Integrated analysis of router and switch networking performance

Source: Internet
Author: User
Tags switches firewall

Today, the network construction has been deep into the various branches of the industry, such as the power industry, such as rural power Information network. The general enterprise uses the Ethernet switch network The situation mainly divides into two kinds, first is uses the protocol converter to turn the special line into the Ethernet access switch, the second is to rent bare fiber directly. Specifically, the three-tier switch selected in 三、四级 network can only be configured with simple dynamic routing protocol, simple Policy Routing, QoS and simple access control functions, and in fact, this location on the requirements of device functions and more than that, the use of Ethernet switch network need to pay attention to the following issues.

(1) Security

Now more and more online virus, network virus caused by the loss of more and more, a network of export equipment does not have a certain firewall function is unthinkable. Low-end switches have no firewall features at all, ACL access control is also poor, and for routers, even the lowest-end routers support stateful ACL control, allowing users to filter configuration based on the type and characteristics of network viruses, and limit the maximum number of links per IP address to prevent exceptions.

(2) Business support flexibility

Some networks need to have asymmetric access control to servers within the network, that is, to accept access requests from outside but not to initiate requests to the extranet, which helps prevent servers from being used as hacking tools or leading to leaks. The router can judge the state of the related session based on the ACL configuration so that it is not only in, and the low-end switch cannot implement the business because all message forwarding is done at the ASCI.

(3) The expansion of the network, sustainable development

Industry network now or in the future must be connected to the local E-government network, at this time in addition to the security of their own network, must also consider and other related industries and government interoperability issues, it may be necessary L2TP, GRE, NAT features to achieve security access to different private networks.

Some industries in the network need to run a variety of different security levels of the business, the resource requirements are not the same, in addition to the QoS may need to encrypt the individual business or even special tunnel transmission.

In fact, all of these feature switches are not supported and are not supported by upgrades, while routers are basically supported.

(4) Network reliability

Some projects hire operators of the 2M or nx2m line, but in the access location with the protocol converter to the 2M line into Ethernet access to the three-tier switch. The protocol converter itself has a low cost and reliability design is impossible to complete, which adds a point of failure for the network. In fact, protocol converter failure is one of the most common problems in project implementation.

(5) Comprehensive cost

Some projects link using 10/100m bare fiber to achieve vertical link, using switch networking. This reduces the cost of network equipment procurement, but the link cost than the ordinary 2M line is too high, even if the operators because of promotions at a lower price, but the future link tension users enjoy the bandwidth and services will definitely be greatly reduced.

(6) Link Service

The use of dedicated line link vertical mechanism, the line to enjoy the end of the full range of closed-end services, users can always see their own network conditions without the operator to provide assistance. When the link fails in a few seconds with the export network equipment to monitor and immediately automatically start the backup link, the network outage time is second level, the business generally will not be interrupted.

If the use of a protocol converter, switch access, link state changes are blocked by the protocol converter, users can only detect business interruption to detect, and then can not locate the fault, so the network interruption time will be calculated in hours.

Comprehensive analysis of the above we can see that the router in the function of far better than the three-tier switch, considering the network management, line situation, network investment and so on, we think:

(1) In the case of own transmission fiber, because the stability of the transmission link is guaranteed, the way of using the switch network can save the investment, but need to make the corresponding input in the network security and network management.

(2) In the case of leased carrier line, the use of router networking can save a lot of later maintenance, management costs, compared to the use of the switch network has a greater advantage.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.