Network bridges operate at Layer 2 (Data Link Layer) of the OSI model, making forwarding decisions based on MAC addresses rather than IP addresses. This fundamental characteristic allows bridges to connect network segments regardless of their IP subnet configuration.
The common misconception is that different subnets automatically prevent Layer 2 communication. In reality:
- Bridges forward frames based on MAC addresses, not IP addresses
- ARP requests are transmitted across bridge interfaces
- The bridge maintains a single broadcast domain
While switches have largely replaced bridges in LAN environments, bridges remain relevant in:
# Docker bridge network example
docker network create --driver bridge my_bridge_network
docker run -d --network=my_bridge_network nginxModern applications include:
- Container networking (Docker, Kubernetes)
- Wireless access point bridging
- Virtual machine networking
Creating a software bridge on Linux:
# Create bridge interface
sudo ip link add name br0 type bridge
sudo ip link set dev br0 up
# Add physical interfaces to bridge
sudo ip link set eth0 master br0
sudo ip link set eth1 master br0
# Verify bridge status
bridge link showWhen implementing bridges:
- Broadcast traffic propagates across all bridge ports
- Large bridging domains may experience performance issues
- Security policies should be implemented (e.g., ebtables)
| Feature | Bridge | Router |
|---|---|---|
| OSI Layer | Layer 2 | Layer 3 |
| Forwarding Decision | MAC address | IP address |
| Broadcast Domain | Single | Multiple |
Network bridges operate at Layer 2 (Data Link Layer) of the OSI model, making forwarding decisions based on MAC addresses rather than IP addresses. This is fundamentally different from routers which operate at Layer 3. A bridge connects two or more network segments, creating a single extended LAN where devices appear to be on the same logical network.
While it's true that different subnets typically require a router for communication, bridges can connect them under specific circumstances:
# Example Linux bridge creation commands
sudo brctl addbr br0
sudo brctl addif br0 eth0
sudo brctl addif br0 eth1
sudo ifconfig br0 up
This creates a bridge 'br0' connecting interfaces eth0 and eth1. The key point is that the bridge operates transparently - it doesn't care about IP addresses or subnets.
Modern applications of bridging include:
- Virtual machine networking (connecting VMs to physical networks)
- Wireless to wired network connections
- Network segmentation without IP changes
Here's a simple Python example showing the difference in packet handling:
# Bridge-like behavior (MAC-based)
def bridge_packet(packet):
if packet.dest_mac in mac_table:
forward_to(mac_table[packet.dest_mac])
else:
flood_packet()
# Router-like behavior (IP-based)
def route_packet(packet):
if packet.dest_ip in routing_table:
forward_to(routing_table[packet.dest_ip])
else:
send_to_default_gateway()
Bridges are particularly useful when:
- You need to extend a network without modifying IP configurations
- You want to minimize latency (bridging is faster than routing)
- You're working with protocols that don't use IP (like some industrial protocols)
Modern bridges often include VLAN support and filtering capabilities:
# Adding VLAN filtering to a bridge
sudo bridge vlan add vid 10 dev eth0
sudo bridge vlan add vid 20 dev eth1
sudo bridge vlan show
This allows for more sophisticated network segmentation while still operating at Layer 2.