TRANSPARENT BRIDGING


Hi All !

 

It’s been a while since I posted however I’ve dedicated myself fully to study for the CCIE lab. Earlier today I checked all available CCIE lab exam dates in Brussels and definitely going for it between July and August.

The main reason why I want to wait another few weeks is that my goal is to pass the lab on the first attempt , simply want to be 110% ready for it !

Bridging although is not very commonly used in todays networks , you can still find companies out there who actually use this technology and most likely you will find this topic on your lab. The last thing I want is to walk into the exam centre, start the lab and realise that I am not able to complete (of course if it’s there) the bridging section cause I decided to skip it somewhere during my training and the section let’s say is worth 15 points !!!

Well you can always refer to DocCD which is available to you during the exam but from my perspective it is way much safer to master every single technology so during the lab instead of going through the DOCcd wasting precious time searching for an answer I’d rather test reachability across my network or double or even triple check BGP config , make sure there’s no traffic black holes etc ….

 

 

 

=====================================
Concurrent Routing and Bridging (CRB)
=====================================

IOS can only route or bridge protocol but NOT both of them at the same time.
Router,  IP will be routed by default
Switch , IP will be bridged by default
That’s why on switches we have to enable IP ROUTING before we configure any routing protocols.

See below network set up

crb_bridge

 

So let’s now imagine you are now presented with this topology and asked to configure network in such way that R2 and R4 are able reach each other.

INITIAL CONFIGURATION
Ip addresses on R1 and R3 have been completely removed from both LAN and WAN interfaces

R1(config)#int f 0/0
R1(config-if)#no ip add
R1(config-if)#int s 0/0
R1(config-if)#no ip add

R3(config)#int f 0/0
R3(config-if)#no ip add
R3(config-if)#int s 0/0
R3(config-if)#no ip add

Ip addresses on R2 and R4 have been configured so that both routers are in the same subnet

R2(config-if)#int f 0/0
R2(config-if)#ip add 24.0.0.2 255.255.255.0

R4(config-if)#int f 0/0
R4(config-if)#ip add 24.0.0.4 255.255.255.0

 

BRIDGING CONFIGURATION

R1(config)#no ip routing
R1(config)#bridge 1 protocol ieee
R1(config)#int f 0/0
R1(config-if)#bridge-group 1
R1(config-if)#int s 0/0
R1(config-if)#bridge-group 1
R1(config-if)#no frame-relay map ip 13.0.0.2 103
R1(config-if)#frame-relay map bridge 103 broadcast

R3(config)#no ip routing
R3(config)#bridge 1 protocol ieee
R3(config)#int f 0/0
R3(config-if)#bridge-group 1
R3(config-if)#int s 0/0
R3(config-if)#bridge-group 1
R3(config-if)#no frame-relay map ip 13.0.0.1 301
R3(config-if)#frame-relay map bridge 301 broadcast

 

TEST
R2(config-if)#do ping 24.0.0.4 re 76
Type escape sequence to abort.
Sending 10000, 100-byte ICMP Echos to 24.0.0.4, timeout is 2 seconds:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!
Success rate is 100 percent (73/303), round-trip min/avg/max = 1/43/88 ms

R2 is now able to ping R4 SO the bridging is working as expected.If we do a traceroute from R2 to R4 we should receive  below output

R2(config-if)#do trace 24.0.0.4
Type escape sequence to abort.
Tracing the route to 24.0.0.4
1 24.0.0.4 92 msec *  52 msec

Showing R4 only 1 hop away

 

 

 

 

 

 

 

 

=====================================
Integrated Routing and Bridging (IRB)
=====================================

IRB allows to route and bridge both at the same time
Uses Bridge Virtual Interface (BVI) to connect bridged domain with routed domain

irb_bridge

R3(config)#ip routing

R3(config-if)#int s 0/1
R3(config-if)#no ip add
R3(config-if)#encapsulation frame-relay
R3(config-if)# clock rate 2000000
R3(config-if)#interface Serial0/1.315 point-to-point
R3(config-subif)# ip address 35.0.0.3 255.255.255.0
R3(config-subif)# frame-relay interface-dlci 315

R5(config-if)#int s 0/0
R5(config-if)#no ip address
R5(config-if)# encapsulation frame-relay
R5(config-if)# clock rate 2000000
R5(config-if)#interface Serial0/0.513 point-to-point
R5(config-subif)# ip address 35.0.0.5 255.255.255.0
R5(config-subif)# frame-relay interface-dlci 513

Now If we don’t enable IP ROUTING back on R3 then R5 and R3 will not be able to reach each other which is the limitation of transparent bridging meaning you can either route ip ot bridge ip but not both at the same time however once IP ROUTING has been re-enabled back on R3 then R1 and R3 will lose connectivity to each other.
So this is where we need to use IRB to solve this problem

R3(config)#bridge irb
R3(config)#bridge 1 route ip
R3(config)#bridge 1 bridge ip

This way we will be able reach R5 from R3 also as previously configured R2 and R4 will also be able to reach each other

R3(config-if)#do ping 35.0.0.5 re 200
Type escape sequence to abort.
Sending 1000, 100-byte ICMP Echos to 35.0.0.3, timeout is 2 seconds:
……!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Success rate is 98 percent (135/135), round-trip min/avg/max = 1/9/72 ms

R2(config-if)#do ping 24.0.0.4 re 200
Type escape sequence to abort.
Sending 1000, 100-byte ICMP Echos to 24.0.0.4, timeout is 2 seconds:
………!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Success rate is 96 percent (414/427), round-trip min/avg/max = 12/43/132 ms

 

 

 

R5 will not however be able to send traffic to R2 or R4 because there’s no routing information installed yet, so let’s configure Bridge Virtual Interface (BVI) to solve this as well

R3(config)#int BVI 1
R3(config-if)#ip address 24.0.0.3 255.255.255.0

IP ADDRESS of the BVI must be in the BRIDGE BROADCAST DOMAIN AND NOT ROUTING

Now let’s assume we will use EIGRP as routing protocol

R2(config-if)#router eig 1
R2(config-router)#network 24.0.0.0
R2(config-router)#network 35.0.0.0

R3(config-if)#router eig 1
R3(config-router)#network 24.0.0.0
R3(config-router)#network 35.0.0.0

R4(config-if)#router eig 1
R4(config-router)#network 24.0.0.0
R4(config-router)#network 35.0.0.0

R5(config-if)#router eig 1
R5(config-router)#network 24.0.0.0
R5(config-router)#network 35.0.0.0

 

R3(config-router)#
*Mar  1 01:42:54.811: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 35.0.0.5 (Serial0/1.315) is up: new adjacency
R3(config-router)#
*Mar  1 01:43:01.851: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 24.0.0.2 (BVI1) is up: new adjacency
R3(config-router)#
*Mar  1 01:43:08.919: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 24.0.0.4 (BVI1) is up: new adjacency
EIGRP adjencies formed over BVI interfaces with R2 and R4 and of course over (Serial0/1.315) with R5

R5(config-router)#do ping 24.0.0.2 re 200
Type escape sequence to abort.
Sending 1000, 100-byte ICMP Echos to 24.0.0.2, timeout is 2 seconds:
..!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Success rate is 94 percent (38/65), round-trip min/avg/max = 16/135/1988 ms

R4(config-router)#do ping 35.0.0.5 re 200
Type escape sequence to abort.
Sending 1000, 100-byte ICMP Echos to 35.0.0.5, timeout is 2 seconds:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Success rate is 97 percent (435/436), round-trip min/avg/max = 1/26/124 ms

R2(config-if)#do ping 24.0.0.4 re 1000
Type escape sequence to abort.
Sending 1000, 100-byte ICMP Echos to 24.0.0.4, timeout is 2 seconds:
……!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.!!.!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!
Success rate is 96 percent (414/427), round-trip min/avg/max = 12/43/132 ms

 

Solved !

 

If you’re not sure how to build it in GNS3 please go ahead and use this file : BRIDGE_NET

Frame relay switches config : FRAME_BRIDGE

 

Now as you can see CRB is very straightforward and so is IRB for that matter however when you’re asked to merge these two technologies or troubleshoot them you need to be really careful and now where you are every step of the way !

 

Enjoy !

Tom

 

 

Advertisements

About ccie4all
Hello, and welcome to the first post of my CCIE blog This blog has got one simple goal and that is to improve our skills in Cisco Networking field so we can become best engineers on a job market. Wordpress Blog https://ccie4all.wordpress.com/ information about the changes made to Gns3 BGP , MPLS and R&S CCIE labs. In order to access and download all provided materials and receive important updates from Gns3 BGP , MPLS and R&S CCIE labs under GNS3 tab in the main header please go ahead and subscribe to https://ccie4all.wordpress.com/ ! All other posts have not been affected and can be accessed at any given time. Enjoy ! Tom

3 Responses to TRANSPARENT BRIDGING

  1. travis k says:

    hi..u going for ccie security lab or r&s lab…m going for security lab..and i didn’t heard this transparent bridging yet..

    regards,
    travis k

    • ccie4all says:

      Hello Travis,

      I’m going for the R&S first and then looking into security or service provider. Correct ! Transparent bridging when briding or routing IP traffic is only related to routers and switches so in my opinion you don’t have to worry about these two technologies on your CCIE Sec Lab

      Best
      Tom

  2. Awesome blog! Is your theme custom made or did you download it from somewhere?
    A design like yours with a few simple adjustements would really make my blog shine.
    Please let me know where you got your theme. Many thanks

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: