cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2233
Views
15
Helpful
14
Replies

ASR1000 - Bridge Domain Interface

Bob_Rock
Level 1
Level 1

Hi all ,

 

I'm a litle bit lost regarding bridging vlan on my router ASR1111 (IOS-XE, no more IRB support).

I have read about BDI, and i'm trying the get a grasp of it.

 

The point is I would like to bridge vlan through my router on specific interfaces for example :

r1.png

R1 : 
interface GigabitEthernet0/0/0
 no ip address
 load-interval 30
 negotiation auto
 service instance 10 ethernet
  encapsulation dot1q 100
  rewrite ingress tag pop 1 symmetric
  bridge-domain 100
interface BDI100
 ip address dhcp
interface GigabitEthernet0/1/0
switchport trunk allowed vlan 100
switchport mode trunk

Interface BDI100 gets IP address from DHCP server, now I would like that R2 also gets IP from the same DHCP server.

So the question is relation between bdi100 and vlan 100

 

Thank you in advance

 

1 Accepted Solution

Accepted Solutions

Hi,

 

l2 vfi does not exist on C1111 (Cisco IOS XE Software, Version 16.12.05).

I think I have found out what the problem was ... it looks like it was a firmware bug. (I should have upgraded FW first.....)

My original firmware was Cisco IOS XE Software, Version 16.09.02, now I have upgraded the router with Cisco IOS XE Software, Version 16.12.05 and everything works as expected.

 

The configuration looks like this now :

DHCP is the router where I have dhcp configured.

R1 should bridge vlan 100 to R2.

 

Configuration on R1

 

interface GigabitEthernet0/0/0
 description UPLINK-to-DHCP
 no ip address
 negotiation auto
 service instance 100 ethernet
  encapsulation dot1q 100
  bridge-domain 100
 !
interface BDI100
 description Get-IP-from-DHCP
 ip address dhcp
 encapsulation dot1Q 100
!
interface GigabitEthernet0/1/0
 description to-R2
 switchport trunk allowed vlan 100
 switchport mode trunk
!
interface Vlan100
 no ip address
 service instance 100 ethernet
  encapsulation dot1q 100
  bridge-domain 100
!

Bridge-domain 100 on R1

R1#show bridge-domain 100
Bridge-domain 100 (3 ports in all)
State: UP                    Mac learning: Enabled
Aging-Timer: 300 second(s)
    BDI100  (up)
    GigabitEthernet0/0/0 service instance 100
    Vlan100 service instance 100
   AED MAC address    Policy  Tag       Age  Pseudoport
   -   4CE1.75B3.2673 to_bdi  static    0    BDI100
   0   6C31.0E4C.1800 forward dynamic   300  Vlan100.EFP100

Configuration on R2

 

 

interface GigabitEthernet0/0/0.100
 description UPLINK-to-R1
 encapsulation dot1Q 100
 ip address dhcp

 

Now finally R2 gets IP from the DHCP server, thank you guys for your help.

 

 

 

View solution in original post

14 Replies 14

in R1 both interface must have same config, then join then with BDI.

DHCP is send as broadcast and R1 will flood from one port to other port since they are same broadcast domain.

balaji.bandi
Hall of Fame
Hall of Fame

Post the full configuration of all the routers to understand why R2 not able to get the DHCP From DHCP Server.

 

or follow the below simple configuration.

 

https://www.cisco.com/c/en/us/support/docs/lan-switching/integrated-routing-bridging-irb/200650-Understanding-Bridge-Virtual-Interface.html#anc5

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Hello,

 

the BDI interface on R1 is the layer 3 interface. You need to configure an ip helper-address on that interface in order for the DHCP broadcasts to be forwarded to the DHCP server:

 

interface BDI100
ip address dhcp

ip helper-address x.x.x.x <-- IP address of the DHCP server

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello @Bob_Rock ,

as noted by @balaji.bandi and @MHM Cisco World  both physical interfaces need to be configured in the same way as members of bridge domain 100.

 

This is why R2 is not able to get an IP address with current configuration

 

Hope to help

Giuseppe

 

Just out of curiosity, would the BDI not block DHCP requests from R2 anyway ?

Hello @Georg Pauwen ,

>> would the BDI not block DHCP requests from R2 anyway ?

it is still a single broadcast domain when configured correctly and the BDI as an SVI should be just a virtual host attached to it.

It comes into play if the server would be in another IP subnet

 

Hope to help

Giuseppe

 

Hi,

thank you for your answers and effort regarding this problem (well I guess it's me and my lack of knowledge and not the device).

I get it that if I configure both routed interfaces as memeber of the same bridge-domain they are in the same broadcast domain and everything works, just fine.

For example :

interface GigabitEthernet0/0/0
 description UPLINK-to-DHCP
 no ip address
 negotiation auto
 service instance 100 ethernet
  encapsulation dot1q 100
  bridge-domain 100
 !
interface GigabitEthernet0/0/1
 description to-R2
 no ip address
 negotiation auto
 service instance 100 ethernet
  encapsulation dot1q 100
  bridge-domain 100
 !
interface BDI100
description IP-on-R1
ip address dhcp
encapsulation dot1Q 100

But lets presume that you have C1116 that has only one routed interface Gi0/0/0 ? What would be the solution for bridging in that case ?

So how do you connect l2 vlans and bridge-domains ? Is it possible ?

Far fetched attempt was to make l3 vlan interface 100 and put it as a part of the bridge-domain 100, but it didnt work ,like it was not in the same broadcast domain, although it was seen :

 

show bridge-domain 100
Bridge-domain 100 (4 ports in all)
State: UP Mac learning: Enabled
Aging-Timer: 300 second(s)
BDI100 (up)
GigabitEthernet0/0/0 service instance 100
GigabitEthernet0/0/1 service instance 100
Vlan100 service instance 100

For example you could do this wih IRB on Cisco 881 :

 

interface Fa4.100
 description BRIDGE-DHCP
 encapsulation dot1Q 100
 bridge-group 6
 no shut
exit
 
vlan 100
 name BRIDGE-DHCP
exit

interface Vlan100
 description BRIDGE-DHCP
 no ip address
 bridge-group 6
 no shut
exit

bridge irb

bridge 6 protocol ieee
bridge 6 route ip

int Bvi6
 description BRIDGE-DHCP
 ip add dhcp
 no shut
exit

interface Fa1
 description BRIDGE-DHCP
 switchport mode access
 switchport access vlan 100
 no shut
exit

 

 

Thank you for the input and glad all working as expected - we mark this as resolved now.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

...

Hi,

 

l2 vfi does not exist on C1111 (Cisco IOS XE Software, Version 16.12.05).

I think I have found out what the problem was ... it looks like it was a firmware bug. (I should have upgraded FW first.....)

My original firmware was Cisco IOS XE Software, Version 16.09.02, now I have upgraded the router with Cisco IOS XE Software, Version 16.12.05 and everything works as expected.

 

The configuration looks like this now :

DHCP is the router where I have dhcp configured.

R1 should bridge vlan 100 to R2.

 

Configuration on R1

 

interface GigabitEthernet0/0/0
 description UPLINK-to-DHCP
 no ip address
 negotiation auto
 service instance 100 ethernet
  encapsulation dot1q 100
  bridge-domain 100
 !
interface BDI100
 description Get-IP-from-DHCP
 ip address dhcp
 encapsulation dot1Q 100
!
interface GigabitEthernet0/1/0
 description to-R2
 switchport trunk allowed vlan 100
 switchport mode trunk
!
interface Vlan100
 no ip address
 service instance 100 ethernet
  encapsulation dot1q 100
  bridge-domain 100
!

Bridge-domain 100 on R1

R1#show bridge-domain 100
Bridge-domain 100 (3 ports in all)
State: UP                    Mac learning: Enabled
Aging-Timer: 300 second(s)
    BDI100  (up)
    GigabitEthernet0/0/0 service instance 100
    Vlan100 service instance 100
   AED MAC address    Policy  Tag       Age  Pseudoport
   -   4CE1.75B3.2673 to_bdi  static    0    BDI100
   0   6C31.0E4C.1800 forward dynamic   300  Vlan100.EFP100

Configuration on R2

 

 

interface GigabitEthernet0/0/0.100
 description UPLINK-to-R1
 encapsulation dot1Q 100
 ip address dhcp

 

Now finally R2 gets IP from the DHCP server, thank you guys for your help.

 

 

 

one Q. why you don't apply service instance directly to link but you apply it under VLAN 100?

Sorry, what do you mean with "directly to link" ?

you have two 
g0/0/0<-service instance under the interface 

g0/1/0<-service instance under the vlan 

 

why you choose this config ?

For example if I would like to aggregate 2 interfaces on C1000, this could only be done on routed interfaces Gi0/0/0 and Gi0/0/1.

Switched interfaces don't have command channel-group.(Cisco IOS XE Software, Version 16.09.02 - could be because of the version, currently i'm at home so I cannot test it on new version). So this forces me to use routed interfaces for port aggregation.

 

And than if I want to bridge one of vlans in this Port-channel toward the next router, I would have to use switched interfaces (range Gi0/1/0-Gi0/1/3), because Gi0/0/0 and Gi0/0/1 are already used for Po.

 

Example :

interface GigabitEthernet0/0/0
 description Po10
 no ip address
 negotiation auto
 channel-group 10 mode active
!
interface GigabitEthernet0/0/1
 description Po10
 no ip address
 negotiation auto
 channel-group 10 mode active
!
interface Port-channel10
 description UPLINK
 no ip address
 no negotiation auto
 service instance 10 ethernet
  encapsulation dot1q 10
  bridge-domain 10
 !
 service instance 100 ethernet
  encapsulation dot1q 100
  bridge-domain 100
!
interface BDI10
 ip address dhcp
 encapsulation dot1Q 10
!
interface BDI100
 ip address dhcp
 encapsulation dot1Q 100
!
interface vlan 100
 no ip address
 no shut
 service instance 100 ethernet
  encapsulation dot1q 100
  bridge-domain 100
!
interface GigabitEthernet0/1/0
 description to-R2
 switchport trunk allowed vlan 100
 switchport mode trunk
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: