03-28-2014 09:08 AM - edited 03-04-2019 10:40 PM
We are migrating from a Cisco 7304 to a ASR 1002-X for our Internet router. Previously in the 7304 we used a BVI with our primary and redundant physical interfaces that connected to our service provider. Spanning tree was used on the physical interfaces to control the traffic flow for these redundant connections. The attached diagram shows the topology. I have not found a method like spanning tree to control traffic when using the bridge domain. We are not running any routing protocol for our Internet connection between ourselves and our service provider. We only use a static route pointing to their address on the other side of the /30 network for all Internet traffic. I currently have one of the interfaces shutdown to make sure I don't have a loop present. Has anyone had experience with a similar situation that might be able to provide some insight? My current configuration is:
bridge-domain 100
!
interface GigabitEthernet0/0/0 ip address 67.xxx.xxx.254 255.255.255.0 negotiation auto
!
interface GigabitEthernet0/0/1
description Primary connection
no ip address
negotiation auto
service instance 100 ethernet
encapsulation untagged
bridge-domain 100
!
!
interface GigabitEthernet0/0/2
description Backup connection
no ip address
negotiation auto
service instance 100 ethernet
encapsulation untagged
bridge-domain 100
!
!
interface BDI100
ip address 24.xxx.xxx.xxx 255.255.255.252
04-04-2014 12:41 PM
Hi
Look This
http://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k_r4-2/interfaces/configuration/guide/hc42asr9kbook/hc42irb.html#wp1016819
Rate if you liked
09-13-2016 10:19 AM
I'm curious, did you ever get this figured out. I have a similar scenario and have some funky behavior so far.
09-20-2016 06:55 AM
We have since moved away from this configuration with a new service provider but I had the service provider at that time tag a vlan 100 on their side and configured our side as shown below.
bridge-domain 100
!
bridge irb
!
!
interface TenGigabitEthernet0/2/0
no ip address
shutdown
service instance 100 ethernet
encapsulation dot1q 100
bridge-domain 100
!
!
interface TenGigabitEthernet0/3/0
no ip address
service instance 100 ethernet
encapsulation dot1q 100
bridge-domain 100
!
interface BDI100
ip address 24.xxx.xxx.xxx 255.255.255.252
encapsulation dot1Q 100
11-22-2016 07:14 AM
I implemented the same and it worked for me without any performance issue complained so far but we're facing a lot of retransmission, duplicated packets received in the other end, packets being sent to both interfaces even if the destination is a known mac-address listed in show bridge-domain table, excessive amount of multicast. Did you experienced the same? In my case I have redundant Checkpoint firewalls in the other end and couldn't find the reason of this behavior.
I'll list below some shows I think it'd help you to understand.
!## members of bridge-domain ##
Bridge-domain 100 (3 ports in all)
State: UP Mac learning: Enabled
Aging-Timer: 300 second(s)
BDI100 (up)
GigabitEthernet0/0/3 service instance 100
GigabitEthernet0/0/4 service instance 100
!## show interfaces ##
GigabitEthernet0/0/3 is up, line protocol is up
Hardware is 6XGE-BUILT-IN, address is <mac-address>
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 14/255, rxload 21/255
Encapsulation ARPA, loopback not set
Keepalive not supported
Full Duplex, 1000Mbps, link type is force-up, media type is T
output flow-control is on, input flow-control is on
ARP type: ARPA, ARP Timeout 04:00:00
Last input 3d18h, output 00:05:20, output hang never
Last clearing of "show interface" counters 2d05h
Input queue: 0/375/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 85563000 bits/sec, 20818 packets/sec
5 minute output rate 56228000 bits/sec, 19891 packets/sec
2349572630 packets input, 1387111196441 bytes, 0 no buffer
Received 3188 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 1453078 multicast, 0 pause input
2133773997 packets output, 1035365749547 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped out
GigabitEthernet0/0/4 is up, line protocol is up
Hardware is 6XGE-BUILT-IN, address is <mac-address>
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 10/255, rxload 30/255
Encapsulation ARPA, loopback not set
Keepalive not supported
Full Duplex, 1000Mbps, link type is auto, media type is T
output flow-control is on, input flow-control is on
ARP type: ARPA, ARP Timeout 04:00:00
Last input 3d19h, output 00:05:21, output hang never
Last clearing of "show interface" counters 2d05h
Input queue: 0/375/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 117701000 bits/sec, 18131 packets/sec
5 minute output rate 40887000 bits/sec, 14102 packets/sec
1686231805 packets input, 1248717736692 bytes, 0 no buffer
Received 7 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 1480020 multicast, 0 pause input
1547107873 packets output, 799906960922 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped out
!## sh int sum ## - There are much more bits/packets sent/received in the physical interfaces than in the BDI, is it an expected behavior?
IHQ: pkts in input hold queue IQD: pkts dropped from input queue
OHQ: pkts in output hold queue OQD: pkts dropped from output queue
RXBS: rx rate (bits/sec) RXPS: rx rate (pkts/sec)
TXBS: tx rate (bits/sec) TXPS: tx rate (pkts/sec)
TRTL: throttle count
Interface IHQ IQD OHQ OQD RXBS RXPS TXBS TXPS TRTL
-----------------------------------------------------------------------------------------------------------------
* GigabitEthernet0/0/3 0 0 0 0 85435000 20962 54889000 19862 0
* GigabitEthernet0/0/4 0 0 0 0 115482000 17832 39649000 14087 0
* BDI100 0 0 0 0 159956000 24672 54757000 19790 0
11-23-2016 04:48 AM
We never saw any of these issues when this was implemented for our Internet connections. Spanning tree always had one interface forwarding and the other blocked. We never had any retran or multicast issue.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide