This document will help you configure transparent bridging. We'll start with a general 888 of bridging, and then give you more detailed information about transparent bridging, as well as several configuration examples.
Bridges connect and transfer data between local area networks (LANs). There are four kinds of bridging:
Bridging happens at the data-link layer, which controls data flow, handles transmission errors, provides physical addressing, and manages access to the physical medium. Bridges analyze incoming frames, make forwarding decisions based on those frames, and forward the frames to their destinations. Sometimes, like in source-route bridging, the frame contains the entire path to the destination. In other cases, like transparent bridging, frames are forwarded one hop at a time toward the destination.
Bridges can be either remote or local. Local bridges provide direct connections between many LAN segments in the same area. Remote bridges connect LAN segments in different areas, usually over telecommunication lines.
The Spanning Tree Algorithm (STA) is a vital part of transparent bridging. The STA is used to discover a loop-free subset of the network's topology dynamically. To do this, the STA places bridge ports that would create loops when active into a standby, or blocking, condition. Blocking ports can be activated if the primary port fails, so they provide redundant support. For more information, see the IEEE 802.1d specification.
The spanning tree calculation occurs when the bridge is powered up and whenever a topology change is detected. Configuration messages called Bridge Protocol Data Units (BPDUs) trigger the calculation. These messages are exchanged at regular intervals, usually one to four seconds.
Let's look at an example to see how this works:
| | | ------------------------------------- LAN1 | | ------ ------ | B1 | | B2 | ------ ------ | | ------------------------------------- LAN2 | | |
If B1 was the only bridge, things would work fine, but with B2, there are two ways to communicate between the two segments. This is called a bridging loop network. Without the STA, a broadcast from a host from Lan1 will be learned by both bridges, and then B1 and B2 will send the same broadcast message to Lan2. Then, both B1 and B2 will think that that host is connected to Lan2. In addition to this basic connectivity problem, broadcast messages in networks with loops can cause problems with the bandwidth of the network.
With the STA, however, when B1 and B2 come up, they both send out BPDU messages which contain information that determines which one is the root bridge. If B1 is the root bridge, it will become the designated bridge to both Lan1 and Lan2. B2 will not bridge any packets from Lan1 to Lan2, since one of its ports will be in blocking status. If B1 failed, B2 would not receive the BPDU that it expects from B1, so B2 would send out a new BPDU that would start the STA calculation again. B2 would become the root bridge, and traffic would be bridged by B2.
Cisco's transparent bridging software has the following features:
These configurations show only the commands required for transparent bridging, not for IP or other protocol support.
| | | | -------------------------------------- LAN1 | ---------- | ROUTER | ---------- | -------------------------------------- LAN2 | | | |
In this example, there are several PCs on Lan1, which is located on one floor. Lan2 also has many PCs and some servers, but it is on a different floor. The systems on each LAN use either IP, IPX, or DECNET. Most of the traffic can be routed, but there are some application systems that were developed with proprietary protocols and can't be routed. This traffic (like NetBIOS and LAT) must be bridged.
Interface ethernet 0 bridge group 1
Interface ethernet 1 bridge group 1
bridge group 1 protocol ieee
In this example, the IEEE 802.1d standard is the spanning-tree protocol. If every bridge in the network is Cisco, use the command bridge group 1 protocol ieee on all of the routers. If there are different bridges in the network and these bridges are using the old bridging format that was first developed at Digital Equipment Corporation (DEC), then use the command bridge group 1 protocol dec to assure backward compatibility. Since the IEEE and DEC spanning trees are not compatible, mixing these protocols in the network will give unpredictable results.
LAN3 |----------| | - | - | ---------- | LAN1|---| ROUTER |---|LAN2 | ---------- | - | - | |----------| LAN4
In this example, the router acts as two different bridges, one between Lan1 and Lan2, and one between Lan3 and Lan4. Frames from Lan1 are bridged to Lan2, but not to Lan3 or Lan4, and vice versa. In other words, frames are bridged only among interfaces in the same group. This grouping feature is commonly used to separate networks or users.
interface ethernet 0 bridge group 1
interface ethernet 1 bridge group 1
interface ethernet 2 bridge group 2
interface ethernet 3 bridge group 2
bridge group 1 protocol ieee bridge group 2 protocol dec
- - | ----------S0 ---------- | | E0| ROUTER |--- | ROUTER |E0 | LAN1|---| A | / S0| B |---|LAN2 | | | ----| | | | ---------- ---------- | - -
In this example, the two LANs are connected by a T1 link.
Router A Router B -------- -------- Interface ethernet 0 Interface ethernet 0 bridge-group 1 bridge-group 1
Interface serial 0 Interface serial 0 bridge-group 1 bridge-group 1
bridge group 1 protocol ieee bridge group 1 protocol ieee
This example uses the same topology as Example 3, but instead of the lease line that connects the two routers, let's say that Router A and Router B are connected through an X.25 cloud.
Router A Router B -------- -------- Interface ethernet 0 Interface ethernet 0 bridge-group 1 bridge-group 1
Interface serial 0 Interface serial 0 encapsulation x25 encapsulation x25 x25 address 31370019027 x25 address 31370019134 x25 map bridge 31370019134broadcast x25 map bridge 31370019027 broadcast bridge-group 1 bridge-group 1
bridge group 1 protocol ieee bridge group 1 protocol ieee
This example uses the same topology as Example 3, but instead of the lease line that connects the two routers, let's say that Router A and Router B are connected through a Public Frame Relay network. The Frame Relay bridging software uses the same spanning-tree algorithm as the other bridging functions, but it allows packets to be encapsulated for transmission across a Frame relay network. The commands specify Internet to DLCI address mapping and maintain a table of both the Ethernet and DLCIs.
Router A Router B -------- -------- Interface ethernet 0 Interface ethernet 0 bridge-group 1 bridge-group 1
Interface serial 0 Interface serial 0 encapsulation frame-relay encapsulation frame-relay frame-relay map bridge 25 broadcast frame-relay map bridge 30 broadcast bridge-group 1 bridge-group 1
bridge group 1 protocol dec bridge group 1 protocol dec
This example uses the same topology as Example 5, but here the Frame Relay network supports a multicast facility. The multicast facility learns about the other bridges on the network, eliminating the need for the frame-relay map command.
Router A Router B -------- -------- Interface ethernet 0 Interface ethernet 0 bridge-group 2 bridge-group 2
Interface serial 0 Interface serial 0 encapsulation frame-relay encapsulation frame-relay bridge-group 2 bridge-group 2
bridge group 2 protocol dec bridge group 2 protocol dec
To use a sub-interface, you must define bridge-group statements on both the sub-interface and the main interface.
Router A Router B -------- -------- interface ethernet 0 interface ethernet 0 bridge-group 2 bridge-group 2
interface serial 0 interface serial 0 encapsulation frame-relay encapsulation frame-relay bridge-group 2 bridge-group 2 ! ! interface Serial0.1 point-to-point interface Serial0.1 point-to-point frame-relay interface-dlci 101 frame-relay interface-dlci 100 bridge-group 2 bridge-group 2 ! ! interface Serial0.2 point-to-point interface Serial0.2 point-to-point frame-relay interface-dlci 103 frame-relay interface-dlci 103 bridge-group 2 bridge-group 2
bridge group 2 protocol dec bridge group 2 protocol dec
Router A Router B -------- -------- Interface ethernet 0 Interface ethernet 0 bridge-group 2 bridge-group 2
Interface Hssi0 Interface Hssi0 encapsulation smds encapsulation smds smds address c449.1812.0013 smds address c448.1812.0014 s mds multicast BRIDGE smds multicast BRIDGE e449.1810.0040 e449.1810.0040 bridge-group 2 bridge-group 2
bridge group 2 protocol dec bridge group 2 protocol dec
In normal operation, parallel network segments can't all be carrying traffic at the same time. This is necessary to prevent frame looping. In the case of serial lines, however, you may want to increase the available bandwidth by using multiple parallel serial lines. Use the "circuit- group" option to do this.
- - | ----------S0 S0---------- | | | |---/---| | | | | ROUTER |S1 S1| ROUTER | | | E0| |---/---| |E0 | LAN1|---| A |S2 S2| B |---|LAN2 | | |---/---| | | | ---------- ---------- | - -
Router A Router B -------- -------- Interface ethernet 0 Interface ethernet 0 bridge-group 2 bridge-group 2
Interface serial0 Interface serial0 bridge-group 2 bridge-group 2 bridge-group 2 circuit-group 1 bridge-group 2 circuit-group 1
Interface serial1 Interface serial1 bridge-group 2 bridge-group 2 bridge-group 2 circuit-group 1 bridge-group 2 circuit-group 1
Interface serial2 Interface serial2 bridge-group 2 bridge-group 2 bridge-group 2 circuit-group 1 bridge-group 2 circuit-group 1
bridge group 2 protocol dec bridge group 2 protocol dec