A Made IT project



There are two types of bridges local bridges and remote bridges. Local bridges have two or more LAN ports and act as a bridge between two or more LANs.
A remote bridge has a LAN and a WAN port and is actually not a bridge. It's a half-bridge. Only together with it's counterpart on the remote LAN it is a full bridge. This means that the bridge on the local LAN plus the bridge on the remote LAN plus the wires (leased lines) that connect the two are an entire bridge.
Having said this we can start with the description of bridges.

Bridges are only concerned with the MAC layer, so this device is placed at OSI layer 2. But that is not entirely correct. As the OSI reference model devides layer 2 into the LLC and the MAC sub-layers, a bridge is actually a MAC sub-layer device. A bridge doesn't have to speak 802.2 (LLC)
This does mean that a bridge does not worry about higher layers and doesn't bother about protocols. A bridge is protocol transparent. It does also mean that the different MAC layer standards can be connected to each other with a bridge. So token ring and ethernet can be connected to eachother by means of a bridge.

Bridges are used in situations where repeaters would not function or are not wanted. It could be one of the following reasons or a combination.

There are various reason for the use of a bridge and we will not go into detail about it. The following description shows the way a bridge works and will hopefully explain the various reasons by itself.

Functional Description
As said before a bridge is a MAC sub-layer device. This means that it acts as a repeater but with the knowlegde of the MAC address. If an address is not on the incoming port the packet will be forwarded to the other port(s). The opposite is true also. If the MAC address is on the network attached to the incoming port the packet will not be forwarded and is ignored by the bridge. This way traffic is reduced and some kind of management or security can be provided.
Since a bridge devides networks on the MAC layer there is a separation between the two (or more) attached networks and that means that the timing rules for a particular network will not apply. Each port has it's own timing rules and they do not interfere with eachother. The best way to look at is that a bridge is just a station on a local network without the network knowing there is another network at the other side of the bridge. So the timing of one network stops when the bridge receives the packet and the timing on the network where the packet is forwarded to starts when the packet is transmitted there.

A bridge looks at the MAC address to see if a packet needs to be forwarded, but how does a bridge know where which station is?
Most bridges are self learning devices, which makes them more or less plug-and-play. As soon as you connect the bridge and turn it on, it is operational (except when you want special security or management features). That means there has to be some way that a bridge knows who is where.
An incoming packet has a source and a destination address. As soon as the bridge receives a packet it copies the source address to it's MAC address table and knows that that source address is on the port it came from. This way a bridge can learn an entire network in a couple of minutes. And as long as it is not sure on which side the packet belongs it forwards it, so the packet will reach it's destination anytime. (Remember a station, so also a bridge, copies a packet from a network, it doesn't remove it.)

There are three types of bridges:

The transparant bridge is the one that complies to IEEE802.1d. And is useable for every type of network. This is the de facto standard for Ethernet.
The SR bridge is only used on Token Ring Networks.
SRT bridges is a mixture of both architectures. There is no standard and almost no products, so this one will not be covered in this document.

Transparant bridges
The IEEE802.1d standard is actually a standard for Spanning Tree. Which means that multile bridges can be available in the network. Since bridges learn by MAC source address a loop is not wanted. If a loop exists a bridge would find on in- and output port the same source address and stops bridging that address. When two bridges are connected to the same network and bridge to the same network, one of the bridges is de-activated. This is a rule from IEEE802.1d and is called Spanning Tree. This happens dynamically. When the active bridge stops working (e.g. it is defect) the deactivated bridge becomes active and takes over the work. This way redundant links are possible and a loop is prevented.

The choice of which bridge is active and which is not when both bridges are capable of handling data, is determend by a so called RPC value, Root Path Cost.
Each bridge (or bridge pair) has a Bridge Identification Code (BID), a Patch Cost (PC) per port and a Path Identification Code (PID) per port. One bridge in the network is the root bridge (has a special priority code) and all brdiges determan for every port they have the RPC to the root. The ports with the lowest RPC are the active ones.

A transparent bridge has it's own MAC table. It learns by looking at the source addresses. As soon as a packet enters the bridge the bridge looks at the destination address and the bridge makes a decision based on three rules:

Source and destination address are on the same network: Remove packet from memory and do nothing
Source and destination address are not on the same network: Forward packet to the right destination port
Destination address is unknown: Forward packet to all output ports (flooding)

The MAC table in a bridge is build up of source addresses, but stations can be moved or turned off and that would result in unwanted tables, or a network could be large and the MAC table would grow accordingly, which results in long search times. Therefor a MAC address entry in a table has a maximum time to live. This is called it's ageing time.
After a certain amount of time the address is deleted when it has not been seen by the bridge. Ofcourse as soon as the bridge receives a packet with an unknown source address it will add this address (again) to it's table.
For some addresses you don't want them to be deleted or you want special configuration parameters to be set, e.g. it may only be outputed to a certain port. For this you can set static addresses. You have to type in the MAC address by hand and have to configure what has to be done with that address.

The addresses that are added and removed automatically to and from the address table are called Dynamic entries. The ones that you enter yourself and that can not be removed by the bridge are called Static entries.

Source Routing Bridges
The Source Routing is part of the IEEE802.5 standard. This is a completely different way of bridging. With Source Routing as the name implies, the source determens the path it wants to take, not the bridge. This means that the token ring frame needs to have a routing information field.

Actually it is more complex then that. There is a Route Information Indicator (RII). When this is set to '1' the frame needs to be route according to the Route Information Field. If the RII is '0' the frame stays on the same LAN.
A end-station that needs to send a frame to another end-station needs to know if the other station is on the same or a different network, and if it is on another network it needs to know what path it should use. To find all this information there is a special frame called the route discovery frame.
(With Source Routing it is possible that there is more then one path to a destination!)
The Route Discovery Frame needs to be a broadcast since the destination is not known. There are however two approaches. You could use a single-route broadcast to find the station which sends an all-route broadcast back and the originating device selects the most cost effective path, or you send an all-route broadcast and the destination selects the most cost effective path and send that back to you.
The first one is the most commonly used. What happens is that the origination station sends out a Route Discovery Frame as a single-route broadcast. As soon as it reaches it's destination, the destination machine sends back the Route Discovery Frame as an all-route broadcast. Every bridge adds its information in the frame and eventually all frames reach the originating station that then needs to decide which path it will take (most of the time the path of the frame that was back first).

Here is what a Source Routing Frame looks like:

1112/62/60-30 411
Starting Delimiter
Access Control
Frame Control
Destination Address (MAC)
Source Address incl. RII
Routing Information
Frame Check Sequence
Frame Status

The actual field we are interrested in is the RI field. When we take a closer look it looks like this:

2222 0=<n>=14
Routing Control (16 bits)

The RC field gives information about the content of the RD fields and it looks like this:

Routing Type
Direction bit
This bit determens how the fields are read. So for the oposite direction not the route information is reversed, but just read backwards.
Largest Framesize with the following meaning:
000516ISO subnetwork, including LLC header
0011470802.3 LAN
010205280x24 IBM monitor information
0114472FDDI: 802.5 with 9 ms token hold time
10111454802.5 with 23 ms token hold time
11017800802.5 with 36 ms token hold time
111 Initial value. No restrictions

Route Designator x

The Route Designator is build up of two parts. There is a SN (Segment Number) part of 12 bits and there is the BN (Bridge Number) of 4 bits. The SN number is the number of the ring and BN is the number of the bridge. If the destination station is on the ring that the packet is send to then the BN number is 0.

Lets say the RC field contains the hexadecimal code 0830 and the RD1 field contains D803. That means from left to right:
0 - Non-broadcast
8 - Length of RI field is 8 octets
3 - Read routing information from left to right, plus the largest frame from either station is 4472 octets
0 - No meaning, this is one reserved
D803 - The sending station needs to use ring D8 where bridge 03 will forward the packet according to the information in field RD2