TUTORIALS > INTERNETWORKING >

Lesson 11: Bridges

A data-link bridge is a device that connects two similar networks. It takes packets from one network and puts them on the other, and vice versa. As it does this, it regenerates the signal strength of the packets, allowing data to travel further. In this sense, a data-link bridge incorporates the functionality of a repeater, which also regenerates packets to extend a LAN. But a bridge does more than a repeater. A bridge is more intelligent than a repeater. It can look at each packet and decide on which of the two networks it belongs. Repeaters simply forward every packet from one network to the other, without looking at them.

A bridge looks at each packet as it passes, checking the source and destination addresses. If a packet coming from Station 1 on LAN A is destined for Station 5 on LAN B, the bridge will pass the packet onto LAN B. If a packet coming from Station 1 on LAN A is destined for Station 3 on LAN A, the bridge will not forward it; that is, it will filter it.

Bridges know which packets belong where by looking at the Medium Access Control (MAC) layer information carried in the packet. The MAC layer, which is part of the second layer of OSI Model, defines how packets get on the network without bumping into each other. It also contains information about where the packet came from and where it should go. Because bridges use this level of information, they have several advantages over other forms of interconnecting LANs.

WHY BRIDGE?

The most common reason to bridge is to improve network performance. Dividing one large network into two networks reduces the amount of traffic that flows over the entire LAN and therefore improves performance. Devices on both segments can still talk to each other via the bridge.

It is possible that a poorly placed bridge can reduce performance by creating a bottleneck. However, it doesn’t take too much effort to discover the best place to put a bridge. For example, it doesn’t make sense to split up 10 people whose workstations are physically close to each other if they frequently exchange information. A bridge between this workgroup and another workgroup, however, could improve performance dramatically. With the bridge, the two workgroups may still communicate transparently. Only communicationbetween groups, not communication within groups, moves through the bridge.

Another reason to use a bridge is to change from one type of cable to another. For example, you may run twisted-pair cable in the offices and fiber-optic cable between buildings. Segments can be connected with a bridge, so “long distance” traffic can flow freely from one segment to another while local traffic stays local. Broadband and baseband Ethernet networks may be connected this way, too. A 16Mbps Token Ring backbone may use bridges to connect to several local 4Mbps Token Rings.

PROTOCOL IGNORANT

Because bridges operate at the MAC layer, they can interconnect LANs that use many different upper-layer protocols. Bridges are commonly referred to as protocol-independent. For example, the same bridge may connect networks running TCP/IP, DECnet, OSI, IPX, and XNS protocols. All these higher-layer protocols are encapsulated within the MAC layer. That is, the MAC layer is below the network layer where the upper-layer protocol information is kept.

A bridge will not allow a device speaking TCP/IP to talk to a device speaking IPX or OSI. That is a gateway’s function. A gateway actually translates between protocols. A bridge simply passes packets back and forth, regardless of the protocols. A bridge will let any two users speaking the same protocol talk to each other.

Many networks have more than one protocol running on them. For example, two groups of Sun workstation users may use TCP/IP most of the time and occasionally use OSI. A bridge between the groups will pass both TCP/IP and OSI packets. In fact, the bridge won’t even know which protocol it is passing. But the two machines on either side of the bridge must use the same protocols for the message to make sense.

LEARNING AND FILTERING

A bridge is considered an intelligent device because it can make decisions based on situations it has already seen. To do this, a bridge refers to an address table. When a bridge is plugged in, it sends broadcast messages asking all the stations on the local segment of the network to respond. As the stations return the broadcast message, the bridge builds a table of local addresses. This process is called learning.

Once the bridge has built the local address table, it is ready to operate. When it receives a packet, it examines the source address. If the packet’s address is local, the bridge ignores it. If the packet is addressed for another LAN, the bridge copies the packet onto the second LAN. Ignoring a packet is called filtering. Copying the packet is called forwarding.

The basic type of filtering is keeping local packets local, and sending remote packets to the other subnetwork. Another type of filtering is based on specific source and destination addresses. For example, a bridge might stop one station from sending packets outside of its local LAN. Or, a bridge might stop all “outside” packets destined for a particular station, thereby restricting the other stations with which it can communicate. Both types of filtering provide some control over internetwork traffic and can offer improved security.

Most Ethernet bridges can filter broadcast and multicast packets. Occasionally, a device will malfunction and continually send out broadcast packets, which are continuously copied around the network. A broadcast storm, as it is called, can bring network performance to zero. If a bridge can filter broadcast packets, a broadcast storm has less opportunity to brew.

Today, bridges are also able to filter according to the network-layer protocol. This blurs the demarcation between bridges and routers. A router operates on the network layer, and it uses a routing protocol to direct traffic around the network. A bridge that implements advanced filtering techniques is usually called a brouter. It filters by looking into the network layer, but it does not use a routing protocol.

Other bridges are available that do true network-layer routing. These routing/ bridges or bridging/routers are often used as the hub of an enterprisewide network.

SOURCE ROUTING

Some Token Ring bridges, notably those from IBM, use a routing scheme called source routing to get packets from one network to another. The bridges we’ve talked about so far use transparent routing, which all Ethernet, and some Token Ring and FDDI, bridges use. With transparent routing, the packet does not know the route it will travel, nor do the bridges it passes over. Each bridge will forward a packet that is not local, until it finally reaches its destination LAN.

With source routing, the packet itself contains routing information. This information specifies the LANs and the bridges through which the packet will travel to get to its destination. The sending machine is responsible for putting this information into the MAC-layer header, which is the part of the packet that contains the source and destination addresses along with some other information about the packet.

For sending stations to know the route their packets will take, they must learn the layout of the entire network. This is done dynamically through a process called route discovery. During route discovery, packets are passed around the network. As they move from LAN to LAN, they are filled with information about the network. Each bridge puts three numbers into the packet: the numbers of the two LANs it connects and its bridge number. This information is then passed back to sending stations. Using this information, sending stations can then create a map of the network and appropriately route their packets.

Source routing is used primarily by IBM on its Token Ring LANs. Source routing does impose some overhead which might diminish network performance slightly. However, this is offset by the advantages of the routing scheme. Because the sending machine knows the route its packets will take, it can always choose the optimal path at the time of transmission, which is not possible with transparent routing. With transparent routing, the optimum path remains so until a bridge or a link fails. Also, source routing provides better management since the path of a packet is immediately accessible from the packet itself. Finally, source routing bridges can be faster than transparent bridges since they do not have to “look up” each packet to see if it must be bridged. The packet tells them immediately.

REMOTE AND LOCAL

So far we have discussed local bridges. Remote bridges connect two geographically separate LANs, mostly over a telecommunications link, such a leased telephone line, a T-1 link, a public data network, or microwave line. In remote bridging, the bridge is split into two devices. A bridge at one end puts packets destined for the other LAN out over the link. A bridge at the other end receives the packets and passes them to its local LAN. The process works in both directions.

Telecommunications links are not the only way to connect long distance LANs via bridge. Broadband networks and fiber-optic links can also bridge geographically distant networks. For example, bridges might be used to pass traffic over a fiber-optic backbone among the buildings of a university or business campus. Technically, this is not a remote connection, but the individual LANs may be several miles apart.

Either way, once bridges connect LANs over a longer distance, reliability and fault tolerance become more important. Bridges at both ends must take precautions against data corruption over the remote link.

SPANNING THE GLOBE

The first step in fault tolerance is redundant bridges. The IEEE 802.1D spanning tree algorithm allows redundant bridges to be configured on an Ethernet LAN. The stumbling block is that introducing parallel bridges creates a loop in the Ethernet topology, which is strictly forbidden by the rules of the Ethernet protocol. However, spanning tree manages those loops, so that packets don’t circulate endlessly around the network. Without a backup bridge and spanning tree software, a failed bridge causes the network to be partitioned until the broken bridge is fixed.

According to the spanning tree algorithm, two bridges are set up, side by side. One is designated the primary bridge and it is the only bridge to pass traffic. If the primary bridge fails, the traffic is automatically shunted to the back-up bridge.

Spanning tree overcomes a major obstacle in bridging, but the back-up bridge is idle as it waits for a failure. This is costly. If the back-up link could carry traffic, the cost of the second link could be better justified. Here’s where load balancing comes in. Using load balancing, traffic can be divided over the two remote parallel bridges. This provides much better performance since not all traffic is going over one remote link. Since the spanning tree technology is still in place, if one bridge fails, the other can still carry all the traffic.

MANAGING BRIDGES

Since LAN configurations change constantly, it is crucial that bridges be easy to manage. A good bridge management package should allow bridges to be managed from a central location. A LAN manager should not have to be at the bridge but should be able to send instructions from a networked terminal or PC. Critical management functions include enabling and disabling bridges, changing security parameters, and changing the address filters and the protocol priorities dynamically. Many bridges allow the manager to download configuration information, thereby setting up the bridge to work as desired all at once.

Bridges should also provide information about what is happening on an internetwork. For example, a management package should report how much traffic is passing over the bridge, the type of traffic, how many errors occur and so on. With this information, the LAN manager can decide how to configure the network. It might be necessary to move the bridge and segment the network differently. Some bridges allow the LAN manager to set performance or error parameters. If these thresholds are exceeded, an alarm is sent to the manager’s workstation.

Many bridges now support the Simple Network Management Protocol (SNMP). SNMP can be used to manage nearly any type of device, from a host computer to a multiport repeater. A bridge must implement the SNMP agent software, which sends information back to the SNMP management station. SNMP is most often used in TCP/IP networks.

Cooperation with an enterprisewide management system is crucial. Such management systems include DEC’s Enterprise Management Architecture, AT&T’s Universal Network Management Architecture, IBM’s NetView, HP OpenView, SunNet Manager, and the OSI Common Management Interface Protocol. These global management systems are essential to fill in the “big picture” of network management.