ZyWALL 5/35/70 Series User’s Guide
31.6 Introduction To Transparent Bridging
A transparent bridge is invisible to the operation of a network in that it does not modify the frames it forwards. The bridge checks the source address of incoming frames on the port and learns MAC addresses to associate with that port. All future communications to that MAC address will only be sent on that port.
The bridge gradually builds a host
Table 176
HOST MAC ADDRESS | PORT |
|
|
00a0c5123456 | 3 |
|
|
00a0c5123478 (host A) | 1 |
|
|
00a0c512349a | 3 |
|
|
00a0c51234bc | 2 |
|
|
00a0c51234de | 4 |
|
|
For example, if a bridge receives a frame via port 1 from host A (MAC address 00a0c5123478), the bridge associates host A with port 1. When the bridge receives another frame on one of its ports with destination address 00a0c5123478, it forwards the frame directly through port 1 after checking the internal table.
The bridge takes one of these actions after it checks the destination address of an incoming frame with its internal table:
•If the table contains an association between the destination address and any of the bridge's ports aside from the one on which the frame was received, the frame is forwarded out the associated port.
•If no association is found, the frame is flooded to all ports except the inbound port. Broadcasts and multicasts also are flooded in this way.
•If the associated port is the same as the incoming port, then the frame is dropped (filtered).
31.7Transparent Firewalls
A transparent firewall (also known as a transparent,
1The use of a bridging firewall reduces configuration and deployment time because no networking configuration changes to your existing network (hosts, neighboring routers and the firewall itself) are needed. Just put it
2Performance is improved as there's less processing overhead.
487 | Chapter 31 Maintenance |