Bridging Cisco Router Interfaces

Justin EllenbeckerIT Director
This article is a guide to configure bridging on Cisco Routers.  This is something I never knew was possible until after making a few phone calls to Cisco.  Using bridging saved our company money by not requiring us to purchase a new switch.  Bridging can also be very useful in smaller environments to help save on wasting IPs.  The implementation I will be using for the example is this:  A single T1 comes into a router.  This router needs to hand off directly to a set of Redundant Firewalls without a switch between them.  We need to make sure both firewalls can plug into the router and use the same IP address for their next hop.  The commands used here are all entered from a Cisco 2811 running IOS version 12.3(8)T5.  Bridging is available in many other IOS versions and from what I have personally seen the commands have not changed.  So with all of that out of the way let's get into the router.

First connect to the router via the console.  We will be changing IP addresses and disabling interfaces which will cause your telnet sessions to disconnect.

After you connected you will need to be in "enable" mode so that you can make changes to the router.

Next we enter config mode, configure terminal

Now you should be sitting at a prompt similar to the one below:


There are three commands that we will enter to ensure that bridging is enabled.

Router01(config)#bridge irb
Router01(config)#bridge 1 protocol ieee
Router01(config)#bridge 1 route ip

Those commands are global commands, the next commands we will enter are to create the new bridged interface.  But in order to do that we have to take the IP address off of the old interface.  In this example FastEthernet0/0 has the IP assigned and we will be adding FastEthernet0/1 to the group.

Router01(config)#interface fa0/0
Router01(config)#no ip address

Router01(config)#interface BVI1
Router01(config)#ip address X.X.X.X Y.Y.Y.Y (IP Address and Subnet Mask)

Now we go back to the interfaces and add them to the bridge group

Router01(config)#int fa0/0
Router01(config)#bridge-group 1
Router01(config)#int fa0/1
Router01(config)#bridge-group 1

Now if you were to plug in a device that is configured on the same network as entered on the BVI1 Interface you would be able to ping the address. Through bridging we have effectively turned the to FastEthernet interfaces on our 2811 into a small switch.  This will allow you to run an active/active firewall system behind a single router with minimal hassle.  There are number of other uses for bridging as well I hope this article will help people realize the potential and use this new skill.
Justin EllenbeckerIT Director

Comments (2)

Thank you for the brief post and the excellent explanation. Sometimes things are just very simple, only we don't know that.
Outstanding summation.

Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.