Bridging on a router

Answered Question
Jul 3rd, 2009

Hi all

I have a 2800 router connected to a switch which is conifgured as a trunk port to carry 2 vlans. We want one of the vlans to be passed onto another switch through the router as we are only allowed a single connection on the first switch. The router has a 4 port etherswitch module which we have connected to the second switch. Vlan 115 is an internet Vlan that will terminate on a firewall.

Have I got the following correctly configured as I am not sure why I need "bridge irb" when effectively we only want to bridge but it doesn't seem to work with out it:

Bridge irb

Bridge 15 protocol ieee

Int g0/1

No ip address

No shutdown

Int g0/1.115

Encapsulation dot1q 115

Bridge-group 115

Int g0/1.2033

Encapsulation dot1q 2033

Ip address

Int g0/1.100

Encapsulation dot1q 100 native

No ip address

Vlan 115

No ip address

Bridge-group 115

Int fa0/0/0

Switchport access vlan 115

Correct Answer by andrew.prince@m... about 7 years 7 months ago

In my opinion - it's not the best way of doing things, but as long as it works!


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Edison Ortiz Fri, 07/03/2009 - 08:43

You have an EtherSwitch module which supports internal Vlan configuration and there is no need for subinterfaces.

The following URL will provide information on how to configure Vlans on the router:

Once the Vlans are configured, you can configure a switchport as trunk facing the switch carrying the multiple Vlans and as access facing the switch with Vlan 115.

If you want to have a Layer3 representation of any of the L2 Vlans, you can create a SVI.

Your configuration would look like this:

!Configure L2 Vlans

vlan database

vlan 115

vlan 2033

vlan 100



!Configure Switchports

default interface g0/1

default interface f0/0/0


interface f0/0/0

switchport access vlan 115

interface f0/0/1

switchport encapsulation trunk dot1q

switchport mode trunk



no bridge irb



interface Vlan 2033

ip address




stretchlad Sun, 07/05/2009 - 15:54

Hi Ed

Thanks for the response, however, I am using the onboard gig port to trunk as the etherswitch ports have limited QoS support and we need to do Traffic shaping.

So I am pretty sure I need to bridge.

stretchlad Mon, 07/06/2009 - 03:04

I need to bridge becuase I have 2 vlans and one of those vlans I want to connect to a different device whilst the other will be routed.

andrew.prince@m... Mon, 07/06/2009 - 03:27

If you have a switch that is vlan capable - then you do not need to place an interface of the router into a bridged port. You just connect the other device directly to the switch in the relevant vlan. There is no need for the router to be involved for un-routed traffic.

stretchlad Mon, 07/06/2009 - 06:23


Was my config ok then?

Things like having to create an SVI with no ip address etc?

Correct Answer
andrew.prince@m... Mon, 07/06/2009 - 06:34

In my opinion - it's not the best way of doing things, but as long as it works!



This Discussion