Layer 2 Bridging and Transparent Mode Overview
On SRX3400, SRX3600, SRX5600, and SRX5800 devices, you can configure one or more bridge domains to perform Layer 2 bridging. A bridge domain is a set of logical interfaces that share the same flooding or broadcast characteristics. Like a virtual LAN (VLAN), a bridge domain spans one or more ports of multiple devices. Thus, the SRX Series device can function as a Layer 2 switch with multiple bridge domains that participate in the same Layer 2 network.
In transparent mode, the SRX Series device filters packets that traverse the device without modifying any of the source or destination information in the IP packet headers. Transparent mode is useful for protecting servers that mainly receive traffic from untrusted sources because there is no need to reconfigure the IP settings of routers or protected servers.
 | Note: Transparent mode is supported only for IPv4 traffic. |
In transparent mode, all physical ports on the device are assigned to Layer 2 interfaces. Do not route Layer 3 traffic through the device. Layer 2 zones can be configured to host Layer 2 interfaces, and security policies can be defined between Layer 2 zones. When packets travel between Layer 2 zones, security policies can be enforced on these packets.
| Note: The following security features are not supported in transparent mode:
|