BestHub
Sign in
Operations 14 min read

Master Linux Bridge Management: From Basics to Advanced Configuration

This guide explains Linux bridge concepts, how bridges work at the data‑link layer, and provides step‑by‑step commands for creating, configuring, and managing bridges using brctl, NetworkManager, iproute2, and persistent configuration files on CentOS and Ubuntu systems, including STP setup.

Liangxu Linux
Liangxu Linux
Liangxu Linux
Master Linux Bridge Management: From Basics to Advanced Configuration

Linux Bridge Overview

A bridge is a Layer‑2 device that connects two or more network segments and forwards frames based on MAC addresses. In Linux, a bridge (e.g., br0) is a logical interface that can bind physical (e.g., eth0) and virtual (e.g., vnetX) interfaces, making them appear as a single network segment.

Bridge concept illustration
Bridge concept illustration

How a Bridge Works

Network interfaces are created by udev, which assigns logical names such as eth0 or ens33.

Tools like ifconfig or nmcli use these names to interact with the kernel network stack.

When an interface is added to a bridge, traffic no longer goes directly to the kernel stack; the bridge acts as a virtual switch, forwarding frames between its member ports.

Bridge data flow diagram
Bridge data flow diagram

Bridge Member Interfaces

Creating a bridge creates a logical device without physical hardware. Adding physical or virtual NICs makes them members of the bridge. After bridging, the original interfaces lose their IP configuration; the bridge interface receives the IP address.

Bridge members illustration
Bridge members illustration

Bridge Management Tools

1. Using brctl (bridge‑utils)

# Create bridge br0
sudo brctl addbr br0

# Add interfaces
brctl addif br0 eth0
brctl addif br0 vnet0

# Bring bridge up
ifconfig br0 up   # or: ip link set br0 up

# Delete bridge
brctl delbr br0

Note: Bridges created with brctl are temporary and disappear after a reboot.

2. Using NetworkManager ( nmcli )

# Create bridge connection
nmcli con add type bridge con-name br0 ifname br0

# Add a physical NIC as a bridge‑slave
nmcli con add type bridge-slave con-name br0-eth0 ifname eth0 master br0

# Bring bridge up/down
nmcli con up br0
nmcli con down br0

# Delete bridge
nmcli con delete br0

NetworkManager stores the configuration in /etc/NetworkManager/system-connections/, making it persistent across reboots.

3. Using ip (iproute2)

# Create bridge
ip link add name br0 type bridge

# Add member interface
ip link set dev eth1 master br0

# Bring bridge up/down
ip link set dev br0 up
ip link set dev br0 down

# Delete bridge
ip link delete dev br0 type bridge

These commands are also temporary; to persist them, add them to startup scripts or use configuration files.

Assigning IP Addresses to a Bridge

After bridging, assign the IP to the bridge interface itself:

# Example IP configuration
ip addr add 192.168.1.10/24 dev br0
ip route add default via 192.168.1.1 dev br0

Persistent Configuration Files

CentOS 7 (NetworkManager with traditional scripts)

# /etc/sysconfig/network-scripts/ifcfg-br0
DEVICE=br0
TYPE=Bridge
ONBOOT=yes
BOOTPROTO=static
IPADDR=10.0.0.20
NETMASK=255.255.255.0
GATEWAY=10.0.0.2
DNS1=180.76.76.76
DNS2=223.6.6.6
STP=on

Modify the physical NIC script to reference the bridge:

# /etc/sysconfig/network-scripts/ifcfg-eth0
TYPE=Ethernet
DEVICE=eth0
ONBOOT=yes
BRIDGE=br0

Restart NetworkManager:

systemctl restart NetworkManager

Ubuntu 16.04 (ifupdown)

# /etc/network/interfaces
auto lo
iface lo inet loopback

auto br0
iface br0 inet static
    address 192.168.14.108
    netmask 255.255.248.0
    gateway 192.168.12.1
    dns-nameserver 180.76.76.76
    bridge_ports ens33 ens37
    bridge_stp on

auto ens33
iface ens33 inet manual
    up ip link set $IFACE up
    down ip link set $IFACE down

auto ens37
iface ens37 inet manual
    up ip link set $IFACE up
    down ip link set $IFACE down

Apply changes:

sudo systemctl restart networking

Ubuntu 20.04 (netplan)

# /etc/netplan/01-bridge.yaml
network:
  version: 2
  renderer: networkd
  ethernets:
    ens33:
      dhcp4: no
    ens34:
      dhcp4: no
  bridges:
    br0:
      interfaces: [ens33, ens34]
      dhcp4: yes
      parameters:
        stp: true
        forward-delay: 4

Apply the configuration:

sudo netplan apply

Spanning Tree Protocol (STP)

STP prevents Layer‑2 loops by moving ports through the states Blocking , Listening , Learning , and finally Forwarding . Enabling STP on a bridge is essential when member interfaces connect to the same physical switch.

# Enable STP with brctl
brctl stp br0 on

# Enable STP with nmcli
nmcli con modify br0 bridge.stp yes

# Enable STP with ip command
sudo ip link set br0 type bridge stp_state 1
STP state diagram
STP state diagram
Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

LinuxSTPiproute2NetworkManagerNetwork Bridgebrctl
Liangxu Linux
Written by

Liangxu Linux

Liangxu, a self‑taught IT professional now working as a Linux development engineer at a Fortune 500 multinational, shares extensive Linux knowledge—fundamentals, applications, tools, plus Git, databases, Raspberry Pi, etc. (Reply “Linux” to receive essential resources.)

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment