Master Linux Network Bridges: Concepts, Commands, and Configuration Guides
This guide explains the concept and operation of Linux network bridges, details how bridge members interact, describes data flow and IP handling, and provides step‑by‑step instructions for creating and managing bridges using brctl, nmcli, ip commands, and distribution‑specific configuration files, including STP setup.
Bridge Concept
In everyday life a bridge connects two places; in networking a bridge is a Layer‑2 device that links multiple LAN segments using MAC addresses to forward or filter frames, effectively dividing broadcast domains.
On Linux, a bridge is a logical interface (e.g., br0) that aggregates two or more network interfaces (physical like eth0 or virtual like vnetX) so they behave as a single interface.
How a Bridge Works
Network interface role
udev creates and manages device nodes; interface names (e.g., eth0, ens33) are logical identifiers linked to kernel network structures.
Tools such as ifconfig or nmcli use these names to interact with the kernel networking stack.
When a physical NIC and a virtual NIC are added to a bridge, traffic between them is handled by the bridge device, not directly by the kernel stack. The bridge acts like a virtual switch, and all member interfaces share the same Layer‑2 subnet.
Bridge Data Flow and IP Assignment
Data flow : After adding eth0 to br0, the NIC no longer communicates directly with the IP stack; all Layer‑2 frames are processed by the bridge, which forwards them between member ports.
IP address : The bridge interface itself must be assigned an IP address because member interfaces lose their IP configuration once bridged. The bridge’s IP is used for communication with external networks.
Managing Bridges with Tools
1. Using brctl (bridge‑utils)
# Create bridge
sudo brctl addbr br0
# Add member interfaces
brctl addif br0 eth0
brctl addif br0 vnetX
# Bring bridge up
ifconfig br0 up # or: ip link set br0 up
# Delete bridge
brctl delbr br0
# Enable STP
brctl stp br0 on2. Using NetworkManager ( nmcli )
# Create bridge
nmcli con add type bridge con-name br0 ifname br0
# Add member interface
nmcli con add type bridge-slave con-name br0-eth1 ifname eth1 master br0
# Bring bridge up/down
nmcli con up br0
nmcli con down br0
# Delete bridge
nmcli con delete br0
# Enable STP
nmcli con modify br0 bridge.stp yes3. Using ip (iproute2)
# Create bridge
ip link add name br0 type bridge
# Add member interface
ip link set dev eth1 master br0
# Bring bridge up/down
ip link set dev br0 up
ip link set dev br0 down
# Delete bridge
ip link delete dev br0 type bridge
# Enable STP
sudo ip link set br0 type bridge stp_state 1Configuration Files
CentOS 7
Ensure the bridge module is loaded and persistent:
lsmod | grep bridge
modprobe bridge
# make persistent by adding to /etc/modulesCreate /etc/sysconfig/network-scripts/ifcfg-br0:
DEVICE=br0
TYPE=Bridge
ONBOOT=yes
BOOTPROTO=static
IPADDR=10.0.0.20
NETMASK=255.255.255.0
GATEWAY=10.0.0.2
STP=onModify physical NIC files ( ifcfg-eth0, ifcfg-eth1) to include BRIDGE=br0, then restart NetworkManager:
systemctl restart NetworkManagerUbuntu 16.04
Load the bridge module and install bridge-utils:
sudo modprobe bridge
sudo apt install bridge-utilsEdit /etc/network/interfaces:
auto lo
iface lo inet loopback
auto br0
iface br0 inet static
address 192.168.14.108
netmask 255.255.248.0
gateway 192.168.12.1
dns-nameserver 180.76.76.76
bridge_ports ens33 ens37
bridge_stp on
auto ens33
iface ens33 inet manual
up ip link set $IFACE up
down ip link set $IFACE down
auto ens37
iface ens37 inet manual
up ip link set $IFACE up
down ip link set $IFACE downApply changes:
sudo systemctl restart networkingUbuntu 20.04 (netplan)
network:
version: 2
renderer: networkd
ethernets:
ens33:
dhcp4: no
ens34:
dhcp4: no
bridges:
br0:
interfaces: [ens33, ens34]
dhcp4: yes
parameters:
stp: true
forward-delay: 4Apply the configuration: sudo netplan apply Verify bridge status:
bridge link show br0Spanning Tree Protocol (STP)
STP prevents Layer‑2 loops by placing ports through three states: Blocking, Listening, and Learning, before reaching Forwarding. Enabling STP on a bridge is essential when member NICs connect to the same physical switch, otherwise broadcast storms can occur.
Summary
The article provides a comprehensive overview of Linux network bridges, covering their definition, internal operation, and the role of member interfaces. It details how bridges handle data flow and IP configuration, and presents practical management methods using brctl, nmcli, and ip commands, as well as persistent configuration via distribution‑specific files for CentOS 7, Ubuntu 16.04, and Ubuntu 20.04. Finally, it explains the importance of enabling STP to avoid network loops.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Liangxu Linux
Liangxu, a self‑taught IT professional now working as a Linux development engineer at a Fortune 500 multinational, shares extensive Linux knowledge—fundamentals, applications, tools, plus Git, databases, Raspberry Pi, etc. (Reply “Linux” to receive essential resources.)
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.