433 8C03 6D5LOD4KUALBGAZYU2BPHUXNQ6LPHES5SZMCXSQ

3
Advanced Network
Theory: Bridging and
LAN Switching
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
Terms you ll need to understand:
Broadcasts Data-link switching (DLSw)
Transparent bridging (TB) Bridge Protocol Data Unit (BPDU)
Source-route bridging (SRB) Spanning Tree Protocol (STP)
Source-route transparent (SRT) Routing information fields (RIFs)
Source-route translational Virtual LANs (VLANs)
bridging (SR/TLB)
Inter-switch link (ISL)
Integrated routing and bridging (IRB)
Fast Ethernet Channel (FEC)
Concurrent routing and bridging
Cisco Discovery Protocol (CDP)
(CRB)
Cisco Group Management Protocol
Encapsulated bridging
(CGMP)
Remote-source route bridging
LAN emulation (LANE)
(RSRB)
Techniques you ll need to master:
Describing and configuring Using LAN switching and
bridging modes on Cisco routers emulation
Using common commands to Distinguishing between cut-
enable bridging on a Cisco router through and store and forward
switching
1
2 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
This chapter examines bridging methods available on a Cisco router. First, the
chapter covers bridging topics, and then LAN switching methods are reviewed.
The following CCIE blueprint objectives as determined by the Cisco Systems
CCIE program are covered in this chapter:
ń' Transparent Bridging IEEE/DEC Spanning Tree Protocol, translational
bridging, Bridge Protocol Data Unit (BPDU), integrated routing and bridg-
ing (IRB), concurrent routing and bridging (CRB), access lists.
ń' Source Route Bridging Source-route translational bridging (SR/TLB), source-
route transparent bridging (SRT), data-link switching (DLSw), remote source-
route bridging (RSRB), access lists.
ń' LAN Switching Trunking, VLAN Trunk Protocol (VTP), inter-switch link
(ISL), Virtual LANs (VLANS), Fast Ethernet Channel (FEC), Cisco Dis-
covery Protocol (CDP), Cisco Group Management Protocol (CGMP).
ń' LANE LAN Emulation Client (LEC), LAN Emulation Server (LES),
broadcast and unknown server (BUS), LAN Emulation Configuration Server
(LECS), Simple Server Replication Protocol (SSRP).
Additional information is provided for completeness and in preparation for addi-
tional subjects as the CCIE program expands.
Bridging Overview
Bridging is defined as a method used to allow communication between devices at
the Data Link Layer (layer 2) of the OSI model. Bridging is a topic that is de-
fined in the Cisco CCIE R/S blueprint with a focus on how Cisco IOS is used to
bridge frames over an IP network.
Why should you be concerned about bridging? Initially, when these non-routable
(for example, LAT or SNA) protocols were invented, they were only intended for
use on local area networks (LANs). In today s networks, these non-routable proto-
cols are used between remote locations. Because these locations can only be reached
via a wide area network (WAN), non-routable protocols need to be bridged across
the wide area networks. Bridged protocols are typically broadcast intensive and can
cause a WAN link to reach high levels of utilization, resulting in slow response
times or protocol timeouts, which will affect the entire WAN to some degree.
You need to be concerned about bridging because protocols such as Local Area
Transport (LAT) and NetBEUI typically rely on broadcasts to gain access to
remote hosts or servers. Broadcasts can be excessive and the amount of broad-
casts can severely impact WAN bandwidth, resulting in slow response times. For
example, you might have a 10Mb Ethernet segment and a 64K WAN link on a
router. It is easy for a bridgeable protocol to overwhelm the slow WAN link with
Advanced Network Theory:�% Bridging and LAN Switching�% 3
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
excessive broadcasts. By default, a Cisco router is not configured for bridging and
will drop broadcasts, so for the purpose of this discussion, we can assume bridg-
ing has been enabled. Most bridgeable protocols rely on broadcasts to send user
information or data. These broadcasts can cause time delays. Typically, bridged
protocols, such as LAT and Systems Network Architecture (SNA), are not ac-
customed to time delays; hence, the data might be lost or the session might be
reinitiated, which can also result in lost user data. It is important to be aware of
the history and traditional use of bridges. In the 1980s, bridges were primarily
used to segment large networks into smaller domains and also to extend the length
of a LAN segment. Broadcasts were still sent out to all segments, but the WAN
link was protected from locally based traffic and forwarded traffic not destined
for remote locations across the WAN. Broadcasts would still be sent out all bridge
ports except the source port. Broadcasts were still a primary concern for layer 2
protocols, such as LAT and NetBEUI.
Keep in mind that a Cisco router will not modify the layer 2 MAC
address of a frame when any form of bridging is used to send the
frame across a bridged domain. Routing, on the other hand, is handled
differently. When a layer 3 packet arrives on any interface, the Cisco
router will buffer the packet and immediately strip the data link header
and copy its own header, which will contain its local MAC address and
the remote MAC address of the destination router.
Thus, you can see that bridging is concerned with layer 2, has no layer 3 address,
and cannot be routed. Routing has a layer 3 address and is routed.
A broadcast domain is a set of devices that will receive broadcast frames
originating from any device within the same group of devices. Routers
typically define the end of a broadcast domain, because routers do not
forward broadcast frames unless specifically configured for bridging.
Broadcast domains can alleviate the number of broadcasts and increase
the available bandwidth to end users by segmenting a single large broad-
cast domain into smaller broadcast domains.
There are many ways to bridge non-routable frames, and this chapter concen-
trates on how you can accomplish sending non-routable traffic over an existing
network without the need to configure every protocol on a Cisco router. You can
also tunnel some non-routable protocols, such as SNA and LLC, using an IP
tunnel. An IP tunnel enables you to transport legacy non-routable traffic over an
IP network. This will become important later in this chapter when advanced
forms of bridging are discussed. A tunnel is a Cisco IOS feature that allows you
to transport protocols over your IP network without having to configure bridging
over your core network. Table 3.1 shows where bridging, routing, and tunneling
occurs in the OSI model.
4 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
Table 3.1 Where bridging occurs in the OSI model.
Layer Name Layer Number
Application Layer 7
Presentation Layer 6
Session Layer 5
Transport Layer 4
Network Layer 3 (routing and tunneling occurs here)
Data Link Layer 2 (bridging occurs here)
Physical Layer 1
Bridging Overview
As mentioned previously, a bridge is basically a layer 2 device that can determine
where devices are in a network and forward frames based on a bridge forwarding
table. This table lists the location of layer 2 devices (or MAC addresses) to ports
on a bridge. Cisco s term for this forwarding table on their switches is the content
addressable memory (CAM) table.
To view the CAM table on a Cisco 5000 or 6000 Catalyst switch, you
issue the show cam command.
Bridges can be used to perform the following:
ń' Increase available bandwidth by segmenting your network
ń' Filter packets based on many criteria, such as MAC addresses and
protocol types
ń' Base all forwarding decisions on MAC addresses
ń' Bridging Loop avoidance if spanning tree is configured
The following bridging modes are available with Cisco IOS:
ń' Transparent bridging (TB)
ń' Source-route bridging (SRB)
ń' Source-route transparent (SRT)
ń' Source-route translational bridging (SR/TLB)
ń' Concurrent routing and bridging (CRB)
Advanced Network Theory:�% Bridging and LAN Switching�% 5
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
ń' Integrated routing and bridging (IRB)
ń' Encapsulated bridging
ń' Remote source-route bridging (RSRB)
ń' Data-link switching (DLSw)
In the upcoming sections, we ll review each of these bridging modes, beginning
with a discussion about transparent bridging and moving through the preceding
list to encapsulated bridging. At that point, we ll look at access lists before wrap-
ping up this section by taking a look at RSRB and DLSw.
Transparent Bridging (TB)
Transparent bridging is the easiest bridging type to define, so we ll look at it first.
In transparent bridging (TB), end devices are unaware of how packets are sent
across a network. The bridging process is transparent to end devices, because the
devices make no decisions regarding how their frames are handled by the net-
work. This method of operation, in which the end device is unaware of what s
happening, is why this is called transparent bridging. Cisco routers can act as a
transparent bridge to bridge protocols, such as NetBEUI and LAT (Local Area
Transport). These protocols do not have a layer 3 (Network Layer) address and
cannot be routed, so they will need to be bridged.
When workstations or servers want to communicate with one another, the work-
station (or server) will send a broadcast to search for the destination device. The
first packet seen by the bridge will be examined for the source MAC address.
Then, the bridge places the packets source MAC address into a MAC forward-
ing table and notes the interface from which the frame was sent. Transparent
bridges typically have one or more interfaces that contain a group of end devices.
This stage of acquiring the location of new devices is called learning.
After the bridge has finished learning a particular bridge port (a bridge will con-
tinue to learn new devices), it will then forward the frame out all ports except the
port the frame was received on, if the destination MAC address is not in its
forwarding table. This forwarding process (in which frames are sent out on all
interfaces except the interface on which the frame was received) is called flooding.
The destination device will see and then respond to the packet. When the trans-
parent bridge receives the response from the destination device, it will again look
at the source address and check the forwarding table for an entry. If there is no
entry, the source address will be learned and entered into the bridges forwarding
table. The bridge will also look at the destination MAC address and forward it
via the appropriate interface. Figure 3.1 displays a typical bridge connecting two
Ethernet domains.
6 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
MAC address: MAC address:
0080.0c00.0001 0090.0d00.0002
Port 1 Port 2
Transparent
bridge
Bridge forwarding table
Source MAC
Port address
Port 1 0080.0c00.0001
Port 1 ..........................
Port 2 0090.0d00.0002
Port 2 ..........................
Figure 3.1 Sample bridge forwarding table.
The bridge in Figure 3.1 has learned that the device is on Port 1 and has a MAC
address of 0080.0c00.0001 and the device on Port 2 has a MAC address of
0090.0d00.0002. Each device will be associated with a bridge port and will be
added to the forwarding table or the CAM.
In Figure 3.2, when Device A sends a frame trying to locate Device B, both
bridges initially forward the frames as broadcasts looking for Device B. There
will be two broadcasts on Device B s segment. The two transparent bridges will
again see broadcast frames from one another as all broadcast frames are sent out
on all interfaces except the interface the frame was received from. Broadcasts are
then sent out onto Device A s segment. The second transparent bridge will again
see the broadcast frame and send it out onto Device B s segment. This process
will continue (described as a bridge loop) until you have a broadcast storm, in which
case both TBs will eventually run out of memory and your network will fail.
Loops at layer 2 are extremely harmful and will bring your network down. To
help avoid damage from layer 2 loops, you need to run a Spanning Tree Protocol
(STP), which can detect the loops and block the second path. STP automatically
activates a backup path if a bridge or link to a segment fails.
Now, let s look at the bridging process a Cisco router will follow if transparent
bridging is enabled as shown in Figure 3.2. First, the router will determine whether
the packet is routable. If not, a decision will be made based on the configuration
to bridge or drop the packet. If there are multiple paths to a device, the second
transparent bridge will create a loop, unless you have some form of mechanism to
stop frames from going around forever. For example, look at Figure 3.3.
Fortunately, there is a way to detect multiple paths that will help prevent these
routing loops from occurring, the answer is the Spanning Tree Protocol.
Advanced Network Theory:�% Bridging and LAN Switching�% 7
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
Device B
Port 2
Port 2
Loop and
Bridge 1 Bridge 2
broadcast storm
Port 1
Port 1
Device A
Figure 3.2 Bridging decisions made by a transparent bridge.
Discard
Incoming data frame packet
Is router
Is this
N configured N
packet
Header Data Trailer
for
routable?
bridging?
End
Y
Y
Routed
Bridge
packet
accordingly
End
End
Figure 3.3 Transparent bridging decision process on a Cisco router.
The Spanning Tree Protocol (STP) is defined as a method used to detect bridge
loops in a bridge or switched environment. STP ensures that no redundant paths
will create a second path to any destination network. There are three main Span-
ning Tree Protocols, two for Ethernet, and one for Token Ring (which is dis-
cussed in more detail later in this chapter):
8 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
ń' IEEE 802.1D (Ethernet)
ń' DEC, by Digital Corporation (Ethernet)
ń' IBM spanning tree (Token Ring)
The basic function of Spanning Tree Protocols is to maintain a loop-free topol-
ogy and provide, as possible, a path between every pair of LANs. All TBs will go
through the following four stages of spanning tree:
ń' Listening The bridge listens for frames. No end user data frames are for-
warded when the bridge is listening.
ń' Learning The bridge starts to build a MAC address forwarding table. At
this stage no end user data is forwarded yet. Cisco s term for the MAC ad-
dress forwarding table is the content addressable memory, or CAM, table. No
frames are forwarded is this stage.
ń' Forwarding The bridge is transmitting end user data frames to their appro-
priate destination.
ń' Blocking The bridge blocks frames to prevent a loop from occurring.
The STP process of listening, learning, and forwarding or blocking results in a
loop-free topology.
Returning to Figure 3.2, you can see that one of the bridges will block one of its ports
and remove any loop. Let s assume that Bridge 1 will block on Port 2. If Bridge 2
fails on Port 2, then Bridge 1 will begin forwarding frames onto the Device B
segment in order to maintain network connectivity between the two networks.
Bridges maintain a loop-free topology by using special frames called Bridge Pro-
tocol Data Units (BPDU). These frames are also used by spanning tree to elect a
root bridge. The root bridge is responsible for maintaining a loop-free topology.
Every other bridge will maintain a loop-free path to the root bridge. The root
bridge will always forward on all ports (forwarding state), and other bridges will
block on duplicate paths (blocking state).
A Cisco router or bridge will send out a BPDU with a destination MAC
address of 01-80-c2-00-00-00 Ethernet. In a Token Ring environment,
the functional MAC address c0-00-00-00-01-00 is used.
The root bridge is elected to maintain a loop-free path based on its priority (this
is a configurable option and the lowest number wins) and MAC address. These
two parameters together are called the unique bridge identifier. After the root
bridge is elected, every other bridge will forward on a port with the least cost.
Advanced Network Theory:�% Bridging and LAN Switching�% 9
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
The default cost on a Cisco Catalyst 5000 switch is 32768. The cost can range
from 0 to 65535.
Cost is a configurable parameter that defines the associated interface cost on
each port on a bridge. The default cost on a Cisco router s Ethernet interface is
100. The cost is a number in the range from 0 through 65,535.The cost param-
eter is used to enable the bridge to choose the least-cost path to the root bridge.
Hence, a path with a lower cost to the same destination will always be chosen by
a bridge over a path with a higher cost value.
For illustrative purposes, let s configure a Cisco router for an IEEE spanning tree
and verify it will bridge properly.
TB on Cisco Routers
To configure transparent bridging on a Cisco router, you must issue several com-
mands. First, you must issue a global transparent bridge command, as follows:
bridge bridge-group protocol |ieee or dec|
Then, you need to issue the following interface command:
bridge-group bridge-group
In the preceding commands, bridge-group identifies a decimal number from 1
through 63, and you must choose a Spanning Tree Protocol. The available choices
are IEEE and DEC, which is Digital s version. For additional modifiable param-
eters, refer to the references listed in the Need To Know More section at the
end of this chapter.
Make sure you can identify how to make a bridge become the root
bridge with the IOS command bridge-group priority <0-65535> with
0 being the highest priority.
Let s assume you have a Cisco 4000 router with four Ethernet interfaces. You
want to allow transparent bridging on the first three only. Listing 3.1 details the
IOS commands you would use to accomplish this setup.
Listing 3.1 Transparent bridging configuration example.
interface E0
bridge-group 1 !Enables Transparent bridging
interface E1
bridge-group 1
Interface E2
bridge-group 1
bridge 1 protocol IEEE !enables IEEE spanning tree
10 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
An important concept to remember is that a Spanning Tree Protocol
(STP) elects the root bridge based on the unique identifier. The identi-
fier is made with the priority and MAC address sometimes represented
as priority.MAC address. Note also that different STP protocols cannot
communicate. For example, if you have IEEE STP and DEC STP on two
separate bridges, there would be two spanning tree domains and two
root bridges.
To view how spanning tree is operating on a Cisco router, enter the IOS show
spanning-tree command. The display will show you the spanning tree state and
which bridge is the elected root bridge, as shown in Listing 3.2.
Listing 3.2 The show spanning-tree command.
R1#show spanning-tree
Bridge Group 1 is executing the IEEE compatible STP
Bridge Identifier has priority 32768, address 0060.7015.5e4d
Configured hello time 2, max age 20, forward delay 15
Current root has priority 32768, address 0000.0c75.cf24
Root port is 2 (Ethernet0), cost of root path is 200
Topology change flag not set, detected flag not set
Times: hold 1, topology change 30, notification 30
hello 2, max age 20, forward delay 15, aging 300
Timers: hello 0, topology change 0, notification 0
Port 2 (Ethernet0) of bridge group 1 is forwarding
Port path cost 100, Port priority 128
Designated root has priority 32768, address 0000.0c75.cf24
Designated bridge has priority 32768, address 0060.2f53.5900
Designated port is 129, path cost 100
Timers: message age 2, forward delay 0, hold 0
As you can see in Listing 3.2, the default priority setting is 32768. You can also
see that the router port (Ethernet 0 on bridge group 1) is in a forwarding state. In
the event of a tie on priority, the lowest MAC address will be the root bridge.
Listing 3.2 displays the root bridge with the MAC address of 0000.0c75.cf24
(lower MAC address) and a priority set to 32768.
With transparent bridging or translational bridging, it is important to
remember that the MAC address or layer 2 information is not modified
as the frame passes from one bridge to another. When routing a
packet, the layer 2 header is modified with the router inserting its own
header that contains the router s local MAC address and the remote
router s address.
Advanced Network Theory:�% Bridging and LAN Switching�% 11
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
Source-Route Bridging (SRB)
Source-route bridging is a method in which the source device determines the
path to the remote device. Hence, the term source-route.
When a device needs to find a remote device, it performs a number of steps.
First, it sends a test frame locally to see if the destination device is local. If the test
frame receives no response, the device then sends either a single-route explorer
frame or an all-routes explorer frame. Figure 3.4 shows how an SRB device can
detect whether a device has received its frame. The source-route bridge between
two devices A and B will forward test frames by adding the local bridge number
and ring number until the destination device responds. As a result, the end sta-
tions test/explore the path between end stations prior to sending any data. Once
the path-finding process is complete, the device will select a preferred path based
on criteria such as bridge hop count and forward frames on that routing informa-
tion field (RIF) path. SRB devices are susceptible to failures. If a SRB fails, a new
path or RIF must be found.
This path-finding process enables the collection of a RIF (routing information
field). A RIF is a hexadecimal value that represents the path traversed by a test frame
and enables a source station to determine the best path based upon SRB settings.
A RIF basically consists of two main fields within the IEEE802.5 Header the
routing control field (RCF) and the route descriptor field (RDF):
ń' The routing control field identifies the length and direction of the RIF, the
type of test frame, and the largest frame code indicating the largest frame
accepted en route to the destination.
ń' The route descriptor field identifies the ring numbers and bridge numbers. A
ring number is a unique number given to a Token Ring network. A bridge
number is a number assigned to a bridge to uniquely identify it from other
source-route bridges when the router is connected to more than one ring.
Let s look at an example. First, view the network shown in Figure 3.4, which
contains two stations and four source-route bridges. All SRBs have been assigned
a bridge number that is the same as the local ring number (that is, Ring 1 is
Bridge 1, Ring 2 is Bridge 2, and so forth).
There are three types of explorer frames:
ń' Single route explorer (SRE) An explorer frame sent to a specific
device.
ń' All-routes explorer (ARE) An explorer frame sent to all interfaces
in the SRB domain.
ń' Spanning tree explorer (STE) An explorer frame sent only on a
predefined part of a spanning tree domain.
12 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
Device B
Device B responds to
both explorer frames
Token Token
Ring 4 Ring 3
Ring Ring
Two frames
are transmitted
Reply
SRB
Bridge 4 Bridge 3
Reply
Reply
Reply
Bridge 2 Bridge 1
Two replies received
Local test
frame followed
Token Token
Ring by all routes
Ring
explorer
Device A
Ring 1
Ring 2
Figure 3.4 How a source-route bridge device sends data.
In Figure 3.4, when Device A wants to communicate to Device B the following
steps occur:
1. Device A sends a local test frame first onto the ring. Because Device B is on
another network, Device A s local test frame will not be replied to.
2. When no answer is received from Device B, Device A then sends an all-
route explorer (ARE) frame. Each SRB will then add its local bridge and ring
number and forward it out all of its interfaces except the interface on which
the explorer frame was received.
3. Each SRB will not forward a RIF to a segment or ring that already contains
its own path in the RIF to avoid the same RIF being sent continuously over
the network. Eventually, the remote station, Device B in this example, will
Advanced Network Theory:�% Bridging and LAN Switching�% 13
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
receive two ARE test frames and reply to both by reversing the RIF or read-
ing the RIF in the opposite direction.
4. A bit called the direction field is used to indicate how the RIF is read from
right to left or left to right. (See Chapter 4 for a detailed explanation on this
direction field.)
5. Device A, receives two replies and makes an intelligent decision regarding
which path to use. Typically, the path that replies first or the path with the
least number of hops is the selected path.
You should understand how SRB stations determine a RIF and how RIFs
are calculated. Be sure to note whether a scenario represents ring or
bridge numbers as decimal or hexadecimal. For example, 0x019 in hex
is 25 in decimal (1x161+9x160=25).
Routing Information Fields (RIFs)
Now, let s take a closer look at RIFs. SRB identifies whether a RIF is present by
examining the first bit of the first byte of a source address. This is known as the
routing information indicator (RII). If the first bit of the RII is set to 1, a RIF is
present; if it is set to 0, then no RIF is present.
In Figure 3.5, notice the number of bits assigned to each field. In particular,
because the bridge number is only 4 bits, you can assign numbers from 1 through
F (1 to 15 in decimal). These bridge numbers are represented in hexadecimal, so
the bridge numbers must be in the range from 0x1 through 0xF. Zero is reserved
for RIF frames to indicate the destination ring. Furthermore, the ring number is
12 bits, or from 1 through 4,095, or, in hex, from 0x001 through 0xFFF.
True IBM bridges only support 8 rings or hops and 7 bridges, whereas
IEEE 802.5 supports 14 bridges and 13 rings or hops.
The best way to explain a RIF is to use some examples. In Figure 3.4 assuming
that Bridge 1 is connected to Ring 1, Bridge 2 is connected to Ring 2, Bridge 3 is
connected to Ring 3, and Bridge 4 is connected to Ring 4 you can see that the
two RIFs will be as follows:
ń' 0810.0011.0033.0040 Note that the end bridge number is set to 0 to sig-
nify the end where the device is located. Hence, the path is through the local
ring 1, bridge 1, remote ring 3, bridge 3, and finally to ring 4. The routing
control 0810 signifies the RIF is 8 bytes and is a directed frame. To deduce
this, you can break up the route descriptor (refer to Figure 3.4 also) in binary.
14 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
Routing Control Route Descriptor
2 bytes Up to 14 bytes (7 hops)
Routing Control (16 bits)
B B X L L L L L D F F F X X X X
,
,,
X signifies a don t care bit.
BBX indicates the explorer frame type (0XX indicates a single route frame, 10X is a spanning
explorer, 11X is an all routers broadcast explorer).
LLLLL indicates the length of the RIF.
D identifies the direction the RIF should be read. A 1 bit indicates the RIF is read left to right,
and a 0 bit is read right to left.
FFF indicates the largest frame size contained in the frame. Possible combinations are:
000 up to 512 bytes
001 up to 1,500 bytes
010 up to 2,052 bytes
011 up to 4,472 bytes
100 up to 8,144 bytes
101 up to 11,407 bytes
110 up to 17,800 bytes
111 is used in broadcast frames only
XXXX are reserved bits.
Route Descriptor (up to 14 bytes)
R R R R R R R R R R R R B B B B
R indicates the ring number with possible values from 0x0 to 0xFFF (0 to 4,095).
B indicates the bridge number with possible values from 0x0 to 0xF (1 to 15).
Figure 3.5 The RIF 802.5 format.
0810 in binary is 0000.1000.0001.0000. The first 3 bits (000) indicate an all-
routes broadcast. The next 5 bits indicate the length of the RIF, which is 8
bytes (01000). The next bit is set to 0, which indicates that the RIF must be
read from left to right. The next 3 bits are set to 001, which indicates the
length of the frame is no larger than 1,500 bytes. The last four bits are re-
served and set to all zeros.
ń' 0810.0011.0022.0040 Note that this path specifies local ring 1, bridge 1,
remote ring 2, bridge 2, and destination ring 4 (the last field is set to 0).
For further clarification, let s look at another, more-complex RIF example where
the local ring numbers are 0x1 (1), 0x1F4 (500), and 0x2 (2):
,,
Advanced Network Theory:�% Bridging and LAN Switching�% 15
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
ń' C810.0011.1F41.0020 In this RIF example, the first two bytes make up the
route descriptor, which defines that this RIF is 8 bytes in length and a maxi-
mum frame size of 1,500 bytes (by examining the following description of the
RIF in binary format and using the explanation in Figure3.5). The route de-
scriptor when displayed in binary is described as follows:
C810 is 1100.1000.0001.xxxx.
The first 3 bits are set to 110, which indicates a spanning tree broadcast frame.
The next 5 bits are set to 01000, which indicates the length of the RIF is 8
bytes. The next bit is 0, which specifies that the RIF must be read from left to
right. The next 3 bits are set to 001, which indicates the largest frame size for
this frame no greater than 1,500 bytes. The last fours bits, xxxx, are reserved
for future use and are set to zero or 0000.
The path moves through ring 0x001, bridge 1, ring 0x1F4, bridge 1, and finally
to the destination ring 0x020.
Ring numbers are configured on Cisco routers in decimal but are
converted to hexadecimal when the frame traverses the medium.
Displaying the status of the SRB domain with the show source
command also displays the rings in hexadecimal.
Table 3.2 contains a useful conversion index for numbers being converted from
binary to decimal to hexadecimal.
Table 3.2 Binary to decimal to hexadecimal conversion chart.
Binary Decimal Hexidecimal
00000000 0 0x0
00000001 1 0x1
00000010 2 0x2
00000011 3 0x3
00000100 4 0x4
00000101 5 0x5
00000110 6 0x6
00000111 7 0x7
00001000 8 0x8
00001001 9 0x9
00001010 10 0xA
00001011 11 0xB
(continued)
16 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
Table 3.2 Binary to decimal to hexadecimal conversion chart (continued).
Binary Decimal Hexidecimal
00001100 12 0xC
00001101 13 0xD
00001110 14 0xE
00001111 15 0xF
Source Route Bridging on Cisco Routers
In this section, we ll examine the network in Figure 3.6 and configure the router
named R1 for source-route bridging. In this example, Token Ring segments 0
and 1 must be able to communicate to each other.
Notice in Figure 3.6 that one ring has been displayed in decimal as ring 100 and
the other in hexadecimal as 0x100 (which is 256 in decimal). The relevant IOS
command required to configure the SRB on each interface is:
Source-bridge

Listing 3.3 details the configuration required on Router R1.
Listing 3.3 SRB configuration on R1.
Interface Tokenring 0
ring-speed 16
source-bridge 100 1 256
source-bridge spanning
Interface Tokenring 1
ring-speed 16
source-bridge 256 1 100
source-bridge spanning
Note in Listing 3.3 you need to configure the ring speed or the interface will not
insert into the ring. You have two options of 4MB or 16MB. The first number
under the source-bridge command is the local ring. The middle number repre-
sents the unique bridge number connecting the local ring to the target ring. The
last number represents the target ring. The source-bridge spanning command
tok1 tok0
Token Token
Ring Ring
Ring Ring
0x100 100
Figure 3.6 Sample RIF calculation.
Advanced Network Theory:�% Bridging and LAN Switching�% 17
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
puts the interface into a forwarding state so that forwarding of spanning tree
explorers will take place on this interface. This configuration will allow Token
Ring 0 to communicate with Token Ring 1 via source route bridging across the
router in the middle:
source-bridge spanning 1
The preceding command permits you to manually forward spanning tree explor-
ers. Spanning tree explorers are frames sent out by SRB devices that transverse
the spanning tree path only. For instance, in a large SRB domain, there might be
several SRB ports in a blocking state. Any spanning tree explorer packet received
will not be forwarded out a blocked port. This can help reduce the number of
explorers you have in your network.
Now, consider what will happen if you have more than two rings connected to a
local router. Legacy IBM bridges came with only two Token Ring ports, which
was very limited. For instance, how would four Token Ring interfaces communi-
cate among each other? Cisco accommodates this type of scenario with virtual
rings (also called software rings). A virtual ring setup is also sometimes referred to
as a multiport configuration. Virtual rings allow more than two rings to communi-
cate. To illustrate, let s look at an example router with four local rings as displayed
in Figure 3.7.
Token
Ring 102
Ring
tok2
tok1 tok0
Token Token
Ring Ring
Ring Ring
0x100 100
tok3
Token
Ring 103
Ring
Figure 3.7 Mulitport configuration on a Cisco router.
18 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
To define a virtual ring, use the following IOS command:
source-bridge ring-group
Listing 3.4 provides the configuration required to allow the four rings (namely
Token Ring interfaces 0, 1, 2, and 3 in Figure 3.7) to communicate.
Listing 3.4 Multiport configuration example.
source-bridge ring-group 200!Virtual ring created by administrator
Interface Tokenring 0
ring-speed 16
source-bridge 100 1 200
source-bridge spanning
Interface Tokenring 1
ring-speed 16
source-bridge 256 1 200
source-bridge spanning
Interface Tokenring 2
ring-speed 16
source-bridge 102 1 200
source-bridge spanning
Interface Tokenring 3
ring-speed 16
source-bridge 103 1 200
source-bridge spanning
The preceding configuration enables four Token Rings to communicate with
each other using the virtual ring 200. After the configuration is in place, the IOS
does the rest and enables communication among all rings.
If you have a device that does not use or understand RIFs, then your device needs
SRT bridging.
Source-Route Transparent (SRT) Bridging
Basically, a source-route transparent bridge looks at a frame and examines the
fields that identify whether a RIF is present, namely the routing information
indicator (RII). If the RII is present, the source route transparent bridge will
forward the frame; if the RII is not present, the frame will be transparently bridged.
Some devices do not support RIF frames like Windows 95. To allow communi-
cation using bridges between LAN segments SRT is a possible resolution for
devices that are not capable of understanding RIF formatted frames. The dia-
gram in Figure 3.8 summarizes how an SRT bridges frames.
Advanced Network Theory:�% Bridging and LAN Switching�% 19
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
Does not use RIFs
Uses RIFs
tok1 tok0
Token Token Ring 100
Ring 101
Ring Ring
Remove RIF and use
TB engine
Add RIF and use
SRB engine
Figure 3.8 How SRT handles frames.
Source Route Transparent Bridging on Cisco Routers
Now, in preparation for the CCIE exam, let s configure the router shown in Fig-
ure 3.8 for SRT. In Figure 3.8, the devices on Token Ring 0 do not use RIFs, but
the devices on Token Ring 1 do. Listing 3.5 shows the configuration used to
enable SRT. The Cisco router will internally run both transparent bridging for
device s on Ring 100 and SRB for devices on Ring 101.
Listing 3.5 SRT configuration example.
interface tokenring0
bridge-group 1
source-bridge spanning
interface tokenring1
source-bridge 101 1 100
bridge-group 1
source-bridge spanning
bridge 1 protocol IEEE
The preceding configuration will allow communication between ring 100 and 101.
20 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
Source-Route Translational Bridging (SR/TLB)
SR/TLB is a feature that allows a device in a transparent bridging (Ethernet)
domain to communicate with a device in a source-route bridge domain through
a Cisco router. When you use SR/TLB, Cisco routers look after bit ordering
when frames are converted from Ethernet frames to Token Ring frames, MTU
sizes, and RIF removals and additions. Your configuration requirements entail
that you make the Ethernet domain appear as an SRB domain to Token Ring
users. When a frame is sent from the SRB domain to the frame to the Ethernet
domain, the routing information field is removed. When a frame is sent from the
Ethernet domain to the SRB domain, a RIF is added. Figure 3.9 demonstrates a
typical SR/TLB requirement where an Ethernet device, such as a PC, needs to
talk at layer 2 (bridge) to a device on Token Ring, such as a file server.
The IOS software in the Cisco router performing SR/TLB does the following:
ń' Adds and removes RIFs as needed
ń' Performs bit ordering
ń' Assigns MTU sizes (the default MTU for Ethernet is 1,500 bytes and Token
Ring is 4,464 bytes; see Chapter 2 for more information)
The Etherent domain
appears as source-router
bridging domain to the
users on token ring 100
Source-route
Remove RIF bridging domain
e0 tok0
Ethernet
Token
Ring 100
Ring
Domain
Cisco router
performing SR/TLB
Add RIF
Figure 3.9 Source-route translational bridging sample network scenario.
Advanced Network Theory:�% Bridging and LAN Switching�% 21
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
ń' Identifies frame format differences, because Ethernet and Token Ring do not
have the same frame formats (for more information, see Chapter 2)
The IOS command to create the pseudo ring that appears on an SRB domain is:
source-bridge transparent ..

Note: A psuedo ring makes an Ethernet domain appear to be an SRB domain.
Now, let s look at an example router configuration.
Configuring SR/TLB on Cisco Routers
Let s say that you have been asked to ensure that local users on Ethernet and
Token Ring can communicate using the NetBEUI protocol. You are using 200 as
the pseudo ring number, bridge 10 for the transparent bridging domain, and
bridge 1 for the transparent bridge group for the source bridge domain. Listing
3.6 describes the required Cisco configuration.
Listing 3.6 SR/TLB configuration example.
source-bridge transparent 100 200 1 10
interface e0
bridge-group 10
interface tokenring0
source-bridge 100 1 200
source-bridge spanning
Bridge 10 protocol ieee
In Listing 3.6, the first line defines the local SRB ring number as 100, the pseudo
ring as 200 (this number must be unique), and the TB bridge number as 1 (which
specifies the bridge that ties to the transparent bridging domain). The last num-
ber, 10, signifies the transparent bridge group that you want to tie into your source-
route bridged domain.
In the IOS command to configure SR/TLB, the second keyword is
transparent and not translational, although translational would
seem to make more sense. You must be proficient with the IOS
command set.
Concurrent and Integrated Routing Bridging
(CRB and IRB)
In addition to the bridging methods discussed in the preceding sections, Cisco
supports two propriety methods of bridging concurrent routing and bridging
(CRB) and integrated routing and bridging (IRB):
22 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
ń' Concurrent routing and bridging (CRB) If a bridgeable or routable frame is
received, it is sent to an interface configured for bridging or routing, but you
cannot receive a bridgeable frame and route it or similarly receive a routed
packet and bridge the frame.
ń' Integrated routing and bridging (IRB) The limitation of not being able to
bridge a frame out of a routing interface is removed with IRB. You can route
or bridge a packet out of any interface on a Cisco router with IRB. IRB is
only available in IOS release 11.2 and later.
Study the IBM bridging guide on the Cisco Web site at: http://cco/
univercd/cc/td/doc/product/software/ios120/12cgcr/ibm_c/
index.htm
As new versions of IOS are released, the documentation is also
updated. This URL is for IOS release 12.
Encapsulated Bridging
Another form of bridging supported by Cisco routers is encapsulated bridging.
Encapsulated bridging is basically a form of transporting one access method,
such as Ethernet, across another access method, such as Fiber Distributed Data
Interface (FDDI) or serial interfaces. Figure 3.10 shows an example of encapsu-
lated bridging.
In Figure 3.10, the following occurs:
1. The router receives the Ethernet frames.
2. The Ethernet frames from the Ethernet network are encapsulated on Router
1 (that is, a header is placed around the data) and sent across the FDDI
network.
3. Then, the header is stripped on Router R1, and an Ethernet frame is trans-
mitted across the wire.
Another example of encapsulated bridging is when you enable local area trans-
port (LAT is a non-routable LAN protocol) across a WAN.
Cisco provides a number of ways to control how their routers manage bridged
traffic. It is important to appreciate that control bridged protocols can improve
your network performance. We will now discuss how access lists can be used to
control bridging on Cisco routers before we move onto more complex bridging
solutions available with Cisco IOS. Access lists are used to manage broadcasts
and network reachability.
Advanced Network Theory:�% Bridging and LAN Switching�% 23
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
2.
FDDI FRAME
Ethernet Header
with own header
and trailer
Data
1. 3.
Ethernet Header Ethernet Header
Data Data
FDDI
R2
R1
Figure 3.10 Encapsulated bridging over a FDDI network.
Access Lists Used for Bridging
Access lists are used to manage all types of bridged traffic. The access lists that control
whether layer 2 information is bridged or dropped can be accomplished using ac-
cess list ranges from 200 through 299, 700 through 799, and 1100 through 1199.
After you have defined your access list, it is a simple matter of applying the list to
the required interface. You can apply the criteria on inbound or outbound pack-
ets. Of course, the default configuration on all access lists is to deny anything not
explicitly permitted. Listing 3.7 provides three simple examples of applying an
access list.
Listing 3.7 Three Access list examples.
access-list 200 permit 0x0404 0x0101...permits SAP 04 through only
access-list 700 permit 4000.2399.70cd 0000.0000.0000
access-list 1100 permit 000c.1b00.0000 0000.00ff.ffff...
...000c.1a00.0000 0000.00ff.ffff
24 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
In Listing 3.7, access lists 700 and 1100 also have hardware masks that are used to
identify bits that match and bits that can be ignored. Furthermore, access list 1100
permits packets from MAC addresses 000c.1bxx.xxxx to pass to devices with
MAC addresses 000c.1axx.xxxx. You do not need to be concerned about the last
six bits. This access list is an example of allowing certain vendors network interface
cards to access the network, because the first 3 bytes represent the vendor code.
Remote Source-Route Bridging (RSRB) and Data-Link
Switching (DLSw)
RSRB and DLSw are advanced bridging techniques used to provide solutions to
large bridged environments. Legacy protocols, such as SNA, are typically transported
over IP networks. RSRB and DLSw provide excellent techniques to accomplish stable
network design and redundancy. RSRB and DLSW are grouped together here be-
cause they were developed to solve the same problem, bridging over an IP network.
We have covered many bridging types and understand that bridging is compli-
cated. But, what happens if you do not want to bridge across your WAN? What
can you do to support the non-routable protocols? All the bridgeable protocols
cannot be removed overnight, so there needs to be some alternative that will
allow the protocols to run over existing WAN protocols. In this case, the proto-
cols can be transported across the WAN using the Internet Protocol (IP).
By implementing a tunnel, you do not need to configure bridging across every
Cisco network interface. The method to achieve the ability to transport bridge-
able protocols over an IP network is to tunnel them across an IP backbone. As
mentioned earlier in this chapter, tunneling is a software feature that allows pro-
tocols, such as SNA and LAT, to operate over an IP network.
You need t be able to demonstrate your understanding of RSRB and
DLSw. Study the major differences between them and when you should
use each method.
To illustrate tunneling, let s say you have the simple network shown in Figure 3.11,
and you need to support bridging across all media types. You can see how com-
plex the bridging will be, even with only three routers. The solution to the com-
plex bridging scenario shown in Figure 3.11 is to use RSRB or DLSw and tunnel
the frames across an IP network.
Remote Source-Route Bridging (RSRB)
RSRB encapsulates frames from Token Ring domains and transports them across
an IP network. With RSRB, you can support Ethernet networks as long as your
local router is running SR/TLB. The concept of the virtual ring is applied here,
which allows you to use the entire IP cloud as one hop.
Advanced Network Theory:�% Bridging and LAN Switching�% 25
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
Token
Ring
Token
Ring
IP network
FDDI
Token
Ring
Figure 3.11 Bridging in a complex network.
You can use the following three encapsulation methods when using RSRB:
ń' Direct Encapsulation Uses an High-Level Data Link Control (HDLC) en-
capsulation to pass frames over a single physical network connection between
two routers attached to Token Rings. Direct encapsulation provides better
performance than TCP, for instance, because it involves fewer overheads.
ń' Fast-Sequenced Transport (FST) Uses IP encapsulation with few overheads.
FST provides medium overhead, but it s less reliable than TCP because IP is
connectionless and will rely on packets arriving in the same order as they
were sent.
ń' Transport Control Protocol (TCP) Uses a TCP connection, which contains
the usual overheads of TCP. TCP is very reliable when compared to IP or
direct encapsulation, but it requires more overheads. TCP segments contain
many overheads that ensure safe delivery and segment reordering.
To enable RSRB, a number of tasks are required. First, you must choose your
encapsulation method and create your virtual ring. Using Figure 3.12, let s con-
figure RSRB using all three encapsulation methods.
26 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
Virtual ring 2000
Ring 100
Ring 200
R1
S0 R2
Direct, FST, or TCP
S0
encapsulation
Token Token
Ring Ring
Figure 3.12 RSRB configuration scenario.
The configuration steps are as follows:
1. Define the ring group with the following IOS command:
source-bridge ring-group
2. Identify remote peer connections and encapsulation method with the fol-
lowing IOS command:
source-bridge remote-peer ring-group |tcp|fst| ip-address
If you are using direct encapsulation, the IOS command is as follows:
source-bridge remote-peer ring-group interface interface-name
Also, when using TCP/FST, you must define a local peer-name.
3. Define your local SRB domain.
Listings 3.8 through 3.10 show how to configure the example network shown in
Figure 3.12 for RSRB using the three encapsulation types.
Listing 3.8 Using direct encapsulation with RSRB.
Hostname R1
source-bridge ring-group 2000
source-bridge remote-peer 2000 interface serial0
interface tokenring 0
source-bridge 100 1 2000
source-bridge spanning
Advanced Network Theory:�% Bridging and LAN Switching�% 27
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
Hostname R2
source-bridge ring-group 2000
source-bridge remote-peer 2000 interface serial0
interface tokenring 0
source-bridge 200 1 2000
source-bridge spanning
Listing 3.9 Using FST encapsulation with RSRB.
Hostname R1
source-bridge ring-group 2000
source-bridge fst-peername 141.108.1.1
!Local peer-name
source-bridge remote-peer 2000 fst 141.108.1.2
!Remote peer-name,R2
interface tokenring 0
source-bridge 100 1 2000
source-bridge spanning
Hostname R2
source-bridge fst-peername 141.108.1.2
!Local peer-name
source-bridge remote-peer 2000 fst 141.108.1.1
!Remote peer-name,R1
interface tokenring 0
source-bridge 200 1 2000
source-bridge spanning
Listing 3.10 Using TCP encapsulation with RSRB.
Hostname R1
source-bridge ring-group 2000
source-bridge remote-peer 2000 remote-peer tcp 141.108.1.1
source-bridge remote-peer 2000 remote-peer tcp 141.108.1.2
interface tokenring 0
source-bridge 100 1 2000
source-bridge spanning
Hostname R2
source-bridge remote-peer 2000 remote-peer tcp 141.108.1.2
source-bridge remote-peer 2000 remote-peer tcp 141.108.1.1
interface tokenring 0
source-bridge 200 1 2000
source-bridge spanning
28 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
In Listings 3.8 and 3.9, notice that TCP and FST have different IOS
commands to identify the local peer address. The router must have a
local peer IP address; otherwise, the encapsulated bridging will not work.
RSRB supports many options, as shown in Table 3.3.
Keep in mind that when using RSRB, RIFs are calculated as being the whole
path to the destination with the virtual ring regarded as one hop. Also, RSRB
requires all routers that need to communicate together to be part of the same
virtual ring group.
Data-Link Switching (DLSw) and Data-Link Switching Plus (DLSw+)
DLSw is another method you can use to transport non-routable protocols, such
as NetBIOS and Systems Network Architecture (SNA), across your IP back-
bone. DLSw+ is a Cisco-enhanced version of DLSw. For a complete description
of DLSw, refer to the references listed in the Need To Know More section at
the end of this chapter. You need to know how this protocol works and how to
calculate the RIF across your network, as described in this section.
DLSw supports the three encapsulation methods supported by RSRB (Direct,
FST, and TCP), but it also has many other features that have been further en-
hanced by Cisco Systems (commonly known as DLSw+, or DLSw plus). Ini-
tially, DLSw was designed to transport NetBIOS and SNA traffic.
The general configuration steps required to enable DLSw are as follows:
1. Define the local peer-id.
2. Define the virtual ring group.
3. Define remote peers and encapsulation types.
4. Bridge local interfaces into DLSw, whether Ethernet, Token Ring, SDLC,
or even X.25 technologies that are deployed.
Table 3.3 Summary of RSRB options.
Option Description
Three encapsulation methods Supports Direct, IP, and TCP encapsulation
Local acknowledgments Allows only data frames across WANs
SAP priority Enables you to allow specified protocols priority over
others
Complex filters Enables you to define filters to stop unwanted traffic
across a network
Easy configuration Provides easier configuration than complex bridging
environments
Advanced Network Theory:�% Bridging and LAN Switching�% 29
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
As you will see in the following examples, the available DLSw options are fairly
extensive. The IOS commands displayed here demonstrate the numerous op-
tions available with DLSw+. You are not expected to memorize the IOS syntax,
but it is added here to demonstrate the enormous amount of options you have
with DLSw+ when compared to RSRB.
The configuration steps required to implement DLSw on Cisco routers is as
follows:
1. Define a local peer-id with the following command:
dlsw local-peer [peer-id ip-address] [group group] [border]
[cost cost] [lf size] [keepalive] [seconds] [passive]
[promiscuous] [biu-segment}
where
peer-id ip-address is the local peer IP addressgroup group
(Optional) Peer group number for this router.
The valid range is 1 to 255.
border (Optional) Enables as a border peer.
cost (Optional) Peer cost advertised to remote peers in the
capabilities exchange. The valid range is 1 to 5.
lf size (Optional) Largest frame size for this local peer.
Valid sizes are the following:
516-516 byte maximum frame size
1470-1470 byte maximum frame size
1500-1500 byte maximum frame size
2052-2052 byte maximum frame size
4472-4472 byte maximum frame size
8144-8144 byte maximum frame size
11407-11407 byte maximum frame size
11454-11454 byte maximum frame size
17800-17800 byte maximum frame size
keepalive seconds (Optional) Default remote peer keepalive
interval in seconds. The valid range is 0 to 1200 seconds.
passive (Optional) Specifies that this router will not ini-
tiate
remote peer connections to configured peers.
promiscuous (Optional) Accepts connections from nonconfigured
remote peers.
biu-segment (Optional) Causes DLSw+ to spoof the maximum
receivable I-frame size in XID so that each station sends the
largest frame it can.
2. Define the virtual ring group using the following command:
source-bridge ring-group ring-group number
30 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
3. Define remote peers. There are options for each encapsulation type. You can
use Frame Relay encapsulation, HDLC, FST, and TCP. (See the Need To
Know More section at the end of this chapter for excellent references on
DLSw+ options.)
You should know that DLSw has far more capabilities than RSRB.
When DLSw is implemented, the RIF is terminated at the DLSw router unlike
RSRB. New versions of IOS permit RIFs to pass through, but the default is for
the local router to terminate the RIF. In Figure 3.12, if you were using DLSw,
the RIF from Ring 100 to Ring 200 would be 0610.0641.7D00.
Now that we ve reviewed DLSw and the fact that it can be used to transport
non-routable protocols, let s look at the simple configuration design shown in
Figure 3.13 and outline the configuration commands required to enable bridging
over an IP network. Listings 3.11 through 3.13 show how to configure the rout-
ers shown in Figure 3.13 for DLSw+ using Direct, FST, and TCP encapsulation.
Listing 3.11 Using direct encapsulation with DLWs+.
Router R1
source-bridge ring-group 2000
dlsw local peer peer-id 141.108.1.1
dlsw remote-peer 2000 interface serial0
interface tokenring 0
source-bridge 100 1 2000
source-bridge spanning
Virtual ring 2000
Ring 100
Ring 200
R1
S0 R2
Direct, FST, or TCP
S0
encapsulation
Token Token
Ring Ring
E0
E0
Figure 3.13 DLSw+ configuration examples.
Advanced Network Theory:�% Bridging and LAN Switching�% 31
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
Router R2
source-bridge ring-group 2000
dlsw local-peer peer-id 141.108.1.2
dlsw remote-peer 2000 interface serial0
interface tokenring 0
source-bridge 200 1 2000
source-bridge spanning
Listing 3.12 Using FST encapsulation with DLWs+.
Router R1
source-bridge ring-group 2000
dlsw local-peer peer-id 141.108.1.1...local peer-name
dlsw remote-peer 0 fst 141.108.1.2...remote peer-name of R2
dlsw bridge-group 1
interface tokenring 0
source-bridge 100 1 2000
source-bridge spanning
Interface ethernet 0
bridge-group 1
Bridge 1 protocol ieee
Router R2
source-bridge ring-group 2000
source-bridge transparent 2000 10 1 1
dlsw local-peer peer-id 141.108.1.2...local peer-name
dlsw remote-peer 0 fst 141.108.1.1...remote peer-name of R2
interface tokenring 0
source-bridge 100 1 2000
source-bridge spanning
Interface ethernet 0
bridge-group 1
bridge 1 protocol ieee
Notice in Listing 3.12 that the Ethernet segment is bridged into DLSw+. This
allows remote networks to see the segment. DLSw+ will not locally switch be-
tween Ethernet and Token Ring; you still must use SR/TLB.
Listing 3.13 Using TCP encapsulation with DLSw+.
Router R1
source-bridge ring-group 2000
source-bridge local-peer peer-id 141.108.1.1
source-bridge remote-peer 2000 remote-peer tcp 141.108.1.2
dlsw bridge-group 1
interface tokenring 0
source-bridge 100 1 2000
source-bridge spanning
32 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
Router R2
source-bridge local-peer peer-id 141.108.1.2
source-bridge remote-peer 2000 remote-peer tcp 141.108.1.1
dlsw bridge-group 1
interface tokenring 0
source-bridge 200 1 2000
source-bridge spanning
bridge 1 protocol ieee
DLSw+ handles bit ordering, MTU sizes, and MAC address translation differences.
To bridge an Ethernet segment into DLSw, you use the following IOS command:
dlsw bridge-group 1
To monitor and maintain DLSw+ on a Cisco router, you can work with an exten-
sive range of commands. A short summary of some common IOS commands
available with DLSw+ are as follows:
ń' Show source Displays SRB configuration and statistics.
ń' Show DLSw capabilities Displays the capabilities of a remote router, such as
which local or remote devices are supported Service Access Points or SAPs
and DLSw versions.
ń' Show DLSw circuits Displays current DLSw circuits. Source MAC and des-
tination MAC addresses are listed as well as the state of the connection. For
example:
Router# show dlsw circuits
Router# show dlsw peers
Peers: state rg_lst pkts_rx pkts_tx type
TCP 10.209.2.1CONNECT 0 70 6 conf 0 0
ń' Show DLSw peers Displays current peers, time connected, and packets sent
and received.
ń' Show DLSw reachability Displays local and remote devices. Both MAC ad-
dresses and NetBIOS names are listed. For example:
Router# show dlsw reachability
DLSw MAC address reachability cache list
MAC Addr status Loc. peer/port rif
0000.f641.91e8 SEARCHING LOCAL 0610.0641.0c80
NetBIOS Name status Loc. peer/port rif
CCIE4695 FOUND LOCAL TokenRing0/0
0810.b041.AFE5.0740
Advanced Network Theory:�% Bridging and LAN Switching�% 33
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
Comparing RSRB and DLSw Characteristics
The preceding two sections describe the main characteristics of RSRB and DLSw
as an alternate way of bridging traffic over an IP backbone. To summarize, the
two methods are compared in Table 3.4.
You should be proficient in both RSRB and DLSw concepts and the
methods used to configure them on a Cisco router. You should be able
to determine valid configurations and know how to calculate the RIF.
To complete this section on bridging it would be nice to conclude with real-
world examples of what bridging mode should be used and where. Unfortunately,
this could take a whole book. A good reference for such material is available
online from Cisco at www.cisco.com/warp/public/cc/cisco/mkt/iworks/wan/
dlsw/prodlit/toc_rg.htm.
We have covered many ways of bridging non-routable frames across a Cisco router
network. Now, let s move on to layer 2 of the OSI model and discuss some of the
more advanced technologies you need to know.
Description of LAN Switching Methods
At this point in the chapter, we ve reviewed the basics of bridging. Now, we ll
turn to some advanced bridging (layer 2) concepts and Cisco switches, including
how the Cisco switches can enable a network designer to tune the performance
of a network.
Layer 2 switching has numerous benefits that can lead to better performance,
increased bandwidth for end users and reduced contention for bandwidth. By
reducing contention for bandwidth, you allow end devices more CPU time to
send and receive data frames, which in turn increases response time because the
Table 3.4 Summary of RSRB and DLSw main characteristics.
Feature DLSw RSRB
Support for Direct, FST, and Yes, plus Frame Relay Yes
TCP encapsulation
RIF calculation Terminated at local router Pass-through
Ethernet support Yes Must use SR/TLB
Dynamic peers, peers on Yes No
demand, backup peers
Ability to load balance Yes No
connections
Configuration Difficult Easy
34 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
router s CPU is not wasting CPU cycles looking at frames that are not destined
for the local device.
A broadcast frame must be examined by every device. Of course, in most cases,
the frame was destined for only one device, so large amounts of broadcasts can
take away valuable CPU time from end devices. Using Cisco routers and switches
gives you the ability to reduce the impact of large networks that typically contain
a large amount of collision and broadcast domains and hence increasing available
bandwidth to end users. Routers can reduce broadcasts by divvying up the broad-
cast domain. A broadcast domain is simply a group of devices that receive broad-
casts from the same segment. Switches are used to reduce the collision domain. A
collision domain is simply the group of devices that are aware of collisions in a
network. A switch or router does not propagate collisions, but shared hubs do.
The next few sections examine ways that Cisco switches can achieve better net-
work performance by reducing the number of devices in any one domain and
increasing available bandwidth to end users.
We will start by examining virtual LANs followed by the various switching modes,
and then we ll examine what can be done in a large switched network.
Virtual LANs (VLANs)
A virtual LAN is defined as a software-emulated LAN. An administrator de-
fines a VLAN according to the network s design requirements. As mentioned
earlier, segmenting or using VLANs provides more bandwidth to end users, re-
duces broadcast traffic, and reduces medium contention.
In general, a VLAN performs the same function as a LAN. However, VLANs
extend the flexibility of normal LANs by providing more options, such as more
bandwidth to the end user and ease of management. Two VLANs connected on
a switch do not communicate together unless they do so with a layer 3 or routing
device. If the layer 3 communication is disabled between the VLANs, no traffic
flows between the two VLANs.
We ll now discuss how Cisco switches can handle frames to provide some of the
enhancements we have discussed previously.
Cisco Switching Methods
The CCIE blueprint requires the candidate to be aware of the two main switch-
ing modes available. We will discuss the two main types using the Catalyst 5000
Ethernet switch and the Catalyst 3900 Token Ring switch as an example.
A Catalyst 5000 series and 3900 switch can support two main switching methods:
Advanced Network Theory:�% Bridging and LAN Switching�% 35
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
ń' Cut-through The switch waits until only receiving the destination address
and immediately starts forwarding. An example of a Cisco switch that sup-
ports cut-through switching is the Catalyst 3900 series switch.
ń' Store and forward The switch receives the whole frame before any forward-
ing takes place. This increases latency but ensures the frame is valid prior to
transmitting it. Both the Catalyst 5000 and Catalyst 3900 Token Ring switch
support store and forward.
Cut-through switching decreases the time it takes to send a frame, but it might
result in errors because the switch does not know if the frame is the minimum
length or if an error has occurred until examining the whole frame. By the time
the whole frame has been received, the switch is already sending the frame to the
destination device, so, in any event, error frames are not checked by the switched
prior to delivery. Some switches monitor frames for errors and will automatically
change switching methods to the store and forward if the error rates are high.
Recently, a third form of switching has evolved fragment free. A fragment free
switch will wait until at least 64 bytes (minimum Ethernet frame) has been re-
ceived before forwarding the packet. This is also sometimes represented as
FragmentFree switching.
You need to understand the two main switching methods cut-through
and store and forward.
Large Switched Networks
In some instances, you might have a large switch backbone and you need to create
and delete VLANs with PC moves or you want certain VLANs visible on one
switch and not another. You can use the full capacity of a switch port without
having it blocked by the Spanning Tree Protocol. To do this you will need to imple-
ment, trunking, VTP pruning, inter-switch links (ISLs), or configure Fast Ethernet
Channel (FEC). Examine the large switch network shown in Figure 3.14. Note
that all the switches are Catalyst 5000s. Also, notice in Figure 3.14 that some end
user switches have more than one link for redundancy purposes or to make use of
more bandwidth between switches.
Let s use Figure 3.14 to examine some of the benefits of using ISL, pruning, and
Fast Ethernet Channel.
Inter-Switch Links (ISLs)
Inter-switch links (ratified in 802.1Q) are links between the Fast Ethernet 100Mb
ports or gigabit 1000Mb ports on the supervisor modules. Newer versions of line
cards, such as the 48 UTP port module for the Catalyst 6000 series switch or the
36 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
Engineering
(VLAN 100)
Auditing
(VLAN 200)
Fast Ethernet
Channel
Sales
(VLAN 400)
Core Backbone
SI Switch
ISL ports
Accounting
(VLAN 800)
Human Resources ISL
(VLAN 500)
ISL
SI
Marketing
(VLAN 600)
IT Department
(VLAN 700)
Figure 3.14 Large switch network.
8 port gigabit module also for the Catalyst 6000 series switch, support the carry-
ing of VLAN traffic over one connection. You must be aware that Cisco s ISL is
propriety while 802.1Q is a ratified standard. Both accomplish the same func-
tion, but the frame type differs. You cannot run Cisco ISL between non-Cisco
switches, for example. This supervisor card is the switching engine for the Cata-
lyst 5000 series switches; earlier versions of the card supported two high-speed
100MB ports on each card, but new releases of the supervisor card (Supervisor
III) can now support up to four high-speed uplinks.
Usually, inter-switch links are connected between two switches or a router on a
stick. Typical speeds are run at Fast Ethernet (100Mb) or even at gigabit speeds
(1000Mb). This allows the core backbone of your network to provide increased
bandwidth, more than normal Ethernet 10Mb for instance. You can carry VLANs
across your ISL ports to allow interdepartmental communication. For instance,
Advanced Network Theory:�% Bridging and LAN Switching�% 37
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
in Figure 3.14, the engineering department is in the same VLAN as the IT de-
partment. The real advantage of using ISL is the ability to carry VLAN traffic
from one switch to another switch. If users move from one department to an-
other, they can do so through the use of the running VLANs over your ISL ports.
Conversely, you can block unwanted VLAN traffic via pruning.
Create and Prune VLANs via the VLAN Trunking Protocol (VTP)
Pruning keeps VLAN definitions from getting advertised to a switch for which no
ports are defined as members of the VLAN. This prevents unnecessary flooding. To
illustrate the creation and VTP pruning of VLANs, let s look at some configuration
commands on a Cisco Catalyst 5000. Catalyst 5000 switches have basically three
commands: set (used to set configuration parameters), show (used to display statistics
and configurations), and clear (used to clear certain configuration parameters).
To create a VLAN on a switch, you use the following commands:
Set vlan ,
Example:
cat5k> (enable) set vlan 2
Vlan 2 configuration successful
cat5k> (enable)
To prune a VLAN, you must first enable a common VTP domain name among
all your switches. This domain places all switches under a common administra-
tion. The following steps are used to prune a VLAN:
1. Enable the VTP pruning by using the following command:
set vtp [domain_name [domain_name]] [mode mode_type] [password
] pruning enable
VTP modes on a Cisco switch can be set to three main types. VTP mode
server switches allows the creation of VLANs. VTP mode client switches
cannot create VLANs. VLAN information is prorogated through ISL or
trunk ports. VTP transparent mode means the switch does not partici-
pant in VTP. This allows administration of VLAN creation and deletion to
be manageable.
2. Enable VTP pruning eligibility with the following command:
set vtp pruneeligible
On a Catalyst 5000, VLANs range from 1 through 1000.
38 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
Fast Ethernet Channel (FEC)
In Figure 3.14, the links between the Auditing/Engineering departments and IT
departments are running Fast Ethernet Channel. Three switch ports have been
taken from the local distribution switch that connects the Auditing/Engineering
department to the core switch and grouped them into a FEC. FEC enables you
to take one or more switch ports, group them together, and provide more band-
width to send user traffic. If this example used normal ISL ports running at
100MB, one of the ports would be blocked because of spanning tree, and it would
only be active in the event of a port or switch failure. With FEC, you can aggre-
gate available ports and forward out all your switch ports without losing band-
width due to spanning tree. FEC is an interim step toward Gigabit Ethernet.
To enable FEC across your switch backbone, you first must ensure all the ports in
the channel are configured with the same parameters, such as the same speed,
VLAN, and spanning tree parameters. For discussion purposes, let s return to
Figure 3.14 s spanning tree before enabling FEC.
Before we configure FEC, review the spanning tree state of the switch between
the Auditing/Engineering and IT departments, as displayed in Listing 3.14.
The URL www.cisco.com/warp/customer/793/lan_switching/
2.html provides an excellent example of configure ISL trunking on Cata-
lyst 5000 or 6000 switches.
Listing 3.14 The show spantree command.
cat5k> (enable) sh spantree 1
VLAN 2
Spanning tree enabled
Spanning tree type ieee
Designated Root 00-00-0c-07-ac-00
Designated Root Priority 32768
Designated Root Cost 100
Designated Root Port 3/3
Root Max Age 20 sec Hello Time 2 sec Forward Delay 15 sec
Bridge ID MAC ADDR 00-60-2f-53-59-01
Bridge ID Priority 32768
Bridge Max Age 20 sec Hello Time 2 sec Forward Delay 15 sec
Port Vlan Port-State Cost Priority Fast-Start
---- ---- ---------- ---- -------- ----------
1/1 1 forwarding 100 32 disabled
1/2 1 blocking 100 32 disabled
cat5k>
Advanced Network Theory:�% Bridging and LAN Switching�% 39
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
As you can see in Listing 3.14, the port on Card 1, Port 2 is blocked. This means
that the setup is underutilizing the connection. Now, let s see what happens when
FEC is enabled.
Assuming both ports have identical parameters, such as speed and spanning tree
parameters, the first step is to configure the channel with the following command:
Cat5k> (enable) Set port channel 1/1,1/2...On both switches
Ports 1/1-2 channel mode on
A trunk is defined as a logical connection between two switches across which
data will traverse. To enable trunking, you must set the following command:
Cat5k> (enable) set trunk 1/1 on
If you examine the span tree state at this point, you will see both ports are for-
warding, as shown in Listing 3.15.
Listing 3.15 The show spantree command. (This command is the same
as Listing 3.14, but the output is different because of a
configuration change.)
cat5k> (enable) sh spantree 1
VLAN 2
Spanning tree enabled
Spanning tree type ieee
Designated Root 00-00-0c-07-ac-00
Designated Root Priority 32768
Designated Root Cost 100
Designated Root Port 3/3
Root Max Age 20 sec Hello Time 2 sec Forward Delay 15 sec
Bridge ID MAC ADDR 00-60-2f-53-59-01
Bridge ID Priority 32768
Bridge Max Age 20 sec Hello Time 2 sec Forward Delay 15 sec
Port Vlan Port-State Cost Priority Fast-Start
---- ---- ---------- ---- -------- ----------
1/1 1 forwarding 100 32 disabled
1/2 1 forwarding 100 32 disabled
You have now successfully configured a Fast Ethernet Channel, or FEC. These
steps also enable the use of the second link between the Engineering and the core
switch in Figure 3.14.
40 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
You do not need to memorize the actual steps involved in setting up
FEC, but you must know the principles behind VLANs, ISL, trunking,
pruning, and FEC.
As with any vendor, Cisco deploys proprietary protocols to help in the adminis-
tration of their equipment. In the upcoming sections, we ll look at Cisco s propri-
etary protocols, including the Cisco Discovery Protocol (CDP) and Cisco Group
Management Protocol (CGMP).
Cisco Discovery Protocol (CDP)
The Cisco Discovery Protocol (CDP) is a proprietary tool supplied by Cisco to
help you manage Cisco products. CDP runs over the Data Link layer (layer 2)
and, hence, is media independent. CDP is enabled by default on all Cisco de-
vices. The role of CDP is to supply neighboring devices hardware types and the
primary addresses.
Listing 3.16 shows a sample display on a Cisco router that identifies the other
Cisco devices that are attached to the local router.
Listing 3.16 Show cdp neighbors command.
R1#sh cdp neighbors
Capability Codes: R-Router,T-Trans Bridge, B-SRB
S-Switch,H-Host,I-IGMP,r-Repeater
Device ID Local Intrfce Holdtme Capability Platform Port ID
003166419 Eth 0 148 T S WS-C5000 3/1
Listing 3.16 shows that Router R1 is connected to a Catalyst 5000 (the platform
indicated is WS-C5000) on Card 3 and Port 1. If you supply the detail keyword
with the command, you d see something similar to Listing 3.17.
Listing 3.17 Show cdp neighbors detail command.
R1#sh cdp neighbors detail
--------------------------
Device ID: 003166419
Entry address(es):
IP address: 137.10.16.4
Platform: WS-C5000, Capabilities: Trans-Bridge Switch
Interface: Ethernet0, Port ID (outgoing port): 3/1
Holdtime : 177 sec
Version :
WS-C5000 Software, Version McpSW: 4.4(1) NmpSW: 4.4(1)
Copyright (c) 1995-1999 by Cisco Systems
Advanced Network Theory:�% Bridging and LAN Switching�% 41
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
Listing 3.17 details more information about the devices local to your router or
switch, such as the bridging capabilities and the primary IP address. This infor-
mation can be handy when you re troubleshooting.
By default, CDP is enabled to discover new Cisco devices. You can control how
frequently CDP looks for new devices by using the following command:
cdp timer -Set the CDP transmission time
cdp holdtime sets the CDP holddown time
The default frequency rate is every 60 seconds for sending updates and every 180
seconds for holdtime. Table 3.5 shows additional commands that you can use for
monitoring CDP.
Every vendor has its own specific protocols not supported by others.
You need to know Cisco s proprietary protocols.
Cisco Group Management Protocol (CGMP)
Cisco Group Management Protocol (CGMP) is a protocol that can be config-
ured on Cisco routers connected to Cisco Catalyst switches to perform multicasting.
Multicasting enables you to send frames that are destined for a group of devices
without impacting your network by using broadcasts. CGMP is used between
Catalyst switches and Cisco routers. You can find out more about CGMP on
Cisco s home page at www.cisco.com.
The evolution of today s networks has led the applications that require a greater
amount of bandwidth. More bandwidth is required because applications are faster
and more data is pushed to the remote devices. To cater to this demand, a new
emulation protocol was developed to allow legacy networks, such as Ethernet, to
Table 3.5 IOS command used for monitoring CDP.
IOS Command Description
clear cdp counters Resets the traffic counters to zero
clear cdp table Deletes the CDP table of information about neighbors
show cdp Displays information about a specific neighbor
show cdp interface Displays interfaces that are running CDP and their parameters
cdp run Runs CDP globally
no cdp run Disables CDP globally
no cdp enable Disables CDP on an interface
42 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
run over larger capable backbones at speeds great than 10Mb. This protocol is
referred to as local area network emulation (LANE).
Asynchonous Transfer Mode LAN Emulation
(ATM LANE)
LANE is a method in which legacy networks that ran over Ethernet or Token
Ring can operate over ATM (Asynchronous Transfer Mode). ATM operates
with cells that are 53 bytes in length. ATM is a ratified standard by the ATM
Forum. For more information, refer to in the Need To Know More section at
the end of this chapter. ATM is used to transport data, voice, and video.
Note: An emulated LAN or ELAN is an ATM network were Ethernet or Token
Ring is emulated using a model described as a client server model. ELANs contain all
the components that will be discussed later on in this chapter, namely the LEC/LES/
BUS/LECS.
Currently, Cisco supports speeds up to Optical Carrier 12(OC12) or 622Mbps
on ATM interfaces. Cisco is always upgrading its product line with new technolo-
gies or acquisitions, hence even higher speeds can be anticipated, such as OC48.
LANE allows layer 2 switches to operate at the high bandwidth that ATM provides.
LANE Components
The main components of LANE are:
ń' LAN Emulation Client (LEC) Implements the LANE standard, including
data forwarding and address resolution (LE-ARP). Each LEC is made up of
a unique ATM address.
ń' LAN Emulation Server (LES) Manages stations that make up the emulated
LAN.
ń' Broadcast and unknown server (BUS) Handles all broadcast frames to un-
known destinations.
ń' LAN Emulation Configuration Server (LECS) Contains information about
all emulated LANs.
There is another protocol that operates between the LECS and the LES/BUS,
namely the Simple Server Replication Protocol (SSRP). SSRP enables the use of
redundancy for large networks. The SSRP redundancy feature creates fault toler-
ance using standard LANE protocols and mechanisms. If a failure occurs on a
LECS or on a LES/BUS (remember, these services are implemented in software
and can fail like any network device), the emulated LAN can fall to a backup
LECS or LES/BUS and allow continuous operation of services. Figure 3.15 shows
two Ethernet devices (Device A and Device B) connected to a switch and how
Advanced Network Theory:�% Bridging and LAN Switching�% 43
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
Device A
LEC
LEC
SI
ATM
SI
Virtual Circuit
LECS/LES/BUS
Device B
Figure 3.15 LANE setup and data transfer.
any communication between Device A and Device B will need to traverse the
ATM network through LANE.
In Figure 3.15, when Device A wants to communicate to Device B, the following
steps are taken:
1. The local switch (LEC) contacts the LECS to get the address of the LES,
which manages all the devices that make up the emulated LANs (ELANs).
2. After the LEC attains the LES address, LEC makes a connection request to
the LES. The LES makes a connection to the LEC using a point-to-
multipoint connection. The LEC will then be allowed the join the ELAN.
3. The LEC must also discover the address of the BUS so that unknown or broad-
cast frames get serviced. The LEC then broadcasts a frame to Device B, and
44 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
the BUS will forward the frames to the end device until a direct connection
is set up.
4. Next, the LEC flushes the connection to the BUS and directly communicates
with the end station. At that point, data flows from Device A to Device B.
As you can see, a single broadcast frame in Ethernet completes quite a process.
The connection between the two devices is called a virtual circuit (VC).
Now, let s configure a Cisco router with an ATM interface to join an ELAN that
already has the LECS/LES/BUS configured.
ATM on Cisco Routers
In this example, you want to emulate an Ethernet environment. You must use a
sub-interface (a software interface) as show here:
interface ATM10.1 multipoint
ip address 171.108.1.1 255.255.255.0
lane client ethernet elan_ccie
In the preceding code, the command lane client ethernet elan_ccie will make the
router attempt to join the ELAN with the name elan_ccie. To view the status of
the ELAN, you would type the following:
show lane client
The result of this command would appear as shown in Listing 3.18.
Listing 3.18 The show lane client command.
R1#sh lane client
LE Client ATM4/0.1 ELAN name: elan_ccie Admin:up State:operational
Client ID: 268 LEC up for 36 days 10 hours 51 seconds
Join Attempt: 91
HW Address: 0060.83f4.a820
Type: ethernet Max Frame Size: 1516
ATM Address: 47.00000000003C0000A0000000.006083F4A820.01
...
Any state other than operational indicates that you have a problem.
You should be able to determine what the problem with a LANE
environment is if given show lane client command results. For extra
study, view sample displays found in the command reference on the
Cisco CD-ROM.
Advanced Network Theory:�% Bridging and LAN Switching�% 45
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
The biggest benefits of ATM are speed and multifunction capabilities. ATM is
extremely fast and switches cells in hardware. It also supports data, voice, and
video. Table 3.6 summarizes the ATM model.
You are now ready to test your advanced network theory knowledge using the
following practice questions. The practice questions are based on the material
covered in this chapter.
Table 3.6 Summary of the ATM model.
ATM Model Function Typical Application
Higher layers Provides user services User data, such as Telnet
ATM adaptation layer Provides information to Data is received in native form;
higher layers LAN data or voice
ATM layer Provides cell relaying and Cell format and header
multiplexing; also provides information; ATM cells are
routing facilities 53 bytes in length
Physical layer Handles transmissions on Line rates up to 622Mbps;
the media standard, covers standard header generation,
transmission, such as fiber timing of bits across the media,
and electrical transmission speeds
46 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
Practice Questions
Question 1
At what layer of the OSI model does bridging occur?
M' a. Network
M' b. Physical
M' c. Operational
M' d. Application
M' e. Data Link
The correct answer is e. Bridging occurs at the Data Link layer (layer 2). See
Chapter 2 for more information regarding the OSI model. Answer a is incorrect,
because the Network layer (layer 3) handles routing of packets. Answer b is in-
correct, because the Physical layer is concerned with how bits are transmitted
onto the media. Answer c is incorrect, because Operational is not a valid OSI
model layer. Answer d is incorrect, because the Application layer is concerned
with how data is presented to the end user.
Question 2
At what layer of the OSI model does routing occur?
M' a. Layer 2
M' b. Layer 3
M' c. Layer 4
M' d. Layer 5
M' e. Layer 6
M' f. Layer 7
The correct answer is b. Routing occurs at the Network layer (layer 3) of the OSI
model. Answer a is incorrect, because layer 2 is concerned with media access.
Answer c is in incorrect, because the Transport layer is concerned with end-to-
end communication. Answer d is incorrect, because the Session layer is con-
cerned with managing sessions between end devices. Answer e is incorrect, because
the Presentation layer s function is to format the data so the application can present
Advanced Network Theory:�% Bridging and LAN Switching�% 47
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
readable information to the end user. Answer f is incorrect, because the Applica-
tion layer is concerned with how the user will supply interactive input.
Question 3
What type of bridging is totally transparent to end devices?
M' a. TB
M' b. SRB
M' c. BRB
M' d. RSRB
The correct answer is a. Transparent bridging occurs at layer 2, and end stations
are unaware of how the frames are sent. Answers b and d are incorrect, because
SRB and RSRB stations determine the path to an end device; hence, the term source-
route bridging. Answer c is incorrect, because BRB is an invalid bridging mode.
Question 4
What two versions of Spanning Tree Protocols are available on a Cisco router
bridging Ethernet frames? [Choose the two best answers]
Q' a. IBM
Q' b. IEEE
Q' c. Decnet
Q' d. DEC
The correct answers are b and d. There are two defined spanning tree methods
for Ethernet networks IEEE and DEC. Answer a is incorrect, because IBM
spanning tree is used in Token Ring networks. Answer c is incorrect, because
Decnet is a routing protocol and not a form of bridging.
48 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
Question 5
A virtual LAN number 500 is set on a Catalyst 5000 with the following
command:
M' a. set vlan 500
M' b. create vlan 500
M' c. set vlan 5000
M' d. set-vlan 500
The correct answer is a. A VLAN, or virtual LAN, is created on a Catalyst 500
with the command set vlan . Answer b is incorrect because create
is not a valid Catalyst command. Remember, there are three basic commands set,
clear, and show. Answer c is incorrect because VLAN 5000 (not 500) is created.
Answer d is incorrect, because the dash is not required when creating VLANs on
a Catalyst 5000 switch.
Question 6
What is the RIF from Device A to Device B in the SRB domain shown in
Figure 3.16?
Ring 0x098 Ring 0x100 Ring 100
Token Token Token
Ring Ring Ring
Bridge 1 Bridge F
Device A Device B
M' a. 0610.0981.100F.0641
M' b. 0810.0981.100F.0640
M' c. 0610.0981.100F
M' d. None of the above
M' e. 0810.0981.100F.0641
The correct is b. The RIF passes through rings 0x98 bridge 1 and 0x100 bridge F,
and end up at 0x64; therefore, the RIF will be 0810.0981.100F.0640. Answers a
and c are incorrect, because the RIF is calculated in hexadecimal, and, because
there are three rings, the RIF will be 8 bytes (2 bytes for control information and
Advanced Network Theory:�% Bridging and LAN Switching�% 49
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
6 bytes for routing information), which indicates that the routing control is 0810
because the RIF ends with the designator of 0. Answer d is incorrect, because
answer b provides the correct answer. Answer e is incorrect, because a RIF always
ends in 0 (destination). The trick to these sorts of questions is to discount obvi-
ous incorrect answers, such as those not ending in zero (0).
Question 7
What method of switching waits until the entire frame is received before
forwarding the frame?
M' a. Cut-through
M' b. Fragment free
M' c. Store and forward
M' d. Both a and c
The correct answer is c. When a layer 2 device waits until it receives the entire
frame before forwarding it, it is described as store and forward. Answer a is incor-
rect, because cut-through switches only wait until the destination address is re-
ceived. Answer b is incorrect, because fragment free switches wait until 64 bytes
have been received. Answer d is incorrect, because answer c is the only correct
answer to the question.
Question 8
In spanning tree, what is a BPDU?
M' a. A break protocol data unit
M' b. A routable frame
M' c. A bridge protocol data unit
M' d. A frame sent out by end stations
The correct answer is c. BPDU stands for bridge protocol data unit. It is used by
bridges running spanning tree to elect root bridges and maintain loop-free to-
pologies. Answer a is incorrect, because the acronym is not spelled out correctly.
Answer b is incorrect, because BPDU frames are not routable but must be bridged.
Answer d is incorrect, because only bridges send out and listen to BPDU frames.
50 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
Question 9
What are the three encapsulation methods supported by RSRB? [Choose
the three best answers]
Q' a. TCP
Q' b. FST
Q' c. FTP
Q' d. Direct
The correct answers are a, b, and d. TCP, FST, and Direct are supported encapsu-
lation techniques on Cisco routers. Answer c is incorrect, because FTP stands for
File Transfer Protocol, which is an application that is not used in RSRB.
Question 10
How many bytes do ATM cells consist of?
M' a. 10 bytes
M' b. 1,500 bytes
M' c. 4,464 bytes
M' d. 53 bytes
M' e. 48 bytes
The correct answer is d. ATM cells consist of 53 byte cells. Answer a is incorrect,
because 10 bytes is not used by any protocol type device because this will not
meet the requirement of a minimum frame size for any LAN or WAN media,
such as Ethernet. Answer b is incorrect, because 1,500 bytes is not the cell length
used in ATM, and it is typically the MTU for Ethernet frames. Answer c is
incorrect, because this frame size is typically used by FDDI devices, and once
more, it is not the fixed cell length of 53 bytes used in an ATM network. Answer
e is incorrect, because the header field of 5 bytes has not been included; 48 bytes
represent only the data in an ATM cell.
Advanced Network Theory:�% Bridging and LAN Switching�% 51
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
Question 11
When configuring SRB, what does the 150 mean in the following configura-
tion? [Choose the two best answers]
Source-bridge 150 1 151
Q' a. It is the target ring
Q' b. It is the local ring number in decimal
Q' c. It is represented in decimal on the wire
Q' d. It is the local ring number
The correct answers are b and d. The first parameter is the local ring followed by
the local bridge number and then the target ring. The local ring number is repre-
sented in decimal when configured on a router, but it s converted to hexadecimal
on the local medium. Answer a is incorrect, because the target ring is 151 and not
150. Answer c is incorrect, because the ring number is transmitted in hex and not
in decimal.
Question 12
What IOS command will display current DLSw remote peers?
M' a. Depends on encapsulation
M' b. Show dlsw tcp peers
M' c. Show peers
M' d. Show fst peers
M' e. Show dlsw peers
The correct answer is e. The show dlsw peers command displays current DLSw
remote peers. Answer a is incorrect, because you can display DLSw peers with
any method. Answers b, c, and d are incorrect, because they are invalid commands.
52 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
Question 13
What command was issued to create the following display?
Device ID Local Intrfce Holdtme Capability
0031 Eth 0 148 T S
Platform Port ID
WS-C5000 3/1
M' a. show cdp nei details
M' b. show cdp neighbor
M' c. show ip neighbor
M' d. This is an invalid Cisco display, although it is valid on other
vendors systems
The correct answer is b. The display shows a remote device from the viewpoint of
a router. To obtain this CDP display, the correct command is show cdp neighbor.
Answer a is incorrect, because show cdp nei details displays more detailed infor-
mation than is provided in the question. Answer c is incorrect, because it is an
invalid command. Answer d is incorrect, because answer b provides the appropri-
ate command. Cisco routers and switches only support CDP. CDP is a propri-
etary protocol.
Question 14
How do you disable CDP on all interfaces on a router?
M' a. no cdp run
M' b. no cdp
M' c. no cdp enable
M' d. Both b and c are correct
The correct answer is a. The no cdp run command disables CDP on all interfaces
on a router. Answer b is incorrect, because this is not a full IOS command more
keywords are required. Answer c is incorrect, because no cdp enable only disables
CDP on a local interface. This question asks you which command disables cdp
on all interfaces. You could apply the no cdp enable command to every interface,
but answer a is the most elegant way of disabling CDP on all interfaces. The
Advanced Network Theory:�% Bridging and LAN Switching�% 53
�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
easiest way to disable CDP on the router is with the Global IOS command no
cdp run. Answer d is incorrect, because only answer a is the correct answer.
Question 15
Which one of the following bridge modes converts Ethernet frames to Token
Ring frames and takes care of all the associated problems?
M' a. SRTB
M' b. TB
M' c. SRB
M' d. SR/TLB
The correct answer is d. SR/TLB will look after bit ordering, MTU sizes, and
frame translation. Answer a is incorrect, because it is an invalid bridging mode.
Answers b and c are incorrect, because TB and SRB do not perform translation.
54 Chapter 3�% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �% �%
�% �% �% �%
Need to Know More?
The Cisco Command References section on the Cisco Documenta-
tion CD-ROM provides sample displays and detailed explanations of
all the available bridging modes supported by Cisco routers.
www.atmforum.com is the home of the ATM Forum Web site. This
site is easy to follow and provides details on ATM and LANE. There
are some excellent tutorials available on this site, as well.
www.cisco.com is the Cisco Documentation home page. This site of-
fers some excellent information about bridging, VLANs, and ATM.
Additionally, search for the phrase DLSw design guide for an excel-
lent white paper. This guide explains DLSw+ in great detail with quality
example configurations and displays.

Wyszukiwarka