Basic Bridge Configuration
Basic Bridge Configuration
Section titled âBasic Bridge ConfigurationâTL;DR (Quick Start)
Section titled âTL;DR (Quick Start)âFor the impatient: hereâs the 30-second version.
# Create bridge and add ports/interface bridge add name=bridge-lan/interface bridge port add bridge=bridge-lan interface=ether2/interface bridge port add bridge=bridge-lan interface=ether3/ip address add address=192.168.99.1/24 interface=bridge-lanOverview
Section titled âOverviewâThis guide demonstrates how to create a bridge on MikroTik RouterOS to combine multiple interfaces into a single broadcast domain.
Prerequisites
Section titled âPrerequisitesâ- A MikroTik router running RouterOS 7.x or later
- Access to the router via SSH, WinBox, or WebFig
Configuration Steps
Section titled âConfiguration StepsâStep 1: Create a Bridge Interface
Section titled âStep 1: Create a Bridge InterfaceâCreate a new bridge named âbridge-lanâ:
/interface bridge add name=bridge-lan comment="LAN Bridge"Step 2: Add First Port to Bridge
Section titled âStep 2: Add First Port to BridgeâAdd ether2 to the bridge:
/interface bridge port add bridge=bridge-lan interface=ether2 comment="LAN Port 1"Step 3: Assign IP Address to Bridge
Section titled âStep 3: Assign IP Address to BridgeâAssign an IP address to the bridge interface:
/ip address add address=192.168.99.1/24 interface=bridge-lan comment="Bridge IP"Verification
Section titled âVerificationâVerify your bridge configuration:
Check 1: Bridge Interface
Section titled âCheck 1: Bridge Interfaceâ/interface bridge printExpected Output:
Flags: X - disabled, R - running 0 R name="bridge-lan" mtu=auto actual-mtu=1500 l2mtu=1598 arp=enabled arp-timeout=auto mac-address=DC:2C:6E:XX:XX:XX protocol-mode=rstp fast-forward=yes igmp-snooping=no auto-mac=yes ageing-time=5m priority=0x8000 max-message-age=20s forward-delay=15s transmit-hold-count=6 vlan-filtering=no comment="LAN Bridge"Check 2: Bridge Ports
Section titled âCheck 2: Bridge Portsâ/interface bridge port printExpected Output:
Flags: X - disabled, I - inactive, D - dynamic, H - hw-offload # INTERFACE BRIDGE HW PVID PRIORITY PATH-COST INTERNAL... 0 H ether2 bridge-lan yes 1 0x80 10 10Check 3: IP Address
Section titled âCheck 3: IP Addressâ/ip address print where interface=bridge-lanExpected Output:
Flags: X - disabled, I - invalid, D - dynamic # ADDRESS NETWORK INTERFACE 0 192.168.99.1/24 192.168.99.0 bridge-lanTroubleshooting
Section titled âTroubleshootingâProblem: No connectivity between bridged ports
Section titled âProblem: No connectivity between bridged portsâSymptoms: Devices on bridged ports cannot communicate with each other.
Causes & Solutions:
-
STP blocking ports - Check port status:
/interface bridge port printLook for ports with
role=disabled-portorrole=alternate-port. Wait for STP convergence or check for network loops. -
Interface not running - Verify interfaces are up:
/interface print where name~"ether"Ensure physical cables are connected and interfaces show
R(running) flag. -
Hardware offloading issues - Try disabling hw-offload:
/interface bridge port set [find interface=ether2] hw=no
Problem: Bridge IP address not reachable
Section titled âProblem: Bridge IP address not reachableâSymptoms: Cannot ping or access router via bridge IP.
Causes & Solutions:
-
Firewall blocking traffic - Check input chain rules:
/ip firewall filter print chain=inputEnsure ICMP and management traffic is allowed.
-
Wrong subnet - Verify client IP is in same subnet as bridge:
/ip address print where interface=bridge-lan
Problem: Slow performance or high CPU
Section titled âProblem: Slow performance or high CPUâSymptoms: Network throughput is low, router CPU is high.
Causes & Solutions:
-
Hardware offloading disabled - Enable hw-offload for supported switches:
/interface bridge port set [find] hw=yes -
Too many MAC addresses - Check bridge host table:
/interface bridge host print count-onlyConsider increasing
max-learned-entriesor investigating rogue devices.
Problem: MAC address flapping warnings in logs
Section titled âProblem: MAC address flapping warnings in logsâSymptoms: Log shows âMAC flappingâ messages.
Causes & Solutions:
- Network loop detected - This indicates the same MAC is seen on multiple ports. Check for:
- Misconfigured redundant links without STP
- Devices connected to multiple bridge ports
/log print where message~"flapping"
Related Topics
Section titled âRelated TopicsâNext Steps
Section titled âNext Stepsâ- IP Address Configuration - assign an IP to your bridge for management and routing
- DHCP Server - distribute IP addresses to devices on the bridged network
- VLAN Configuration - segment traffic within the bridge
Advanced Topics
Section titled âAdvanced Topicsâ- Bridge VLAN Filtering - hardware-offloaded VLAN handling
- Firewall Basics - secure traffic on bridged networks
Related Concepts
Section titled âRelated Conceptsâ- Interfaces Overview - understanding RouterOS interface types
- Switch Ports - hardware switching configuration