A bridge domain is a set of logical interfaces that share thesame flooding or broadcast characteristics. Layer 2 logical interfacesare created by defining one or more logical units on a physical interfacewith encapsulation as ethernet-bridge or vlan-bridge. All the member ports of the bridge domain participate in Layer2 learning and forwarding. You can configure one or more bridge domainson ACX Series routers to perform Layer 2 bridging. The Layer 2 bridgingfunctions of ACX Series routers include integrated routing and bridging(IRB) support for Layer 2 bridging and Layer 3 IP routing on the sameinterface. IRB enables you to route packets to another routed interfaceor to another bridge domain that has a Layer 3 protocol configured
Note:
ACX Series routers do not support the creation of bridgedomains by using access and trunk ports.
You can configure E-LAN and E-LINE services by using bridgedomains.
On ACX Series routers, you can configure bridge domains by usingthe following methods:
Bridge domain without a vlan-id number statement
Bridge domain with the vlan-id value set to none
Bridge domain with a single vlan-id
Bridge domain with a vlan-id-list
When you configure E-LAN and E-LINE services using a bridgedomain without a vlan-id number statement,the bridge domain should explicitly be normalized to a service VLANID and TPID by configuring an input VLAN map under a logical interface.Explicit normalization is required when a logical interface’souter VLAN ID and TPID is not the same as the service VLAN ID andTPID of the service being configured using a bridge domain.
The following input VLAN map functions are supported in ACXSeries routers:
push—Add a new VLAN tag to the top ofthe VLAN stack.
swap—Replace the outer VLAN tag of theVLAN stack in a frame.
pop—Remove a VLAN tag from the top ofthe VLAN tag stack.
swap-swap—Replace both the outer andinner VLAN tags of the frame.
push-push—Push two VLAN tags on top ofthe VLAN stack.
Note:
push-push does not work on ACX Series routersif the incoming packet already has a VLAN tag.
The following VLAN map functions are not supported in ACX Seriesrouters:
swap-push—Replace the outer VLAN tagof the frame and add a new VLAN tag to the top of the VLAN stack.
pop-swap—Remove the outer VLAN tag ofthe frame and replace the inner VLAN tag of the frame.
pop-pop—Remove both the outer and innerVLAN tags of the frame.
Note:
You can configure Q-in-Q tunneling by explicitly configuringan input VLAN map with the push function on the ingresslogical interface.
A bridge domain can also be created by using aggregated Ethernetinterfaces. Aggregated Ethernet interfaces are considered as logicalinterfaces in a bridge domain.
The following steps outline the process for bridginga packet received over a Layer2 logical interface:
When a packet is received on a physical port, it is acceptedonly if the VLAN identifier of the packet matches the VLAN identifierof one of the logical interfaces configured on that port.
If the bridge domain is configured without a vlan-id number statement, then the VLAN tags are rewrittenbased on the input VLAN map configured on the logical interface andnormalized to a service VLAN ID.
If the bridge domain is configured with a normalizingVLAN identifier by using the vlan-id number statement, the VLAN tags of the received packet are comparedwith the normalizing VLAN identifier. If the VLAN tags of the packetare different from the normalizing VLAN identifier, the VLAN tagsare rewritten as described in Table 1.
If the source MAC address of the received packet is notpresent in the source MAC table, it is learned based on the normalizingVLAN identifier.
The packet is then forwarded toward one or more outboundLayer2 logical interfaces based on the destination MAC address.A packet with a known unicast destination MAC address is forwardedonly to one outbound logical interface.
If the bridge domain is configured without a vlan-id number statement, then for each outbound Layer 2logical interface, the VLAN tags are rewritten based on the outputVLAN map configured on that logical interface.
If the bridge domain is configured with a normalizingVLAN identifier by using the vlan-id number statement, for each outbound Layer2 logical interface,the normalizing VLAN identifier configured for the bridge domain iscompared with the VLAN tags configured on that logical interface.If the VLAN tags associated with an outbound logical interface donot match the normalizing VLAN identifier configured for the bridgedomain, the VLAN tags are rewritten as described in Table 2.
Table 1 shows specific examplesof how the VLAN tags of packets sent to the bridge domain are processedand translated, depending on your configuration. “–” means thatthe statement is not supported for the specified logical interfaceVLAN identifier. “No operation” means that the VLAN tagsof the received packet are not translated for the specified inputlogical interface.
Table 1: Statement Usageand Input Rewrite Operations for VLAN Identifiers for a Bridge DomainVLAN Identifier of Logical Interface | VLAN Configurations for Bridge Domain |
|---|
vlan-id none | vlan-id 200 |
|---|
none | No operation | push 200 |
200 | pop 200 | No operation |
1000 | pop 1000 | swap 1000 to 200 |
vlan-tags outer 2000 inner 300 | pop 2000, pop 300 | pop 2000, swap 300 to 200 |
vlan-tags outer 100 inner 400 | pop 100, pop 400 | pop 100, swap 400 to 200 |
vlan-id-range 10-100 | – | – |
Table 2 shows specificexamples of how the VLAN tags for packets sent from the bridge domainare processed and translated, depending on your configuration. “–” meansthat the statement is not supported for the specified logical interfaceVLAN identifier. “No operation” means that the VLAN tagsof the outbound packet are not translated for the specified outputlogical interface.
Table 2: StatementUsage and Output Rewrite Operations for VLAN Identifiers for a BridgeDomainVLAN Identifier of Logical Interface | VLAN Configurations for Bridge Domain |
|---|
vlan-id none | vlan-id 200 |
|---|
none | no operation | pop 200 |
200 | push 200 | No operation |
1000 | push 1000 | swap 200 to 1000 |
vlan-tags outer 2000 inner 300 | push 2000, push 300 | swap 200 to 300, push 2000 |
vlan-tags outer 100 inner 400 | push 100, push 400 | swap 200 to 400, push 100 |
vlan-id-range 10-100 | – | – |
Limitations on Layer 2 bridging—Thefollowing Layer 2 bridging limitations apply for ACX Series UniversalMetro Routers:
A bridge domain cannot have two or more logical interfacesthat belong to the same physical interface.
A bridge domain with dual VLAN ID tag is not supported.
The maximum number of supported input VLAN maps with TPID swap is 64.
MAC learning cannot be disabled at a logical interfacelevel.
MAC limit per logical interface cannot be configured.
FAQs
A Layer 2 trunk interface enables you to configure a single logical interface to represent multiple VLANs on a physical interface. You can configure a set of bridge domains and VLAN identifiers that are automatically associated with one or more Layer 2 trunk interfaces.
Is bridge domain the Layer 2 forwarding domain? ›
A Bridge domains (BDs) provide layer 2 forwarding within the fabric as well as a layer 2 boundary. A Bridge Domain is not a VLAN but it can accommodate multiple subnets. There are following Forwarding Option for packet Type in BD, a summary is given here. A Bridge Domain can have more than one subnets.
What is the difference between bridge domain and VLAN? ›
Bridge groups provide a method to group two or more ports into a single broadcast domain, where as VLAN provide a method to group many ports into a single broadcast domain or establish a number of broadcast domains (or secure groups) on a single switch.
What is a bridge domain in ACI? ›
Cisco Application Centric Infrastructure (ACI) uses the bridge domain as the Layer 2 broadcast boundary. Each bridge domain can include multiple endpoint groups (EPGs), and each EPG can be mapped to multiple virtual or physical domains. Each EPG can also use different VLAN encapsulation pools in each domain.
How does layer 2 bridge work? ›
Layer-2 bridging works by putting one physical and one virtual Ethernet adapter into a mode where they can receive traffic that is not destined for their address. This traffic is selectively sent onto the other network according to the IEEE 802.1D standard, known as, "bridging" the frames.
What is layer 2 network for dummies? ›
Layer 2 refers to the data link layer of the network. This is how data moves across the physical links in your network. It's how switches within your network talk to one another. Installing Layer 2 on your infrastructure gives you high-speed connectivity between devices.
What is the purpose of bridge domain? ›
A bridge domain is a set of logical ports that share the same flooding or broadcast characteristics. Like a virtual LAN (VLAN), a bridge domain spans one or more ports of multiple devices.
How many root bridges are in a layer 2 domain? ›
There is always only one root port per bridge, and it is the port leading to the root bridge. Designated— A forwarding port elected for a LAN segment. The designated port is in charge of forwarding traffic on behalf of the LAN segment, and there is always only one designated port per segment.
What are layer 2 addresses? ›
Layer 2 addresses are also called MAC addresses, physical addresses, or burned-in addresses (BIA). These are assigned to network cards or device interfaces when they are manufactured. MAC addresses (Figure 1.15) have a value of 48 bits.
What is a bridge domain in MPLS? ›
The native bridge domain refers to a Layer 2 broadcast domain consisting of a set of physical or virtual ports (including VFI). Data frames are switched within a bridge domain based on the destination MAC address. Multicast, broadcast, and unknown destination unicast frames are flooded within the bridge domain.
Bridging and routing are functionally very similar, with the major difference being that a routed VPN will not pass IP broadcasts while a bridged VPN will. When you are bridging, you must always use --dev tap on both ends of the connection.
Is a bridge a single broadcast domain? ›
Bridges were a big help on the collision front, but not so much with broadcasts. This network is still one broadcast domain, and as the network grows larger, so does the number of total broadcasts. Then along came switches.
What is the difference between Xconnect and bridge domain? ›
The simple difference between the 2 is mac learning. An Xcon will just throw everything it received over to the other end. A bridge-domain will forward traffic based on the dmac knowing where it should go.
What is the difference between link aggregation and bridge? ›
Bridge creates a logical link between multiple networks. Link Aggregation combines multiple network connections into a single interface. A virtual LAN (VLAN) partitions and isolates a segment of the connection.
What is layer 2 protocol? ›
Layer 2 protocols or network L2 protocols are a list of communication protocols used by Layer 2 devices (such as network interface cards (NIC), switches, multiport bridges, etc.) to transfer data in a wide area network, or between one node to another in a local area network.
What is the point of a layer 2? ›
Layer 2 is where data packets are encoded and decoded into actual bits. It is the protocol layer that enables the transfer of data between adjacent network nodes in a network segment, such as a local or wide area network.
Why is layer 2 needed? ›
Layer 2 solutions are important because they allow for scalability and increased throughput while still holding the integrity of the Ethereum blockchain, allowing for complete decentralization, transparency, and security while also reducing the carbon footprint (less gas, means less energy used, which equates to less ...
What are layer 2 examples? ›
Two major examples of layer 2 solutions are the Bitcoin Lightning Network and the Ethereum Plasma. Despite having their own working mechanisms and particularities, both solutions are striving to provide increased throughput to blockchain systems.
What are the 3 main functions of layer 2? ›
There are three distinct functions of layer 2 switching (you need to remember these!): address learning, forward/filter decisions, and loop avoidance.
What are the disadvantages of layer 2 network? ›
Layer 2 also has some significant disadvantages such as the lack of router hardware, leaving them susceptible to broadcast storm and the additional administrative overhead of IP allocations due to flat subnet across multiple sites. Layer 2 networks also forward all traffic, especially ARP and DHCP broadcasts.
Bridge domain interface is a logical interface that allows bidirectional flow of traffic between a Layer 2 bridged network and a Layer 3 routed network traffic. Bridge domain interfaces are identified by the same index as the bridge domain. Each bridge domain represents a Layer 2 broadcast domain.
What is the role of bridge in OSI model? ›
Bridges work at the OSI data-link layer. They can be used both to join dissimilar media such as unshielded twisted-pair (UTP) cabling and fiber-optic cabling, and to join different network architectures such as Token Ring and Ethernet.
How does bridge function work? ›
Functions of Bridges
Divide local area networks into multiple segments. Connects multiple networks to ensure communication between them. Connects LAN segments into a single network. Recognizes areas where data is to be sent and on which device it will be sent.
How do I bridge to Layer 2? ›
How to bridge tokens to layer 2
- Determine which layer 2 network you want to use. ...
- Go to the selected bridge. ...
- Connect to the bridge with your wallet. ...
- Specify the amount and move the funds. ...
- Confirm the transaction in your wallet. ...
- Wait for your funds to be moved. ...
- Add the selected layer 2 network to your wallet (optional)
In networking, the device used to connect multiple networks together at layer 2 (L2) is called a bridge. Layer 2 refers to the data link layer of the OSI model, where data is encoded into units (frames), checked, and transmitted. The bridge has interfaces to several LAN segments which it connects (or bridges) together.
Can Layer 2 handle VLANs? ›
A Layer 2 trunk interface enables you to configure a single logical interface to represent multiple VLANs on a physical interface. You can configure a set of VLANs and VLAN identifiers that are automatically associated with one or more Layer 2 trunk interfaces.
What is the most common layer 2 device? ›
Ethernet switches are the most common types of layer 2 switches known to us. The devices connected in the Ethernet network possess a hardcoded MAC address.
How do I map a layer 2 network? ›
Creating Layer 2 maps
Navigate to Network > Layer 2 Maps > Create New. In the Create Map form that opens, enter the following: Map Name: Enter a name to identify your map. Discover From: Select Devices if you wish to discover and create a network map using a network device that is already being monitored.
What device operates at layer 2? ›
Layer 2 Switch Operation
Ethernet hubs and network switches work at the data link layer, with a switch delivering greater performance than a hub. Bridge devices inspect Ethernet frames. They identify frame sources and destination MAC addresses before making forwarding decisions.
What is the difference between layer 2 bridge and Layer 3 bridge? ›
The layer 2 and Layer 3 differs mainly in the routing function. A Layer 2 switch works with MAC addresses only and does not care about IP address or any items of higher layers. Layer 3 switch, or multilayer switch, can do all the job of a layer 2 switch and additional static routing and dynamic routing as well.
A bridge domain is a set of logical ports that share the same flooding or broadcast characteristics. Like a virtual LAN (VLAN), a bridge domain spans one or more ports of multiple devices.
What is the difference between layer 2 and layer 3 bridge? ›
The main difference between a Layer 2 and Layer 3 switch is the routing function. A Layer 3 switch (also called a multilayer switch) performs all the functions a Layer 2 switch does; however, it has both static and dynamic routing functions.
Can a layer 2 switch have VLANs? ›
A Layer 2 trunk interface enables you to configure a single logical interface to represent multiple VLANs on a physical interface. You can configure a set of VLANs and VLAN identifiers that are automatically associated with one or more Layer 2 trunk interfaces.
How do I know if my switch is L2 or L3? ›
Look at the product code of the switch. If the switch ends with "EMI" then it's a Layer 3 switch. If it's "SMI" then it could be a layer 2 only switch. TO convert the appliance from Layer 2 to Layer 3, you need to have a hardware upgrade.
What are Layer 2 protocols? ›
Layer 2 protocols or network L2 protocols are a list of communication protocols used by Layer 2 devices (such as network interface cards (NIC), switches, multiport bridges, etc.) to transfer data in a wide area network, or between one node to another in a local area network.
Is spanning tree only for Layer 2? ›
Spanning Tree Protocol (STP) is a Layer 2 link management protocol that provides path redundancy while preventing loops in the network. For a Layer 2 Ethernet network to function properly, only one active path can exist between any two stations. Multiple active paths among end stations cause loops in the network.
Can a bridge connect more than 2 networks? ›
Features of a bridge
A simple bridge will have two ports -- in and out -- and will only connect two networks. A multiport bridge would provide bridging between multiple networks.
Is Layer 2 a VLAN? ›
VLANs are data link layer (OSI layer 2) constructs, analogous to Internet Protocol (IP) subnets, which are network layer (OSI layer 3) constructs. In an environment employing VLANs, a one-to-one relationship often exists between VLANs and IP subnets, although it is possible to have multiple subnets on one VLAN.
What is the difference between service instance and bridge domain? ›
In the Cisco EVC Framework, the bridge domains are made up of one or more Layer-2 interfaces known as Service Instances. A Service Instance is the instantiation of an EVC on a given port on a given router. Service instance is associated with a bridge domain based on the configuration.
What is Layer 2 configuration? ›
Layer 2 Ethernet Switching Overview. The device supports simultaneous, parallel connections between Layer 2 Ethernet segments. Switched connections between Ethernet segments last only for the duration of the packet. New connections can be made between different segments for the next packet.
The main difference between layer-1 vs layer-2 scalability solutions lies in their role and focus on the blockchain. Layer-1 is here to improve the blockchain architecture, while layer-2 is here to build third-party networks on top of the main blockchain.
What are the Layer 2 devices in the OSI model? ›
Layer 2 of the OSI model is known as the data link layer. The Layer 2 protocol you're likely most familiar with is Ethernet. Devices in an Ethernet network are identified by a MAC (media access control) address, which is generally hardcoded to a particular device and doesn't normally change.
