The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
The purpose of this document is to help you configure transparent bridging. This document starts with a general description of bridging, and provides more detailed information about transparent bridging, as well as several configuration examples.
For more information on document conventions, see the Cisco Technical Tips Conventions.
There are no specific prerequisites for this document.
This document is not restricted to specific software and hardware versions.
The information presented in this document was created from devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If you are working in a live network, ensure that you understand the potential impact of any command before using it.
Bridges connect and transfer data between LANs. The following are four kinds of bridging:
Transparent bridging - found primarily in Ethernet environments, and is mostly used to bridge networks which have the same media types. Bridges keep a table of destination addresses and outbound interfaces.
Source-Route Bridging (SRB) - found primarily in Token Ring environments. Bridges only forward frames based on the routing indicator contained in the frame. Endstations are responsible for determining and maintaining the table of destination addresses and routing indicators. For more information, refer to Understanding and Troubleshooting Local Source-Route Bridging.
Translational bridging - used to bridge data between different media types. This is typically used to go between Ethernet and FDDI or Token Ring to Ethernet.
Source-Route Translational Bridging (SR/TLB) - a combination of source-route bridging and transparent bridging that allows communication in mixed Ethernet and Token Ring environments. Translational bridging without routing indicators between Token Ring and Ethernet is also called SR/TLB. For more information, refer to Understanding and Troubleshooting Source-Route Translational Bridging.
Bridging happens at the data-link layer, which controls data flow, handles transmission errors, provides physical addressing, and manages access to the physical medium. Bridges analyze incoming frames, make forwarding decisions based on those frames, and forward the frames to their destinations. Sometimes, such as in SRB, the frame contains the entire path to the destination. In other cases, such as in transparent bridging, frames are forwarded one hop at a time toward the destination.
Bridges can be either remote or local. Local bridges provide direct connections between many LAN segments in the same area. Remote bridges connect LAN segments in different areas, usually over telecommunication lines.
The Spanning Tree Algorithm (STA) is a vital part of transparent bridging. The STA is used to discover a loop-free subset of the network's topology dynamically. To do this, the STA places bridge ports that create loops, when active, into a standby, or blocking, condition. Blocking ports can be activated if the primary port fails, so they provide redundant support. For more information, refer to the IEEE 802.1d specification.
The Spanning Tree calculation occurs when the bridge is powered up and whenever a topology change is detected. Configuration messages called Bridge Protocol Data Units (BPDUs) trigger the calculation. These messages are exchanged at regular intervals, usually one to four seconds.
The example below shows how this works.
If B1 were the only bridge, things would work fine, but with B2, there are two ways to communicate between the two segments. This is called a bridging loop network. Without the STA, a broadcast from a host from LAN1 is learned by both bridges, and then B1 and B2 send the same broadcast message to LAN2. Then, both B1 and B2 think that that host is connected to LAN2. In addition to this basic connectivity problem, broadcast messages in networks with loops can cause problems with the bandwidth of the network.
With the STA, however, when B1 and B2 come up, they both send out BPDU messages which contain information that determines which one is the root bridge. If B1 is the root bridge, it becomes the designated bridge to both LAN1 and LAN2. B2 will not bridge any packets from LAN1 to LAN2, since one of its ports will be in blocking status.
If B1 fails, B2 does not receive the BPDU that it expects from B1, so B2 sends out a new BPDU that starts the STA calculation again. B2 becomes the root bridge, and traffic is bridged by B2.
Cisco's transparent bridging software has the following features:
Complies with the IEEE 802.1d standard.
Provides two STPs, the IEEE standard BPDU format and the old format known as DEC, which is compatible with digital and other LAN bridges for backward compatibility.
Filters based on Media Access Control (MAC) address, protocol type, and vendor code.
Groups serial lines into circuit groups for load balancing and redundancy.
Provides the ability to bridge over X.25, Frame Relay, Switched Multimegabit Data Service (SMDS), and Point-to-Point Protocol (PPP) networks.
Provides for compression of Local Area Transport (LAT) frames.
Allows for interfaces to be treated as a single logical network for IP, IPX, and so on, so that bridge domains can communicate with routed domains.
These configurations show only the commands required for transparent bridging, not for IP or other protocol support.
In this example, there are several PCs on LAN1, which is located on one floor. LAN2 also has many PCs and some servers, but it is on a different floor. The systems on each LAN use either IP, IPX, or DECNET. Most of the traffic can be routed, but there are some application systems that were developed with proprietary protocols and can't be routed. This traffic (such as NetBIOS and LAT) must be bridged.
Note: Prior to Cisco IOS Software version 11.0, a protocol could not be both bridged and routed in the same router. As of Cisco IOS Software version 11.0, a protocol may be bridged on some interfaces and routed on others. This is called Concurrent Routing and Bridging (CRB). However, the bridged and routed interfaces cannot pass traffic to each other. As of Cisco IOS Software version 11.2, you may bridge and route protocols simultaneously and pass traffic from the bridged interfaces to the routed interfaces and vice versa. This is known as Integrated Routing and Bridging (IRB).
Interface ethernet 0 bridge-group 1 Interface ethernet 1 bridge-group 1 bridge 1 protocol ieee
In this example, the IEEE 802.1d standard is the STP. If every bridge in the network is Cisco, issue the command bridge 1 protocol ieee on all of the routers. If there are different bridges in the network and these bridges are using the old bridging format that was first developed at DEC, issue the bridge 1 protocol dec command to assure backward compatibility. Since the IEEE and DEC Spanning Trees are not compatible, mixing these protocols in the network give unpredictable results.
In this example, the router acts as two different bridges, one between LAN1 and LAN2, and one between LAN3 and LAN4. Frames from LAN1 are bridged to LAN2, however, not to LAN3 or LAN4, and vice versa. In other words, frames are bridged only among interfaces in the same group. This grouping feature is commonly used to separate networks or users.
interface ethernet 0 bridge-group 1 interface ethernet 1 bridge-group 1 interface ethernet 2 bridge-group 2 interface ethernet 3 bridge-group 2 bridge 1 protocol ieee bridge 2 protocol dec
In this example, the two LANs are connected by a T1 link.
RouterA RouterB -------- -------- Interface ethernet 0 Interface ethernet 0 bridge-group 1 bridge-group 1 Interface serial 0 Interface serial 0 bridge-group 1 bridge-group 1 bridge 1 protocol ieee bridge 1 protocol ieee
This example uses the same topology as Example 3, however, instead of the lease line that connects the two routers, RouterA and RouterB are connected through an X.25 cloud.
RouterA RouterB -------- -------- Interface ethernet 0 Interface ethernet 0 bridge-group 1 bridge-group 1 Interface serial 0 Interface serial 0 encapsulation x25 encapsulation x25 x25 address 31370019027 x25 address 31370019134 x25 map bridge 31370019134broadcast x25 map bridge 31370019027 broadcast bridge-group 1 bridge-group 1 bridge 1 protocol ieee bridge 1 protocol ieee
This example uses the same topology as Example 3, however, instead of the lease line that connects the two routers, RouterA and RouterB are connected through a Public Frame Relay network. The Frame Relay bridging software uses the same spanning-tree algorithm as the other bridging functions, but it allows packets to be encapsulated for transmission across a Frame Relay network. The commands specify Internet to Data-Link Connection Identifier (DLCI) address mapping and maintain a table of both the Ethernet and DLCIs.
RouterA RouterB -------- -------- Interface ethernet 0 Interface ethernet 0 bridge-group 1 bridge-group 1 Interface serial 0 Interface serial 0 encapsulation frame-relay encapsulation frame-relay frame-relay map bridge 25 broadcast frame-relay map bridge 30 broadcast bridge-group 1 bridge-group 1 group 1 protocol dec bridge 1 protocol dec
This example uses the same topology as Example 5, however, the Frame Relay network supports a multicast facility in this example. The multicast facility learns about the other bridges on the network, eliminating the need for the frame-relay map command to be issued.
RouterA RouterB -------- -------- Interface ethernet 0 Interface ethernet 0 bridge-group 2 bridge-group 2 Interface serial 0 Interface serial 0 encapsulation frame-relay encapsulation frame-relay bridge-group 2 bridge-group 2 bridge 2 protocol dec bridge 2 protocol dec
RouterA RouterB -------- -------- interface ethernet 0 interface ethernet 0 bridge-group 2 bridge-group 2 interface serial 0 interface serial 0 encapsulation frame-relay encapsulation frame-relay ! ! interface Serial0.1 point-to-point interface Serial0.1 point-to-point frame-relay interface-dlci 101 frame-relay interface-dlci 100 bridge-group 2 bridge-group 2 ! ! interface Serial0.2 point-to-point interface Serial0.2 point-to-point frame-relay interface-dlci 103 frame-relay interface-dlci 103 bridge-group 2 bridge-group 2 bridge 2 protocol dec bridge 2 protocol dec
RouterA RouterB -------- -------- Interface ethernet 0 Interface ethernet 0 bridge-group 2 bridge-group 2 Interface Hssi0 Interface Hssi0 encapsulation smds encapsulation smds smds address c449.1812.0013 smds address c448.1812.0014 smds multicast BRIDGE smds multicast BRIDGE e449.1810.0040 e449.1810.0040 bridge-group 2 bridge-group 2 bridge 2 protocol dec bridge 2 protocol dec
In normal operation, parallel network segments cannot all be carrying traffic at the same time. This is necessary to prevent frame looping. In the case of serial lines, however, you may want to increase the available bandwidth by using multiple parallel serial lines. Use the circuit- group option to do this.
Router A Router B -------- -------- Interface ethernet 0 Interface ethernet 0 bridge-group 2 bridge-group 2 Interface serial0 Interface serial0 bridge-group2 bridge-group 2 bridge-group 2 circuit-group 1 bridge-group 2 circuit-group 1 Interface serial1 Interface serial1 bridge-group 2 bridge-group 2 bridge-group 2 circuit-group 1 bridge-group 2 circuit-group 1 Interface serial2 Interface serial2 bridge-group 2 bridge-group 2 bridge-group 2 circuit-group 1 bridge-group 2 circuit-group 1 bridge 2 protocol dec bridge 2 protocol dec