Bridge (network)

from Wikipedia, the free encyclopedia
A bridge in the OSI network model

A Bridge ( German "bridge") connects the computer network two segments on the plane of the layer 2 (data link layer) of the OSI model . A bridge can operate on the MAC sublayer or the LLC sublayer. It is then called a MAC bridge or LLC bridge . Another distinction arises from the way in which the route of data packets is determined in the Transparent Bridge and the Source Routing Bridge .

A MAC bridge ( IEEE 802.1D ) is mainly used to divide a network into different collision domains. In this way, the load in large networks can be reduced, since each network section only receives the packets whose recipient is also located in this network. Such bridges were also used to connect locations via mostly slower WAN links, such as B. ISDN or X.25 to couple with each other. A MAC bridge connects networks with the same access method.

The LLC bridge (also known as remote bridge or translation bridge) is used to couple two subnetworks with different access methods (e.g. CSMA / CD and token passing ) and consists (idealized) of two parts that are connected to one another , whereby the medium between the two parts does not matter. A translation takes place within the LLC bridge. With this implementation, all parameters of the source network (such as MAC address , size and structure of the MAC frame) are adapted to the target network, provided they are supported by the target network. Such a translation is not always possible directly. If the networks are incompatible, the detour via router functionality must sometimes be taken.

A transparent bridge learns which MAC addresses are in which subnet. The bridge learns possible recipients by entering the senders of packets in the individual sub-networks in an internal forwarding table. The bridge can use this information to determine the route to the recipient. The sender addresses are constantly updated so that changes can be recognized immediately. A source routing bridge does not have a routing table. Here, the sender must provide the information for forwarding to the destination.

A packet only has to be sent to all subnets if the recipient is not entered in this table and the destination network is therefore not known. A broadcast is always transmitted to all subnets.

An easily understandable example of a bridge is a laser bridge, which enables data to be exchanged between two buildings by means of a laser beam. In every building there is a part that consists of a network port and a laser transmitter and receiver unit, but both network ports are in the same logical network.

All bridge types have in common that their ( network ) ports work in promiscuous mode , so all packets are received, then a check (checksum) takes place so that only correct frames are sent on. Furthermore, in the unlearned state, every incoming packet is sent to all ports (except for the port that sent the packet).

Bridges can be designed redundantly to compensate for the failure of a bridge. In order to suppress the multiple forwarding of data packets, a suitable communication protocol, e.g. B. the Spanning Tree Protocol or trunking, meshing etc. are supported.

Bridges vs. Switches

There is no clear classification of the technology defined by bridges or switches in the specialist literature . Switches work as transparent bridges, but they have higher throughput and more ports. In addition, modern switches are often equipped with a layer 3 instance , a simple router . In general, bridges were developed and marketed from around 1985 for segmenting (reducing the collision domain) of networks and for connecting different architectures (e.g. Ethernet token ring). Switches were not developed until much later (1990). You can replace routers under certain circumstances, even if they do not contain their own Layer 3 instance . For example, when the use of a switch instead of a bridge became necessary to reduce a collision domain and a bridge did not have enough ports and throughput.

To reduce the size of the collision domain , a switch has as many ports as possible, to which only a few devices - ideally one - are connected. In addition, one or more so-called uplink ports establish connections to the next switch or router. Often, but not necessarily, uplink ports are implemented using faster or higher quality (Ethernet) technology than the other ports (e.g. Gigabit Ethernet instead of Fast Ethernet or fiber optic cables instead of twisted pair copper cables ). Non-modular switches usually have at least four to a maximum of around 48 ports. Large “modular” switches can be configured into units with several hundred ports, depending on the model. In contrast to bridges, switches can transmit several packets at the same time between different pairs of ports. A bridge corresponds most closely to a switch in the store and forward operating mode with usually only two ports: a switch is a multiport bridge (a switch is a multiport bridge) was a motto from Cisco Systems in 1991 , and since the takeover of Kalpana in 1994 it has been gone at Cisco differentiated with the topic.

In the early days of switch technology, port switches were also widespread; these were cheaper devices that had a dedicated uplink port and could only save one MAC address per port on the remaining ports. Bridges, on the other hand, can always store many MAC addresses in their internal SAT (Source Address Table). Conversely, bridges often require external distributors to connect multiple devices. B. Hubs .

As a rule, bridges and switches can connect networks with different transmission speeds. Bridges can usually work on both a MAC and LLC basis, whereas switches work on a MAC basis. As a result, switches cannot bridge different architectures (e.g. Ethernet token ring). Since Ethernet dominates the market, bridging different LAN architectures is of little importance. Not least because of this, bridges are now niche products.

With larger switches, just as with powerful bridges, a certain bandwidth can be defined for each connected network segment, and certain services can also be prioritized ( Quality of Service ). In addition, large modern switches support a large number of protocols and procedures (e.g. discovery protocols, VLANs , MANs , QoS , Layer 3 Instance with various routing protocols, management protocols ( SNMP , RMON , Syslog ), infrastructure protocols ( DHCP server, BOOTP / TFTP server, FTP server, SSH server), special handling for special protocols (DHCP and BOOTP relay agent), security features (layer 2 to 4 ACLs , gratuitous ARP protection, DHCP enforcement, MAC lockdown, broadcasting control, ingress filter), redundancy protocols ( VRRP ) etc.). The differences to routers are becoming increasingly blurred.

Bridges and virtualization

Bridges that are set up within an operating system play a major role in virtualization . A so-called bridge device is set up here, which expands a real network card with virtual network cards and connects them like a bridge. These interfaces are made available to the virtualized guest system as (virtual) network cards. External network communication of a guest system via the real network interface of the host system to the outside is only possible via these network cards .

Software bridges

In addition to dedicated hardware, computers based on macOS , BSD , DOS , Linux or Windows XP can also be used as bridge solutions. Special hardware works mostly more robustly and also faster due to the special architecture; Nevertheless, Linux and BSD versions in particular impress with extensive support for a wide variety of network cards and protocols. However, the low data throughput rates and the relatively high latency times of the bus systems commonly used in PCs have a performance-limiting effect . PCs never achieve the throughput rates of switches and only rarely those of bridges. In general, software routers based on a PC or workstation often have another disadvantage: the relatively high power consumption. After just one year, the electricity costs can be higher than the price for a small compact device. Some bridges are called hardware bridges, but actually consist of PC components. Only the housing or the partially mechanically modified PCI slots and the operating system create the appearance of a special system. These systems are usually very robust and reliable; however, here too, bridging is carried out by software and without special hardware support.


Devices that combine the function of bridges and routers are sometimes called BRouters. The term layer 3 switch is incorrectly used more often . However, a Layer 3 switch is not exactly the same as a BRouter.

See also

Individual evidence

  1. IEEE 802.1: 802.1D - MAC bridges