current-users: Re: Bridge support added to NetBSD-current

Subject: Re: Bridge support added to NetBSD-current
To: Andrew Brown <atatat@atatdot.net>
From: Greg A. Woods <woods@weird.com>
List: current-users
Date: 08/20/2001 17:00:37
[ On Monday, August 20, 2001 at 15:43:04 (-0400), Andrew Brown wrote: ]
> Subject: Re: Bridge support added to NetBSD-current
>
> imho, it's incorrect.  in my understanding, a bridge is supposed to be
> a transparent network appliance, and if it's gonna start mucking with
> layer 3, then it's no longer transparent.

If I understand correctly there are many variants on the "network
bridge" concept.


first there's the old fashioned same-L2 to same-L2 bridge that simply
splits a (usually Ethernet) collision domain

then you've got your filtering bridge that can or purposefully segments
broadcast traffic, especially to keep disparate protocols from affecting
each other, etc.

you've also got your different-L2 to different-L2 bridges (often called
"transparent translation") that transparently "route" L3 protocols
between disparate L2 segments.  For example LAN emulation over ATM
between Ethernet segments, ATM to Ethernet bridging for IP, FDDI to
Ethernet bridging for IP, etc., etc., etc.

then you've got your multi-port store&forward or cut-through bridges
(typically called "switches" these days) that can do all of the above
and more.

this is where it starts to get interesting....

modern "bridges" can also implement VLANs in various forms while at the
same time bridging between disparate L2 segments and they can also do
link aggregation.  modern bridges often have support for redundant links
usually with a spanning tree protocol

All of this is still transparent to L3.

However....  some switches can also do filtering based on L3 (or higher)
criteria, and while that's not strictly transparent, it doesn't require
that the L3 header checksum be re-calculated and so it is considered to
still be a transparent bridge action.

Lastly you've got L2/L3 switch/routers (formerly BRouters in some
circles), or switching routers (routers that use technology designed for
cut-through switches so that they can route "at wire speed").

For example I've now got a DEC VNswitch that can do 10baseT, 100baseTX,
ATM, FDDI, and VLANs; as well as link aggregation on the backplane VN
bus.  It also does spanning tree protocol and can implement redundant
links to other segments.  Quite a fun toy for a small home office
network!  ;-)

I don't have the IP routing "module" for my VNswitch, and it can't do L3
filtering either....  :-(

-- 
							Greg A. Woods

+1 416 218-0098      VE3TCP      <gwoods@acm.org>     <woods@robohack.ca>
Planix, Inc. <woods@planix.com>;   Secrets of the Weird <woods@weird.com>