Bridge Concept

thiagolmoraes · February 26, 2017, 8:32pm

Hi guys,

I know you’re tired of getting explain about “BRIGDE … BRIGDE … BRIGDE”.

It’s hard to find good materials about RouterOS and its concept, different from other vendors.. Let’s begin:

“As I show above, the bridge concept refer to join the interfaces in the same layer 2, what are these advantages?”

“Is it necessary create a bridge every time that we create a vlan? If yes, did each bridge is associate with a VLAN?”

“What is relation about bridge and the “access/trunk” terms?”

Yeap, stupid questios, but I try to think about the “packet flow”, I have one bridge here, add a vlan, a bridge port.. I really really much understand how the packet flow will work with bridge + vlans. I came from other vendor and its hard too think routerOs, I getting started to handle with it recently. I would like to progresses with the vendor.

Thanks in advance.

docmarius · February 26, 2017, 8:42pm

To your first question…
I think if one starts to see a bridge as a switch, more precisely a 2 port switch in your example, the functions become clear: 2 collision domains (a thing of the past since we all use switches in our networks and not hubs), and a single broadcast domain for the 2 LANs.
So the real achievement is actually the single broadcast domain.

And to the second one:
No, it is not necessary to create a bridge to use VLANs. A VLAN interface can be used as any other physical interface, with its own IP address space and its associated routes, rules and filters.
It is only when you need to forward L2 traffic between different interfaces (including VLANs which appear as virtual interfaces) that you really need a bridge.

thiagolmoraes · February 26, 2017, 9:12pm

Great,

So, When I create a bridge and add some interface port to it, L2 features will be added to that port (Spanning Tree, for instance). If I have no bridge port, that interface performs L3 features. Is that correct?

Looking that picture, Can bridge receive both ARP requisitions from interfaces LAN 1 and 2?

docmarius · February 27, 2017, 8:07pm

Yes, I think that statement is correct.

Regarding ARP, not only will the bridge receive ARP packets from both segments, it will, unless no filtering is enabled, forward the ARP packets between the 2 segments. So an ARP request on LAN 1 will actually reach LAN2 (and the other way around, of course).

As I said, it is just like a switch: unicasts to the proper ports if the destination is known/learned, broadcasts and multicasts to all (I am talking about L2 unicast/multicast/broadcast via regular and specific MACs). And VLAN tags are conserved.

thiagolmoraes · February 28, 2017, 1:52am

Nice, just more one question

VLAN 200 - 192.168.10.1/24
VLAN 201 - 192.168.100.1/24

| CCR | ---------- | SW | --------- | HOSTS |

Thinking about subinterfaces:

NAME MTU ARP VLAN-ID INTERFACE

0 R VLAN-200 1500 enabled 200 ether2
1 R VLAN-202 1500 enabled 202 ether2

ADDRESS NETWORK INTERFACE

0 192.168.10.1/24 192.168.10.0 VLAN-200
1 192.168.100.1/24 192.168.100.0 VLAN-202

0 R name=“BR-TRUNK” mtu=auto actual-mtu=1500 l2mtu=65535 arp=enabled mac-address=00:00:00:00:00:00
protocol-mode=rstp priority=0x8000 auto-mac=yes admin-mac=00:00:00:00:00:00 max-message-age=20s
forward-delay=15s transmit-hold-count=6 ageing-time=5m

BRIDGE PORT CONFIGURATION MISSING…

Is it right? If not, and absolutely it is not! Where I missed, and how to think in bridge/vlans?

Thanks (: