To create a bridge:
$ sudo brctl addbr br0
To add an interface to a bridge:
$ sudo brctl addif br0 eth0
To remove an interface to a bridge:
$ sudo brctl delif br0 eth0
After removing all interfaces to the bridge mark it down:
ip link set br0 down
Now you can remove a bridge:
$ sudo brctl delbr br0
Usage: brctl [commands]
commands:
brctl show
bridge name bridge id STP enabled interfaces
br0 8000.00032544aace no eth0
br1 8000.00032544aacf no eth1
brctl showmacs br0
port no mac addr is local? ageing timer
1 00:03:25:44:aa:cf yes 0.00
1 00:1b:78:59:17:33 no 0.00
brctl showstp br0
br0
bridge id 8000.00032544aace
designated root 8000.00032544aace
root port 0 path cost 0
max age 19.99 bridge max age 19.99
hello time 1.99 bridge hello time 1.99
forward delay 14.99 bridge forward delay 14.99
ageing time 299.95
hello timer 1.11 tcn timer 0.00
topology change timer 0.00 gc timer 15.11
hash elasticity 4 hash max 512
mc last member count 2 mc init query count 2
mc router 1 mc snooping 1
mc last member timer 0.99 mc membership timer 259.96
mc querier timer 254.96 mc query interval 124.98
mc response interval 9.99 mc init query interval 31.24
flags
eth0 (0)
port id 0000 state forwarding
designated root 8000.00032544aace path cost 19
designated bridge 8000.00032544aace message age timer 0.00
designated port 8001 forward delay timer 0.00
designated cost 0 hold timer 0.11
mc router 1
flags
#
# Bring up tap0 with IP 0.0.0.0, create bridge br0 and add interfaces eth0 and tap0
#
/sbin/ifconfig tap0 0.0.0.0 promisc up
/usr/sbin/brctl addbr br0
/usr/sbin/brctl addif br0 eth0
/usr/sbin/brctl addif br0 tap0
Physical NICs have an Interupt:
Interrupt:24 Base address:0x4000
bridge vlan
port vlan ids
eth0 None
eth1 None
bridge link
2: eth0 state UP : <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master br0 state forwarding
3: eth1 state UNKNOWN : <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master br1 state forwarding
prevent bridged traffic from being processed by iptables rules. In /etc/sysctl.conf append the following lines:
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
Reload the kernel parameters configured with sysctl.
sysctl -p /etc/sysctl.conf
#brctl stp br0 on
You can see the STP parameters with:
#brctl showstp br0
STP tuning Bridge priority ;
brctl setbridgeprio bridgename priority
Path priority and cost:
brctl setpathcost bridge port cost
For multiple ports with the same cost there is also a priority
Forwarding delay:
Forwarding delay time is the time spent in each of the Listening and Learning states before the Forwarding state is entered
brctl setfd bridgename time
Hello time:
brctl sethello bridgename time
Max age:
brctl maxage bridgename time
/sys/class/net I found the following distinctions:
Physical devices have a /sys/class/net/eth0/device symlink
Bridges have a /sys/class/net/br0/bridge directory
TUN and TAP devices have a /sys/class/net/tap0/tun_flags file
Bridges and loopback interfaces have 00:00:00:00:00:00 in /sys/class/net/lo/address
Tun/tap interfaces are a feature offered by Linux (and probably by other UNIX-like operating systems) that can do userspace networking, that is, allow userspace programs to see raw network traffic (at the ethernet or IP level) and do whatever they like with it. This document attempts to explain how tun/tap interfaces work under Linux, with some sample code to demonstrate their usage.