What is network bridging and how can you use it

How can a network bridge be useful? Its use is justified when it is necessary to extend the LAN or to make the work with containerized applications more convenient. This requires a special device and some time to configure.

What is a network bridge?

A network bridge is used to connect two local networks into one using interchangeable protocols or to divide one network into two segments.

In other words, a network bridge is a device, or hardware and software complex, that interconnects network segments. A bridge can be considered as a device with storage and forwarding functions.

Network bridge use cases

Imagine, you are using two types of connection: wired, via an Ethernet network card, and wireless, via Wi-Fi. The first option gives you a more stable connection, and the second option allows you to connect several devices at once, combining them into one network. So, with a network bridge, you can connect these two LANs together and, as a bonus, increase stability.

You may also want to create a bridge if you have a single-port modem and several computers. In this case, the main computer will act as the host machine, and other PCs will be connected to it.

Another case of using network bridges is the need to extend the coverage of multiple local networks. For example, if a new department has been created in an organization.

A network bridge can also be used to divide one network into two segments. For instance, when you want to reduce the load on your LAN by redirecting traffic between devices connected to it.

A virtual network bridge can also be used for security purposes. The bridge can be configured to send traffic from the main server to the secondary in case of failure.

What does a network bridge do?

A bridge performs in the data link layer (layer 2) of the OSI model. The device used as a bridge scans incoming traffic and then forwards it to the correct destination or discards it.

1. The bridge receives all data packets (frames) from local networks.
2. The bridge creates a MAC address table to determine which network the data is sent from and to which it should be directed.
3. The bridge reads the sending and discards all packets from LAN №1 sent to the computer on LAN №1. And data from LAN №1 sent to the computer on LAN №2 is retransmitted to LAN №2.
4. Data packets from LAN №2 are processed in the same way.

If we consider the process in more detail at the address table level, the bridging can be described as follows. The bridge device analyzes the 48-bit data packet destination address field, then compares this address to the forwarding database. If the address does not match any record in the table, the network bridge sends the data packet to the next segment. The data will be transmitted until it reaches the destination address.

Data in a network bridge

As network bridges operate in the data link layer, they transmit data as data frames. When a data frame is received by the bridge, the device checks the forwarding database to decide whether to transmit the frame.

Network bridge types

Traditionally we can distinguish:

• Transparent bridges.

They independently create an address table and subsequently update it.

• Simple bridges.

This bridge connects two network segments and analyzes whether to forward data from one network (segment) to the other. It works transparently.

• Multiport bridge

A multiport bridge connects multiple networks, processes frames, and decides where exactly to forward traffic. It works transparently.

• Translational bridging

A bridge connects networks with different LAN protocols.

• Encapsulation bridging

This type of bridge connects local networks with common LAN protocols through networks with other protocols.

Wireless bridging

Bridging devices support different types of connections, which also allows creating different types of wireless network bridges:

• Wireless bridges can connect wireless Wi-Fi hotspots.
• Wi-Fi - Ethernet bridges allow you to connect Ethernet clients to a local Wi-Fi network.
• Bluetooth - Wi-Fi bridge supports connections to Bluetooth mobile devices.

Wireless bridge mode is a feature that most modern routers support. With a wireless signal, two networks can be merged into one network.

For example, it is convenient when one LAN has Internet access and the other does not. Then, you can use a wireless bridge to connect both networks, thereby giving the second one Internet access. To create a single local network, you will need two Wi-Fi routers for each network. We recommend using SOHO routers, which in addition to the wireless connection, also have connectors for Ethernet cables.

All you need to know to configure the first router is the SSID (Service Set Identifier) and password. For the second router, you need to set up Wireless Bridge Mode and enter the data from the first router to connect to it. Then you will have a single network where all devices of the second network will have access to the server and modem of the first network.

Network bridges vs. repeaters vs. switches and routers

Repeaters are used mainly to increase the physical distance that the signal needs to cover. That is, a repeater does not interconnect networks and does not filter transmitted traffic in any way, unlike network bridges, which decide whether to transmit or discard a data packet.

Routers can perform some functions of a bridge: analyzing, filtering, and forwarding data packets. However, unlike bridges, routers are able to analyze large network traffic, adapt to network changes, isolate and protect network fragments from unauthorized access, etc.

Switches perform the same functions as a network bridge. They have more capabilities due to multiple hardware ports, while a bridge offers only two ports (one for incoming traffic and one for outgoing traffic). Switches are more commonly used today than network bridges.

Differences between default and user-defined bridges

Working in Docker and containerizing applications, users have several network modes available, including a network bridge. In Docker, this network is called "bridge" for all containers to communicate within a single host, in case there are no other networks specified.

It is worth noting that this network (set by default) is not recommended and the best option is to configure the network yourself. Here are the main advantages of the user-defined bridge over the default one:

1. Better isolation of containerized applications that create bridges to each other rather than to the public network.
2. By default, containers on the bridge network can access each other only by IP address as long as the --link parameter is not specified. If the bridge network is configured by the user, containers can identify each other by their names or by specified aliases.
3. With user-defined bridges, containers can be attached or detached from networks, and parameters can be changed at any time. If containerization is used with default bridges, you have to stop the container and recreate it with the new network parameters.
4. User-defined bridges can be configured. Such bridges can be managed through "docker network create" or in the Docker Compose file while it is running.

Although switches are more commonly used today than network bridges, bridging devices are useful in narrow areas.