2.1 Overview
Bridging is used to connect two Ethernet network segments. It occurs at the Data-Link Layer (Layer 2) of the OSI model. Switches perform the same function as bridges. Bridges (and switches) forward frames from one interface to another based on the destination MAC address. If the destination MAC is unknown, the bridges forward the frame out all ports. This is known as flooding. For any incoming frame, bridges forward the frame out a specific port, if the destination MAC address is known, or it is flooded out all ports if the MAC address is unknown.
Bridges and switches can operate in two basic modes: store-and-forward and cut-through. Store-and-forward is the legacy mode. The bridge stores the entire frame and verifies the CRC before forwarding the frame. If a CRC error is detected, the frame is discarded.
In cut-through mode, the switch does not wait for the entire frame to enter its buffer; instead, it forwards the frame just after it reads the destination MAC address. The advantage is that the switching operation is faster. The disadvantage is that the cut-through operation does not check for CRC errors, which increases the amount of runt and error frames on the network. Because of this problem, most switches provide the option to switch the mode back to store-and-forward if an error threshold is met. Switches in cut-through can track the CRC errors of forwarded frames to determine if there are too many errors. Other switches implement modified cut-through, which waits to receive 64 bytes before it begins transmission, which prevents the switch from sending runt frames.
Transparent bridges forward frames only when necessary and, thus, reduces network overhead. To accomplish this, transparent bridges learning MAC addresses by examining the source MAC address of each frame received by the bridge; decides when to forward a frame or when to filter a frame, based on the destination MAC address; and creates a loop-free environment with other bridges by using the Spanning Tree Protocol. When multiple bridges connect the same LAN segments, bridge loops can occur. The STP is a Layer-2 link management protocol that discovers a loop free topology for connectivity between LANs. STP might place some redundant bridged interfaces in a blocked state. STP provides recovery from bridge failures by changing blocked interfaces to a forwarding state, if a primary link fails. Although a DEC and IBM version are available, the IEEE 802.1d standard is the default protocol.
Generally, broadcasts and multicast frames are forwarded by the bridge in networks that use bridges. In addition, transparent bridges perform switching of frames using Layer 2 headers and Layer 2 logic and are Layer 3 protocol-independent. Store-and-forward operation, which means that the entire frame is received before the first bit of the frame is forwarded, is also typical in transparent bridging devices. However, the transparent bridge must perform processing on the frame, which also can increase latency.
A transparent bridge operates in the following manner:
The bridge has no initial knowledge of the location of any end device; therefore, the bridge must listen to frames coming into each of its ports to figure out on which network a device resides.
The bridge constantly updates its bridging table upon detecting the presence of a new MAC address or upon detecting a MAC address that has changed location from one bridge port to another. The bridge is then able to forward frames by looking at the destination address, looking up the address in the bridge table, and sending the frame out the port where the destination device is located.
If a frame arrives with the broadcast address as the destination address, the bridge must forward or flood the frame out all available ports. However, the frame is not forwarded out the port that initially received the frame. Hence, broadcasts are able to reach all available networks. A bridge only segments collision domains but does not segment broadcast domains.
If a frame arrives with a destination address that is not found in the bridge table, the bridge is unable to determine which port to forward the frame to for transmission. This is known as an unknown unicast. In this case, the bridge treats the frame as if it was a broadcast and forwards it out all remaining ports. After a reply to that frame is received, the bridge will learn the location of the unknown station and add it to the bridge table.
Frames that are forwarded across the bridge cannot be modified.
2.1.1 Root Bridge Election
A root bridge is elected as the root of the spanning-tree topology. All ports that are not needed to reach the root bridge are placed in blocking mode. The selection of the root bridge is based on the lowest numerical bridge priority. The bridge priority is stored in the Bridge Identifier (BID), which is an 8 byte value that also contains one of the bridge's MAC addresses (6 bytes). With 2 bytes, the priority values range from 0 to 65,535. The default priority is 32,768. If all bridges have the same bridge priority, the bridge with the lowest MAC address is selected as the root. Physical changes of the network force spanning-tree recalculation.
You can change the router interface priority by using the priority keyword with priority values ranging from 1 to 255:
2.1.2 Path Cost
Designated Ports
If connected with more than one port to the same segment, bridges select a designated port. The designated port is the port that sends and receives frames on the segment; other ports are placed in the blocking state (nondesignated ports).
Each port is assigned a Port ID, which is 16 bits long and consist of a 6-bit priority setting and a 10-bit port number.
A path cost value is assigned to each port. The costs are accumulated to determine the total cost to reach the root.
According to the original specification in 802.1d, cost is calculated by dividing 1000 Mbps (1 gigabit per second) by the bandwidth (in megabits per second) of the segment connected to the port. Using this formula, a 100 Mbps connection has a cost of 10 (1000 / 100 = 10). To accommodate higher speeds, such as GE, the IEEE adopted new values. The table below shows the revised path costs for STP.
STP Path Costs Values
|
Bandwidth |
Path Cost Value |
|---|---|
|
4 Mbps |
250 |
|
10 Mbps |
100 |
|
16 Mbps |
62 |
|
45 Mbps (DS-3) |
39 |
|
100 Mbps |
19 |
|
155 Mbps (OC-3) |
14 |
|
622 Mbps (OC-12) |
6 |
|
1 Gbps |
4 |
|
10 Gbps |
2 |
2.1.3 Bridge Protocol Data Unit (BPDU)
Transparent bridges performing STP communicate by exchanging BPDUs, which are packets that contain information on ports, addresses, priorities and costs. Bridges do not forward received BPDUs but use the information to generate new BPDUs. The information that a BPDU contains includes:
- Root BID, which is the BID of the bridge that the transmitting bridge believes to be the root bridge.
- Path Cost, which is the cost of the path to reach the root bridge. If the segment is attached to the root bridge, it has a cost of 0. For example, if the data has to travel over three 10 Mbps segments to reach the root bridge, the cost is 200 (100 + 100 + 0).
- Sender BID, which is the BID of the bridge that sent this BPDU.
- Port ID, which is the port ID on the bridge that sent this BPDU.
Note: BPDU destination addresses use the bridge group multicast MAC address 01-80-C2-00-00-00. These frames are copied by bridges but ignored by all other stations.
There are two types of BPDUs:
Multi-Instance Spanning-Tree Protocol (MISTP)
Each VLAN configured in a switch runs an independent instance of the STP. MISTP is a proprietary spanning-tree mode in Cisco switches, which allows the grouping of multiple VLANs under a single instance of the STP. The MISTP instance has its own root switch and forwarding ports. When VLANs are mapped into a MISTP instance, it reduces the number of BPDUs because only MISTP BPDUs are sent between the switches configured for MISTP, which allows STP to scale to larger networks such as MANs.
- Configuration BPDUs, which are sent from the root bridge with the Root BID. The configuration BPDUs flow through all active paths, which provides the Root BID and path cost information.
- Topology Change Notification (TCN) BPDUs, which flow upstream to the root bridge to alert it of a topology change. The spanning tree algorithm is recalculated by the bridges to determine any necessary changes in the path. After the network converges, no TCN BPDUs are present in the network.
2.1.4 Bridge Port States
Each port of a transparent bridge exists in the following states:
- Disabled, in which the port is inactive and does not participate in STP.
- Blocking, this is the state in which a port moves first when you enable a port. In this state, the port does not participate in frame forwarding. It receives BPDUs and sends them to the STP algorithm for processing.
- Listening, which is the state to which the port changes when the bridge determines that a port in the blocking state should participate in frame forwarding. In this state, the bridge does not forward frames and does not learn of network MAC addresses. Hence, the bridge receive and process BPDUs and network management frames, but it does not send BPDUs.
- Learning, which the port enters after the Listening state. In this state the bridge discards incoming frames but begins to add MAC addresses associated with this port into the table. BPDU and network management messages are processed. The bridge processes, generates, and sends BPDUs in this state.
- Forwarding, which is the full functional state for a bridged port. In this state, the bridge does not discard incoming frames. The bridge forwards frames to other ports; the bridge also forwards frames out this port. All BPDUs and network management frames are processed.