Simple Bridging

Problem

You wish to configure a router to bridge between two interfaces.

Solution

You can configure a router to bridge between two or more interfaces, as follows:

Router1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router1(config)#bridge 1 protocol ieee Router1(config)#interface Ethernet0/0 Router1(config-if)#bridge-group 1 Router1(config-if)#exit Router1(config)#interface Ethernet0/1 Router1(config-if)#bridge-group 1 Router1(config-if)#exit Router1(config)#end

With Integrated Routing and Bridging (IRB), you can also create a Bridged Virtual Interface (BVI) for the bridge group:

Router1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router1(config)#bridge 1 protocol ieee Router1(config)#bridge irb Router1(config)#interface Ethernet0/0 Router1(config-if)#bridge-group 1 Router1(config-if)#exit Router1(config)#interface Ethernet0/1 Router1(config-if)#bridge-group 1 Router1(config-if)#exit Router1(config)#interface BVI1 Router1(config-if)#ip address 10.10.10.1 255.255.255.0 Router1(config-if)#exit Router1(config)#end

 

Discussion

In the first example, we just want to configure simple bridging between two interfaces on this router. This example simply bridges all Ethernet traffic between the two interfaces. There are three key commands here. The first is the bridge protocol command:

Router1(config)#bridge 1 protocol ieee

In this case, we have associated bridge-group number 1 with the IEEE 802.1D Spanning Tree Protocol (STP). This is the most common standard for Spanning Tree, supported in particular by all popular brands of Ethernet switches. Spanning Tree is a Layer 2 protocol that automatically detects and eliminates loops.

The router also supports alternatives such as dec, which is the old Digital Equipment version of Spanning Tree. The only reason why you should ever configure this is if you need to connect to older Digital Equipment bridges.

Starting in IOS Version 12.0(1)T, the router also supports a Spanning Tree Protocol called vlan-bridge. This is intended to be used in situations when you have to connect to a switched Ethernet environment and interconnect two or more VLANs with a bridge. The trouble with doing this is that the switches use a per-VLAN 802.1D. However, if you are bridging VLANs together, it doesn't make sense to run a separate Spanning Tree for each VLAN. Instead, you want to run a single Spanning Tree that spans multiple VLANs. This is what the vlan-bridge feature gives you. And this is the only situation when you should use this feature.

IEEE Spanning Tree allows you to specify different bridge priorities and timers. By default, the router will send out "Hello" Bridge Protocol Data Unit (BPDU) packets once per second. You can set this to any value between 1 and 10 seconds with the hello-time keyword. The default is one second:

Router1(config)#bridge 1 hello-time 5

The second important timer in Spanning Tree deployments is the Forward Delay timer. This is the amount of time that the bridge will spend in Listening mode after an interface has been activated and before it starts forwarding packets. The default value is 30 seconds:

Router1(config)#bridge 1 forward-time 10

And the other key timer is the maximum age parameter. This defines how long a bridge will wait for a BPDU from the root bridge before deciding that a topology change must have occurred. You set this value by using the max-age keyword. The default max-age value is 15 seconds:

Router1(config)#bridge 1 max-age 10

The other critical Spanning Tree parameter is the bridge priority. This value is used when electing the root bridge for the network. The switch with the lowest priority value wins, with a series of tie-breaking rules that employ port numbers and MAC addresses. So setting a very high priority is a good idea if you want to ensure that the router will never become the root bridge. In a switched Ethernet environment, for example, you would usually want one of your backbone switches to be the root bridge. The default priority is 32768 for IEEE bridges, and 128 for DEC bridges.

Router1(config)#bridge 1 priority 65535

Once we have defined the appropriate Spanning Tree Protocol for the network and set the appropriate timers and priorities to match the other bridges on the network, you simply associate interfaces with the bridge group.

Router1(config)#interface Ethernet0/0 Router1(config-if)#bridge-group 1

One of the critical factors to consider when configuring bridging between two or more interfaces on a router is what protocols should be bridged and what should be routed. Cisco supports two feature sets to allow you to simultaneously bridge and route on an interface. These are called Integrated Routing and Bridging (IRB) and Concurrent Routing and Bridging (CRB). The main difference is that IRB allows you to associate a Bridged Virtual Interface (BVI) with the bridge group. This is useful because you can configure a BVI for a group of bridged ports and connect this virtual interface to a routing process. For this reason, we generally prefer IRB to CRB.

When you configure the bridge irb command, the router then allows you to specify which protocols you wish to bridge and which should be routed. For example, if you want to route IP but bridge all other protocols, you would use the following command:

Router1(config)#interface 1 route ip

To configure a Bridged Virtual Interface for a bridge group, you use the BVI interface type:

Router1(config)#interface BVI1 Router1(config-if)#ip address 10.10.10.1 255.255.255.0

You can think of the BVI as being similar to a VLAN interface on a Catalyst switch.

Категории