| The following steps describe the process for creating a broadcast domain within the Layer 3 device and then mapping that to the VLAN through a trunk link: 1. | Create a bride group.
IOS | (global) bridge number protocol ieee
|
In global configuration mode, the bridge command creates a bridge group. The number option specifies the group; numbers can range from 1 to 255. If your VLAN on the switch is within this range, it is recommended to create a bridge group with the same number as the VLAN. The protocol option should always be ieee when working with switches because the switch does not understand the Digital Equipment Corporation Spanning-Tree Protocol (STP), and bridge loops may occur.
| 2. | Enable routing and bridging for the protocol.
In global configuration mode, the bridge irb command allows both routing and bridging for configured protocols. By default a Layer 3 switch or router will not bridge any routable protocol, such as IP, even if an interface is configured for bridging. To make the interface bridge the traffic, you could disable IP routing completely (not a likely option) or enable the IRB function.
NOTE Depending on the operating system (OS), you might have to add another command when IRB is enabled. The command no bridge number route ip might display in the configuration after you enable IRB. This command disables IP routing on any interface that is in the bridge group specified by the number option. If the command is not automatically entered, you will have to manually enter the command if you want to bridge between the interfaces. | 3. | Assign interfaces to the bridge group.
IOS | (interface) bridge-group number
|
In interface configuration mode, the bridge-group command adds a port to the bridge group. When a port is a member of the bridge group, all the interfaces in that group can communicate at Layer 2. Essentially the interfaces are in the same Broadcast domain, just like interfaces in the same VLAN on a Layer 2 switch. The number option specifies to which group an interface belongs. When an interface becomes a member of the group, it begins running the STP on that interface as well.
| 4. | Create a subinterface on a trunk link.
IOS | (global) interface type number.subintnumber
|
To extended the VLAN from a switched network into the router or Layer 3 device, you must get traffic from the Layer 2 switch with some indication of the VLAN associated with the traffic. You can do so through a trunk link. On the interface attached to the switch trunk link, you are going to create a subinterface. The interface command followed by the type (FastEthernet or GigabitEthernet) and the number.subintnumber option creates the subinterface. Each VLAN that will be mapped to the Layer 3 device will have its own subinterface. It is recommended that the subinterface number (the one after the dot) be the same as the VLAN that will map to that subinterface. For example, VLAN 3 connected to interface FA 0/1 would have a subinterface FA 0/1.3.
| 5. | Specify the encapsulation type and VLAN number.
IOS | [View full width] (subinterface) encapsulation {dot1q | isl}  vlannumber [native]
|
On the subinterface that was created in Step 4, you must specify the trunking encapsulation and the VLAN number that will be associated with this subinterface. The encapsulation command specifies this information. The dot1q or isl command specifies the trunk type, and the vlannumber specifies the VLAN.
NOTE 802.1Q trunk links do not tag for the native VLAN. On the Layer 3 switch, you must specify the native option for the subinterface attached to the native 802.1Q VLAN to prevent that VLAN from being tagged (typically VLAN 1). | 6. | Add the VLAN to the bridge group.
IOS | (subinterfac) bridge-group number
|
By adding the bridge group to the subinterface, you have added the VLAN from the switch to the bridge group on the router or Layer 3 device. This means all the interfaces on the Layer 3 device in the bridge group, and all the ports on the switch in the VLAN are in the same broadcast domain and effectively the same VLAN.
| 7. | Routing for the broadcast domain.
- a. Enable routing for the bridge group.
IOS | (global) bridge groupnumber route ip
|
In Step 2, either you or the router disabled the routing function on the Layer 3 device for interfaces in the bridge group for the IP protocol. If you want the Layer 3 device to route for all the devices in this broadcast domain (including those in the switch VLAN), you must first enable routing for this bridge group with the bridge groupnumber route ip command.
- b. Create the virtual Layer 3 interface.
IOS | (global) interface bvi groupnumber
|
When you enable routing for these interfaces, bridging will cease to function until you create a virtual Layer 3 interface to be used by the group. The interface bvi command creates that virtual interface for all the members of the bridge group.
- c. Assign an IP address to the Layer 3 interface.
IOS | (bvi-interface) ip address address mask
|
After you create the interface, you must assign it a Layer 3 address. This address becomes the gateway for all the devices in the bridge group and the VLAN.
|
|
