Updated: 2025/Nov/16
Please read Privacy Policy. It's for your privacy.
BRCONFIG(8) System Manager's Manual BRCONFIG(8)
NAME
brconfig - configure network bridge parameters
SYNOPSIS
brconfig -a
brconfig bridge
brconfig bridge command [args ...]
DESCRIPTION
The brconfig utility is used to configure network bridge parameters and
retrieve network bridge parameters and status from the kernel. The
bridging function is implemented by the bridge(4) driver.
A network bridge creates a logical link between two or more IEEE 802
networks that use the same (or "similar enough") framing format. For
example, it is possible to bridge Ethernet and 802.11 networks together,
but it is not possible to bridge Ethernet and Token Ring together.
Bridge interfaces are created using the ifconfig(8) command's create sub-
command. All other bridge configuration is performed using brconfig.
The options are as follows:
-a Display the status of all bridge devices present on the
system. This flag is mutually exclusive with all other sub-
commands.
All other operations require that a bridge be specified. If a bridge is
specified with no sub-commands, the status of that bridge is displayed.
The following sub-commands are available:
up Start forwarding packets on the bridge.
down Stop forwarding packets on the bridge.
add interface
Add the interface named by interface as a member of the
bridge. The interface is put into promiscuous mode so that
it can receive every packet sent on the network.
delete interface
Remove the interface named by interface from the bridge.
Promiscuous mode is disabled on the interface when it is
removed from the bridge.
addr Display the addresses that have been learned by the bridge.
maxaddr size
Set the size of the bridge address cache to size. The
default is 100 entries.
timeout seconds
Set the timeout of address cache entries to seconds seconds.
If seconds is zero, then address cache entries will not be
expired. The default is 1200 seconds.
deladdr address
Delete address from the address cache.
flush Delete all dynamically-learned addresses from the address
cache.
flushall Delete all addresses, including static addresses, from the
address cache.
discover interface
Mark an interface as a "discovering" interface. When the
bridge has no address cache entry (either dynamic or static)
for the destination address of a packet, the bridge will
forward the packet to all member interfaces marked as
"discovering". This is the default for all interfaces added
to a bridge.
-discover interface
Clear the "discovering" attribute on a member interface. For
packets without the "discovering" attribute, the only packets
forwarded on the interface are broadcast or multicast packets
and packets for which the destination address is known to be
on the interface's segment.
ipf Enable packet filtering with pfil(9) on the bridge. The
current implementation passes all ARP and RARP packets
through the bridge while filtering IP and IPv6 packets
through the configured packet filter, such as npf(7). Other
packet types are blocked.
learn interface
Mark an interface as a "learning" interface. When a packet
arrives on such an interface, the source address of the
packet is entered into the address cache as being a
destination address on the interface's segment. This is the
default for all interfaces added to a bridge.
-learn interface
Clear the "learning" attribute on a member interface.
protect interface
Mark an interface as a "protected" interface. When a packet
arrives on a "protected" interface and is being forwarded to
another "protected" interface, the packet will be discarded.
-protect interface
Clear the "protected" attribute on a member interface.
static interface address
Add a static entry into the address cache pointing to
interface. Static entries are never aged out of the cache or
replaced, even if the address is seen on a different
interface.
stp interface
Enable Spanning Tree protocol on interface. The bridge(4)
driver has support for the IEEE 802.1D Spanning Tree protocol
(STP). Spanning Tree is used to detect and remove loops in a
network topology.
-stp interface
Disable Spanning Tree protocol on interface. This is the
default for all interfaces added to a bridge.
maxage seconds
Set the time that a Spanning Tree protocol configuration is
valid. The default is 20 seconds. The minimum is 1 second
and the maximum is 255 seconds.
fwddelay seconds
Set the time that must pass before an interface begins
forwarding packets when Spanning Tree is enabled. The
default is 15 seconds. The minimum is 1 second and the
maximum is 255 seconds.
hellotime seconds
Set the time between broadcasting of Spanning Tree protocol
configuration messages. The default is 2 seconds. The
minimum is 1 second and the maximum is 255 seconds.
priority value
Set the bridge priority for Spanning Tree. The default is
32768. Allowed numerical values range from 0 (highest
priority) to 65535 (lowest priority).
ifpriority interface value
Set the Spanning Tree priority of interface to value. The
default is 128. The minimum is 0 and the maximum is 255.
ifpathcost interface value
Set the Spanning Tree path cost of interface to value. The
default is 55. The minimum is 0 and the maximum is 65535.
EXAMPLES
The following, when placed in the file /etc/ifconfig.bridge0, will cause
a bridge called `bridge0' to be created, add the interfaces `ray0' and
`fxp0' to the bridge, and then enable packet forwarding. Such a
configuration could be used to implement a simple 802.11-to-Ethernet
bridge (assuming the 802.11 interface is in ad-hoc mode).
create
!brconfig $int add ray0 add fxp0 up
Consider a system with two 4-port Ethernet boards. The following placed
in the file /etc/ifconfig.bridge0 will cause a bridge consisting of all 8
ports with Spanning Tree enabled to be created:
create
!brconfig $int \
add tlp0 stp tlp0 \
add tlp1 stp tlp1 \
add tlp2 stp tlp2 \
add tlp3 stp tlp3 \
add tlp4 stp tlp4 \
add tlp5 stp tlp5 \
add tlp6 stp tlp6 \
add tlp7 stp tlp7 \
up
SEE ALSO
bridge(4), pf(4), ifconfig.if(5), npf(7), ifconfig(8), pfil(9)
HISTORY
The brconfig utility first appeared in NetBSD 1.6.
AUTHORS
The bridge(4) driver and brconfig utility were originally written by
Jason L. Wright <jason@thought.net> as part of an undergraduate
independent study at the University of North Carolina at Greensboro.
This version of the brconfig utility was written from scratch by Jason R.
Thorpe <thorpej@wasabisystems.com>.
NetBSD 11.99 August 29, 2024 NetBSD 11.99