1.\" $NetBSD: brconfig.8,v 1.18 2015/01/05 00:36:23 msaitoh Exp $ 2.\" 3.\" Copyright 2001 Wasabi Systems, Inc. 4.\" All rights reserved. 5.\" 6.\" Written by Jason R. Thorpe for Wasabi Systems, Inc. 7.\" 8.\" Redistribution and use in source and binary forms, with or without 9.\" modification, are permitted provided that the following conditions 10.\" are met: 11.\" 1. Redistributions of source code must retain the above copyright 12.\" notice, this list of conditions and the following disclaimer. 13.\" 2. Redistributions in binary form must reproduce the above copyright 14.\" notice, this list of conditions and the following disclaimer in the 15.\" documentation and/or other materials provided with the distribution. 16.\" 3. All advertising materials mentioning features or use of this software 17.\" must display the following acknowledgement: 18.\" This product includes software developed for the NetBSD Project by 19.\" Wasabi Systems, Inc. 20.\" 4. The name of Wasabi Systems, Inc. may not be used to endorse 21.\" or promote products derived from this software without specific prior 22.\" written permission. 23.\" 24.\" THIS SOFTWARE IS PROVIDED BY WASABI SYSTEMS, INC. ``AS IS'' AND 25.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 26.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 27.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL WASABI SYSTEMS, INC 28.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 29.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 30.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 31.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 32.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 33.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 34.\" POSSIBILITY OF SUCH DAMAGE. 35.\" 36.Dd January 5, 2015 37.Dt BRCONFIG 8 38.Os 39.Sh NAME 40.Nm brconfig 41.Nd configure network bridge parameters 42.Sh SYNOPSIS 43.Nm 44.Fl a 45.Nm 46.Ar bridge 47.Nm 48.Ar bridge 49.Ar command 50.Op Ar args ... 51.Sh DESCRIPTION 52The 53.Nm 54utility is used to configure network bridge parameters and retrieve 55network bridge parameters and status from the kernel. 56The bridging function is implemented by the 57.Xr bridge 4 58driver. 59.Pp 60A network bridge creates a logical link between two or more 61IEEE 802 networks that use the same (or 62.Dq similar enough ) 63framing format. 64For example, it is possible to bridge Ethernet 65and 802.11 networks together, but it is not possible to bridge 66Ethernet and Token Ring together. 67.Pp 68Bridge interfaces are created using the 69.Xr ifconfig 8 70command's 71.Dq create 72sub-command. 73All other bridge configuration is performed using 74.Nm . 75.Pp 76The options are as follows: 77.Bl -tag -width indent 78.It Fl a 79Display the status of all bridge devices present on the system. 80This flag is mutually exclusive with all other sub-commands. 81.El 82.Pp 83All other operations require that a bridge be specified. 84If a bridge is specified with no sub-commands, 85the status of that bridge is displayed. 86The following sub-commands are available: 87.Pp 88.Bl -tag -width indent 89.It Cm up 90Start forwarding packets on the bridge. 91.It Cm down 92Stop forwarding packets on the bridge. 93.It Cm add Ar interface 94Add the interface named by 95.Ar interface 96as a member of the bridge. 97The interface is put into promiscuous mode 98so that it can receive every packet sent on the network. 99.It Cm delete Ar interface 100Remove the interface named by 101.Ar interface 102from the bridge. 103Promiscuous mode is disabled on the interface when 104it is removed from the bridge. 105.It Cm addr 106Display the addresses that have been learned by the bridge. 107.It Cm maxaddr Ar size 108Set the size of the bridge address cache to 109.Ar size . 110The default is 100 entries. 111.It Cm timeout Ar seconds 112Set the timeout of address cache entries to 113.Ar seconds 114seconds. 115If 116.Ar seconds 117is zero, then address cache entries will not be expired. 118The default is 1200 seconds. 119.It Cm deladdr Ar address 120Delete 121.Ar address 122from the address cache. 123.It Cm flush 124Delete all dynamically-learned addresses from the address cache. 125.It Cm flushall 126Delete all addresses, including static addresses, from the address cache. 127.It Cm discover Ar interface 128Mark an interface as a 129.Dq discovering 130interface. 131When the bridge has no address cache entry 132(either dynamic or static) 133for the destination address of a packet, 134the bridge will forward the packet to all 135member interfaces marked as 136.Dq discovering . 137This is the default for all interfaces added to a bridge. 138.It Cm -discover Ar interface 139Clear the 140.Dq discovering 141attribute on a member interface. 142For packets without the 143.Dq discovering 144attribute, the only packets forwarded on the interface are broadcast 145or multicast packets and packets for which the destination address 146is known to be on the interface's segment. 147.It Cm ipf 148Enable packet filtering with 149.Xr pfil 9 150on the bridge. 151The current implementation passes 152all ARP and RARP packets through the bridge 153while filtering IP and IPv6 packets through the configured packet 154filter, such as 155.Xr ipf 4 156or 157.Xr pf 4 . 158Other packet types are blocked. 159.It Cm learn Ar interface 160Mark an interface as a 161.Dq learning 162interface. 163When a packet arrives on such an interface, the source 164address of the packet is entered into the address cache as being a 165destination address on the interface's segment. 166This is the default for all interfaces added to a bridge. 167.It Cm -learn Ar interface 168Clear the 169.Dq learning 170attribute on a member interface. 171.It Cm static Ar interface address 172Add a static entry into the address cache pointing to 173.Ar interface . 174Static entries are never aged out of the cache or replaced, even if the address 175is seen on a different interface. 176.It Cm stp Ar interface 177Enable Spanning Tree protocol on 178.Ar interface . 179The 180.Xr bridge 4 181driver has support for the IEEE 802.1D Spanning Tree protocol (STP). 182Spanning Tree is used to detect and remove loops in a network topology. 183.It Cm -stp Ar interface 184Disable Spanning Tree protocol on 185.Ar interface . 186This is the default for all interfaces added to a bridge. 187.It Cm maxage Ar seconds 188Set the time that a Spanning Tree protocol configuration is valid. 189The default is 20 seconds. 190The minimum is 1 second and the maximum is 255 seconds. 191.It Cm fwddelay Ar seconds 192Set the time that must pass before an interface begins forwarding 193packets when Spanning Tree is enabled. 194The default is 15 seconds. 195The minimum is 1 second and the maximum is 255 seconds. 196.It Cm hellotime Ar seconds 197Set the time between broadcasting of Spanning Tree protocol 198configuration messages. 199The default is 2 seconds. 200The minimum is 1 second and the maximum is 255 seconds. 201.It Cm priority Ar value 202Set the bridge priority for Spanning Tree. 203The default is 32768. 204Allowed numerical values range from 0 (highest priority) to 65535 205(lowest priority). 206.It Cm ifpriority Ar interface Ar value 207Set the Spanning Tree priority of 208.Ar interface 209to 210.Ar value . 211The default is 128. 212The minimum is 0 and the maximum is 255. 213.It Cm ifpathcost Ar interface Ar value 214Set the Spanning Tree path cost of 215.Ar interface 216to 217.Ar value . 218The default is 55. 219The minimum is 0 and the maximum is 65535. 220.El 221.Sh EXAMPLES 222The following, when placed in the file 223.Pa /etc/ifconfig.bridge0 , 224will cause a bridge called 225.Sq bridge0 226to be created, add the interfaces 227.Sq ray0 228and 229.Sq fxp0 230to the bridge, and then enable packet forwarding. 231Such a configuration could be used to implement a simple 232802.11-to-Ethernet bridge (assuming the 802.11 interface is 233in ad-hoc mode). 234.Bd -literal -offset indent 235create 236!brconfig $int add ray0 add fxp0 up 237.Ed 238.Pp 239Consider a system with two 4-port Ethernet boards. 240The following placed in the file 241.Pa /etc/ifconfig.bridge0 242will cause a bridge consisting of all 8 ports with Spanning Tree 243enabled to be created: 244.Bd -literal -offset indent 245create 246!brconfig $int \e 247 add tlp0 stp tlp0 \e 248 add tlp1 stp tlp1 \e 249 add tlp2 stp tlp2 \e 250 add tlp3 stp tlp3 \e 251 add tlp4 stp tlp4 \e 252 add tlp5 stp tlp5 \e 253 add tlp6 stp tlp6 \e 254 add tlp7 stp tlp7 \e 255 up 256.Ed 257.Sh SEE ALSO 258.Xr bridge 4 , 259.Xr pf 4 , 260.Xr ifconfig.if 5 , 261.Xr ifconfig 8 , 262.Xr ipf 8 , 263.Xr pfil 9 264.Sh HISTORY 265The 266.Nm 267utility first appeared in 268.Nx 1.6 . 269.Sh AUTHORS 270The 271.Xr bridge 4 272driver and 273.Nm 274utility were originally written by 275.An Jason L. Wright 276.Aq jason@thought.net 277as part of an undergraduate independent study at the 278University of North Carolina at Greensboro. 279.Pp 280This version of the 281.Nm 282utility was written from scratch by 283.An Jason R. Thorpe 284.Aq thorpej@wasabisystems.com . 285