cisco bridging
This article is here as a reminder.
So, for testing, I needed to configure a Cisco CSR1000V virtual router as a bridge. So I used a version 16 Cisco IOS XE image. To make my life easier I used the "wizard" that runs the first time to automatically configure bridgning. Ironically, this created an invalid configuration.
Over the years, cisco has transitioned through multiple ways to configure bridging, searching the Internet, it was not clear to me how to configure bridging. Eventually I manage to configure using bridge domains. The configuration is as follows:
Configure spanning tree features
These are cisco global settings. For my test I was using the following:
spanning-tree mode rapid-pvst
spanning-tree loopguard default
spanning-tree portfast bpduguard default
spanning-tree extend system-idSome of these setting are ON by default, so in some cases you don't need to.
Configure bridge domains
bridge-domain 1
bridge-domain 200
bridge-domain 201Actually, these are not needed as they are automatically created when configuring
the bridge-domain interfaces. However, these would show on the running-config.
Configure bridge members
For network interface, you need:
interface GigabitEthernet1
no ip address
service instance 1 ethernet
encapsulation dot1q 1
bridge-domain 1
!
service instance 200 ethernet
encapsulation dot1q 200
bridge-domain 200
!
service instance 201 ethernet
encapsulation dot1q 201
bridge-domain 201
!- The interface line for the given port that is part of the switch.
no ip address: We are doing Layer-2, so no IP is needed.- For each VLAN that we are bridging we need:
service instance ID ethernetencapsupation dot1q VLAN_IDbridge-domain ID
- Note that I made the VLAN_ID the same as the instance ID and the bridge-domain ID. This is not necessary but makes things less confusing.
encapsulationis used for VLAN tagging. It is possible to useencapsulation untagged. However, Spanning Tree protocol doesn't run on the untagged VLAN.