Networks that primarily utilize data link layer devices are often referred to as layer two (L2) networks. A data link layer device is a device that operates within the second layer of the Open Systems Interconnection (OSI) reference model, i.e., the data link layer. One example of a common L2 network is an Ethernet network in which end point devices (e.g., servers, printers, computers) are connected by one or more Ethernet switches or other L2 network devices. Ethernet networks are commonly referred to as “Ethernet Local Area Networks (LANs),” or more simply as “LANs.” The Ethernet switches forward Ethernet frames, also referred to as L2 communications or L2 frames to devices within the network. As the Ethernet switches forward the Ethernet frames the Ethernet switches learn L2 state information for the L2 network, including media access control (MAC) addressing information for the devices within the network and the physical ports through which the devices are reachable. The Ethernet switches typically store the MAC addressing information in MAC tables associated with each of their physical interfaces. When forwarding an individual Ethernet frame, an ingress port of an Ethernet switch typically multicasts the Ethernet frame to all of the other physical ports of the switch unless the Ethernet switch has learned the specific physical port through which the destination MAC address devices is reachable. In this case, the Ethernet switch forwards a single copy of the Ethernet frame out the associated physical port.
Some layer three (L3) networks that route communications at the third layer of the Open Systems Interconnection (OSI) reference model, i.e., the network layer, employ L3 network devices that also perform L2 functionality to bridge and switch L2 communications to other L3/L2 and L2 network devices within the networks. In many instances, a physical LAN is partitioned into distinct broadcast domains by configuring L3/L2 and L2 network devices connected to the LAN to associate end hosts with one or more of the partitions, known as Virtual LANs (VLANs). VLAN tagging (IEEE 802.1Q) is a technique for implementing VLANs by adding a VLAN identifier (or “VLAN tag”) to L2 frames that identify the L2 frame as belonging to the identified VLAN.
A bridge domain is a set of physical or logical interfaces of one or more devices that share the same flooding or broadcast characteristics. For a bridge domain of an L2/L3 device (e.g., a router) that is configured with a single VLAN identifier, an integrated routing and bridging (IRB) interface (or “IRB”) may be further configured within the router to act as an L3 routing interface for the bridge domain associated with the VLAN identifier. An IRB includes a routing interface for an IRB subnet as well as the bridge domain and thus facilitates simultaneous L2 bridging and L3 routing from the bridge domain. The IRB subnet is effectively a subnet for the bridging domain associated with the VLAN identifier. A router having a configured IRB switches or routes Internet Protocol (IP) packets arriving at the IRB of the bridge domain based on the destination MAC address. The router forwards those frames addressed to a gateway MAC address (i.e., a MAC address for the router) to other L3 interfaces of the router. Contrariwise, for those frames addressed to a MAC address other than the gateway MAC address, the router forwards the frames to a different L2 interface in the bridge domain of the IRB.