/etc/network/interfaces contains network interface configuration information for the ifup(8) and ifdown(8) commands. This manpage describes the bridge extensions to the standard interfaces(5) file format.
The main extension is the bridge_ports option, with it you describe that the interface is a bridge and what ports does it have. These ports are the interfaces that are part of the bridge, and they shouldn’t have any stanzas defining them on the interfaces file. Other extensions allow you to tune the bridge options or change a bridge behaviour.
We’ll see this with an example:
iface br0 inet static
Well, after setting this, an ifup br0, or the next reboot, should let you have a bridge up and running, after waiting for the ports to get to the forwarding status, of course. This bridge will be using all your ethX interfaces, as we have stated on the bridge_ports line.
The Debian bridge setup scripts will wait for it to get ready to work. They do this by trying to guess the maximum time that the bridge will need to get to the forwarding status, and by default, they will wait for the bridge to get there, or for the estimated maximum time to go by. This is done so that the services that are loaded after the bridge setup have a working network interface and don’t fail because the bridge is still not working. See bridge_maxwait if you want to change this behaviour.
An example of how to setup a so called anonymous bridge (a bridge without an assigned IP) would look like this:
iface br1 inet manual
bridge_ports eth1 eth2
Here we select the interfaces eth1 and eth2 to be added to the bridge interface br1, which will be an anonymous bridge, we also tell the scripts not to wait, as we won’t be having any service running on that interface (it doesn’t even have an IP).
An example of a little more complex bridge setup could be:
iface br0 inet static
bridge_ports all weird0
bridge_portprio eth0 129
pre-up ip addr flush dev eth0
In this example we select all the eth* devices plus a weird device to be added to the bridge, also we change the bridge default priority to a higher one so that this bridge becomes the root (if there are no bridges with higher priority on the net, that is) and also we lower priority of port eth0 so that it is not used if there are other ports with higher priority to reach the same destination, at the end we lower the default forward delay and we add a pre-up command to remove all addresses on eth0 as this interface had an address set up before (needed only on weird/broken setups).
If there is a need to set up any of the interfaces participating on the bridge and not the bridge itself, then we must add the commands to set up those settings in a “pre-up” or “up” statement. This means that if we have a wireless card that we want to add to a bridge and we want to set it to master, and select the essid, instead of using the typical wireless_* commands we could add to the bridge definition something like this:
pre-up iwconfig wlan0 mode master essid myESSID
Be aware, however, that using wireless cards as part of a bridge is not a good idea if the card belonging to the bridge is in managed mode. Trying to bridge packets coming out of our LAN through a wireless card that is set in managed mode (the card is a client of an AP) is bound to give problems, as the AP will probably refuse packets with source MAC addresses which are not associated (this will be the case of other machines going through the wireless card of the bridge into the AP).
Multiple stanzas of a bridge definition are currently not supported, so if you want to add a ipv6 and a ipv4 to a bridge do it all in one definition by using the “up” option. If however you still want to use multiple stanzas or would like to read more on this bug you can see it at http://bugs.debian.org/319832