000000
 root port                 0       path cost                  0
 max age                  19.99    bridge max age            19.99
 hello time                1.99    bridge hello time          1.99
 forward delay            14.99    bridge forward delay      14.99
 ageing time             299.95
 hello timer               0.00    tcn timer                  0.00
 topology change timer     0.00    gc timer                   0.00
 hash elasticity           4       hash max                 512
 mc last member count      2       mc init query count        2
 mc router                 1       mc snooping                1
 mc last member timer      0.99    mc membership timer      259.96
 mc querier timer        254.96    mc query interval        124.98
 mc response interval      9.99    mc init query interval    31.24
 flags

10. Changing the value of the bridge parameters

Bridge-specific spanning tree defaults can be changed. You can also change other values ​​of the parameters of the created bridge.

All of the following dialing commands, mentioned in the table below, begin with brctl. For instance:

brctl setageing dev 100

The following table shows the available dialing commands for brctl. The time value is in seconds.

brctl command Description
setageing bridge timeSet the aging time
setbridgeprio bridge prioSet the bridge priority (0 to 65535)
setfd bridge timeSet bridge jumper delay
sethello bridge timeSet greeting time
setmaxage bridge timeSet maximum message age
setgcint bridge timeSet the garbage collection interval in seconds
sethashel bridge intSet elasticity hash
sethashmax bridge intSet maximum hash
setmclmc bridge intSet the counter of the last member of a multicast
setmcrouter bridge intInstalling a Multicast Router
setmcsnoop bridge intConfiguring Multicast Tracking
setmcsqc bridge intSet the number of requests to start multicast
setmclmi bridge timeSet the interval of the last multicast member
setmcmi bridge timeSet the multicast membership interval
setmcqpi bridge timeSet the multicast request interval
setmcqi bridge timeSetting the Internet Request Interval
setmcqri bridge timeSet Multicast Request Response Interval
setmcqri bridge timeSet Multicast Download Request Interval
setpathcost bridge port costSet path cost
setportprio bridge port prioSet the port priority (0 to 255)
setportmcrouter bridge port intInstall Multicast Port Router
sethashel bridge intSet hash elasticity value

Please disable your ad blocker or whitelist this site!

Related Posts