Layer 2 bridging is an implementation of IEEE 802.1D transparent bridging that has been used in bridges and Layer 2 switches for many years.

An L2 bridge checks the destination media access control (MAC) address of each incoming frame. If the MAC address is assigned to the bridge computer, the frame is processed by it as the destination. If the MAC address is not assigned to the bridge computer, the Network Bridge notes the source address of the frame and the port on which the frame was received and either creates or refreshes an entry in a Layer 2 bridge table. The port is a number that identifies the network adapter and its corresponding LAN segment. Each entry in the Layer 2 bridge table consists of a MAC address, the port number corresponding to the LAN segment on which a frame from the MAC address was received, and a timeout value. Entries in the Layer 2 bridge table persist for 5 minutes before being removed.

Because the Layer 2 bridge table is built on the basis of the source MAC address of incoming frames, it never contains entries for broadcast or multicast MAC addresses.

When a valid frame not destined for the bridge is received, the bridge computer looks up the destination MAC address in the Layer 2 bridge table and takes one of the following actions:

• If the destination address is found and is on the same port from which the frame was received, the frame is silently discarded. This operation is known as filtering. The bridge computer pre-vents intra-segment frames from being forwarded beyond the LAN segment on which it originated.

• If the destination address is found and is on a different port from which the frame was received, the frame is forwarded out through the port that corresponds to the destination’s LAN segment. This operation is known as selective forwarding. The transparent bridge intelligently forwards inter-segment frames with a known destination MAC address. The filtering and selective forwarding operations of transparent bridges are used in large networks to segment network traffic.
• If the destination address is not found, the frame is forwarded out through all of the ports except the one on which the frame was received. This operation is known as flooding. To maintain LAN segment connection transparency, the bridge computer blindly forwards frames with an unknown destination MAC address. All broadcast and multicast MAC traffic is flooded because there are never any broadcast or multicast entries in the Layer 2 bridge table.

The flooding operation of transparent bridges, while useful for maintaining the transparency of the connection LAN segments, creates forwarding storms for frames with an unknown destination address whenever bridges that have forwarding enabled on all ports are connected in a loop.

Tags: windows, microsoft, diana huggins, layer 2 bridging, l2 bridge