Catalyst 2948G-L3 and Catalyst 4908G-L3 Software Feature and Configuration Guide IOS Software, Release 12.0(7)W5(15d)
Configuring Bridging
Downloads: This chapterpdf (PDF - 164.0KB) | Feedback

Configuring Bridging

Table Of Contents

Configuring Bridging

About Bridging

Configuring Bridging

Changing Bridge Aging Timer (Catalyst 4908G-L3)

Monitoring and Verifying Bridging

About Integrated Routing and Bridging

Configuring IRB

Monitoring and Verifying IRB


Configuring Bridging


This chapter describes how to configure bridging for the Layer 3 switch routers. For more information about the Cisco IOS commands used in this chapter, refer to the Cisco IOS Command Reference publication.This chapter includes the following sections:

About Bridging

Configuring Bridging

About Integrated Routing and Bridging

Configuring IRB

Monitoring and Verifying IRB


Note You are at Step 6 in the suggested process for configuring your Layer 3 switch router
(see Table 2-1). This is an optional step. You should have already configured the networking and routing protocols before proceeding with configuring bridging as an optional step.



Note Layer 2 entries, IP routing, IP multicast routing, and Novell IPX routing share the 24K content addressable memory (CAM) on the Catalyst 2948G-L3 and the 32K CAM on the Catalyst 4908G-L3.


About Bridging

Cisco IOS software supports transparent bridging for Fast Ethernet and Gigabit Ethernet. Cisco IOS software bridging functionality combines the advantages of a spanning tree bridge and a full multiprotocol router. This combination provides the speed and protocol transparency of an adaptive spanning tree bridge, along with the functionality, reliability, and security of a router.

The switch router can be configured to serve as both an IP and IPX router and a MAC-level bridge, bridging any traffic that cannot otherwise be routed. For example, a router routing IP traffic can also bridge the Digital Equipment Corporation local-area transport (DEC LAT) protocol or NetBIOS traffic.

To configure bridging, you must perform the following tasks:

In global configuration mode:

Select Spanning Tree Protocol.

Assign a priority to the bridge (optional).

In interface configuration mode:

Determine which interfaces belong to the same bridge group.

These interfaces become part of the same spanning tree. This allows the switch router to bridge all nonrouted traffic among the network interfaces comprising the bridge group. Interfaces not participating in a bridge group cannot forward bridged traffic.

If the packet's destination address is known in the bridge table, it is forwarded on a single interface in the bridge group. If the packet's destination is unknown in the bridge table, it is flooded on all forwarding interfaces in the bridge group. The bridge places source addresses in the bridge table as it learns them during the process of bridging.

A separate spanning tree process runs for each configured bridge group. Each bridge group participates in a separate spanning tree. A bridge group establishes a spanning tree based on the Bridge Protocol Data Units (BPDUs) it receives on only its member interfaces.

Assign a cost to the outgoing interface (optional).

Configuring Bridging

To configure bridging for a switch router on an interface, use the following steps beginning in global configuration mode:

 
Command
Purpose

Step 1 

Router(config)# bridge bridge-group-number protocol ieee

Assigns a bridge group number and defines the IEEE 802.1D Spanning Tree Protocol.

Step 2 

Router(config)# bridge bridge-group-number priority number

Assigns a specific priority to the bridge, assisting in the spanning tree root definition. The lower the priority, the more likely the bridge is selected as the root.

Step 3 

Router(config)# interface type number

Router(config-if)#

Enters interface configuration mode to configure either the
Fast Ethernet or Gigabit Ethernet interface.

Step 4 

Router(config-if)# bridge-group bridge-group-number

Assigns a network interface to a bridge group.

Step 5 

Router(config-if)# interface type number

Enters Ethernet interface configuration mode to configure the next interface.

Step 6 

Router(config-if)# bridge-group bridge-group-number

Assigns a network interface to a bridge group.

Step 7 

Router(config-if)# end

Router#

Returns to privileged EXEC mode.

Step 8 

Router# copy running-config startup-config

Saves your configuration changes to NVRAM.

Changing Bridge Aging Timer (Catalyst 4908G-L3)

On the Catalyst 2948G-L3 and the Catalyst 4908G-L3 the default bridge aging timer value is
300 seconds. On the Catalyst 4908G-L3, you can configure each bridge group to have a different aging timer value. To change the bridge aging timer value, use the following steps beginning in global configuration mode:

 
Command
Purpose

Step 1 

Router(config)# bridge bridge-group-number aging aging-time

Assigns a bridge group number and sets the aging time in seconds for the bridge group.

Step 2 

Router(config)# end

Router#

Returns to privileged EXEC mode.

Step 3 

Router# show spanning-tree bridge-group-number

Verifies that the new aging time is set for the specified bridge group.

The following example shows how to change and verify the aging timer value for a bridge group.

Router# configure terminal
Router(config)# bridge 1 aging 100
Router(config)# end
Router# show spanning-tree 1

Bridge group 1 is executing the IEEE compatible Spanning Tree protocol
Bridge Identifier has priority 32768, address 0050.3e7d.c007
Configured hello time 2, max age 20, forward delay 15
Current root has priority 32000, address 0050.80a1.54e4
Root port is 4 (GigabitEthernet1), cost of root path is 23
Topology change flag not set, detected flag not set
Times: hold 1, topology change 35, notification 2
hello 2, max age 20, forward delay 15 
Timers:hello 0, topology change 
bridge aging time 100


Note On the Catalyst 2948G-L3, you cannot change the default aging timer value, which is set to 300 seconds.


For additional transparent bridging configuration tasks, such as configuring bridged VLANs and routing between VLANs, as well as adjusting the Spanning Tree Protocol, refer to the Cisco IOS documents on those subjects.

Monitoring and Verifying Bridging

Once you have set up the switch router for bridging, you can monitor and verify its operation using the following commands:

Command
Purpose

clear bridge bridge-group-number

Removes any learned entries from the forwarding database and clears the transmit and receive counts for any statically configured forwarding entries.

show bridge bridge-group-number | interface address

Displays classes of entries in the bridge forwarding database.

show bridge group verbose

Displays information about configured bridge groups.

show spanning-tree

Displays the spanning tree topology known to the switch router.

show vlans

Displays a summary of virtual LAN subinterfaces.


About Integrated Routing and Bridging

Your network may require you to bridge local traffic within several segments while having hosts on the bridged segments reach the hosts or routers on routed networks. For example, if you are migrating bridged topologies into routed topologies, you may want to start by connecting some of the bridged segments to the routed networks.

Using the integrated routing and bridging (IRB) feature, you can route a given protocol between routed interfaces and bridge groups within a single switch router. Specifically, local or unroutable traffic will be bridged among the bridged interfaces in the same bridge group, while routable traffic will be routed to other routed interfaces or bridge groups.

Because bridging is in the data-link layer (Layer 2) and routing is in the network layer (Layer 3), they have different protocol configuration models. With IP, for example, bridge group interfaces belong to the same network and have a collective IP network address. In contrast, each routed interface represents a distinct network and has its own IP network address. Integrated routing and bridging uses the concept of a Bridge Group Virtual Interface (BVI) to enable these interfaces to exchange packets for a given protocol.

A BVI is a virtual interface within the switch router that acts like a normal routed interface. A BVI does not support bridging, but it actually represents the corresponding bridge group to routed interfaces within the switch router. The interface number is the link between the BVI and the bridge group.

Layer 3 switching software supports the routing of IP and IPX between routed interfaces and bridged interfaces in the same router.

Before configuring IRB, consider the following:

The default route/bridge behavior in a bridge group (when IRB is enabled) is to bridge all packets. Make sure you explicitly configure routing on the BVI for protocols that you want routed.

Packets of nonroutable protocols such as local-area transport (LAT) are always bridged. You cannot disable bridging for the nonroutable traffic.

Protocol attributes should not be configured on the bridged interfaces when using IRB to bridge and route a given protocol. You can configure protocol attributes on the BVI, but cannot configure bridging attributes on the BVI.

A bridge links several network segments into one large, flat network. To bridge a packet coming from a routed interface among bridged interfaces, the whole bridge group should be represented by one interface.

Configuring IRB

Configuring integrated routing and bridging consists of the following key tasks and subtasks:


Step 1 Configure bridge groups and routed interfaces.

a. Enable bridging.

b. Assign bridge groups to interfaces.

c. Configure routing for desired protocols.

Step 2 Configure IRB and the BVI.

a. Enable IRB.

b. Configure the BVI.

c. Enable the BVI to accept routed packets.

d. Enable routing on the BVI for desired protocols.

Step 3 Verify IRB configuration.


When you configure the BVI and enable routing on it, packets that come in on a routed interface destined for a host on a segment that is in a bridge group complete the following process.

The packet is routed to the BVI and forwarded to the bridging engine. From the bridging engine, the packet exits through a bridged interface. Similarly, packets that come in on a bridged interface but are destined for a host on a routed interface go first to the BVI. Then the BVI forwards the packets to the routing engine which sends them out on the routed interface.

To define a bridge group and configure an interface in the bridge group, use the following steps beginning in global configuration mode:

 
Command
Purpose

Step 1 

Router(config)# bridge bridge-group protocol ieee

Defines one or more bridge groups.

Step 2 

Router(config)# interface fastethernet number

or

Router(config)# interface gigabitethernet number

Router(config-if)#

Enters interface configuration mode to configure the Fast Ethernet or Gigabit Ethernet interface.

Step 3 

Router(config-if)# bridge-group bridge-group

Assigns the interface to the specified bridge group.

Step 4 

Router(config-if)# end

Router#

Returns to global configuration mode.

To enable and configure IRB and BVI, use the following steps beginning in global configuration mode:

 
Command
Purpose

Step 1 

Router(config)# bridge irb

Enables IRB. Allows routing of traffic from the bridged interfaces.

Step 2 

Router(config)# interface bvi bridge-group

Router(config-if)#

Configures the BVI by assigning the corresponding bridge group's number to the BVI. Each bridge group can only have one corresponding BVI.

Step 3 

Router(config-if)# ip address ip-address ip-address-subnet-mask

Configures protocol addresses on routed interfaces. This step shows an example for IP.

Step 4 

Router(config-if)# exit

Router(config)#

Exits interface configuration mode.

Step 5 

Router(config)# bridge bridge-group route protocol

Enables a BVI to accept and route routable packets received from its corresponding bridge group.

You must issue this command for each protocol that you want the BVI to route from its corresponding bridge group to other routed interfaces.

Step 6 

Router(config)# end

Router#

Exits interface configuration mode.

Step 7 

Router# copy running-config startup-config

Saves your configuration changes to NVRAM.

Monitoring and Verifying IRB

You can verify the IRB configuration by using the following commands:

Command 
Purpose

show interfaces bvi interface-name

Shows BVI information, such as the BVI MAC address and processing statistics.

show interfaces irb

Shows BVI information:

Protocols that this bridged interface can route to the other
routed interface if this packet is routable

Protocols that this bridged interface bridges