How to configure bridge with vlan information?

Solution Verified - Updated

Environment

  • Red Hat Enterprise Linux 10 (RHEL10)
  • Red Hat Enterprise Linux 9 (RHEL9)
  • Red Hat Enterprise Linux 8 (RHEL8)
  • Linux bridge
  • VLAN (802.1q)

Issue

  • How to tag a bridge interface with vlan id?
  • How to use bridge.vlan options in bridge interface?

Resolution

  • Create the Bridge interface.
# nmcli con add type bridge ifname br1 con-name br1 ip4 192.168.122.10/24 gw4 192.168.122.1 bridge.vlan-filtering 1 bridge.vlan-default-pvid 2012 bridge.stp no

  • The bridge default PVID is set to 2012 so that by default the incoming frames without a VLAN tag are assigned internally to VLAN 2012.

  • Disable STP on the bridge interface so that the bridge doesn't wait 15 seconds before starting to forward frames, and ping works immediately. Enable it again if you have a redundant topology and want to avoid loops.

  • Create VLAN on top of ens8(setting the bridge br1 as its master)

# nmcli con add type ethernet ifname ens8 master br1 slave-type bridge bridge-port.vlans 2012

  • The bridge port is assigned to tagged VLAN 2012, which means that the VLAN tag is added on outgoing frames.

  • The type bridge-slave syntax is deprecated and is equivalent to type ethernet slave-type bridge.

  • After the 2 connections are activated, you should see:

# bridge vlan
port     vlan ids
ens8    2012
br1        2012 PVID Egress Untagged
SBR
Product(s)
Components
Category
Tags

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.