Set Commands

This chapter lists set commands.

These commands are used to configure runtime bridging information within the router. When the system is rebooted the parameters will revert to the last saved values. To make permanent changes to the configuration, use the Bridging and Bridging Global sections. Some commands set interface-specific parameters and require the use of the interface command to determine which interface to configure. The other commands set global bridging parameters.

Global Command Syntax

set bridge {mode {Ieee | Learning} [table_size] [aging_time] |
spanning priority bridge_priority |
spanning {maxage | hello | fdelay} time}

Interface_Specific Command Syntax

First enter the following command. See the interface command for more information.

interface {{Ethernet | WAN} slot:port | VPN number | Bridge [0.sub-interface]}

Then enter:

set bridge {on [spigot_priority] [path_cost] |
filter {permit | deny} |
filter {add | remove} protocols |
off}

Global Command Syntax Description

mode {Ieee | Learning} [table_size] [aging_time]

Selects the global operating mode for the bridge.

The Ieee mode configures the bridge to support the IEEE 802.1D Spanning Tree algorithm. The Spanning Tree algorithm is used by bridges to detect loops (i.e., two or more pathways to the same destination) and "prune" them into a tree-like, loop-free topology by establishing a root bridge and then calculating the best path from each bridge to the root bridge. Traffic is then forwarded only along this path. If the network to which the bridge is attaching contains loops, Spanning Tree must be enabled to prevent packet duplication.

The Learning mode configures the bridge for operation with the Spanning Tree algorithm disabled. Learning mode should only be used on networks without active loops.

Note Because the set bridge mode command sets global parameters, it isn't possible to turn on Ieee (Spanning Tree) or Learning for individual interfaces. When the mode is Ieee, the root bridge dictates the parameters for the whole network.

The table_size parameter sets the maximum number of address entries in the bridge's Ethernet address cache. The bridge will only allocate as many entries as it needs, allocating more as the table becomes full up to the table size number of entries. The default value is 1200 entries; valid values range from 256 to 16,384.

The aging_time parameter sets the time in seconds that address cache entries can remain in the address cache without receiving a packet before the entry will be removed from the bridge. The default value is 300 seconds; valid values range from 10 to 100,000.

spanning priority bridge_priority

This command sets the bridge priority. The bridge priority is combined with the bridge's Ethernet address to create an 8-byte Bridge ID. The Spanning Tree algorithm uses the Bridge ID to determine the root bridge for a network. The numerically lowest Bridge ID on a network will be the root bridge for that network. There will only be one root bridge on a network.

The bridge_priority parameter is a numerical value that is used to select the root bridge on a network. Setting the bridge_priority to 0 should make the local bridge the root bridge. The default value is 32,768; valid values range from 0 to 65,535.

spanning {maxage | hello | fdelay} time}

maxage sets the maximum age, which is used to determine when a Spanning Tree configuration packet is considered stale and its information is discarded. The default value is 20 seconds; values may range from 6 to 40.

hello sets the hello time, which is the interval between Spanning Tree configuration packets sent by the bridge. The default value is 2 seconds; values range from 1 to 10.

fdelay sets the forward delay. The forward delay is the time between state transitions on the spigot (bridge interface). It will also be used as the aging time during periods of topology change on the network. The default value is 15 seconds; values may range from 4 to 30.

The time parameter is a value in seconds. Defaults and ranges are described above in the description of the individual commands.

Because all bridges on a Spanning Tree network will use the same values for all timer parameters, all bridges use timer values set by the root bridge. To change the values of the timer parameters for the network, set the values on the root bridge, or make the current bridge the root bridge by lowering the value of the bridge_priority.

The bridge enforces the following relationships between the timer values mentioned above:

2 x (fdelay - 1 second) >= maxage

maxage >= 2 x (hello + 1 second)

Interface-Specific Command Syntax Description

on [spigot_priority] [path_cost]

Turns bridging on for an interface.

It is possible to receive an error message indicating that an invalid priority or path cost has been entered when enabling an interface for the first time when using the set bridge on command.

Re-enable the interface using the following parameters:

set bridge on 128 100
This will set appropriate default parameters for the interface priority and path cost.

The spigot_priority parameter sets the IEEE 802.1D Spanning Tree protocol port priority parameter. This parameter is used to give precedence to an interface within the bridge. The port priority is combined with the interface number to create a Bridge ID. The interface with the lowest Bridge ID (numerically) will have precedence over interfaces with higher Bridge IDs. The default is 128; valid values range from 0 to 255.

The path_cost parameter sets the IEEE 802.1D Spanning Tree protocol path cost, which is the cost of using an interface and is used by the bridge to compute the distance from the root bridge. It may be used to artificially change the topology of a Spanning Tree network. The default value of 100 is recommended by the IEEE specification for 10 Mbit Ethernet interfaces; valid values range from 1 to 65535.

filter {permit | deny}

Permit or restrict (deny) packets in the interface's protocol filter list.

filter {add | remove} protocols

Add or remove protocols from the filter.

Enter one or more protocols separated by a space:

[IP] [IPX] [ATP1] [ATP2]

ATP1 and ATP2 are AppleTalk Phase 1 and AppleTalk Phase 2.

off

Disables bridging on an interface. The only way to disable global bridging is to turn off all of the bridge interfaces, using the set bridge off command. When the last interface is disabled, the global bridging switch will be turned off. Individual interfaces may be enabled or disabled without affecting the status of other interfaces with respect to bridging.

on [spigot_priority] [path_cost]	Turns bridging on for an interface. It is possible to receive an error message indicating that an invalid priority or path cost has been entered when enabling an interface for the first time when using the set bridge on command. Re-enable the interface using the following parameters: set bridge on 128 100 This will set appropriate default parameters for the interface priority and path cost. The spigot_priority parameter sets the IEEE 802.1D Spanning Tree protocol port priority parameter. This parameter is used to give precedence to an interface within the bridge. The port priority is combined with the interface number to create a Bridge ID. The interface with the lowest Bridge ID (numerically) will have precedence over interfaces with higher Bridge IDs. The default is 128; valid values range from 0 to 255. The path_cost parameter sets the IEEE 802.1D Spanning Tree protocol path cost, which is the cost of using an interface and is used by the bridge to compute the distance from the root bridge. It may be used to artificially change the topology of a Spanning Tree network. The default value of 100 is recommended by the IEEE specification for 10 Mbit Ethernet interfaces; valid values range from 1 to 65535.
filter {permit \| deny}	Permit or restrict (deny) packets in the interface's protocol filter list.
filter {add \| remove} protocols	Add or remove protocols from the filter. Enter one or more protocols separated by a space: [IP] [IPX] [ATP1] [ATP2] ATP1 and ATP2 are AppleTalk Phase 1 and AppleTalk Phase 2.
off	Disables bridging on an interface. The only way to disable global bridging is to turn off all of the bridge interfaces, using the set bridge off command. When the last interface is disabled, the global bridging switch will be turned off. Individual interfaces may be enabled or disabled without affecting the status of other interfaces with respect to bridging.

Examples

The following example will turn bridging on between Ethernet ports 0:0 and 1:0 for protocols other than currently routed protocols.

interface ethernet 0:0
set bridge on 
interface ethernet 1:0
set bridge on

To turn bridging off, for each interface on which bridging is enabled:

interface ethernet 0:0
set bridge off 
interface ethernet 1:0
set bridge off

To turn Spanning Tree on:

set bridge mode ieee

To set the root bridge and change the hello time for the network:

set bridge spanning priority 0
set bridge spanning hello 4

Usage Guidelines

The bridging code in the router is enabled by two switches. Each interface has an individual switch to enable bridging for that interface explicitly, and there is a global switch telling the low-level forwarding code to enter the bridging routines.

Two commands set the global bridging switch on: set bridge mode and set bridge on. If global bridging was previously disabled, you must save the configuration and reboot the router to turn bridging on.

Bridge Filtering

The current implementation of bridging will by default bridge any protocol not being routed, and it has a limited capability to filter or restrict the traffic to and/or from a port based on the packet's protocol. There are two levels of protocol filtering that occur within the bridging code based on routed protocols and also explicit bridge protocol filtering. In this filtering scheme, the decision to route or filter a packet based on routing takes precedence over explicit bridge filtering.

If a port is configured to route a packet for a protocol, all of that protocol's packets received on the port that are not routed will be discarded by the bridge. To bridge a particular protocol, routing for that protocol must be turned off for both receiving and transmitting interfaces.

Related Commands

Command Description

configure Bridging

Sets bridging parameters for an interface

configure Bridging Global

Enables bridging for the device

enable, disable

Enables or disables privileged commands

interface

Sets current interface

save

Saves the edited configuration

show bridge

Shows bridge configuration, status and statistics

Command	Description
configure Bridging	Sets bridging parameters for an interface
configure Bridging Global	Enables bridging for the device
enable, disable	Enables or disables privileged commands
interface	Sets current interface
save	Saves the edited configuration
show bridge	Shows bridge configuration, status and statistics

Table of Contents

Set Commands