Search

9.2. Using the NetworkManager Command Line Tool, nmcli

download PDF
To create a bridge, named bridge-br0, issue a command as follows as root:
~]# nmcli con add type bridge ifname br0
Connection 'bridge-br0' (6ad5bba6-98a0-4f20-839d-c997ba7668ad) successfully added.
If no interface name is specified, the name will default to bridge, bridge-1, bridge-2, and so on.
To view the connections, issue the following command:
~]$ nmcli con show
NAME        UUID                                  TYPE            DEVICE
bridge-br0  79cf6a3e-0310-4a78-b759-bda1cc3eef8d  bridge          br0
enp1s0      4d5c449a-a6c5-451c-8206-3c9a4ec88bca  802-3-ethernet  enp1s0
Spanning tree protocol (STP) is enabled by default. The values used are from the IEEE 802.1D-1998 standard. To disable STP for this bridge, issue a command as follows as root:
~]# nmcli con modify bridge-br0 bridge.stp no
To re-enable 802.1D STP for this bridge, issue a command as follows as root:
~]# nmcli con modify bridge-br0 bridge.stp yes
The default bridge priority for 802.1D STP is 32768. The lower number is preferred in root bridge selection. For example, a bridge with priority of 28672 would be selected as the root bridge in preference to a bridge with priority value of 32768 (the default). To create a bridge with a non-default value, issue a command as follows:
~]$ nmcli con add type bridge ifname br5 stp yes priority 28672
Connection 'bridge-br5' (86b83ad3-b466-4795-aeb6-4a66eb1856c7) successfully added.
The allowed values are in the range 0 to 65535.
To change the bridge priority of an existing bridge to a non-default value, issue a command in the following format:
~]$ nmcli connection modify bridge-br5 bridge.priority 36864
The allowed values are in the range 0 to 65535.
To configure a bridge connection to forward group addresses in the range from 01:80:C2:00:00:00 to 01:80:C2:00:00:0F, change the group-forward-mask property. This property is a mask of 16 bits. Each bit corresponds to a group address in the above-mentioned range that must be forwarded. For example:
~]$ nmcli connection modify bridge-br5 bridge.group-forward-mask 8

Important

The group-forward-mask property cannot have any of the 0, 1, 2 bits set to 1 because those addresses are used for Spanning tree protocol (STP), Link Aggregation Control Protocol (LACP) and Ethernet MAC pause frames.
To view the bridge settings, issue the following command:
~]$ nmcli -f bridge con show bridge-br0
Further options for 802.1D STP are listed in the bridge section of the nmcli(1) man page.
To add, or assign an interface, for example enp1s0, to the bridge bridge-br0, issue a command as follows:
~]$ nmcli con add type ethernet ifname enp1s0 master bridge-br0
Connection 'bridge-slave-enp1s0' (70ffae80-7428-4d9c-8cbd-2e35de72476e) successfully added.
To assign an existing connection to a bridge, proceed as follows:
  1. Change its controller and port-type properties. For example to assign an existing VLAN connection named vlan100:
    ~]$ nmcli connection modify vlan100 master bridge-br0 slave-type bridge
  2. Reactivate the connection to apply the changes:
    ~]$ nmcli connection up vlan100
To change a value using interactive mode, issue the following command:
~]$ nmcli connection edit bridge-br0
You will be placed at the nmcli prompt.
nmcli> set bridge.priority 4096
nmcli> save
Connection 'bridge-br0' (79cf6a3e-0310-4a78-b759-bda1cc3eef8d) successfully saved.
nmcli> quit
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.