Linux Bridge

Linux Bridge

Example YAML of Linux bridge interface configuration:

version: 1
interfaces:
- name: br0
  type: linux-bridge
  state: up
  bridge:
    options:
      group-addr: 01:80:C2:00:00:00
      group-fwd-mask: 0
      hash-max: 4096
      mac-ageing-time: 300
      multicast-last-member-count: 2
      multicast-last-member-interval: 100
      multicast-membership-interval: 26000
      multicast-querier: false
      multicast-querier-interval: 25500
      multicast-query-interval: 12500
      multicast-query-response-interval: 1000
      multicast-query-use-ifaddr: false
      multicast-router: auto
      multicast-snooping: true
      multicast-startup-query-count: 2
      multicast-startup-query-interval: 3125
      stp:
        enabled: true
        forward-delay: 15
        hello-time: 2
        max-age: 20
        priority: 32768
      vlan-protocol: 802.1q
      vlan-default-pvid: 1
    ports:
    - name: eth1
      stp-hairpin-mode: false
      stp-path-cost: 100
      stp-priority: 32
    - name: eth2
      stp-hairpin-mode: false
      stp-path-cost: 100
      stp-priority: 32

`options`: Bridge options

Linux bridge kernel options. When applying, existing options are merged into desired.

`group-addr`: Multicast group address

The multicast MAC address used by the bridge. Default is 01:80:C2:00:00:00.

`group-fwd-mask`: Group forward mask

Also configurable as group-forward-mask (deprecated alias). Defines the mask for forwarding link-local frames. Setting a bit enables forwarding of frames with the corresponding destination MAC address.

`hash-max`: Hash table maximum

The maximum size of the multicast hash table.

`mac-ageing-time`: MAC ageing time

The MAC address ageing time in seconds. Controls how long a learned MAC address is kept in the forwarding database without being refreshed.

`multicast-last-member-count`: Last member query count

The number of queries sent after receiving a leave message.

`multicast-last-member-interval`: Last member query interval

The interval in milliseconds between last member query transmissions.

`multicast-membership-interval`: Membership interval

The interval in milliseconds after which a multicast membership expires.

`multicast-querier`: Multicast querier

When set to true, the bridge can act as a multicast querier.

`multicast-querier-interval`: Querier interval

The interval in milliseconds between querier transmissions.

`multicast-query-interval`: Query interval

The interval in milliseconds between general multicast queries.

`multicast-query-response-interval`: Query response interval

The maximum response time in milliseconds for multicast queries.

`multicast-query-use-ifaddr`: Query use interface address

When set to true, the bridge uses its own IP address as the source of multicast queries.

`multicast-router`: Multicast router type

The multicast router type:

auto (1): The bridge automatically detects multicast routers.
disabled (0): Multicast router functionality is disabled.
enabled (2): The bridge acts as a multicast router.

`multicast-snooping`: Multicast snooping

When set to true, the bridge performs IGMP/MLD snooping to reduce multicast traffic.

`multicast-startup-query-count`: Startup query count

The number of queries sent when the bridge starts.

`multicast-startup-query-interval`: Startup query interval

The interval in milliseconds between startup queries.

`stp`: Spanning Tree Protocol

STP options for the bridge.

`enabled`: STP enabled

Enables or disables Spanning Tree Protocol on the bridge. When disabled, the remaining STP options are discarded during apply.

`forward-delay`: Forward delay

The forwarding delay in seconds. Valid range is 2 to 30.

`hello-time`: Hello time

The interval in seconds between STP hello BPDU transmissions. Valid range is 1 to 10.

`max-age`: Maximum age

The maximum age of STP information in seconds. Valid range is 6 to 40.

`priority`: Bridge priority

The STP bridge priority. Lower priority increases the chance of becoming the root bridge.

`vlan-protocol`: VLAN protocol

The VLAN encapsulation protocol used by the bridge:

802.1q: Standard IEEE 802.1Q VLAN tagging (default).
802.1ad: Provider Bridging (Q-in-Q) IEEE 802.1ad.

`vlan-default-pvid`: Default PVID

The default Port VLAN ID (PVID) assigned to ports. Default is 1. Cannot be changed to a value other than 1 unless VLAN filtering is enabled.

`ports`: Bridge ports

List of bridge port configurations. When applying, the desired port list will override the current port list.

`name`: Port name

The kernel interface name of the bridge port. Mandatory.

`stp-hairpin-mode`: Hairpin mode

When set to true, traffic may be sent back out of the port on which it was received.

`stp-path-cost`: STP path cost

The STP path cost of the port. Used in root port and designated port selection.

`stp-priority`: STP priority

The STP port priority. An unsigned 8-bit value (0 to 255). Lower priority increases the chance of becoming the designated port.

`vlan`: Port VLAN filtering

VLAN filtering configuration specific to this port. If not defined, the current VLAN filtering is preserved for the port.

`vlan`: Bridge VLAN filtering

The VLAN filtering configuration for the bridge itself. Setting to vlan: {} will remove all VLANs.

`mode`: VLAN mode

The bridge VLAN filtering mode:

access: Single untagged VLAN (access port).
trunk: Tagged VLANs (trunk port).

Defaults to access if not defined.

trunk-tags:
- id: 100
- id-range:
    min: 200
    max: 300

Overlapping trunk tags are not allowed.

Nipart Document