Vyatta Network OS Documentation

Learn how to install, configure and operate the Vyatta NOS, which helps drive our virtual networking & physical platforms portfolio.

Show Page Sections

Bridging Overview

Layer 2 bridging

Bridging allows you to connect multiple network segments (typically LAN segments) at the Layer 2 level.

Since bridging occurs at Layer 2 (the data link layer) and IP addresses are relevant only on Layer 3 (the network layer), IP addresses are not allowed on the interfaces being bridged.

To create a bridge:

  1. Create the bridge group. You create a bridge group by defining a bridge interface and setting its characteristics.
  2. Add the interfaces to the bridge group. You do this within the configuration node for the interface itself.

    The following interface types can be added directly to bridge groups:

    • Physical data plane interfaces
    • VLAN interfaces

MTU for bridge groups

The effective maximum transmission unit (MTU) size for a bridge group is the minimum MTU of all the interfaces that belong to the bridge group. So, the maximum frame size of frames transmitted by the bridged interfaces will be this effective MTU size.

Spanning Tree Protocol

Spanning Tree Protocol (STP) is a network protocol that ensures a loop-free topology for Ethernet networks. The basic function of STP is to prevent bridge loops. Spanning tree also allows a network design to include redundant links to provide automatic backup paths if an active link fails, thus, eliminating the need to manually enable or disable the backup links.

vRouter supports Rapid Spanning Tree Protocol (RSTP) that is an enhancement of the STP and provides the following advantages.

  • Rapid convergence—Convergence in a standard STP network can take 30 to 50 seconds. The transition of a port to the forwarding state is passive and is based on various timers that are timing out. RSTP provides significantly faster spanning tree convergence after the topology changes by introducing new convergence behaviors and bridge port roles. RSTP responds to topology changes within 3 x hello times (default 3 x 2 seconds) or within a few milliseconds of a physical link failure.
  • 802.1D legacy interoperability—RSTP interoperates fully with older STP switches. Although the introduction of a 802.1D STP switch means that the network loses its fast convergence benefit, the network is still able to run in a loop-free topology because RSTP interoperates with STP. Typically, a network is designed with all-RSTP bridges, but the backward compatibility ensures that the accidental introduction of an old STP bridge does not cause an outage.

The difference between the STP and RSTP spanning tree versions follow.

Table 1. Difference between the STP and RSTP versions
STP RSTP

In a stable topology, only the root sends Bridge Protcol Data Units (BPDU)s that are relayed by others.

In a stable topology, all bridges generate BPDUs every hello interval (2 seconds). These are used as keep-alive mechanisms.

The following port states are supported:

  • Disabled
  • Blocking
  • Listening
  • Learning
  • Forwarding

The following port states are supported:

  • Disabled
  • Discarding
  • Learning
  • Forwarding

Blocking and listening states are replaced with discarding state. The disabled state is not a part of the Rapid STP specification, but is used when the vRouter interface is set to the down state.

The following port roles are supported:

  • Root (Forwarding)
  • Designated (Forwarding)
  • Blocking

The port that receives the best BPDU on a bridge, is the root port, that is, the port closest to the root bridge in terms of path cost.

A port is a designated port if it can send the best BPDU on the segment to which it is connected. On a given segment, there can be only one path toward the root bridge.

A blocking port is defined as not being the designated or root port.

The following port roles are supported:

  • Root (Forwarding)
  • Designated (Forwarding)
  • Alternate (Discarding)
  • Backup (Discarding)

The blocking port role is split into the backup and alternate port roles.

A port is a designated port if it can send the best BPDU on the segment to which it is connected. On a given segment, there can only be one path towards the root bridge.

An alternate port is a port that receives more useful BPDUs from another bridge and is a blocked port.

A backup port receives more useful BPDUs from the same bridge that it is on and is a blocked port.

STP uses the following timers for convergence (advertised by the root bridge):

  • Hello—2 seconds
  • Max Age—20 seconds (10 missed hellos)
  • Forward Delay—15 seconds

The proposal-and-agreement process for synchronization is less than 1 second.

Hello, max age, and forward delay timers are used only for backward compatibility with standard STP.

Only RSTP port receiving STP (802.1d) messages behave as standard STP.

Slow transition that is 50 seconds, which is as follows:

  • Blocking (20 seconds)
  • Listening (15 seconds)
  • Learning (15 seconds)
  • Forwarding

Faster transition on point-to-point and edge ports only. There are fewer states and no learning state. RSTP actively looks for possible failure by Request Link Query (RLQ), a feedback mechanism.

Uses only two bits in the BPDU flag octet.

  • Bit 7—Topology Change Acknowledgement (TCA) Bit
  • Bit 0—Topology Change

Uses other six bits of the flag octet (for BPDU type 2 or version 2):

  • Bit 1: Proposal bit
  • Bits 2 and 3 : Port role bit
  • Bit 4 : Learning bit
  • Bit 5 : Forwarding bit
  • Bit 6 : Agreement bit
  • Bits 0 and 7 : TCA and TCN for backward compatibility

The bridge that discovers a change in the network informs the root, which in turn informs all others by sending BPDUs with the TCA bit set and instructs them to clear their data base entries after the short timer (~Forward delay) expires.

A topology Change (TC) is flooded through the network, every bridge generates a TC and informs its neighbors when it is aware of a TC and immediately deletes old data base entries.

If a nonroot bridge does not receive a hello for a max-age interval of time on a root port, the STP starts claiming the root role by generating its own BPDU.

Waits for 3 times the hello on a root port before deciding to act.