03-11-2009 02:15 AM - edited 03-04-2019 03:53 AM
Hi, i need to configure two Cisco routers in bridge mode as they interconnect two LANs that are in the same subnet. The two routers are connected by a fiber optic link. Can you please indicate me how to set the routers in bridge mode.
Solved! Go to Solution.
03-11-2009 02:23 AM
Hello Alvin,
if the routers are ISR routers 2811 or above you could think to use L2tpv3
However, if the link is direct and you don't need to use it as a L3 routed link you can also bridge
int fas0/0
no ip address
bridge-group 1
desc internal lan
int fas0/1
desc link to fiber
no ip address
bridge-group 1
bridge-group1 protocol ieee
brdige-group1 route ip
int bvi1
desc l3 interface of the bridge group
ip address x.x.x.1 255.255.255.0
no shut
you need to do the same on the second router
int fas0/0
no ip address
bridge-group 1
desc internal lan
int fas0/1
desc link to fiber
no ip address
bridge-group 1
bridge-group1 protocol ieee
brdige-group1 route ip
int bvi1
desc l3 interface of the bridge group
ip address x.x.x.2 255.255.255.0
no shut
just the ip address associated to the BVI1 of R2 needs to be different
if R1 reach all other networks via R2
R1 needs a default route
ip route 0.0.0.0 0.0.0.0 x.x.x.2 10
Hope to help
Giuseppe
03-11-2009 02:23 AM
Hello Alvin,
if the routers are ISR routers 2811 or above you could think to use L2tpv3
However, if the link is direct and you don't need to use it as a L3 routed link you can also bridge
int fas0/0
no ip address
bridge-group 1
desc internal lan
int fas0/1
desc link to fiber
no ip address
bridge-group 1
bridge-group1 protocol ieee
brdige-group1 route ip
int bvi1
desc l3 interface of the bridge group
ip address x.x.x.1 255.255.255.0
no shut
you need to do the same on the second router
int fas0/0
no ip address
bridge-group 1
desc internal lan
int fas0/1
desc link to fiber
no ip address
bridge-group 1
bridge-group1 protocol ieee
brdige-group1 route ip
int bvi1
desc l3 interface of the bridge group
ip address x.x.x.2 255.255.255.0
no shut
just the ip address associated to the BVI1 of R2 needs to be different
if R1 reach all other networks via R2
R1 needs a default route
ip route 0.0.0.0 0.0.0.0 x.x.x.2 10
Hope to help
Giuseppe
03-23-2009 01:30 AM
Dear Giuseppe,
I have configured the routers and the bridge mode configuration is working fine. I can ping both routers.
But there is a problem occurring.
When I connect the second router (Router B)to its LAN, there is no more connection. I cannot reach it anymore. There seems to be a STP loop.
Find below the configuration of both routers:
RouterA#
bridge irb
!
!
!
interface GigabitEthernet0/0
description 'Connection To LAN'
no ip address
duplex auto
speed auto
bridge-group 1
!
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0/0
no ip address
shutdown
clock rate 2000000
!
interface GigabitEthernet0/1/0
description 'Fiber Optics Link'
no ip address
negotiation auto
bridge-group 1
!
interface BRI0/2/0
no ip address
encapsulation hdlc
shutdown
!
interface BVI1
ip address 172.18.12.12 255.255.252.0
arp timeout 300
!
ip forward-protocol nd
!
!
ip http server
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
Router A#sh spanning-tree summary
Root bridge for: Bridge group 1.
PortFast BPDU Guard is disabled
UplinkFast is disabled
BackboneFast is disabled
Name Blocking Listening Learning Forwarding STP Active
-------------------- -------- --------- -------- ---------- ----------
Bridge group 1 0 0 0 2 2
-------------------- -------- --------- -------- ---------- ----------
1 Bridge Group 0 0 0 2 2
RouterB#
bridge irb
!
!
!
interface GigabitEthernet0/0
description 'Connection To LAN'
no ip address
duplex auto
speed auto
bridge-group 1
!
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0/0
no ip address
shutdown
clock rate 2000000
!
interface GigabitEthernet0/1/0
description 'Fiber Optics Connection'
no ip address
negotiation auto
bridge-group 1
!
interface BRI0/2/0
no ip address
encapsulation hdlc
shutdown
!
interface BVI1
ip address 172.18.14.2 255.255.252.0
arp timeout 300
!
no ip forward-protocol nd
!
!
ip http server
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
Router B#sh spanning-tree summary
Root bridge for: Bridge group 1.
PortFast BPDU Guard is disabled
UplinkFast is disabled
BackboneFast is disabled
Name Blocking Listening Learning Forwarding STP Active
-------------------- -------- --------- -------- ---------- ----------
Bridge group 1 0 0 0 2 2
-------------------- -------- --------- -------- ---------- ----------
1 Bridge Group 0 0 0 2 2
Thanks for your help.
Best regards,
Alvin
03-23-2009 02:06 AM
Hello Alvin,
a loop cannot occur unless you close the two lan interfaces together but STP should take care of this
if you use a fiber connection you may need a media-type command.
do
sh int gi0/1/0
media-type ?
and see the options
check the status of the fiber based links with
sh int gi0/1/0
both devices say they are root bridge for bridge-group 1
Root bridge for: Bridge group 1.
so they are not communicating
Hope to help
Giuseppe
03-23-2009 04:22 AM
Dear Giuseppe,
Find below the interfaces from both routers:
Router A#sh interfaces
GigabitEthernet0/0 is up, line protocol is up
GigabitEthernet0/1/0 is up, line protocol is up
Hardware is PM-3387, address is 0017.5aa6.d606 (bia 0017.5aa6.d606)
Description: 'Fiber Optics Link'
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 1000Mb/s, link type is autonegotiation, media type is LX
output flow-control is XON, input flow-control is XON
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:04, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 1 packets/sec
24870 packets input, 2138807 bytes, 0 no buffer
Received 73 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 0 multicast, 0 pause input
0 input packets with dribble condition detected
209475 packets output, 18426653 bytes, 0 underruns
0 output errors, 0 collisions, 4 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped out
BVI1 is up, line protocol is up
RouterB#sh interfaces
GigabitEthernet0/0 is up, line protocol is up
GigabitEthernet0/1/0 is up, line protocol is up
Hardware is PM-3387, address is 0015.622e.f3b6 (bia 0015.622e.f3b6)
Description: 'Fiber Optics Connection'
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 1000Mb/s, link type is autonegotiation, media type is LX
output flow-control is XON, input flow-control is XON
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 2000 bits/sec, 4 packets/sec
5 minute output rate 2000 bits/sec, 3 packets/sec
351035 packets input, 29378840 bytes, 0 no buffer
Received 143617 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 0 multicast, 0 pause input
0 input packets with dribble condition detected
35369 packets output, 2863100 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
28 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped out
BVI1 is up, line protocol is up
I am able to ping any device in the LAN of Router A from Router B.
The opposite is not possible.
Please advise.
Alvin
03-11-2009 06:43 AM
Thanks Giuseppe,
I will configure the routers and revert back to you.
Thanks for your help.
03-23-2009 05:48 AM
Alvin:
Not to distract you from your work, but I am wondering why you find yourself in a situation where you have 2 ethernet interfaces on your router that are cnnected to the same LAN.
Can you also attach a simple diagram to show whats going on?
Thanks
Victor
03-23-2009 06:47 AM
Dear Victor,
Please find attached the network topology.
As you will see, both LAN A and B are found in the 172.18.12.0/22 subnet.
So, that is why the routers are configured in Bridge mode.
But I am having problems when connecting the LAN interface of Router B. As soon as I connect it to the switch, I am not able to ping it anymore from router A.
Best regards,
Alvin
03-23-2009 07:25 AM
Alvin:
Thanks.
Have you taken notice of Giuseppe's suggestion? The routers dont seem to be exchanging BPDUs because each is claiming itself as the root bridge.
Victor
03-23-2009 08:54 AM
Hello Alvin, Victor
collecting facts:
there is a fiber based link working at OSI layer 1 but STP messages are not exchanged.
Alvin:
what type of interface is g0/1/0 is part of some form of etherswitch module ?
in that case the configuration could need to be changed to something like
conf t
vlan 5
name inter-router-vlan
int vlan 5
no ip address
bridge-group 1
int gi0/1/0
switchport
switchport mode access
switchport access vlan 5
if the port is part of an etherswitch the bridge-group command has to be given under the SVI (int vlan 5)
Hope to help
Giuseppe
03-23-2009 09:53 PM
Dear Guiseppe,
In fact interface g0/1/0 is a Gigabit Ethernet HWIC card (HWIC-1GE-SFP) with a GLC-LH-SM module. For each router it is the same.
Regards,
Alvin
03-23-2009 09:38 PM
Dear Victor,
So in this typical configuration, should I enable the STP. And which STP should I use?
Which router needs to be the root bridge?
Regards,
Alvin
03-24-2009 12:32 AM
Hello Alvin,
with your configuration STP is already running in the version IEEE:
the command
bridge 1 protocol ieee
Hope to help
Giuseppe
03-24-2009 01:31 AM
ok, Guiseppe.
I will continue with the testing.
Regards,
Alvin
03-28-2009 02:46 AM
Hello Guiseppe,
Hope you are doing fine.
The bridge configuration is working fine but I am encountering another issue that is preventing me from using the routers.
The issue is with Router B's LAN. When I am connecting Router B to the existing switch, I am not able to reach router A and its associated LAN anymore. Timeout occurs when I ping Router A from router B.
When I disconnect Router B from the existing switch, I can then access Router A and its associated LAN.
This seems to be a problem with the existing switch. Can you please explain what can be causing this problem and whether I need to do some modifications in the router configuration.
I did some tests using a standalone switch where I connected Router B and a laptop. Both where accessible from Router A. The problem did not occur.
Regards,
Alvin
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide