Bridge Groups
Configuration > Networking > Bridge Groups
The Bridge Groups tab displays details about configured bridge groups for appliances selected in the appliance tree. With a bridge group you can create a bridged (switched) interface while in inline router mode on the LAN side of an EdgeConnect OS. Doing this achieves the following:
-
You can define bridging between multiple EdgeConnect SD-WAN LAN side physical interfaces, similar to switching between ports on a switch.
-
Creates a BVI (Bridged Virtual Interface), so that the devices in the bridge group can use the IP address of the BVI as a default gateway to other IP networks.
In Orchestrator, BVI interfaces are referred to as “slan” and there are four predefined interfaces that you can use for a bridge group (slan0, slan1, slan2, and slan3). You can configure the BVI with the same parameters available on physical or sub-interfaces, such as segmentation, firewall zones, labels, DHCP server and relay, VRRP, BGP, OSPF, multicast, and branch NAT. If a bridge group is configured for an appliance, it is available to add as a LAN interface on the Deployment tab (Configuration > Networking > Deployment).
The following items are not currently supported with bridge groups:
-
VXLAN
-
Spanning Tree Protocol (STP).
WARNING: EdgeConnect provides no direct layer 2 loop prevention. The LAN segment must be loop free.
-
VLAN tagged BVI interfaces or sub-interfaces.
-
Network Access Control (NAC)
NOTE: All bridged unicast traffic is subject to policy and will appear in the flow table.
The table on the Bridge Groups tab displays the following information:
Column | Description |
---|---|
Appliance | Name of the EdgeConnect appliance. |
Bridge Groups | If any bridge groups are configured for the appliance, the names of the bridge groups are listed in this column. |
Bridge Groups Status | Status of the bridge group (up, down, or pending). up – the BVI interface is in service. down – the BVI interface is out of service. pending – the BVI interface configuration is not applied yet. |
Interfaces | Physical or virtual interfaces included in the bridge group. A bridge group can include up to 16 interfaces. |
MTU | Maximum transmission unit (MTU) size (in bytes) configured for the bridge group. The configured MTU overrides any existing MTU settings when the bridge group is deployed. The default size is 1500 bytes. |
Admin Status | Indicates if the BVI is active (up) or inactive (down). The default is up. |
Comment | Additional information about the bridge group. |
Configure Bridge Groups
To add, change, or delete bridge groups for an appliance, click the edit icon in the applicable table row on the Bridge Groups tab. The Bridge Groups dialog box opens. Interfaces to be added to a bridge group must not be in use on the Deployment tab.
Add or Modify a Bridge Group
To add a bridge group, perform the following steps:
NOTE: To modify a bridge group, click the edit icon next to the bridge group. The Modify bridge group dialog box opens. Change the fields as described below, and then click Apply. You cannot modify an existing bridge group name, but you can change the other settings.
-
Click Add on the Bridge Groups dialog box.
The Add bridge group dialog box opens.
-
Complete the following fields:
Field Description Bridge Group (interface) name Select a name for the bridge group from the drop-down list (slan0, slan1, slan2, or slan3). Interfaces to be grouped Drag interfaces that you want to include in the bridge group from the Available box to the **Grouped box. You can include up to 16 interfaces. MTU Specify the MTU size (in bytes) to be applied to all interfaces in the group. The default size is 1500 bytes. Admin status Select up or down. The default is up. Selecting down takes the BVI out of service. Comment (Optional) Provide additional information about the bridge group. -
Click Add.
After you have added the bridge group (slan interface), you must navigate to the Deployments tab (Configuration > Networking > Deployment) and configure the slan interface for use.
Delete a Bridge Group
To delete a bridge group listed in the table on the Bridge Groups dialog box, click the corresponding delete icon (X) in the last column.
WARNING: Deleting a bridge group removes the associated Deployment tab configuration.