Bridging VLANS

DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
HI,

I am merging a few networks together and there is an issue with the same VLAn being used multiply times, So i need to sort this out before I can merge it all together.

So for example I use vlan 66 for management and one of the network I need to merge with also use vlan 66 for security access devices.

I want to move there devices to vlan 80 but doing it in one hit is going to be a real pain. What I want to do is on security switch network is bridge vlan 66 and 80 together at layer 2 so I can migrate each device separately with out any downtime. then once every thing is moved across unbridge them, leaving VLAN 66 free and ready to be merged.

These are all cisco devices. (2960 switches)

I know I could do this by cabling a access port in each vlan together, but I was wondering if you can do it via CLi as I have quite a few to sort out, and many are on remote devices.

Cheers
  • If you can't explain it simply, you don't understand it well enough. Albert Einstein
  • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.

Comments

  • DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
    Is it jsut as simple as going in to the vlan interfaces and configuring them as "bridge-group 1 "
    • If you can't explain it simply, you don't understand it well enough. Albert Einstein
    • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
  • broli720broli720 Member Posts: 394 ■■■■□□□□□□
    I am confused. Bridging VLANS sounds like you want them to talk together, but that's not what you're describing. Why can you not just re-assign all the vlans on your switches to whatever you want? Then just pick what interface you want to assign them to. I suggest getting this all hashed out on paper before making any changes. Design is always key.
  • d4nz1gd4nz1g Member Posts: 464
    Could you share a sample topology of your scenario?
  • DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
    broli720 wrote: »
    I am confused. Bridging VLANS sounds like you want them to talk together, but that's not what you're describing. Why can you not just re-assign all the vlans on your switches to whatever you want? Then just pick what interface you want to assign them to. I suggest getting this all hashed out on paper before making any changes. Design is always key.

    I have network A of 50 switches + network B of 50 switches.

    both network A and B have vlan 66 configured so before I can trunk the networks together I need to migrate the devices on vlan 66 on one of the networks to a different one.

    However both vlan66's have critical devices (building management systems) that only work at layer 2, and they all need to move together, lots of client slave devices.

    if I move each port then there will be times that some devices wont be able to talk to others and with the business I work in, if the BMS systems are down then all work stops!

    What I want is on network B, to bridge the old vlan 66 and a new vlan 80 in to a single layer2 domain. I can move access ports one by one from 66 to 80, with out the devices losing any connectivity. once all the ports are in the new vlan I can test, unbridge and I am left with an empty vlan 66 that I can delte and am ready to merge network A and B with out an vlan conflicts.
    • If you can't explain it simply, you don't understand it well enough. Albert Einstein
    • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
  • DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
    • If you can't explain it simply, you don't understand it well enough. Albert Einstein
    • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
  • AwesomeGarrettAwesomeGarrett Member Posts: 257
    Correct me if I'm wrong, but I believe routable protocols(i.e IP) will not be bridged with the design you have in mind.
  • DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
    Correct me if I'm wrong, but I believe routable protocols(i.e IP) will not be bridged with the design you have in mind.

    Well that was my question. Using a cable to bridge two vlans will work. so a switch with an access port in vlan X connected to a switch with access port in vlan y and devices on vlan x and y will communicate.

    But I dont know about the bridging interfaces method.

    this seems to suggest it can work,
    Understanding Issues Related to Inter-VLAN Bridging - Cisco
    but havent managed so far :)
    • If you can't explain it simply, you don't understand it well enough. Albert Einstein
    • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
  • broli720broli720 Member Posts: 394 ■■■■□□□□□□
    I understand your problem now. Funny enough I've never really run into this.
  • apr911apr911 Member Posts: 380 ■■■■□□□□□□
    Bridge-groups are used to make Layer 3 interfaces act like Layer 2. In other words, make a router act like a switch.

    http://www.techexams.net/forums/ccnp/53905-bridge-groups-vs-vlans.html

    fredrikjj's diagram of the bridge-group would be correct if the device between the vlans was a Layer 3 device.

    Here are some more configurations of bridge-groups:
    Aironet APs: Bridge Groups and BVI - PacketLife.net
    https://paulsuela.wordpress.com/2010/11/28/cisco-bridge-group-transparent-bridging-between-2-different-vlans-2/

    I dont know how the switch would react to this but if you're trying to minimize gear I suppose you could do this:

    Switch A:
    int fa0/1
    sw ac vl 66

    int fa0/2
    sw ac vl 80

    And then use a cross connect cable to connect port 1 to port 2...

    OR

    Switch A:
    int fa0/1
    sw ac vl 66

    Switch B:
    int fa0/1
    sw ac vl 80

    And then use a cross connect cable to connect Switch A port 1 to Switch B port 1.

    Anecdotal evidence seems to suggest that the cross-connected port method may cause issues in the network as seen here:
    https://supportforums.cisco.com/discussion/10957006/bridging-2-vlans-together-2960-switch
    This shouldn't be the case but its something to be aware of since the cause of this issue was never really determined.

    I dont believe there is a way to bridge vlans directly within a layer 2 device though... I know there are some bridging commands, specifically under the "vlan" configuration context but I believe those are for bridging different types of vlan networks and I dont believe you can bridge an ethernet vlan to another ethernet vlan.
    Currently Working On: Openstack
    2020 Goals: AWS/Azure/GCP Certifications, F5 CSE Cloud, SCRUM, CISSP-ISSMP
  • DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
    Seems every agree with my first comment that you have to use a physical wire.

    I was hoping cisco had come up with a method to ease the merging and splitting of vlans. like when joining together two IP networks, if you have identical subnets you can use NAT to allow them to talk together.

    Understanding and Configuring VLAN Routing and Bridging on a Router Using the IRB Feature - Cisco

    figure III is what I am looking to do.

    So I could go get a router of the shelf and set this up, but I was hopping that a 6500 would have this feature, but it seems not.
    • If you can't explain it simply, you don't understand it well enough. Albert Einstein
    • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
Sign In or Register to comment.