You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Bridge Interface Setup

Sub-menu: /interface bridge

To combine a number of networks into one bridge, a bridge interface should be created (later, all the desired interfaces should be set up as its ports). One MAC address will be assigned to all the bridged interfaces (the MAC address of first bridge port which comes up will be chosen automatically).

PropertyDescription
add-dhcp-option82 (yes | no; Default: no)Whether to add DHCP Option-82 information (Agent Remote ID and Agent Circuit ID) to DHCP packets. Can be used together with Option-82 capable DHCP server to assign IP addresses and implement policies. This property only has effect when dhcp-snooping is set to yes.
admin-mac (MAC address; Default: none)Static MAC address of the bridge. This property only has effect when auto-mac is set to no.
ageing-time (time; Default: 00:05:00)How long a host's information will be kept in the bridge database.
arp (disabled | enabled | proxy-arp | reply-only; Default: enabled)Address Resolution Protocol setting
  • disabled - the interface will not use ARP
  • enabled - the interface will use ARP
  • proxy-arp - the interface will use the ARP proxy feature
  • reply-only - the interface will only reply to requests originated from matching IP address/MAC address combinations which are entered as static entries in the IP/ARP table. No dynamic entries will be automatically stored in the IP/ARP table. Therefore for communications to be successful, a valid static entry must already exist.
arp-timeout (auto | integer; Default: auto)ARP timeout is time how long ARP record is kept in ARP table after no packets are received from IP. Value auto equals to the value of arp-timeout in IP/Settings, default is 30s.
auto-mac (yes | no; Default: yes)Automatically select one MAC address of bridge ports as a bridge MAC address.
comment (string; Default: )Short description of the interface.
dhcp-snooping (yes | no; Default: no)Enables or disables DHCP Snooping on the bridge.
disabled (yes | no; Default: no)Changes whether the bridge is disabled.
ether-type (0x9100 | 0x8100 | 0x88a8; Default: 0x8100)Changes the EtherType, which will be used to determine if a packet has a VLAN tag. Packets that have a matching EtherType are considered as tagged packets. This property only has effect when vlan-filtering is set to yes.
fast-forward (yes | no; Default: yes)Special and faster case of FastPath which works only on bridges with 2 interfaces (enabled by default only for new bridges). More details can be found in the Fast Forward section.
forward-delay (time; Default: 00:00:15)Time which is spent during the initialization phase of the bridge interface (i.e., after router startup or enabling the interface) in listening/learning state before the bridge will start functioning normally.
frame-types (admit-all | admit-only-untagged-and-priority-tagged | admit-only-vlan-tagged; Default: admit-all)Specifies allowed ingress frame types on a bridge port. This property only has effect when vlan-filtering is set to yes.
igmp-snooping (yes | no; Default: no)Enables multicast group and port learning to prevent multicast traffic from flooding all interfaces in a bridge.
igmp-version (2 | 3; Default: 2)Selects the IGMP version in which IGMP general membership queries will be generated. This property only has effect when igmp-snooping is set to yes.
ingress-filtering (yes | no; Default: no)Enables or disables VLAN ingress filtering, which checks if the ingress port is a member of the received VLAN ID in the bridge VLAN table. Should be used with frame-types to specify if the ingress traffic should be tagged or untagged. This property only has effect when vlan-filtering is set to yes.
last-member-interval (time; Default: 1s)If a port has fast-leave set to no and a bridge port receives a IGMP Leave message, then a IGMP Snooping enabled bridge will send a IGMP query to make sure that no devices has subscribed to a certain multicast stream on a bridge port. If a IGMP Snooping enabled bridge does not receive a IGMP membership report after amount of last-member-interval, then the bridge considers that no one has subscribed to a certain multicast stream and can stop forwarding it. This property only has effect when igmp-snooping is set to yes.
last-member-query-count (integer: 0..4294967295; Default: 2)How many times should last-member-interval pass until a IGMP Snooping bridge will stop forwarding a certain multicast stream. This property only has effect when igmp-snooping is set to yes.
max-hops (integer: 6..40; Default: 20)Bridge count which BPDU can pass in a MSTP enabled network in the same region before BPDU is being ignored. This property only has effect when protocol-mode is set to mstp.
max-message-age (time; Default: 00:00:20)How long to remember Hello messages received from other STP/RSTP enabled bridges. This property only has effect when protocol-mode is set to stp or rstp.
membership-interval (time; Default: 4m20s)Amount of time after an entry in the Multicast Database (MDB) is removed if a IGMP membership report is not received on a certain port. This property only has effect when igmp-snooping is set to yes.
mld-version (1 | 2; Default: 1)Selects the MLD version. Version 2 adds support for source-specific multicast. This property only has effect when RouterOS IPv6 package is enabled and igmp-snooping is set to yes.
mtu (integer; Default: 1500)Maximum Transmission Unit
multicast-querier (yes | no; Default: no)Multicast querier generates IGMP general membership queries to which all IGMP capable devices respond with a IGMP membership report, usually a PIM (multicast) router generates these queries. By using this property you can make a IGMP Snooping enabled bridge to generate IGMP general membership queries. This property should be used whenever there is no PIM (multicast) router in a Layer2 network or IGMP packets must be sent through multiple IGMP Snooping enabled bridges to reach a PIM (multicast) router. Without a multicast querier in a Layer2 network the Multicast Database (MDB) is not being updated and IGMP Snooping will not function properly. This property only has effect when igmp-snooping is set to yes.
multicast-router (disabled | permanent | temporary-query; Default: temporary-query)Changes the state of a bridge itself if IGMP membership reports are going to be forwarded to it. This property can be used to forward IGMP membership reports to the bridge for statistics or to analyse them.
  • disabled - IGMP membership reports are not forwarded to the bridge itself regardless what is connected to it.
  • permanent - IGMP membership reports are forwarded through this the bridge itself regardless what is connected to it.
  • temporary-query - automatically detect multicast routers and IGMP Snooping enabled bridges. This property only has effect when igmp-snooping is set to yes.
name (text; Default: bridgeN)Name of the bridge interface
priority (integer: 0..65535 decimal format or 0x0000-0xffff hex format; Default: 32768 / 0x8000)Bridge priority, used by STP to determine root bridge, used by MSTP to determine CIST and IST regional root bridge. This property has no effect when protocol-mode is set to none.
protocol-mode (none | rstp | stp | mstp; Default: rstp)Select Spanning tree protocol (STP) or Rapid spanning tree protocol (RSTP) to ensure a loop-free topology for any bridged LAN. RSTP provides for faster spanning tree convergence after a topology change. Select MSTP to ensure loop-free topology across multiple VLANs. Since RouterOS v6.43 it is possible to forward Reserved MAC addresses that are in 01:80:C2:XX:XX:XX range, this can be done by setting the protocol-mode to none.
pvid (integer: 1..4094; Default: 1)Port VLAN ID (pvid) specifies which VLAN the untagged ingress traffic is assigned to. It applies e.g. to frames sent from bridge IP and destined to a bridge port. This property only has effect when vlan-filtering is set to yes.
querier-interval (time; Default: 4m15s)Used to change the interval how often a bridge checks if it is the active multicast querier. This property only has effect when igmp-snooping and multicast-querier is set to yes.
query-interval (time; Default: 2m5s)Used to change the interval how often IGMP general membership queries are sent out. This property only has effect when igmp-snooping and multicast-querier is set to yes.
query-response-interval (time; Default: 10s)Interval in which a IGMP capable device must reply to a IGMP query with a IGMP membership report. This property only has effect when igmp-snooping and multicast-querier is set to yes.
region-name (text; Default: )MSTP region name. This property only has effect when protocol-mode is set to mstp.
region-revision (integer: 0..65535; Default: 0)MSTP configuration revision number. This property only has effect when protocol-mode is set to mstp.
startup-query-count (integer: 0..4294967295; Default: 2)Specifies how many times must startup-query-interval pass until the bridge starts sending out IGMP general membership queries periodically. This property only has effect when igmp-snooping and multicast-querier is set to yes.
startup-query-interval (time; Default: 31s250ms)Used to change the amount of time after a bridge starts sending out IGMP general membership queries after the bridge is enabled. This property only has effect when igmp-snooping and multicast-querier is set to yes.
transmit-hold-count (integer: 1..10; Default: 6)The Transmit Hold Count used by the Port Transmit state machine to limit transmission rate.
vlan-filtering (yes | no; Default: no)Globally enables or disables VLAN functionality for bridge.

Changing certain properties can cause the bridge to temporarily disable all ports. This must be taken into account whenever changing such properties on production environments since it can cause all packets to be temporarily dropped. Such properties include vlan-filtering, protocol-mode, igmp-snooping, fast-forward and others.




  • No labels