Routing vs Bridgingby Iwan Price-Evans on Networking • July 22, 2022
In the world of networking, routers and bridges are devices that connect separate networks or segments of networks. Routing and Bridging are the processes that routers and bridges handle. It's important to note that routers can perform both Routing and Bridging.
Routing and bridging are used to exchange information between computers on different networks. Common network information exchanges include email, web browsing traffic, database queries, and file sharing or file transfers. The type of information exchange mechanism used (Routing or Bridging) depends on the type of network and protocol in use.
Routing and Bridging handle network communication messages called "frames". A frame is a data packet that's been "encapsulated" and includes a frame header at the front of the packet and a trailer at the end. The frame header must contain the source and destination addresses of the message.
Routing is Layer 3 (Network), while bridging is Layer 2 (MAC / Data Link).
What is Bridging?
Bridging is the process where network frames are forwarded to their destination based on the destination address in the frame's MAC layer (OSI Layer 2) header addresses. Bridging doesn't take account of information in the Network layer (OSI Layer 3) headers. Learn more about the layers in the OSI Model.
A bridge sits between network segments and processes all frames flowing through its network interfaces. It dynamically learns the location of each host device sending message frames.
How Does Bridging Work?
This is the learning process used by a bridge:
- When a bridge receives a frame via a network interface, it puts an entry into a Bridging table. The sender will have put both the source MAC address and the destination MAC address into the frame header.
- The bridging table entry contains the MAC address of the transmitting host device and the network interface that received the frame.
- The bridge continuously updates its Bridging table and uses it to decide the paths for forwarding frames.
When the bridge is learning about network locations, it performs the three Fs:
If the bridge receives a frame with a destination MAC address that's not in its Bridging table, the bridge will send, or flood, the frame out via every interface except the interface it received it on. This flooding aims to deliver the frame to its destination regardless of the destination host device location.
When the frame reaches its destination host device, the host responds back to the originating host device, and the bridge updates its Bridging table with the destination address.
When one host device sends a frame to another host device, the bridge will find the destination's MAC address in the Bridging table. The bridge will then forward the frame out via the appropriate network interface.
Filtering occurs when the bridge knows the destination is in the same network segment as the source. To explain filtering, we can use this example:
Two devices communicate on the same network, and the bridge has learned that they are both talking via the same interface. The bridge will filter the frames it receives from both host devices via that interface. The bridge will not transmit these frames via other interfaces. This ensures the message traffic remains local and prevents it from interfering with traffic on other network segments.
A Bridging Firewall can be put in place without changing anything in the Networking layer (OSI Layer 3) such as IP routing, gateways, or subnet masks. This is a great solution to secure a third-party vendor network.
Bridging Firewalls can also be used to provide security on a legacy network. A Bridging Firewall can secure a network that wasn't properly segmented when created, such as organizations using shared internet access.
Bridging forwards frames at the MAC level (OSI Layer 2) from one network segment to another. It pays no attention to higher OSI layers such as the Network layer (OSI Layer 3) and its addresses.
A benefit of Bridging over Routing is that Bridging passes all network traffic, whereas routing only handles "directed" traffic.
Bridged connections are typically harder to configure than routed connections.
What is Routing?
Unlike Bridging, which occurs in the MAC layer (OSI Layer 2), Routing forwards a network message based on an address in the frame's Network layer (OSI Layer 3) header. You can think of this as similar to directing vehicle traffic.
How Does Routing Work?
If a device wants to send a message to another device on the same network, the origin host device puts the MAC address of the destination in the message frame header.
If the destination host device is on another network, the origin host device sends the message frame to a router for Routing to the external destination network.
When a router receives a frame that's addressed to its own network interface, the router knows that it must try to route the message within the frame. The router determines what protocol the source and destination are using by checking the frame header information.
If the frame header contains data for a protocol routed by the router, the router removes the frame header and begins processing the remaining packet. This packet begins with a Network layer (OSI Layer 3) header.
The Routing process checks the packet header's destination Layer 3 network address and tries to find a match in its Routing table. The router has Routing tables for each Network layer (OSI Layer 3) protocol, and each table has a list of all known networks.
The router's Routing table is populated automatically when it's directly connected to other networks. It can also have its Routing table populated by network management tools, and similarly to Bridging, it can also learn about networks from other routers.
- If it fails to find a match for the address in the Routing table, the router will discard the packet.
- If it does find a match for the destination address, it will use the Routing table information to find the correct network interface to forward the packet through.
All network messages must be contained in frames so the router "encapsulates" the packet in a frame creating a new frame header and trailer. The router will also use the Routing table to identify the correct header format needed for this new frame.
Default gateway routers typically have a firewall that protects servers and workstations on their network.
Routing Firewalls are typically placed close to the perimeter egress routers and are sent outgoing traffic by internal traffic routers.
When a network router receives a frame, it examines the destination IP address. It then determines which connected network is the correct one for the destination and forwards the frame.
Routing is forwarding a network message based on an address in the frames Network layer (OSI Layer 3) header.
Routers base their routing decisions on the network portion of the destination Layer 3 address.