chapter 18 configuring transparent bridging and integrated routing and bridging
TRANSCRIPT
Synergon Information Systems Ltd.
Chapter 18
Configuring Transparent Bridging and
Integrated Routing and Bridging
Objectives
Upon completion of this chapter, you will be able to perform the following tasks:
Configure transparent bridging
Configure Integrated Routed and Bridging (IRB)
Transparent Bridging overview
Three major functions
— Learning
— Forwarding/filtering frames
— Loop avoidance
E0 E1
How Bridges Learn Hosts’ Locations
Source MAC address associated with interface
E0 E1
E0: 0260.8c01.1111E0: 0260.8c01.2222E1: 0260.8c01.3333E1: 0260.8c01.4444
Bridging Table
0260.8c01.1111 0260.8c01.3333
0260.8c01.2222 0260.8c01.4444
How Bridges Forward Frames
Occurs when destination is known
E0E1
E0: 0260.8c01.1111E0: 0260.8c01.2222E1: 0260.8c01.3333
0260.8c01.1111 0260.8c01.3333
0260.8c01.2222 0260.8c01.4444
E1: 0260.8c01.4444
How Bridges Filter Frames
Occurs when destination is known to exist on source’s segment
E0E1
E0: 0260.8c01.1111
E1: 0260.8c01.3333E1: 0260.8c01.4444
0260.8c01.1111 0260.8c01.3333
0260.8c01.2222 0260.8c01.4444
E0: 0260.8c01.2222
XX
Transparent Configuration Tasks
Global configuration
– Select a spanning-tree protocol
– Assign a priority to the bridge
• Interface configuration– Assign the interface to a spanning-tree group
– Assign a cost to the outgoing interface
TB
Transparent Commands
Selects the spanning tree protocol
Router (config) #
bridge bridge-group protocol {ieee | dec}bridge bridge-group protocol {ieee | dec}
Router (config-if) #
bridge bridge-groupbridge bridge-group
• Assigns an interface to a bridge groupBridge group 1
E0
E1
E2
E3
E4
E5
bridge 1 protocol ieeeint e 0bridge-group 1int e 1bridge-group1int e 3bridge-group 1
bridge 1 protocol ieeeint e 0bridge-group 1int e 1bridge-group1int e 3bridge-group 1
Spanning -Tree Commands
Assigns a priority to the bridge
Router (config) #
bridge bridge-group priority numberbridge bridge-group priority number
Router (config-if) #
bridge-group bridge-group path-cost costbridge-group bridge-group path-cost cost
• Assigns a cost to use the outgoing interface
Transparent Bridging Example
bridge 1 protocol decbridge 1 priority 100
interface ethernet 0bridge-group 1bridge-group 1 path-cost 10interface ethernet 1bridge-group 1bridge-group 1 path-cost 10
bridge 1 protocol decbridge 1 priority 100
interface ethernet 0bridge-group 1bridge-group 1 path-cost 10interface ethernet 1bridge-group 1bridge-group 1 path-cost 10
E0
E1
Cisco B
Cisco D
Cisco A E0
E1
Cisco C
Cisco E
E0 E1
Segment 1
bridge 1 protocol decbridge 1 priority 1
interface ethernet 0bridge-group 1interface ethernet 1bridge-group 1
bridge 1 protocol decbridge 1 priority 1
interface ethernet 0bridge-group 1interface ethernet 1bridge-group 1
Verifying Transparent Bridging
Router# show bridge
Total of 300 station blocks, 295 freeBG Hash Address Action Int. Age RX count TX count
1 09/0 0000.0C00.0009 forward E 0 0 2 01 49/0 0000.0C00.4009 forward E 0 0 1 01 CA/0 AA00.0400.06CC forward E 0 0 25 0
Router#
Router# show bridge
Total of 300 station blocks, 295 freeBG Hash Address Action Int. Age RX count TX count
1 09/0 0000.0C00.0009 forward E 0 0 2 01 49/0 0000.0C00.4009 forward E 0 0 1 01 CA/0 AA00.0400.06CC forward E 0 0 25 0
Router#
1 00/0 FFFF.FFFF.FFFF discard - P 0 0
Verifying Spanning Tree
Router# show spanBridge Group 1 is executing the IEEE compatible spanning tree protocol IEEE bridge domains are not used for this bridge group Bridge Identifier has priority 32768, address 000.0c00.ab40 Configured hello time 2, max age 20, forward delay 15 We are the root of the spanning tree Acquisition of new addresses is enabled LAT service filtering is disabled Topology change flag not set, detected flag not set Times:hold 1, topology change 30, notification 30 hello 2, max age 20, forward delay 15Timers: hello 2, topology change 0, notification 0Port 9 (Ethernet2) bridge group 1, forwarding. Path cost 100, priority 0 Designated root has priority 32768, address 0000.0c00.ab40 Designated bridge has priority 32768, address 0000.0c00.ab40 Designated port is 1, path cost 0 Timers: message age 0, forward delay 0, hold 0
Router# show spanBridge Group 1 is executing the IEEE compatible spanning tree protocol IEEE bridge domains are not used for this bridge group Bridge Identifier has priority 32768, address 000.0c00.ab40 Configured hello time 2, max age 20, forward delay 15 We are the root of the spanning tree Acquisition of new addresses is enabled LAT service filtering is disabled Topology change flag not set, detected flag not set Times:hold 1, topology change 30, notification 30 hello 2, max age 20, forward delay 15Timers: hello 2, topology change 0, notification 0Port 9 (Ethernet2) bridge group 1, forwarding. Path cost 100, priority 0 Designated root has priority 32768, address 0000.0c00.ab40 Designated bridge has priority 32768, address 0000.0c00.ab40 Designated port is 1, path cost 0 Timers: message age 0, forward delay 0, hold 0
IRB Overview
Packets received on bridged interface can be routed
through routed interface
Packets received on routed interface can be routed
through bridged interface
Bridge Group Routed Interface
IRB Uses
Interconnect bridged and routed topologies
Conserve network address
Increase performance by bridging local traffic
IRB Operation
Bridge-Group Virtual Interface (BVI) represents a bridge
groupt to a routing domain
BVI 2010.1.0.3 172.16.1.1
10.1.0.2
Bridge Group 20
BVI Addressing
Gets MAC addresses from an interface in the bridge group
Requires network-layers address configuration
10.1.0.3 172.16.1.1
10.1.0.2
Bridge Group 20
BVI 20MAC Address = Bridge ID
IP Address = 10.1.0.1.
Bridging or Routing Decision
Destination MAC is router’s-route packet
172.16.1.110.1.0.2
BVI = 2010.1.0.1.
BVI’s MAC A’s MAC B’s Network A’s Network
Destination Source Destination Source
Destination Source Destination Source
E0 MACB’s MAC B’s Network A’s Network
2
1
E0 172.16.1.20
IRB Configuration Tasks
Configure bridgegroups and
routed interfaces
1. Enable IRB
2. Configure the BVI
3. Enable the BVI to accept routed packets
4. Enable routing on the BVI for desired protocols
1. Enable bridging
2. Assign bridge groups to interfaces
3. Configure routing for desired protocols
Task 1 Task 2
Configure IRB andthe BVI
Configuring IRB and the BVI Example
interface Ethernet 1ip address 172.16.1.2255.255.255.0!interface Ethernet 2bridge-group 20!interface Ethernet 3bridge-group 20!interface BVI 20ip address 10.1.0.1 255.255.0.0!bridge irbbridge 20 protocol ieeebridge 20 route ip
interface Ethernet 1ip address 172.16.1.2255.255.255.0!interface Ethernet 2bridge-group 20!interface Ethernet 3bridge-group 20!interface BVI 20ip address 10.1.0.1 255.255.0.0!bridge irbbridge 20 protocol ieeebridge 20 route ip
Bridge Group 20
BVI 20IP Address = 10.1.0.1.
E1
172.16.1.2
E2
E3
Enabling Routing on the Bridge Group
Bridge Group 1
BVI 1AT Address = 33.1
E1
5.0.0.1
E2
E3
3.0.0.1
7.0.0.1
Bridge Apple Talk (AT)Route IPBridge everything else
Route Apple Talk (AT)Route IP
Enabling Routing and Bridging Exampleappletalk routing!interface Ethernet 1ip address 5.0.0.1 255.0.0.0appletalk cable-range 35-35 35.1appletalk zone ozone!interface Ethernet 2ip address 3.0.0.1 255.0.0.0bridge-group 1!interface Ethernet 3ip address 7.0.0.1 255.0.0.0bridge-group 1!interface BVI 1no ip addressappletalk cable-range 33-33 33.1appletalk zone no parking!bridge irbbridge 1 protocol ieeebridge 1 route appletalkbridge 1 route ipno bridge 1 bridge ip
appletalk routing!interface Ethernet 1ip address 5.0.0.1 255.0.0.0appletalk cable-range 35-35 35.1appletalk zone ozone!interface Ethernet 2ip address 3.0.0.1 255.0.0.0bridge-group 1!interface Ethernet 3ip address 7.0.0.1 255.0.0.0bridge-group 1!interface BVI 1no ip addressappletalk cable-range 33-33 33.1appletalk zone no parking!bridge irbbridge 1 protocol ieeebridge 1 route appletalkbridge 1 route ipno bridge 1 bridge ip
AppleTalk routing is enabled. IProuting is enabled by default.
IP is only routed on all interfaces
BVI enabled to route and bridgeAppleTalk. It willnot perform IRB on IP.
Bridge everything except IP.
BVI 1associated withE2 and E3because theyare in bridgegroup 1.
Configuration Considerations
IRB bridges all protocols by default, so routing must
be explicitly enabled for packets that require routing
Do not configure any protocol attributes on the bridge
interfaces when both routing and bridging a given
protocol
Do not configure bridging attributes on the BVI
Determine whether you need to redefine the BVI’s MTU
size
Verifying IRB Operation
Router# show interface bvi1
MTU 1500 bytes, BW 10000 Kbit, DLY 5000 usec, rely 255/255, load 1/255 Encapsulation ARPA, loopback not set, keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:04, output 00:00:01, output hang never Last clearing of “show interface” counters never Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 1 packets/sec 5 minute output rate 0 bits/sec, 1 packets/sec 345 packets input, 55088 bytes, 0 no buffer Received 151 broadcasts, 0 runts, 0 giants 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 input packets with dribble condition detected 578 packets output, 48223 bytes, 0 underruns 1 output errors, 0 collisions, 1 interface resets 0 babbles, 0 late collision, 0 deferred 1 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out
Router# show interface bvi1
MTU 1500 bytes, BW 10000 Kbit, DLY 5000 usec, rely 255/255, load 1/255 Encapsulation ARPA, loopback not set, keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:04, output 00:00:01, output hang never Last clearing of “show interface” counters never Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 1 packets/sec 5 minute output rate 0 bits/sec, 1 packets/sec 345 packets input, 55088 bytes, 0 no buffer Received 151 broadcasts, 0 runts, 0 giants 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 input packets with dribble condition detected 578 packets output, 48223 bytes, 0 underruns 1 output errors, 0 collisions, 1 interface resets 0 babbles, 0 late collision, 0 deferred 1 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out
BVI1 is up, line protocol is up Hardware is BVI, address is 0000.0c14.5733 (bia 0000.0000.0000)
Verifying IRB Operation (cont.)
Router# show interfaces ethernet 2 irb
appletalk ip appletalk clns decnet vines apollo ipx xns Software MAC address filter on Ethernet2 Hash Len Address Matches Act Type 0x00: 0 ffff.ffff.ffff 4886 RCV Physical broadcast 0x1F: 0 0060.3e2b.a221 7521 RCV Interface MAC address 0x1F: 1 0060.3e2b.a221 0 RCV Bridge-group Virtual Interface 0x2A: 0 0900.2b01.0001 0 RCV DEC spanning tree 0xA5: 0 0900.0700.00a2 0 RCV Appletalk zone 0xC2: 0 0180.c200.0000 0 RCV IEEE spanning tree 0xF8: 0 0900.07ff.ffff 2110 RCV Appletalk broadcast
Router# show interfaces ethernet 2 irb
appletalk ip appletalk clns decnet vines apollo ipx xns Software MAC address filter on Ethernet2 Hash Len Address Matches Act Type 0x00: 0 ffff.ffff.ffff 4886 RCV Physical broadcast 0x1F: 0 0060.3e2b.a221 7521 RCV Interface MAC address 0x1F: 1 0060.3e2b.a221 0 RCV Bridge-group Virtual Interface 0x2A: 0 0900.2b01.0001 0 RCV DEC spanning tree 0xA5: 0 0900.0700.00a2 0 RCV Appletalk zone 0xC2: 0 0180.c200.0000 0 RCV IEEE spanning tree 0xF8: 0 0900.07ff.ffff 2110 RCV Appletalk broadcast
Ethernet2
Routed protocols on Ethernet2:
Bridged protocols on Ethernet2:
Summary
Transparent bridging is predominantly used in Ethernet environmentsSpanning-tree algorithm eliminates loops IRB is used in the following situations:
To migrate a bridged network to a routed network
To connect a remote site that does not have routing capabilities
To conserve IP, IPX, and Apple Talk addresses
To increase performances by keeping local bridged traffic local