Bridge Domain and VLAN

Hey Everyone,

Just had a question about bridge domains and VLANs. Are they the same thing?

I'm going through the JNCIS-SP documents available from the Juniper site, and found this a little confusing.

Specifically I'm asking about the following.

In Study Guide 2, Chapter 2, Page 2-11:
The graphic says: Define the bridge domain (broadcast domain) AND VLANs to be used for switching.

This implies that bridge domains and VLANs are separate concepts.

Secondly, on Page 2-13 it says:

As opposed to configuring individual bridge domains for each VLAN used for switching, the Junos operating system allows for the configuration of many VLANs within a single bridge domain.

Here is my confusion with the above statement:

If a VLAN is the same a bridge domain, how can you configure many VLANs within a single bridge domain?

I think the problems is that I don't understand the difference between a bridge-domain and a VLAN.

Could someone help please?

Thanks!

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

tomtom1

The way I understand it is that a bridge domain is basically a set of ports that share the same flooding and learning capabilities. If you configure multiple VLANs (so not VLAN all) for a bridge domain, a separate bridge and learning domain is actually created per VLAN. JunOS uses this as a shortcut to create multiple bridge & learning domains.

If you create a bridge domain with VLAN all (1-4094) and traffic enters via a logical interface on VLAN 100, it is bridged to all interfaces in the bridge domain, where the ingress port could discard it if it does not have a logical interface for VLAN 100. Not a very effective way to bridge traffic.

The most simple use of a bridge domain is just doing a single bridge domain with a single VLAN and using Enterprise (family bridge) or SP style (encapsulation vlan-bridge), but a bridge domain can do much more than that. For example, it can do single or dual tagged VLANs.

So, to summarise, in most (if not all cases) there is a relationship between a VLAN and a bridge domain (because they share the same flooding and learning characteristics but a bridge domain is more flexible than a single VLAN.

up2thetime

tomtom1 wrote: »

The way I understand it is that a bridge domain is basically a set of ports that share the same flooding and learning capabilities. If you configure multiple VLANs (so not VLAN all) for a bridge domain, a separate bridge and learning domain is actually created per VLAN. JunOS uses this as a shortcut to create multiple bridge & learning domains.

If you create a bridge domain with VLAN all (1-4094) and traffic enters via a logical interface on VLAN 100, it is bridged to all interfaces in the bridge domain, where the ingress port could discard it if it does not have a logical interface for VLAN 100. Not a very effective way to bridge traffic.

I have to admit… I am incredibly confused here… I also read through Chapter 2 of the MX-960 book by Reynolds, and I am even more confused...

I also couldn't find any further details on the Juniper website (unless I'm looking in the wrong places).

I still don't get the difference between a Bridge Domain and VLAN. Above says:
a bridge domain is basically a set of ports that share the same flooding and learning capabilities

How is this different than a VLAN?

I come from a Cisco background, so I'm trying to relate the concepts of Bridge Domain and VLAN to everything I've learned from Cisco/Cisco Press.

Let me give you an example. On Cisco Catalyst switches, we can consider a VLAN a single broadcast domain. In the Reynolds book, he defines a Bridge Domain as:
A bridge domain is simply a set of IFLs that share the same flooding, filtering, and forwarding characteristics. A bridge domain and broadcast domain are synonymous in definition and can be used interchangeably with each other.

He even says that a bridge domain is synonymous with a broadcast domain.

So according to Cisco, a VLAN is a Broadcast Domain.
According to Reynolds, a Broadcast Domain is synonymous with a Bridge Domain.
Therefore VLAN = Bridge Domain

Except, that's not the case...

Is there an equivalent concept to a Bridge Domain in the Cisco world? I'm familiar with taking a bunch of interfaces, putting them all in a VLAN, and that's it. We can create a VLAN, add ports to it, define the VLAN on trunks, and there isn't much else.

Don't even get me started on the concept of a Learning Domain.

Reynolds say that:
Bridge domains require a method to learn MAC addresses. This is done via a learning domain. A learning domain is simply a MAC forwarding database.

What does he mean that bridge domains require a method to learn MAC addresses. Isn't the method known as backward learning? A node forwards a frame into the network and the switch records the MAC Address.

Any assistance would be appreciated. Any additional reading materials would also help. Can't seem to find much else. I thought the Reynolds book would set it all straight, but it's left me with more questions than anything else. Yes, I've gone through the chapter a few times.