[c-nsp] Bridge group woes and IRB

[David Coulson]

Mark Borchers wrote:

> Bridging your two vlans together is effectively the same as
> putting both switches and the router all in the same vlan.
> If you're not willing to do that, then you probably don't
> want to bridge either, which basically turns the router into
> a layer 2 device within the scope of the bridged domains.

I'm not bridging the two VLANs - Each VLAN has a seperate bridge group
defined.

My functional configuration is as follows - A traceroute shows the
router as being a L3 hop.

interface FastEthernet6/0/0.99
 encapsulation dot1Q 99
 ip address 207.166.219.5 255.255.255.252
 no ip route-cache
 no snmp trap link-status
!
interface FastEthernet6/0/0.100
 encapsulation dot1Q 100
 ip address 207.166.192.1 255.255.255.0
 no ip route-cache
 no snmp trap link-status

A broken config:

bridge irb
!
interface FastEthernet6/0/0.99
 encapsulation dot1Q 99
 no ip route-cache
 no snmp trap link-status
 bridge-group 99
 bridge-group 99 spanning-disabled
!
interface FastEthernet6/0/0.100
 encapsulation dot1Q 100
 no ip route-cache
 no snmp trap link-status
 bridge-group 100
 bridge-group 100 spanning-disabled

interface BVI99
 ip address 207.166.219.5 255.255.255.252
!
interface BVI100
 ip address 207.166.192.1 255.255.255.0
!
bridge 99 protocol ieee
bridge 99 route ip
bridge 100 protocol ieee
bridge 100 route ip


With the second configuration, when I traceroute from 207.166.219.6
across the router to something, it completly skips the router at layer 3
- I don't see a TTL decrease in IP packets. This to me indicates that
the router is bridging packets between the two interfaces, rather than
routing as I would expect

> Perhaps the way to get the redundancy you are looking for 
> is to create vlans x and y on both of your switches.  If you
> bridge the respective vlans using BVIx and BVIy, IRB will sort
> out your traffic as you expect it to.

That's what I'm trying to do :)

David