summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2024-03-20 21:33:37 +0100
committerChristian Breunig <christian@breunig.cc>2024-03-20 21:33:37 +0100
commita7f2e520cbf8b24ccb5e266b5d4c739588aed48e (patch)
tree676e4a78a3eda24d8160ebcab7b32002612f1eea
parent769756864b6b38d894695b93afdcdfd067e02026 (diff)
downloadvyos-documentation-a7f2e520cbf8b24ccb5e266b5d4c739588aed48e.tar.gz
vyos-documentation-a7f2e520cbf8b24ccb5e266b5d4c739588aed48e.zip
bridge: T6125: support 802.1ad (ethertype 0x88a8) VLAN filtering
Linux bridge uses EtherType 0x8100 by default. In some scenarios, an EtherType value of 0x88A8 is required. Reusing CLI command from VIF-S (QinQ) interfaces: set interfaces bridge br0 protocol 802.1ad
-rw-r--r--docs/configuration/interfaces/bridge.rst47
1 files changed, 28 insertions, 19 deletions
diff --git a/docs/configuration/interfaces/bridge.rst b/docs/configuration/interfaces/bridge.rst
index ddc293cc..e69a6e26 100644
--- a/docs/configuration/interfaces/bridge.rst
+++ b/docs/configuration/interfaces/bridge.rst
@@ -127,15 +127,24 @@ Enable VLAN-Aware Bridge
.. cfgcmd:: set interfaces bridge <interface> enable-vlan
- To activate the VLAN aware bridge, you must activate this setting to use VLAN
+ To activate the VLAN aware bridge, you must activate this setting to use VLAN
settings for the bridge
+.. cfgcmd:: set interfaces bridge <interface> protocol <802.1ad|802.1q>
+
+ Define used ethertype of bridge interface.
+
+ Ethertype ``0x8100`` is used for ``802.1q`` and ethertype ``0x88a8`` is used
+ for ``802.1ad``.
+
+ The default is ``802.1q``.
+
VLAN Options
------------
.. note:: It is not valid to use the `vif 1` option for VLAN aware bridges
- because VLAN aware bridges assume that all unlabeled packets belong to
- the default VLAN 1 member and that the VLAN ID of the bridge's parent
+ because VLAN aware bridges assume that all unlabeled packets belong to
+ the default VLAN 1 member and that the VLAN ID of the bridge's parent
interface is always 1
.. cmdinclude:: /_include/interface-vlan-8021q.txt
@@ -149,9 +158,9 @@ VLAN Options
VLAN tag enters the port, the data packet will be forced to add a tag of a
specific vlan id. When the vlan id flag flows out, the tag of the vlan id
will be stripped
-
+
Example: Set `eth0` member port to be native VLAN 2
-
+
.. code-block:: none
set interfaces bridge br1 member interface eth0 native-vlan 2
@@ -162,17 +171,17 @@ VLAN Options
Allows specific VLAN IDs to pass through the bridge member interface. This
can either be an individual VLAN id or a range of VLAN ids delimited by a
hyphen.
-
+
Example: Set `eth0` member port to be allowed VLAN 4
-
+
.. code-block:: none
-
+
set interfaces bridge br1 member interface eth0 allowed-vlan 4
-
+
Example: Set `eth0` member port to be allowed VLAN 6-8
-
+
.. code-block:: none
-
+
set interfaces bridge br1 member interface eth0 allowed-vlan 6-8
Port Mirror (SPAN)
@@ -265,17 +274,17 @@ This results in the active configuration:
Using the operation mode command to view Bridge Information
===========================================================
-.. opcmd:: show bridge
+.. opcmd:: show bridge
The `show bridge` operational command can be used to display
configured bridges:
.. code-block:: none
- vyos@vyos:~$ show bridge
- 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master br0 state forwarding
- priority 32 cost 100
- 4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master br0 state forwarding
+ vyos@vyos:~$ show bridge
+ 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master br0 state forwarding
+ priority 32 cost 100
+ 4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master br0 state forwarding
priority 32 cost 100
.. opcmd:: show bridge <name> fdb
@@ -304,11 +313,11 @@ Using the operation mode command to view Bridge Information
33:33:00:00:00:6a dev br0 self permanent
01:00:5e:00:00:01 dev br0 self permanent
33:33:ff:00:00:00 dev br0 self permanent
-
+
.. opcmd:: show bridge <name> mdb
- Show bridge `<name>` mdb displays the current multicast group membership
- table.The table is populated by IGMP and MLD snooping in the bridge driver
+ Show bridge `<name>` mdb displays the current multicast group membership
+ table.The table is populated by IGMP and MLD snooping in the bridge driver
automatically.
.. code-block:: none