Ref: 14970001
Title: Replacing Bridges With Brouters in a TCP/IP Environment
Date: 4/9/90

Copyright 3Com Corporation, 1991.  All rights reserved.

This article describes how to move from internetworking with bridges to
using 3Com's new brouter products in a TCP/IP environment.  The article
explains how to replace 3Com IB/2s or IB/2000s with BR/2000s, and IB/3s
with BR/3000s or BR/3s, but the principles would apply to the replacement
of any vendor's local or remote bridges.

.H1;Why Make the Change?
If you use the IP routing service over local and remote brouters instead
of bridges, you can divide your network into separate IP networks.  In
addition, 3Com brouters allow you to retain the performance features and
protocol independence of bridges.

1.  Networks with connections between divisions of an organization, and
between organizations, can now maintain autonomous management within each
division.  These autonomous management domains correspond to separate IP
networks, making the separate management processes easier to control.  Used
with 3Com brouters' new access control mechanisms on remote management
of the brouter itself, autonomous management domains can prevent the network
manager in one division from having control over the whole network.

2.  Cleaner separation is achieved for network services such as booting,
which are normally triggered by a broadcast or multicast mechanism.
Brouters prevent duplicate services on each side from interfering with each
other.

3.  Separate logical IP networks allows you to exploit the mechanisms of RFC
defined services such as the Domain Name Service.

4.  Full mesh topologies are supported with all ports active for the
forwarding of IP traffic.  This is the correct, standards-based, answer to
the irritation of Spanning Tree's insistence on holding a path in blocking
state to prevent loops.

5.  Traffic isolation (to reduce network utilization) is improved as the
broadcast Ethernet packets used in RFC protocols such as ARP are kept and
handled locally.

6.  The network can grow to another segment without running out of Internet
addresses for the chosen network number and addressing class.  The new
segment on the other side of the brouter will have its own new network
number.


.H1;Configuring BR and IP Devices
A few fundamental configuration changes must be made when you replace local
or remote bridges with brouters supporting the IP routing service:

1.  The Internet addresses of all devices on one side of the
brouter must be changed to a new network number.  The brouter
itself will require an Internet address for each interface it is
supporting.  The Internet address for each interface will reflect
the network number of the network on that interface.

Note:  Remote brouters require a separate network number for the serial
link connecting the two together.  This "network" will only ever have two
devices on it, the brouter on each end.

2.  IP end stations that support the "default gateway" feature should have
the default gateway defined as the brouter Internet address.  In networks
with more than one brouter, choose which brouter will be the default gateway
for each end station.  If there are end stations which cannot support a
default gateway, enable the proxy ARP feature on the brouters.

3.  Follow the instructions in the brouter operation guide to configure the
brouters to support the different networks in the Internet.  They will
forward packets to networks based on information from the EGP and RIPIP
protocols and user-configured static routes.


.H1;Choosing to Bridge and Route
3Com brouters allow you to bridge between the networks concurrently with the
IP routing service (and the IDP and CLNP routing services) if required.

Note:  A "firewall" feature will prevent a packet from being bridged if its
protocol has been selected for routing.  For example, an ARP request for a
device on the far network will not be bridged even though it is a broadcast
packet, and not destined for the brouter itself, if the IP routing service
is enabled.

Use the following guidelines to decide whether or not to enable concurrent
bridging with the IP routing service:

1.  Enable bridging if there are devices on your internetwork that need to
communicate using protocols other than TCP/IP.  If the devices use either
XNS or OSI, consider enabling the routing services for IDP or CLNP
respectively.  Some protocols cannot be routed and therefore must use
bridging for internetwork communication.  Examples are DEC's LAT and 3Com's
NBP.

2.  Enable bridging if there are non-IP broadcast services that you want
to traverse the network.  An example is 3Com's Netmap service.

3.  Disable bridging if you wish to actively prevent protocols other than
IP from traversing the internetwork.

4.  Disable bridging to ensure that management domains are kept separate on
each side, where some management services may use non-IP broadcast traffic.
Examples are boot services and 3Com's Netmap service.

If your internetwork has a combination of elements, it may be necessary to
enable bridging and set custom filters to prevent the particular service
from using the bridge.  For example, if you require LAT traffic to cross
the brouter, but wish to keep Netmap packets local, enable bridging and set
a filter on the Netmap packets.


.H1;Management Differences
3Com brouters incorporate several changes and additions to the management
mechanisms of the IB family.

1.  SNMP and CMOT client support allow management from servers using these
management standards.

2.  To manage configurations, you can use a local console, the 3Com remote
mechanism, or a Telnet connection.  Any of these options can be enabled or
disabled as you wish.  Local console and Telnet connection both require a
password exchange before any commands will be executed.

3.  The user interface now presents a much larger set of commands to control
the additional services available.  The commands can be accessed through a
menu structure (not available to users of the remote mechanism).  To support
the systematic layered structure of the command set, command line syntax has
changed.  Make sure these changes are accounted for in any scripts used on
3Com NCS products to manage the brouters.

