Show Table of Contents
9.2. Using the NetworkManager Command Line Tool, nmcli
To create a bridge, named bridge-br0, issue a command as follows as
root:
~]# nmcli con add type bridge ifname br0
Connection 'bridge-br0' (6ad5bba6-98a0-4f20-839d-c997ba7668ad) successfully added.
If no interface name is specified, the name will default to bridge, bridge-1, bridge-2, and so on.
To view the connections, issue the following command:
~]$ nmcli con show
NAME UUID TYPE DEVICE
bridge-br0 79cf6a3e-0310-4a78-b759-bda1cc3eef8d bridge br0
eth0 4d5c449a-a6c5-451c-8206-3c9a4ec88bca 802-3-ethernet eth0
Spanning tree protocol (STP) is enabled by default. The values used are from the IEEE 802.1D-1998 standard. To disable
STP for this bridge, issue a command as follows as root:
~]# nmcli con modify bridge-br0 bridge.stp no
To re-enable 802.1D STP for this bridge, issue a command as follows as root:
~]# nmcli con modify bridge-br0 bridge.stp yes
The default bridge priority for
802.1D STP is 32768. The lower number is preferred in root bridge selection. For example, a bridge with priority of 28672 would be selected as the root bridge in preference to a bridge with priority value of 32768 (the default). To create a bridge with a non-default value, issue a command as follows:
~]$ nmcli con add type bridge ifname br5 stp yes priority 28672
Connection 'bridge-br5' (86b83ad3-b466-4795-aeb6-4a66eb1856c7) successfully added.
The allowed values are in the range 0 to 65535.
To change the bridge priority of an existing bridge to a non-default value, issue a command in the following format:
~]$ nmcli connection modify bridge-br5 bridge.priority 36864
The allowed values are in the range 0 to 65535.
To configure a bridge connection to forward group addresses in the range from
01:80:C2:00:00:00 to 01:80:C2:00:00:0F, change the group-forward-mask property. This property is a mask of 16 bits. Each bit corresponds to a group address in the above-mentioned range that must be forwarded. For example:
~]$ nmcli connection modify bridge-br5 bridge.group-forward-mask 8
Important
The
group-forward-mask property cannot have any of the 0, 1, 2 bits set to 1 because those addresses are used for Spanning tree protocol (STP), Link Aggregation Control Protocol (LACP) and Ethernet MAC pause frames.
To view the bridge settings, issue the following command:
~]$ nmcli -f bridge con show bridge-br0
Further options for
802.1D STP are listed in the bridge section of the nmcli(1) man page.
To add, or enslave an interface, for example eth1, to the bridge bridge-br0, issue a command as follows:
~]$ nmcli con add type ethernet ifname eth1 master bridge-br0
Connection 'bridge-slave-eth1' (70ffae80-7428-4d9c-8cbd-2e35de72476e) successfully added.
To enslave an existing connection to a bridge, proceed as follows:
- Change its master and slave-type properties. For example to enslave an existing VLAN connection named vlan100:
~]$
nmcli connection modify vlan100 master bridge-br0 slave-type bridge - Reactivate the connection to apply the changes:
~]$
nmcli connection up vlan100
To change a value using interactive mode, issue the following command:
~]$ nmcli connection edit bridge-br0
You will be placed at the nmcli prompt.
nmcli>set bridge.priority 4096nmcli>saveConnection 'bridge-br0' (79cf6a3e-0310-4a78-b759-bda1cc3eef8d) successfully saved. nmcli>quit
See Section 3.3, “Configuring IP Networking with nmcli” for an introduction to nmcli.
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.