Transparent Bridging Setup

Welcome to Ecessa Support, we have a variety of technical information and tools for a variety of solutions. If you aren't finding a solution, or would like to talk to a technical support team member, please call 800-669-6242.

See Ecessa's full line of products and solutions

Setting up a transparent bridge can be used to pass all traffic as it currently exists on the network and selectively pull out specific traffic to be handled by the Ecessa. Integrating WAN Virtualization with an existing MPLS is a common use case. This allows the MPLS to behave exactly how it is currently, including propagating dynamic routing protocols, while being able to selectively choose traffic to be routed over WAN Virtualization.

Checklist for Transparent Bridge Configuration:

  • WAN and LAN use bridge interface
  • WAN and LAN are configured in Translucent mode
  • Appropriate wan peer rules are configured for gateway and other WAN side devices.
  • WAN gratuitous ARP is disabled

Instructions for Transparent Bridge Configuration

Bridging configuration can only be performed in the command line interface at this time.

1. Create the bridge logical interface. This interface will be used as the port for both the WAN and LAN configuration in the next steps.

bridges enable
bridges add alias mybridge port 1 port 2

2. Add a WAN using the newly created logical port. This is configured similar to a standard “Translucent” mode WAN line. It is important to note that gratuitous ARP should be disabled.

wan add alias mywan ip x.x.x.x/x gateway x.x.x.x port mybridge uplink 100M downlink 100M no-grat-arp enable translucent enable

3. Create the corresponding translucent LAN using the bridge port.

lan add alias mylan ip x.x.x.x/x port mybridge routed-via mywan

4. Add a wan peer address for your gateway device. The MAC entered must be the actual MAC of the gateway devices interface that is connected to the Ecessa device.

wan peer add wan-alias mywan wan x.x.x.x peer x.x.x.x mac 00:00:DE:AD:BE:EF arpreply enable entry enable

5. Finally commit and save your changes.

commit save

Once the Transparent Bridge is configured, use static routes to control what traffic gets taken out of the bridge.


staticroute add source x.x.x.x/x destination x.x.x.x/x wan mywanvirtsite:1 wan bridged:2 type fixed ct-force enable
commit save

In this example the primary route is the WAN Virtualization site ‘my-wanvirt-site’ set at priority one. And the secondary route is to use the bridge, specified by the “bridged” keyword.

Note: To pull traffic out of the bridge you must use the 'bridged' keyword or the bridge device in the route.



Statistics and Live Graphs

  • LAN and WAN graphs will not be accurate for bridge traffic. They will only show traffic sourced from or destined to the Ecessa device. For example:
    • WAN Virtualization traffic.
    • Ping testing
    • VPNs terminating on the Ecessa
    • WAN Graph will show traffic load balanced over another WAN
  • Port graphs are they only way to get accurate information at this time.
    • Ports attached to the bridge will be accurate
    • The ‘bridge’ port will only show traffic sourced from or destined to the Ecessa device


  • QoS must be applied to ports on the bridge. For outbound QoS on the WAN, apply it to the port connected to the gateway device for the bridged WAN. Defining QoS for the WAN will not work.
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request


Article is closed for comments.