h1

Bridging Cisco Router Interfaces

July 2, 2010

This article is a guide to configure bridging on Cisco Routers. This is something I never knew was possible until after making a few phone calls to Cisco. Using bridging saved our company money by not requiring us to purchase a new switch. Bridging can also be very useful in smaller environments to help save on wasting IPs. The implementation I will be using for the example is this: A single T1 comes into a router. This router needs to hand off directly to a set of Redundant Firewalls without a switch between them. We need to make sure both firewalls can plug into the router and use the same IP address for their next hop. The commands used here are all entered from a Cisco 2811 running IOS version 12.3(8)T5. Bridging is available in many other IOS versions and from what I have personally seen the commands have not changed. So with all of that out of the way let’s get into the router.

First connect to the router via the console. We will be changing IP addresses and disabling interfaces which will cause your telnet sessions to disconnect.

After you connected you will need to be in “enable” mode so that you can make changes to the router.

Next we enter config mode, configure terminal

Now you should be sitting at a prompt similar to the one below:

Router01(config)#

There are three commands that we will enter to ensure that bridging is enabled.

Router01(config)#bridge irb
Router01(config)#bridge 1 protocol ieee
Router01(config)#bridge 1 route ip

Those commands are global commands, the next commands we will enter are to create the new bridged interface. But in order to do that we have to take the IP address off of the old interface. In this example FastEthernet0/0 has the IP assigned and we will be adding FastEthernet0/1 to the group.

Router01(config)#interface fa0/0
Router01(config)#no ip address

Router01(config)#interface BVI1
Router01(config)#ip address X.X.X.X Y.Y.Y.Y (IP Address and Subnet Mask)

Now we go back to the interfaces and add them to the bridge group

Router01(config)#int fa0/0
Router01(config)#bridge-group 1
Router01(config)#int fa0/1
Router01(config)#bridge-group 1
Router01(config)#exit

Now if you were to plug in a device that is configured on the same network as entered on the BVI1 Interface you would be able to ping the address. Through bridging we have effectively turned the to FastEthernet interfaces on our 2811 into a small switch. This will allow you to run an active/active firewall system behind a single router with minimal hassle. There are number of other uses for bridging as well I hope this article will help people realize the potential and use this new skill.

One comment

  1. Short and clear. Thanks.



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: