Bridge Groups, BVIs, IRB and CRB

Answered Question
Sep 30th, 2009

Could someone provide me with any documentation explaining these terms?

I'm working with a 1252 Cisco AP and wanted to know how bridge-groups relate to this AP as I have had to use it in the past but never fully understood the concepts listed in the conversation title.

I would like to learn more about these technologies. Could someone explain or at least provide me with some documentation? I've tried researching this on my own, but haven't yet come up with anything useful.

I have this problem too.
0 votes
Correct Answer by jeff.kish about 7 years 2 months ago

Hi Nelson,

All of these terms relate to bridging the wireless interface to the FastEthernet (or GigEthernet) interface on the access point. The goal is to configure the AP so that clients on each SSID get placed onto the correct VLAN when sent to the switch.

A bridge-group is a collection of interfaces or subinterfaces that bridge traffic among them. Assigning a specific radio subinterface and a specific Ethernet subinterface to the same bridge-group unites the two and causes traffic to bridge from one to the other.

So let's look at this from wireless traffic's perspective. A client connects to an SSID, which the AP knows is tied to VLAN 10. The traffic therefore enters the radio subinterface assigned to VLAN 10. Now, this subinterface is part of bridge-group 23 (arbitrarily selected), so the traffic is bridged to the FastEthernet subinterface that's also part of bridge-group 23. This subinterface should also be configured for VLAN 10, and so the traffic is sent to the switch tagged with a VLAN ID of 10.

So you see, the bridge-group helps pass the traffic from the radio through the AP, and onto the FastEthernet interface.

BVI stands for Bridge Virtual Interface, and it's simply a Layer 3 interface associated with a bridge-group (similar to how an SVI - Switch Virtual Interface - is a L3 interface associated with a VLAN). BVI 1 thus corresponds to bridge-group 1. Traditionally on Cisco APs, bridge-group 1 is associated with the management VLAN of the AP, so BVI 1 is the management interface for the access point. You could well assign bridge-group 2 to the AP and create a BVI 2 interface, but there's no real reason to do it other than to mess around.

IRB is Integrated Routing and Bridging. It allows both bridging (L2) and routing (L3) within a device between any two interfaces. CRB is Concurrent Routing and Bridging, and it's the precursor to IRB. CRB also allows both bridging and routing within a device, but not between the same two interfaces like IRB. Here's a good (but old) article to read:

http://www.netcraftsmen.net/resources/archived-articles/428.html

This is a great discussion topic, and don't feel bad for not understanding. These topics are why a lot of people stay away from the CLI on APs and opt instead to use the more-tedious GUI. Once you grasp bridge-groups, the CLI magically becomes easy to use.

I hope this helps - please ask questions if you still have any. I'm sure some of my ramblings weren't as useful as they were meant to be :)

Jeff

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
jeff.kish Wed, 09/30/2009 - 11:43

Hi Nelson,

All of these terms relate to bridging the wireless interface to the FastEthernet (or GigEthernet) interface on the access point. The goal is to configure the AP so that clients on each SSID get placed onto the correct VLAN when sent to the switch.

A bridge-group is a collection of interfaces or subinterfaces that bridge traffic among them. Assigning a specific radio subinterface and a specific Ethernet subinterface to the same bridge-group unites the two and causes traffic to bridge from one to the other.

So let's look at this from wireless traffic's perspective. A client connects to an SSID, which the AP knows is tied to VLAN 10. The traffic therefore enters the radio subinterface assigned to VLAN 10. Now, this subinterface is part of bridge-group 23 (arbitrarily selected), so the traffic is bridged to the FastEthernet subinterface that's also part of bridge-group 23. This subinterface should also be configured for VLAN 10, and so the traffic is sent to the switch tagged with a VLAN ID of 10.

So you see, the bridge-group helps pass the traffic from the radio through the AP, and onto the FastEthernet interface.

BVI stands for Bridge Virtual Interface, and it's simply a Layer 3 interface associated with a bridge-group (similar to how an SVI - Switch Virtual Interface - is a L3 interface associated with a VLAN). BVI 1 thus corresponds to bridge-group 1. Traditionally on Cisco APs, bridge-group 1 is associated with the management VLAN of the AP, so BVI 1 is the management interface for the access point. You could well assign bridge-group 2 to the AP and create a BVI 2 interface, but there's no real reason to do it other than to mess around.

IRB is Integrated Routing and Bridging. It allows both bridging (L2) and routing (L3) within a device between any two interfaces. CRB is Concurrent Routing and Bridging, and it's the precursor to IRB. CRB also allows both bridging and routing within a device, but not between the same two interfaces like IRB. Here's a good (but old) article to read:

http://www.netcraftsmen.net/resources/archived-articles/428.html

This is a great discussion topic, and don't feel bad for not understanding. These topics are why a lot of people stay away from the CLI on APs and opt instead to use the more-tedious GUI. Once you grasp bridge-groups, the CLI magically becomes easy to use.

I hope this helps - please ask questions if you still have any. I'm sure some of my ramblings weren't as useful as they were meant to be :)

Jeff

nelson.garcia Wed, 09/30/2009 - 12:05

Thanks for the prompt reply, Jeff. It was exactly what I needed.

Will be adding your response to my Cisco notes on wireless bridging. =]

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode