54 ESR Series Routers Operation Manual
7.12 Bridge configuration
Bridge is a method of connection for two Ethernet segments on data-link level without any higher
level protocols, such as IP. Packet transmission is based on Ethernet addresses, not on IP addresses. Given
that the transmission is performed on data-link level (Level 2 of the OSI model), higher level protocol
traffic passes through the bridge transparently.
Objective 1: Combine router interfaces related to LAN and L2TPv3 tunnel passing through the
public network into a single L2 domain. For combining, use VLAN 333.
Fig. 7.10—Network structure
Solution:
Create VLAN 333
esr(config)# vlan 333
esr(config-vlan)# exit
Create 'trusted' security zone:
esr(config)# security-zone trusted
esr(config-zone)# exit
Add gi1/0/11, gi1/0/12 interfaces to VLAN 333:
esr(config)# interface gigabitethernet 1/0/11-12
esr(config-if)# switchport general allowed vlan add 333 tagged
Create bridge 333, map VLAN 333 to it and specify membership in 'trusted' zone:
esr(config)# bridge 333
esr(config-bridge)# vlan 333
esr(config-bridge)# security-zone trusted
esr(config-bridge)# enable
Define the inherence of L2TPv3 tunnel to bridge mapped to LAN (for L2TPv3 tunnel configuration,
see Section 7.18): In general, bridge and tunnel identifiers should not match the VID, unlike this example.
esr(config)# tunnel l2tpv3 333
esr(config-l2tpv3)# bridge-group 333
To Next Page
Loading...
