Configuring a Bridge Domain
A bridge domain must include a set of logical interfaces that participate in Layer 2 learning and forwarding. You can optionally configure a VLAN identifier and a routing interface for the bridge domain to also support Layer 3 IP routing.
To enable a bridge domain, include the following statements:
[edit]
bridge-domains {
bridge-domain-name {
domain-type bridge:
interface interface-name;
routing-interface routing-interface-name;
vlan-id (none | all | number);
vlan-id-list [ vlan-id-numbers ];
vlan-tags outer number inner number);
}
}
The Layer 2 CLI configurations and show commands for ACX5048 and ACX5096 routers differ compared to other ACX Series routers. For more information, see Layer 2 Next Generation Mode for ACX Series.
You cannot use the slash (/) character in bridge domain names. If you do, the configuration does not commit and an error is generated.
For the vlan-id statement, you can specify either
a valid VLAN identifier or the none or all options.
For information about VLAN identifiers and VLAN tags for a bridge
domain, see Configuring VLAN Identifiers for Bridge Domains and
VPLS Routing Instances.
To include one or more logical interfaces in the bridge domain,
specify an interface-name for an Ethernet
interface you configured at the [edit interfaces] hierarchy
level.
A maximum of 4000 active logical interfaces are supported on a bridge domain or on each mesh group in a virtual private LAN service (VPLS) instance configured for Layer 2 bridging.
To configure a layer 2 logical interface to be included in a bridge domain, you can
either include the encapsulation vlan-bridge statement under the
logical interface, or the encapsulation ethernet-bridge statement
under the physical interface.
On ACX Series routers, a maximum of 1000 logical interfaces can be configured on a physical interface. You can configure a maximum of 3000 bridge domains on an ACX Series router.
By default, each bridge domain maintains a Layer 2 forwarding database that contains media access control (MAC) addresses learned from packets received on the ports that belong to the bridge domain. You can modify Layer 2 forwarding properties, including disabling MAC learning for the entire system or a bridge domain, adding static MAC addresses for specific logical interfaces, and limiting the number of MAC addresses learned by the entire system, the bridge domain, or a logical interface.
You can also configure spanning tree protocols to prevent forwarding loops. .
In Junos OS Release 8.5 and later, you can configure IGMP snooping for a bridge domain. For more information, see the Junos OS Multicast Protocols User Guide.
Integrated routing and bridging (IRB) provides simultaneous
support for Layer 2 bridging and Layer 3 routing on the
same interface. IRB enables you to route packets to another routed
interface or to another bridge domain that has an IRB interface configured.
You configure a logical routing interface by including the irb statement at the [edit interfaces] hierarchy level and
include that interface in the bridge domain. For more information
about how to configure a routing interface, see the Junos OS Network
Interfaces Library for Routing Devices.
You can include only one routing interface in a bridge domain.
To configure a bridge domain with IRB support, include the following statements:
[edit] bridge-domains { bridge-domain-name { domain-type bridge; interface interface-name; routing-interface routing-interface-name; service-id number; vlan-id (none | number); vlan-tags outer number inner number; } }
For each bridge domain that you configure, specify a bridge-domain-name. You must also specify the value bridge for the domain-type statement.
For the vlan-id statement, you can specify either
a valid VLAN identifier or the none option.
If you configure a routing interface to support IRB in
a bridge domain, you cannot use the all option for the vlan-id statement.
The vlan-tags statement enables you to specify a
pair of VLAN identifiers; an outer tag and an inner tag.
For a single bridge domain, you can include either the vlan-id statement or the vlan-tags statement, but
not both.
For MC-LAG bridge domains, when the VLAN identifier is none, use the service-id statement to facilitate
media access control (MAC) and Address Resolution Protocol (ARP) synchronization
among MC-LAG peers.
To include one or more logical interfaces in the bridge domain,
specify the interface name for each Ethernet interface to include
that you configured at the [edit interfaces] hierarchy
level.
A maximum of 4000 active logical interfaces are supported on a bridge domain or on each mesh group in a VPLS routing instance configured for Layer 2 bridging.
To associate a routing interface with a bridge domain, include
the routing-interface routing-interface-name statement and specify a routing-interface-name you configured at the [edit interfaces irb] hierarchy
level. You can configure only one routing interface for each bridge
domain. For more information about how to configure logical and routing
interfaces, see the Junos OS Network Interfaces Library for Routing Devices.
In Junos OS Release 9.0 and later, IRB interfaces are supported for multicast snooping. For more information about multicast snooping, see the Understanding Multicast Snooping and VPLS Root Protection.
In Junos 11.4 and later, IP multicast is supported on Layer 2 trunk ports through IRB interfaces using the Trio chipset.
In Junos OS Release 9.6 and later, in multihomed VPLS configurations,
you can configure VPLS to keep a VPLS connection up if only an IRB
interface is available by configuring the irb option for
the connectivity-type statement at the [edit routing-instances routing-instance-name protocols vpls] hierarchy
level. The connectivity-type statement has two options, ce and irb. The ce option is the default and
specifies that a CE interface is required to maintain the VPLS connection.
By default, if only an IRB interface is available, the VPLS connection
is brought down. For more information about configuring VPNs, see
the Junos VPN Configuration Guide.
When you configure IRB interfaces in more than one logical system on a device, all of the of the IRB logical interfaces share the same MAC address.
Integrated Bridging
and Routing (IRB) interfaces are used to tie together Layer 2 switched
and Layer 3 routed domains on MX routers. MX routers support classifiers
and rewrite rules on the IRB interface at the [edit class-of-service
interfaces irb unit logical-unit-number] level of the hierarchy.
All types of classifiers and rewrite rules are allowed, including
IEEE 802.1p.
The IRB classifiers and rewrite rules are used only for routed packets; in other words, it is for traffic that originated in the Layer 2 domain and is then routed through IRB into the Layer 3 domain, or vice versa. Only IEEE classifiers and IEEE rewrite rules are allowed for pure Layer 2 interfaces within a bridge domain.