Ref: 03250410
Title: Discussion of Routers vs. Bridges
Date: 12/18/88

Copyright 3Com Corporation, 1991.  All rights reserved.

By Henry Nussbacher, Israel Network Information Center
December 18, 1988

Acknowledgements:

 Rob Austein      - MIT
 Bob Braden       - ISI
 Scott Brim       - Cornell University
 Charles Hedrick  - Rutgers University
 John Lekashman   - NASA
 Radia Perlman    - MIT
 Yakov Rekhter    - IBM
 G.A Sawkins, D. Crocker: Internetworking Connections: A
   Comparison of Options, May 1987

This  paper  will  attempt  to  analyze  the differences between
routers and bridges.  Routers operate at the Network Layer (level 3)
and typically  understand routing  protocols inherent  in Tcp/Ip  or
Decnet or XNS.  Bridges operate at the Data Link Layer (level 2) and
do not understand anything  about any communications protocol  other
than the physical medium, which is typically an Ethernet.

The difference with this paper will be the fact that in addition
to "standard" routers and bridges, an attempt will be made
to analyze multi-protocol routers and routing bridges.

The differences between the two aspects (level II vs. level III)
are slowly merging and in the near future the two technologies
will meet somewhere in the middle.

For further reading, look for the January 1988 issue of IEEE
Network which is dedicated to the topic of bridges vs. routers.

.h1;Performance

Currently, bridges will outperform routers.  The numbers
generally quoted are that routers forward packets in the high
hundreds, while bridges forward packets in the low thousands.
Standard bridges like DEC's LANBRIDGE can easily forward 4,000
packets per second, whereas Rad's REB routing bridge claims to
forward 2,500 pps.  On the other hand, multiprotocol  routers
claim approximately 1200 pps (Proteon's p4200 and cisco's AGS)
under peak conditions.

Bridges need to examine every packet whereas routers only look at
packets addressed to it.  Since the time involved in scanning
every packet is enormous, bridges must make use of specially
designed hardware.  But as bridges attempt to look deeper into
each packet to perform such functions as security and access
controls, their throughput will drop.  As routers use faster
technology  (i.e. 68020) and special purpose hardware, their
throughput should rise.

But one aspect that is always ignored when examining the router
vs. bridge controversy is the speed of the link used by the
router or bridge.  When dealing with 2 Ethernet segments
connected via a T1 link, any bridge is able to pump out enough
packets to utilize the full bandwidth of the T1link.  But when
confronted with 64kb data links, both a router and a bridge can
easily saturate a 64kb link to capacity.  So the bottleneck is
moved from the box to the line. If you purchase a bridge because
it  will pump 4 times as many  packets through, but you work with
64kb links, you will be disappointed.  On the other hand, if you
have been using a router on a  T1 link and upgrade to a  bridge,
you will notice a significant increase in throughput.

.h1;Multi-media support

Routers have the ability to transcend differences in media. If
one site runs a 50Mb Hyperchannel, another runs a token ring
(i.e.  Pronet-4), and another runs an Ethernet, a router can be
used to interconnect all of them.  The address translation occurs
at a layer above the MAC level, namely the IP layer.  Proteon's
p4200 supports Ethernet, token ring and X.25 networks.  Cisco's
AGS supports Ethernet and X.25 and they are working on token
ring.

Current bridges cannot handle multi-media systems.  Many  bridge
vendors are working on supporting multi-media networks.  It is
expected that both technologies will arrive at the same place in
the very near future.

The importance of being independent of other sites hardware
requirements is a crucial factor in designing an adaptable
network.

.h1;Multi-protocol support

A year ago, bridges were considered the only option if you had
networks that needed to handle TCP/IP, Decnet and XNS, all at the
same time.  Today, there are routers available that can handle
full TCP/IP, XNS's IDP (Internet Datagram Protocol - the
equivelent of IP), and Decnet's specifications for a DNA Phase
IV, Level 2 area router.  These changes in routers required
extensive software modifications and testing.

Bridges have no problem accepting any new protocol thrown at
them.  They ignore anything above level II.  This is one reason
why bridges are ahead of routers in throughput.  A "standard"
bridge is inherently a simpler box.

.h1;Software changes

Bridges almost never need software changes, since the basic
operation is founded on the Ethernet packet format.  Software
changes are only necessary if new functions need to be added such
as accounting, security, access controls or network management.

Routers are almost all software.  New releases of router software
are very common as better algorithms and protocols are
developed.  This can either be viewed as a positive or negative
aspect.  The negative aspect is that you are  always updating the
software in the box and when you find a release level that works,
you tend to fixate on it and reject all future updates (or until a
major new function is introduced).  The positive aspect is that you
can easily implement new functionality with the ease of replacing a
diskette.

.h1;Broadcasts and Multicasts

An Ethernet Broadcast is meant to be delivered to all nodes in
the network.  Bridges are designed to deliver all Broadcast and
Multicast messages to all Ethernet segments (although certain
bridges can be configured to filter some Multicasts).  Routers
do not transmit Broadcasts and Multicasts.  ARP (Address
Resolution Protocol), RWHO, and ROUTED are just three functions
in TCP/IP that generate a significant amount of Ethernet
Broadcast traffic.

When analyzing router vs. bridge performance, care should be
taken to generate sizable Broadcast traffic.  Routers will not be
affected, but bridges will.

.h1;Network Isolation

In any network, a broken node can damage an entire network.  A
node that is transmitting legal but spurrious packets can easily
saturate a network.  With routers, that traffic is localized to the
Ethernet segment where the "badly behaved" host is situated.  With
bridges, this traffic will propagate to the rest of the network.

The  Internet has heard stories of ARP storms, meltdowns,
building firewalls and all sorts of exotic and dangerous sounding
events.  Bridges make the entire network susceptible to these
events, while routers isolate the event to a specific Ethernet
segment.

.h1;Cost

Bridges usually cost less than routers, since most of the box is
customized hardware with very little software, while routers have
simpler hardware but extensive software.  Most bridges come with 2
network interfaces vs. routers that usually come with four, so the
total system cost tend to get closer when examining the entire
network.

.h1;Security

IP (level 3) addresses are logical rather than MAC (level 2)
addresses, which are physical.  Certain hosts may either
accidentally or on purpose, select an IP address that is being
used by another host.  This is a security problem that has
existed in TCP/IP since its inception but bridges tend to make
the problem worse.

Routers separate hosts into subnets, therefore an impersonator
will be trapped inside a subnet.  Since a bridge doesn't separate
hosts into subnets, an impersonator (accidental or malicious) can
inflict damage on all segments of the network.

.h1;Routing

This is the area that has lately heated up.  Simple bridges
only support tree style networks with no closed loops among the
Ethernets.  Advanced bridges allow closing loops and support
redundant links.

Some of the advanced bridges handle loops by simply placing
one link into standby mode, thereby  opening the loop.  When one
of the links goes down, the "stand-by" link will be enabled for
use.  Other advanced bridges (Rad's REB) allow for complete
network loops.  The redundant path support is only supported
between two adjacent bridges which limits the amount of network
load balancing that can be accomplished.

Routers use two basic protocols for forwarding IP packets: RIP -
Routing Information Protocol and EGP - Exterior Gateway Protocol.
The IP header basically controls how an IP router will function.
Some of the fields that are used via routers are: TTL - Time to
live - to prevent network loops; security; precedence; TOS - type
of service; fragment - to assist transition between different
types of media network; record route - to record the list of IP
addresses the packet has passed through, useful as an audit
trail.

Each field in an IP header is there to do a specific function to
assist in routing.  Any  bridge  that attempts to perform routing
would have to use all of these fields - but at the MAC layer.
These bridges are basically reconstructing the IP layer at the
MAC layer.  In that case, if a bridge supplies the same routing
capabilities as a router it would be a router, with the same
slower performance throughput.  Intelligent bridges only supply
a small subset of the routing capabilities available at the IP
layer and therefore can claim signficant performance
differences.

Bridges that attempt to perform routing need to keep track of
distinct MAC addresses.  They learn as they go along.  Initially,
the routing will not be optimal, but a learning bridge that
performs routing would learn the best path, over a period of
time.  In small networks this may be feasible, but when
interconnecting hundreds of Ethernets, each with hundreds of MAC
addresses, these systems cease to function.  The traffic  between
the  bridges would be enough to saturate any 64kb link.  The
Arpanet has seen saturation levels with 300 IP networks
interconnected. If routing were performed via MAC level
addresses, saturation would have been achieved with but 10% of
the defined network.

Routers communicate with each other via RIP or EGP and can
therefore know the entire status of the network (busy links, high
cost links, down links, etc.) and route packets along various
paths.  With an IP router, some packets may travel a completely
different path than others and it is up to the destination IP to
reconstruct the packets.  Routers choose the best path for each
packet based on all the inforamtion they have at their disposal.

Routers use the IP layer with the network structure being viewed
as a hierarchical tree.  Therefore, routers do not need to cache
all IP addresses that exist.

.h1;Summary

There are still major differences between routers and bridges.
If you have a small network (three to four Ethernet segments,
with no more than 25 MAC addresses) then a routing bridge is the
best solution.

But if your network comprises many segments and subnets and you
have hundreds of MAC addresses defined, then a multiprotocol
router is the best solution.

The exact metric of where one should be used instead of another
is the matter of a holy discussion, and one that I do not intend
to get into.

