Solved: Re: Use cases for Integrated routing and bridging on a router (IRB)

carl_townshend · ‎07-04-2024

Hi Guys

I would like to know what peoples general uses cases are for setting up IRB on a router? when do most people use and require it?

Cheers

Joseph W. Doherty · ‎07-04-2024

In general, when you need to connect L2 segments at L2. With the advent of inexpensive L2 switches, and L2 switch modules that might be added to a router, you seldom come across a need to use this feature.

BTW, unsure later IOSs, like XE still call it IRB. Also, I believe XE uses a BDI interface where earlier a BVI was used.

View solution in original post

Joseph W. Doherty · ‎07-04-2024

In general, when you need to connect L2 segments at L2. With the advent of inexpensive L2 switches, and L2 switch modules that might be added to a router, you seldom come across a need to use this feature.

BTW, unsure later IOSs, like XE still call it IRB. Also, I believe XE uses a BDI interface where earlier a BVI was used.

Giuseppe Larosa · ‎07-04-2024

Hello @carl_townshend ,

IRB provides a combination of L2 services and L3 services so that you can have traffic bridged or routed when needed.

The technology was introduced in classic IOS for software based routers but it is still current with evolutions in more platforms like ASR 1000 or ASR 9000.

see for example the following link

about IRB in EVPN over MPLS

https://www.cisco.com/c/en/us/td/docs/routers/ios/config/17-x/mpls/b-mpls/m-evpn-over-mpls.html?dtid=osscdc000283

I remember two projects I have worked on , one with ASR 9000 combining IRB within VPLS and one using IRB on Juniper MX routers using VRF lite ( virtual routers routing instances in JUNOS terminology)

Hope to help

Giuseppe

MHM Cisco World · ‎07-04-2024

if you have two endpoint share same subnet and you dont want use un-managment or management SW yuo can config BDI in router
this case
but real one which is need BDI in router is when router have zone firewall so it need to see traffic between endpoint even that have same subnet

https://www.cisco.com/c/en/us/support/docs/security/ios-firewall/98628-zone-design-guide.html

MHM

Joseph W. Doherty · ‎07-04-2024

@MHM Cisco World's example of using IRB for a FW is good. I too thought to mention it, but not so sure you would actually see this too often in practice.

What also has to be kept in mind, the "price" of router ports vs. switch ports (which interconnect L2 segments all the time) and/or possibly other techniques to not only use something like IRB for interface redundancy, but something like Etherchannel which can increase bandwidth between devices too.

Consider, you could use IRB to have two L2 links from a switch to the router. This provides interface and link redundancy between the router and switch, but it also creates a L2 loop, which can be broken by STP. If we're so worried about redundancy, what about the router and/or switch itself failing? Again, Etherchannel provide the same redundancy, but doesn't rely on STP and, in theory, potentially doubles bandwidth between router and switch.

BTW, in that reference, Appendix B example joins two VLANs, which usually negates the reason for having two VLANs. but, as the FW is the router, traffic between the two VLANs is subject to different FW rules. A good example, but I suspect for such an actual usage case, you're more likely to see a physical FW. (Still, good example!)