When adding a bridge, click the Show Advanced button to configure any of the following:
- STP/RSTP: You can choose which spanning tree protocol to use. pfSense currently supports the Spanning Tree Protocol (STP) and Rapid Spanning Tree Protocol (RSTP). STP creates a spanning tree within a network of layer 2 spanning tree bridges and disables links that are not part of the spanning tree, leaving a single path between any two nodes on the spanning tree. Every port on a spanning tree is either a root port (the port from which we begin the algorithm), designated (active), or disabled (inactive). RSTP decreases the convergence time for responding to a topology change to a matter of seconds, but at a cost of added complexity.
- Cache size: The size of the bridge address cache (default is 2000 entries).
- Cache entry expire time: The timeout of address cache entries (default is 1200 seconds).
- Span port: An interface set as a span port will transmit a copy of each frame received by a bridge. This can be useful for monitoring network traffic. A span interface cannot be one of the bridge members.
- Edge ports: An edge port is a port that is only connected to one bridge. Thus it cannot create bridging loops in the network and can transition directly to a forwarding state. The Auto Edge Ports listbox allows us to select which ports will automatically detect edge status.
- PTP ports: Interfaces selected in the PTP ports listbox are designated at point-to-point links, which can make a direct transition to forwarding. Auto PTP ports are ports for which pfSense can automatically detect the point-to-point status by checking the full duplex link status.
- Sticky ports: This listbox allows you to designate ports as sticky ports, which means that dynamically-learned addresses are converted to static entries and are never aged out of the cache or replaced.
- Private ports: This listbox allows you to designate ports as private ports, which will not forward traffic to any other port that is also a private interface.