xref: /dflybsd-src/share/man/man4/bridge.4 (revision db37145ff389be25b1f4eedcf06a093d7cf4bac4)

.\" Copyright 2001 Wasabi Systems, Inc.
.\" All rights reserved.
.\"
.\" Written by Jason R. Thorpe for Wasabi Systems, Inc.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\" 3. All advertising materials mentioning features or use of this software
.\"    must display the following acknowledgement:
.\"	This product includes software developed for the NetBSD Project by
.\"	Wasabi Systems, Inc.
.\" 4. The name of Wasabi Systems, Inc. may not be used to endorse
.\"    or promote products derived from this software without specific prior
.\"    written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY WASABI SYSTEMS, INC. ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL WASABI SYSTEMS, INC
.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
.\" POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $NetBSD: bridge.4,v 1.7 2005/06/23 12:47:38 peter Exp $
.\" $DragonFly: src/share/man/man4/bridge.4,v 1.6 2005/12/21 16:37:15 corecode Exp $
.\"
.Dd January 4, 2004
.Dt BRIDGE 4
.Os
.Sh NAME
.Nm bridge
.Nd network bridge device
.Sh SYNOPSIS
.Cd "pseudo-device bridge"
.Sh DESCRIPTION
The
.Nm
driver creates a logical link between two or more IEEE 802 networks
that use the same (or
.Dq similar enough )
framing format.
For example, it is possible to bridge Ethernet and 802.11 networks together,
but it is not possible to bridge Ethernet and Token Ring together.
.Pp
To use
.Nm bridge ,
the administrator must first create the interface and configure
the bridge parameters.
The bridge is created using the
.Xr ifconfig 8
.Cm create
subcommand.
The learning and forwarding behavior and other parameters of a
bridge are configured by the
.Xr brconfig 8
utility.
.Pp
A bridge can be used to provide several services, such as a simple
802.11-to-Ethernet bridge for wireless hosts, and traffic isolation.
.Pp
A bridge works like a hub, forwarding traffic from one interface
to another.
Multicast and broadcast packets are always forwarded to all
interfaces that are part of the bridge.
For unicast traffic, the bridge learns which MAC addresses are associated
with which interfaces and will forward the traffic selectively.
.Pp
The
.Nm
driver implements the IEEE 802.1D Spanning Tree protocol (STP).
Spanning Tree is used to detect and remove loops in a network topology.
.Pp
Packet filtering can be used with any firewall package that hooks in via the
.Xr pfil 9
framework.
When filtering is enabled, bridged packets will pass through the filter
inbound on the originating interface, on the bridge interface and outbound on
the appropriate interfaces.
Either stage can be disabled, this behaviour can be controlled using
.Xr sysctl 8 :
Set
.Va net.link.bridge.pfil_member
to
.Li 1
to enable filtering on the incoming and outgoing member interfaces
and set
.Va net.link.bridge.pfil_bridge
to
.Li 1
to enable filtering on the bridge interface.
.Pp
ARP and REVARP packets are forwarded without being filtered and others
that are not IP nor IPv6 packets are not forwarded when filtering is
enabled.
.Pp
Note that packets to and from the bridging host will be seen by the
filter on the interface with the appropriate address configured as well
as on the interface on which the packet arrives or departs.
.Pp
The MTU of the first member interface to be added is used as the bridge MTU,
all additional members are required to have exactly the same value.
.Sh SEE ALSO
.Xr brconfig 8 ,
.Xr pf 4
.Sh HISTORY
The
.Nm
driver first appeared in
.Ox 2.5
and found its way into
.Dx 1.3.7 .
.Sh AUTHORS
.An -nosplit
The
.Nm bridge
driver was originally written by
.An Jason L. Wright
.Aq jason@thought.net
as part of an undergraduate independent study at the University of
North Carolina at Greensboro.
.Pp
This version of the
.Nm
driver has been heavily modified from the original version by
.An Jason R. Thorpe
.Aq thorpej@wasabisystems.com .
.Sh BUGS
The
.Nm
driver currently supports only Ethernet and Ethernet-like (e.g. 802.11)
network devices, with exactly the same interface MTU size as the bridge device.