Bridges are used to extend or interconnect LAN segments, whether the segments consist of wired or wireless links. At one level, they are used to create an extended network that greatly expands the number of devices and services available to each user. At another level, bridges can be used for segmenting LANs into smaller subnets to improve performance, control access, and facilitate fault isolation and testing without impacting the overall user population.

The bridge does this by monitoring all traffic on the subnets that it links. It reads both the source and destination addresses of all the packets sent through it. If the bridge encounters a source address that is not already contained in its address table, it assumes that a new device has been added to the local network.

The bridge then adds the new address to its table. In examining all packets for their source and destination addresses, bridges build a table containing all local addresses. The table is updated as new packets are encountered and as addresses that have not been used for a specified period of time are deleted. This self-learning capability permits bridges to keep up with changes on the network without requiring that their tables be updated manually.

The bridge isolates traffic by examining the destination address of each packet. If the destination address matches any of the source addresses in its table, the packet is not allowed to pass over the bridge because the traffic is local. If the destination address does not match any of the source addresses in the table, the packet is discarded onto an adjacent network. This filtering process is repeated at each bridge on the internetwork until the packet eventually reaches its destination.

Not only does this process prevent unnecessary traffic from leaking onto the internetwork, it acts as a simple security mechanism that can screen unauthorized packets from accessing various corporate resources. Bridges also can be used to interconnect LANs that use different media, such as twisted-pair, coaxial, and fiberoptic cabling and various types of wireless links.

In office environments that use wireless communications technologies such as spread spectrum and infrared, bridges can function as an access point to wired LANs. On the widea area network (WAN), bridges even switch traffic to a secondary port if the primary port fails. For example, a full-time wireless bridging system can establish a modem connection on the public network if the primary wire or wireless link is lost because of environmental interference.

In reference to the Open Systems Interconnection (OSI) model, a bridge operates at Layer 2; specifically, it operates at the Media Access Control (MAC) sublayer of the Data Link Layer. It routes by means of the Logical Link Control (LLC), the upper sublayer of the Data Link Layer. Because the bridge connects LANs at a relatively low level, throughput often exceeds 30,000 packets per second (pps).

Multiprotocol routers and gateways, which provide LAN interconnection over the WAN, operate at higher levels of the OSI model and provide more functionality. In performing more protocol conversions and delivering more functionality, routers and gateways are generally more processing-intensive and, consequently, slower than bridges.