Synergon Information Systems Ltd.

Chapter 18

Configuring Transparent Bridging and

Integrated Routing and Bridging

Objectives

Upon completion of this chapter, you will be able to perform the following tasks:

Configure transparent bridging

Configure Integrated Routed and Bridging (IRB)

TransparentBridging

Configuration

Transparent Bridging overview

Three major functions

— Learning

— Forwarding/filtering frames

— Loop avoidance

E0 E1

How Bridges Learn Hosts’ Locations

Source MAC address associated with interface

E0 E1

E0: 0260.8c01.1111E0: 0260.8c01.2222E1: 0260.8c01.3333E1: 0260.8c01.4444

Bridging Table

0260.8c01.1111 0260.8c01.3333

0260.8c01.2222 0260.8c01.4444

How Bridges Forward Frames

Occurs when destination is known

E0E1

E0: 0260.8c01.1111E0: 0260.8c01.2222E1: 0260.8c01.3333

0260.8c01.1111 0260.8c01.3333

0260.8c01.2222 0260.8c01.4444

E1: 0260.8c01.4444

How Bridges Filter Frames

Occurs when destination is known to exist on source’s segment

E0E1

E0: 0260.8c01.1111

E1: 0260.8c01.3333E1: 0260.8c01.4444

0260.8c01.1111 0260.8c01.3333

0260.8c01.2222 0260.8c01.4444

E0: 0260.8c01.2222

XX

Topological Loops

Bridging loops can cause problems

X Y

Segment 1

Segment 2

Broadcast

Loop Avoidance

Spanning-tree algorithm disables interfaces

X Y

XX

Transparent Configuration Tasks

Global configuration

– Select a spanning-tree protocol

– Assign a priority to the bridge

• Interface configuration– Assign the interface to a spanning-tree group

– Assign a cost to the outgoing interface

TB

Transparent Commands

Selects the spanning tree protocol

Router (config) #

bridge bridge-group protocol {ieee | dec}bridge bridge-group protocol {ieee | dec}

Router (config-if) #

bridge bridge-groupbridge bridge-group

• Assigns an interface to a bridge groupBridge group 1

E0

E1

E2

E3

E4

E5

bridge 1 protocol ieeeint e 0bridge-group 1int e 1bridge-group1int e 3bridge-group 1

bridge 1 protocol ieeeint e 0bridge-group 1int e 1bridge-group1int e 3bridge-group 1

Spanning -Tree Commands

Assigns a priority to the bridge

Router (config) #

bridge bridge-group priority numberbridge bridge-group priority number

Router (config-if) #

bridge-group bridge-group path-cost costbridge-group bridge-group path-cost cost

• Assigns a cost to use the outgoing interface

Transparent Bridging Example

bridge 1 protocol decbridge 1 priority 100

interface ethernet 0bridge-group 1bridge-group 1 path-cost 10interface ethernet 1bridge-group 1bridge-group 1 path-cost 10

bridge 1 protocol decbridge 1 priority 100

interface ethernet 0bridge-group 1bridge-group 1 path-cost 10interface ethernet 1bridge-group 1bridge-group 1 path-cost 10

E0

E1

Cisco B

Cisco D

Cisco A E0

E1

Cisco C

Cisco E

E0 E1

Segment 1

bridge 1 protocol decbridge 1 priority 1

interface ethernet 0bridge-group 1interface ethernet 1bridge-group 1

bridge 1 protocol decbridge 1 priority 1

interface ethernet 0bridge-group 1interface ethernet 1bridge-group 1

Verifying Transparent Bridging

Router# show bridge

Total of 300 station blocks, 295 freeBG Hash Address Action Int. Age RX count TX count

1 09/0 0000.0C00.0009 forward E 0 0 2 01 49/0 0000.0C00.4009 forward E 0 0 1 01 CA/0 AA00.0400.06CC forward E 0 0 25 0

Router#

Router# show bridge

Total of 300 station blocks, 295 freeBG Hash Address Action Int. Age RX count TX count

1 09/0 0000.0C00.0009 forward E 0 0 2 01 49/0 0000.0C00.4009 forward E 0 0 1 01 CA/0 AA00.0400.06CC forward E 0 0 25 0

Router#

1 00/0 FFFF.FFFF.FFFF discard - P 0 0

Verifying Spanning Tree

Router# show spanBridge Group 1 is executing the IEEE compatible spanning tree protocol IEEE bridge domains are not used for this bridge group Bridge Identifier has priority 32768, address 000.0c00.ab40 Configured hello time 2, max age 20, forward delay 15 We are the root of the spanning tree Acquisition of new addresses is enabled LAT service filtering is disabled Topology change flag not set, detected flag not set Times:hold 1, topology change 30, notification 30 hello 2, max age 20, forward delay 15Timers: hello 2, topology change 0, notification 0Port 9 (Ethernet2) bridge group 1, forwarding. Path cost 100, priority 0 Designated root has priority 32768, address 0000.0c00.ab40 Designated bridge has priority 32768, address 0000.0c00.ab40 Designated port is 1, path cost 0 Timers: message age 0, forward delay 0, hold 0

Router# show spanBridge Group 1 is executing the IEEE compatible spanning tree protocol IEEE bridge domains are not used for this bridge group Bridge Identifier has priority 32768, address 000.0c00.ab40 Configured hello time 2, max age 20, forward delay 15 We are the root of the spanning tree Acquisition of new addresses is enabled LAT service filtering is disabled Topology change flag not set, detected flag not set Times:hold 1, topology change 30, notification 30 hello 2, max age 20, forward delay 15Timers: hello 2, topology change 0, notification 0Port 9 (Ethernet2) bridge group 1, forwarding. Path cost 100, priority 0 Designated root has priority 32768, address 0000.0c00.ab40 Designated bridge has priority 32768, address 0000.0c00.ab40 Designated port is 1, path cost 0 Timers: message age 0, forward delay 0, hold 0

Integrated Routing and Bridging Configuration

IRB Overview

Packets received on bridged interface can be routed

through routed interface

Packets received on routed interface can be routed

through bridged interface

Bridge Group Routed Interface

IRB Uses

Interconnect bridged and routed topologies

Conserve network address

Increase performance by bridging local traffic

IRB Operation

Bridge-Group Virtual Interface (BVI) represents a bridge

groupt to a routing domain

BVI 2010.1.0.3 172.16.1.1

10.1.0.2

Bridge Group 20

BVI Addressing

Gets MAC addresses from an interface in the bridge group

Requires network-layers address configuration

10.1.0.3 172.16.1.1

10.1.0.2

Bridge Group 20

BVI 20MAC Address = Bridge ID

IP Address = 10.1.0.1.

Bridging or Routing Decision

Destination MAC is router’s-route packet

172.16.1.110.1.0.2

BVI = 2010.1.0.1.

BVI’s MAC A’s MAC B’s Network A’s Network

Destination Source Destination Source

Destination Source Destination Source

E0 MACB’s MAC B’s Network A’s Network

2

1

E0 172.16.1.20

IRB Configuration Tasks

Configure bridgegroups and

routed interfaces

1. Enable IRB

2. Configure the BVI

3. Enable the BVI to accept routed packets

4. Enable routing on the BVI for desired protocols

1. Enable bridging

2. Assign bridge groups to interfaces

3. Configure routing for desired protocols

Task 1 Task 2

Configure IRB andthe BVI

Configuring IRB and the BVI Example

interface Ethernet 1ip address 172.16.1.2255.255.255.0!interface Ethernet 2bridge-group 20!interface Ethernet 3bridge-group 20!interface BVI 20ip address 10.1.0.1 255.255.0.0!bridge irbbridge 20 protocol ieeebridge 20 route ip

interface Ethernet 1ip address 172.16.1.2255.255.255.0!interface Ethernet 2bridge-group 20!interface Ethernet 3bridge-group 20!interface BVI 20ip address 10.1.0.1 255.255.0.0!bridge irbbridge 20 protocol ieeebridge 20 route ip

Bridge Group 20

BVI 20IP Address = 10.1.0.1.

E1

172.16.1.2

E2

E3

Enabling Routing on the Bridge Group

Bridge Group 1

BVI 1AT Address = 33.1

E1

5.0.0.1

E2

E3

3.0.0.1

7.0.0.1

Bridge Apple Talk (AT)Route IPBridge everything else

Route Apple Talk (AT)Route IP

Enabling Routing and Bridging Exampleappletalk routing!interface Ethernet 1ip address 5.0.0.1 255.0.0.0appletalk cable-range 35-35 35.1appletalk zone ozone!interface Ethernet 2ip address 3.0.0.1 255.0.0.0bridge-group 1!interface Ethernet 3ip address 7.0.0.1 255.0.0.0bridge-group 1!interface BVI 1no ip addressappletalk cable-range 33-33 33.1appletalk zone no parking!bridge irbbridge 1 protocol ieeebridge 1 route appletalkbridge 1 route ipno bridge 1 bridge ip

appletalk routing!interface Ethernet 1ip address 5.0.0.1 255.0.0.0appletalk cable-range 35-35 35.1appletalk zone ozone!interface Ethernet 2ip address 3.0.0.1 255.0.0.0bridge-group 1!interface Ethernet 3ip address 7.0.0.1 255.0.0.0bridge-group 1!interface BVI 1no ip addressappletalk cable-range 33-33 33.1appletalk zone no parking!bridge irbbridge 1 protocol ieeebridge 1 route appletalkbridge 1 route ipno bridge 1 bridge ip

AppleTalk routing is enabled. IProuting is enabled by default.

IP is only routed on all interfaces

BVI enabled to route and bridgeAppleTalk. It willnot perform IRB on IP.

Bridge everything except IP.

BVI 1associated withE2 and E3because theyare in bridgegroup 1.

Configuration Considerations

IRB bridges all protocols by default, so routing must

be explicitly enabled for packets that require routing

Do not configure any protocol attributes on the bridge

interfaces when both routing and bridging a given

protocol

Do not configure bridging attributes on the BVI

Determine whether you need to redefine the BVI’s MTU

size

Verifying IRB Operation

Router# show interface bvi1

MTU 1500 bytes, BW 10000 Kbit, DLY 5000 usec, rely 255/255, load 1/255 Encapsulation ARPA, loopback not set, keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:04, output 00:00:01, output hang never Last clearing of “show interface” counters never Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 1 packets/sec 5 minute output rate 0 bits/sec, 1 packets/sec 345 packets input, 55088 bytes, 0 no buffer Received 151 broadcasts, 0 runts, 0 giants 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 input packets with dribble condition detected 578 packets output, 48223 bytes, 0 underruns 1 output errors, 0 collisions, 1 interface resets 0 babbles, 0 late collision, 0 deferred 1 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out

Router# show interface bvi1

MTU 1500 bytes, BW 10000 Kbit, DLY 5000 usec, rely 255/255, load 1/255 Encapsulation ARPA, loopback not set, keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:04, output 00:00:01, output hang never Last clearing of “show interface” counters never Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 1 packets/sec 5 minute output rate 0 bits/sec, 1 packets/sec 345 packets input, 55088 bytes, 0 no buffer Received 151 broadcasts, 0 runts, 0 giants 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 input packets with dribble condition detected 578 packets output, 48223 bytes, 0 underruns 1 output errors, 0 collisions, 1 interface resets 0 babbles, 0 late collision, 0 deferred 1 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out

BVI1 is up, line protocol is up Hardware is BVI, address is 0000.0c14.5733 (bia 0000.0000.0000)

Verifying IRB Operation (cont.)

Router# show interfaces ethernet 2 irb

appletalk ip appletalk clns decnet vines apollo ipx xns Software MAC address filter on Ethernet2 Hash Len Address Matches Act Type 0x00: 0 ffff.ffff.ffff 4886 RCV Physical broadcast 0x1F: 0 0060.3e2b.a221 7521 RCV Interface MAC address 0x1F: 1 0060.3e2b.a221 0 RCV Bridge-group Virtual Interface 0x2A: 0 0900.2b01.0001 0 RCV DEC spanning tree 0xA5: 0 0900.0700.00a2 0 RCV Appletalk zone 0xC2: 0 0180.c200.0000 0 RCV IEEE spanning tree 0xF8: 0 0900.07ff.ffff 2110 RCV Appletalk broadcast

Router# show interfaces ethernet 2 irb

appletalk ip appletalk clns decnet vines apollo ipx xns Software MAC address filter on Ethernet2 Hash Len Address Matches Act Type 0x00: 0 ffff.ffff.ffff 4886 RCV Physical broadcast 0x1F: 0 0060.3e2b.a221 7521 RCV Interface MAC address 0x1F: 1 0060.3e2b.a221 0 RCV Bridge-group Virtual Interface 0x2A: 0 0900.2b01.0001 0 RCV DEC spanning tree 0xA5: 0 0900.0700.00a2 0 RCV Appletalk zone 0xC2: 0 0180.c200.0000 0 RCV IEEE spanning tree 0xF8: 0 0900.07ff.ffff 2110 RCV Appletalk broadcast

Ethernet2

Routed protocols on Ethernet2:

Bridged protocols on Ethernet2:

Summary

Transparent bridging is predominantly used in Ethernet environmentsSpanning-tree algorithm eliminates loops IRB is used in the following situations:

To migrate a bridged network to a routed network

To connect a remote site that does not have routing capabilities

To conserve IP, IPX, and Apple Talk addresses

To increase performances by keeping local bridged traffic local