Source: iproute2 Severity: normal iproute2 package contains bridge control utility for a long time (maybe since the beginning). It is superior to brctl utility which is traditionally used to setup bridges on linux.
It is more: these days, bridges are often used with virtual machines, and there, iproute's bridge is *significantly* better when used together with vlan tagging, since bridge code in linux can deal with per-port vlan settings internally and hence we only require single bridge with everything, compared with a bridge for each vlan as with bridge-utils. By providing bridge functionality in the iproute package we'll eliminate bridge-utils dependency altogether. And since ip utility can deal with vlans too, while at it we can absorb vlan package functionality too. It is interesting that so far this hasn't been done. We switched to iproute-based bridging several years ago and it was a real game-change for us. I have a script to set up bridges using ip utility (including per-port vlan settings), which looks like this in network/interfaces (a bit modified real example): --- cut --- # this is the bridge interface: auto brf iface brf inet manual bridge-vids 3 5 8 9 14 bridge-ports tls-eth bridge-fd 5 bridge-maxwait 0 # this is the physical interface which is part of the bridge auto tls-eth iface tls-eth inet manual # the same as for brf but tag14 is internal to the host bridge-vids 3 5 8 9 # this is actual host's interface in vlan 1 auto tls-mother iface tls-mother inet static vlan 3@brf address 192.168.177.15/26 gateway 192.168.177.5 # other interfaces for virtual machines etc --- cut --- The "vlan" works both in bridge mode and with regular interfaces. But I'd love to have some discussion about how the setup should look like before sending the actual script. Also I'm a bit unsure - if this functionality is to be merged into /etc/network/if-pre-up.d/iproute2, how can we disable the same functionality in if-pre-up.d/bridge-utils? Thanks! /mjt
