[c-nsp] Bridge group woes and IRB

Bruce Pinsky bep at whack.org
Wed Apr 20 13:54:47 EDT 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

David Coulson wrote:
|
| Mark Borchers wrote:
|
|
|>Bridging your two vlans together is effectively the same as
|>putting both switches and the router all in the same vlan.
|>If you're not willing to do that, then you probably don't
|>want to bridge either, which basically turns the router into
|>a layer 2 device within the scope of the bridged domains.
|
|
| I'm not bridging the two VLANs - Each VLAN has a seperate bridge group
| defined.
|
| My functional configuration is as follows - A traceroute shows the
| router as being a L3 hop.
|
| interface FastEthernet6/0/0.99
|  encapsulation dot1Q 99
|  ip address 207.166.219.5 255.255.255.252
|  no ip route-cache
|  no snmp trap link-status
| !
| interface FastEthernet6/0/0.100
|  encapsulation dot1Q 100
|  ip address 207.166.192.1 255.255.255.0
|  no ip route-cache
|  no snmp trap link-status
|
| A broken config:
|
| bridge irb
| !
| interface FastEthernet6/0/0.99
|  encapsulation dot1Q 99
|  no ip route-cache
|  no snmp trap link-status
|  bridge-group 99
|  bridge-group 99 spanning-disabled
| !
| interface FastEthernet6/0/0.100
|  encapsulation dot1Q 100
|  no ip route-cache
|  no snmp trap link-status
|  bridge-group 100
|  bridge-group 100 spanning-disabled
|
| interface BVI99
|  ip address 207.166.219.5 255.255.255.252
| !
| interface BVI100
|  ip address 207.166.192.1 255.255.255.0
| !
| bridge 99 protocol ieee
| bridge 99 route ip
| bridge 100 protocol ieee
| bridge 100 route ip
|
|
| With the second configuration, when I traceroute from 207.166.219.6
| across the router to something, it completly skips the router at layer 3
| - I don't see a TTL decrease in IP packets. This to me indicates that
| the router is bridging packets between the two interfaces, rather than
| routing as I would expect
|
|

I'm not sure that I would rely on traceroute responses to indicate what is
happening to a packet that is transiting the router.  What does a packet
sourced from 207.166.219.6 look like when it arrives on a destination that
requires the router to switch the packet at layer 3?  Is the TTL
decremented or not?  Does it matter if that destination is out BVI100 vs
some other interface?

I also see that you have disabled the fast switching paths and the packets
are instead being process switched.  Any particular reason?  Also, what
platform and IOS version are we talking about here?

- --
=========
bep

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (MingW32)

iD8DBQFCZpdnE1XcgMgrtyYRAhy6AKCSxyXSVuDJcBoA5+i0bf0AlQrv/ACgpQEs
kzUApQdePi7+ZKrTYhnEQ9U=
=C4UL
-----END PGP SIGNATURE-----

More information about the cisco-nsp mailing list