1

I would like to make sure I understand this correctly.

Given a Cisco ISO router that is set up with a BVI (a variation of a bridge route).. and the following layout

 "ISP router"
      \
    "Network switch" # nothing special here.
     |             \
     |              \
     |               \
     |                \
"Router 1 with NAT"    "Router 2 with BVI"

If I understand correctly.. the outside of a BVI will only respond to IP addresses that have already been claimed on the inside of the BVI... example subnet is 123.123.123.??? and servers inside the BVI on 123.123.123.10 and 123.123.123.11, and the NAT router is holding a public IP address of 123.123.123.50.

If a connection comes in to 123.123.123.10 it will be received by router 2 but if it is received on 123.123.123.50, it will be received by router 1 and not received by router 2. and if a connection comes in to 123.123.123.90 (does not exist) it will not be received by either router.

Am I correct? Is it true that the BVI router will not even receive packets to IP addresses that it does not see as existing on the inside?

Edit: The subnet for router 2 is the same subnet as the ISP router. My question was whether it is OK that one of the IP addresses in the subnet of the BVI happens to be claimed by router 1.

700 Software
  • 2,163
  • 9
  • 47
  • 77

1 Answers1

0

Watch out, what do you mean by 'inside the BVI'? The easy answer to what a BVI is is merely an interface that participates in a number of ports on a router. hosts aren't inside or outside of it unless you're using NAT or something else. What is the BVI IP addres on router 2? That is what it will answer with. Where are thse additional servers in your diagram?

Aaron
  • 2,968
  • 1
  • 22
  • 36
  • See my edit.... – 700 Software Sep 09 '11 at 12:57
  • I still don't understand exactly what's going on, but why has it been "claimed" by router 1? No, it doesn't matter (it's OK), but I'm still not real sure I am answering the right question. – Aaron Sep 09 '11 at 18:49
  • Router1's WAN IP is part of the subnet that is used on both sides of the BVI router. If you ping Router1's WAN address, you get a response because it has been claimed. ... I am just trying to better understand BVI. It seems to me that it basically acts as a network switch, until you add in the ACL. I have not been able to do much testing on my own which is why I wanted to get a better understanding. It is not an important question. Right now there is no Router1, but I expect us to be adding one. – 700 Software Sep 09 '11 at 20:07
  • 1
    Yes, a router with a BVI will essentially switch between all the ports that are a member of the BVI. I don't understand what an ACL has to do with this scenario, either. There isn't really such a concept as "inside" and "outside" a BVI. It has two(or more) sides and they are all identical. – Aaron Sep 14 '11 at 15:52