1.\" 2.\" $FreeBSD$ 3.\" 4.Dd September 28, 1998 5.Dt BRIDGE 4 6.Os 7.Sh NAME 8.Nm bridge 9.Nd bridging support 10.Sh DESCRIPTION 11Starting from version 2.2.8, 12.Fx 13supports bridging on Ethernet-type 14interfaces. 15This is enabled by including the following line in the kernel configuration 16file: 17.Pp 18.Dl "options BRIDGE" 19.Pp 20Runtime operation of the bridge is controlled by several 21.Xr sysctl 8 22variables. 23The 24.Va net.link.ether.bridge 25variable can be set to 26.Li 1 27to enable bridging, or set to 28.Li 0 29to disable it. 30.Pp 31The 32.Va net.link.ether.bridge_ipfw 33.Xr sysctl 8 34variable can be set to 35.Li 1 36to enable 37.Xr ipfw 8 38filtering on bridged packets. 39Note that 40.Xr ipfw 8 41rules only apply 42to IP packets. 43Non-IP packets are subject to the default 44.Xr ipfw 8 45rule 46.Pq number 65535 47which must be an 48.Ar allow 49rule if ARP and other non-IP packets need to flow through the 50bridge. 51.Pp 52The bridge configuration is controlled by the 53.Va net.link.ether.bridge_cfg 54.Xr sysctl 8 55variable. 56It consists of a comma-separated list of 57.Ar interface : Ns Ar cluster 58pairs, where all interfaces with the same 59.Ar cluster 60number will 61be bridged together. 62.Pp 63Another 64.Xr sysctl 8 65variable reinitializes the bridge; this is required if bridged 66configurations include loadable interfaces. 67After loading new interface drivers, setting the 68.Va net.link.ether.bridge_refresh 69variable to 70.Li 1 71will cause the bridge to reinitialize itself. 72.Sh EXAMPLES 73The following command will cause the 74.Li ep0 75and 76.Li fxp0 77interfaces to be bridged together, and the 78.Li fxp1 79and 80.Li de0 81interfaces to be bridged together: 82.Pp 83.Dl "sysctl -w net.link.ether.bridge_cfg ep0:0,fxp0:0,fxp1:1,de0:1" 84.Sh BUGS 85Care must be taken not to construct loops in the bridge topology. 86The kernel supports only a primitive form of loop detection, by disabling 87some interfaces when a loop is detected. 88No support for a daemon running the 89spanning tree algorithm is currently provided. 90.Pp 91With bridging active, interfaces are in promiscuous mode, 92thus causing some load on the system to receive and filter 93out undesired traffic. 94.Pp 95Extended functionality to enable bridging selectively on clusters 96of interfaces is still in the works. 97.Pp 98Interfaces that cannot be put into promiscuous mode or that don't 99support sending packets with arbitrary Ethernet source addresses 100are not compatible with bridging. 101.Sh SEE ALSO 102.Xr ip 4 , 103.Xr ng_bridge 4 , 104.Xr ipfw 8 , 105.Xr sysctl 8 106.Sh HISTORY 107.Nm 108bridging was introduced in 109.Fx 2.2.8 110by 111.An Luigi Rizzo Aq luigi@iet.unipi.it . 112