🎁 New User? Get 20% off your first purchase with code NEWUSER20 Register Now →
Menu

Categories

Home » Learn » Linux Commands » bridge

bridge Command

Advanced Networking man(8)

Linux network bridge management

📅 Updated: Mar 16, 2026
SYNTAX
bridge [OPTIONS] OBJECT {COMMAND | help}

What Does bridge Do?

The bridge command manages Ethernet bridge devices in the Linux kernel. A network bridge connects two or more network segments at the data link layer (Layer 2), making them behave as a single network. It is essential for virtualization (KVM/QEMU), container networking, and creating transparent network segments.

The bridge utility from iproute2 provides fine-grained control over bridge forwarding databases (FDB), VLAN filtering, multicast group management, and link state. While ip link can create and delete bridges, the bridge command offers specialized operations that ip cannot — particularly FDB and VLAN management.

Common use cases include creating bridges for virtual machines (allowing VMs to share the host's network), container networking (Docker and Podman bridges), transparent firewalling, network monitoring (mirroring traffic), and VLAN-aware bridging for complex network topologies.

Options & Flags

OptionDescriptionExample
link show Show bridge port configuration bridge link show
fdb show Show forwarding database (MAC table) bridge fdb show br0
fdb add Add a static FDB entry bridge fdb add aa:bb:cc:dd:ee:ff dev eth0 master
vlan show Show VLAN filtering configuration bridge vlan show
vlan add Add VLAN to a bridge port bridge vlan add vid 100 dev eth0
mdb show Show multicast group database bridge mdb show
-j JSON output for scripting bridge -j link show
monitor Monitor bridge events in real-time bridge monitor

Practical Examples

#1 Create a bridge for VMs

Create bridge br0, add physical interface eth0, bring it up, and get an IP via DHCP. VMs can now attach to br0.
$ sudo ip link add br0 type bridge && sudo ip link set eth0 master br0 && sudo ip link set br0 up && sudo dhclient br0

#2 Show bridge ports

Display all bridge ports with their state (forwarding, blocking, learning), cost, and priority.
$ bridge link show

#3 View MAC address table

Show the forwarding database — learned MAC addresses and which port they were seen on. Essential for troubleshooting.
$ bridge fdb show br0

#4 Configure VLAN filtering

Enable VLAN filtering on the bridge and assign VLAN 100 to specific ports.
$ sudo ip link set br0 type bridge vlan_filtering 1 && sudo bridge vlan add vid 100 dev eth0 && sudo bridge vlan add vid 100 dev veth0 && bridge vlan show

#5 Add static MAC entry

Add a static FDB entry. Traffic for this MAC always goes to eth0 regardless of learning.
$ sudo bridge fdb add 00:11:22:33:44:55 dev eth0 master static

#6 Monitor bridge events

Watch real-time bridge events: new MAC learning, topology changes, STP state transitions, FDB updates.
$ bridge monitor

Tips & Best Practices

Use nmcli for persistent bridges: For bridges that survive reboots, create them with nmcli: nmcli connection add type bridge con-name br0 ifname br0. The bridge command manages runtime state only.
Adding your uplink to a bridge: Adding your primary network interface to a bridge will temporarily disconnect you. Always configure the bridge IP first, or do it from a console/IPMI session.
STP is enabled by default: Linux bridges enable STP (Spanning Tree Protocol) by default. For simple bridges with no loops, disable it: ip link set br0 type bridge stp_state 0
VLAN-aware vs traditional bridges: VLAN-aware bridges (vlan_filtering 1) handle VLANs more efficiently than creating separate bridges per VLAN. Recommended for complex setups.

Frequently Asked Questions

How do I create a network bridge in Linux?
ip link add br0 type bridge && ip link set eth0 master br0 && ip link set br0 up. For persistent config, use nmcli or systemd-networkd.
What is a Linux bridge used for?
Bridges connect two or more network interfaces at Layer 2. Common uses: giving VMs direct network access, container networking, transparent firewalling, and connecting VLANs.
What is the difference between bridge and ip link?
ip link creates/deletes bridges and adds/removes ports. The bridge command manages bridge-specific features: FDB (MAC table), VLAN filtering, multicast, and STP.
How do I see what MAC addresses a bridge has learned?
Run: bridge fdb show br0 — shows all learned and static MAC addresses and their associated bridge ports.

Related Commands

ip

Show and manipulate network interfaces, routing, and tunnels

 nmcli

NetworkManager command-line client

More Networking Commands

arp

Manipulate the ARP cache

 curl

Transfer data from or to a server using various protocols

 dig

DNS lookup utility for querying name servers

 ethtool

Display or change ethernet device settings

 host

DNS lookup utility (simple)

 ifconfig

Configure or display network interface parameters (legacy)

 ip

Show and manipulate network interfaces, routing, and tunnels

 iperf3

Network bandwidth measurement tool

 ip route

Show and manipulate the routing table

 mtr

Combine ping and traceroute in a single network diagnostic t

 nc

Networking utility for reading/writing across network connec

 netstat

Print network connections, routing tables, and stats (legacy
blkid Command 📋 All Commands buildah Command →

Master Linux with Professional eBooks

Curated IT eBooks covering Linux, DevOps, Cloud, and more

Browse Books →