![]() |
|||
![]()
|
![]() |
![]() Click Here! |
![]() |
Transparent Bridging Transparent bridges are so named because their presence and operation is transparent to network hosts. At power-up these bridges learn the topology of the connected segments by examining the source addresses of all incoming frames. This operation leads to the description learning bridge for transparent bridges. Transparent bridges operate in promiscuous mode to learn the local MAC address of each of the attached hosts. Promiscuous mode operation on each segment allows the bridge to eavesdrop on every frame transmitted. Specifically the bridge builds a bridging table that maintains a correlation between bridge port and LAN MAC addresses. This table supports the forwarding and filtering operation of the bridge. A bridge forwards a frame from one segment to another when the bridge table indicates a correlation between the destination address and a bridge port other than the bridgeport over which the frame was received. A bridge filters (i.e., discards) a frame when the bridge table shows a correlation between the destination address and the receiving bridge port. The frame is discarded in this case because the destination address exists on the same segment that the bridge port is connected to. A question the inquisitive reader may have formulated at this point is, how does the bridge forward frames if it has not yet discovered, by eavesdropping, all the addresses on the attached segments? The answer is fairly straightforward. If a bridge does not have a particular MAC address in its host table, it floods the frame out all bridge ports except the receiving port. Broadcasts and multicasts prompted by higher level protocols are also flooded across a bridged network in this manner. Once the response from the original broadcast is received, the new destination address is added to the bridge table. A limiting factor of early transparent bridge implementations was that bridge loops, that is, two paths between any two segments,were prohibited. For example, a single host, Cat, is on network segment 1 and another single host, Dog, is on segment 2, and the two segments are joined by two bridges A and B (Exhibit 3-3-12). If Cat sends a message to Dog and Dog must respond, the sequence of events is as follows: Cat sends a message out on segment 1 to Dog. Both bridges forward the frames from segment 1 to segment 2. Dog receives both messages (assuming a collision did not occur). Dogs higher-level application discards the duplicate frame. Bridge A receives the original frames forwarded by bridge B and updates its host table to show that host Cat is on segment 2. Bridge B receives the original frames forwarded by bridge A and updates its host table to show that host Cat is on segment 2. Host Dog generates a response for host Cat and transmits onto segment 2. Both bridges discard the frames generated by Dog because both bridge tables show Cat to be on segment 2.
In this example the problem is fairly easy to locate, however,if this was a large corporate internet with 100 bridge links, then this problem would be very difficult to isolate. A second problem that can arise by configuring bridge loops is broadcast storms. A broadcast storm can be caused by a number of factors, for example, broadcast frame regeneration or forwarding over previously visited interfaces. The latter is the primary issue that affects transparent bridge loops; because in a broadcast frame the destination address is all 1s, the frame will be forwarded around a bridge loop and will never be filtered. Spanning Tree Algorithm Digital Equipment Corp. (DEC, Littleton, MA) developed an algorithm known as spanning tree to help address the issue of whether transparent bridgings limitations enable it to have any value outside the simplest configuration. The original spanning tree algorithm developed by DEC was later adopted by the IEEE and modified into what is now known as the 802.1d spanning tree specification. The spanning tree algorithm functions by designating a loop-free subset of the possible bridged network topology combinations. This is accomplished by allocating each port on each bridge to block and pass frames. A key component of the spanning tree algorithm is that it is dynamic, in that the protocol periodically checks (every 1 to 4 seconds) to see if the bridge topology has changed. If a change is detected the spanning tree algorithm converges on a new nonloop topology. Spanning tree operates on a peer processing premise, in which all bridges cooperate to form the overall bridge topology. In other words, there is no central authority on network topology or administration. Obviously there must be an underlying set of rules to govern the spanning tree function to ensure the cooperative processing converges to an acceptable bridge topology. Each bridge is assigned an arbitrary number that is concatenated with the bridge MAC layer address. The arbitrary number is used to assign priority to each of the bridges in a given internetwork. The MAC layer address can be used as a tie breaker mechanism, because each MAC address is unique. The lower the assigned number the higher the priority of the bridge. During initial power up of a bridge a bridge protocol data unit (BPDU) is flooded out each network port of the newly activated bridge. This BPDU contains the current spanning tree root, the distance to the root, the bridge address information, and the age of the information in the BPDU. This information is used to select the root of the bridge tree. Once the root is selected the remainder of the tree structure is established. It is advisable to manually control the priority of each bridge so as to configure the bridged internet traffic to flow over a preferred loop free subset. By using filtering, transparent bridges successfully isolate local segment traffic. This traffic isolation usually improves network response times as perceived by the end user. Because bridges work at the link layer of the OSI model they cannot do any filtering based on higher level protocol traffic parameters (e.g., Novel Inc.s service advertisement protocol (SAP) or network broadcasts of any type). The extent to which transparent bridges can segment traffic is dependent on the total WAN traffic and the composition of the traffic. Generally, the traffic isolation capability of a bridged internetwork is inversely proportional to the complexity of the WAN topology.
|
![]() |
|
Use of this site is subject certain Terms & Conditions. Copyright (c) 1996-1999 EarthWeb, Inc.. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of EarthWeb is prohibited. Please read our privacy policy for details. |