In the layer-7 Reference Model of IOS, the layer-2 data link layer is used for exchange and the layer-3 network layer is used for routing. However, the layer-3 switch is very popular recently, what the hell is going on? We analyze the working principle, advantages, and application fields of layer-3 switches in depth.
I. Working Principle of layer-3 switches
To discuss the working principle of layer-3 switches, we can start with the implementation principle of traditional switches and routers.
Simply put, traditional LAN switches are developed from bridges and belong to the second-layer devices. It is a network device that connects the source address of the sender and the destination address of the recipient. The device can be based on the header information in the data unit, move cells or frames from one or more input ports to one or more output ports to complete information transmission. Apparently, the biggest advantage of a layer-2 switch is that data transmission is fast, because it only needs to identify the MAC address in the data frame, and the algorithm for directly generating a forwarding Port Based on the MAC address is very simple, it is easy to use ASIC chips. Therefore, the second-level exchange solution is actually a cheap solution of "everywhere exchange". Although it can also support basic functions such as subnet division and broadcast restrictions, it has little control capability.
A traditional layer-3 router is a layer-3 device that implements routing based on IP address addressing and routing protocols in route tables. The role of LAN is mainly routing and forwarding, network security, and isolated broadcast. That is, when the subnet connection is completed, broadcast storms between subnets can also be isolated, attackers can control illegal information from one network to another. In route forwarding, routers generally adopt the longest matching method, which is very complicated to implement. Therefore, it can only be completed using software, which naturally brings a certain delay to the network.
It can be seen that a traditional vswitch is a network device that connects ports between hosts in the same network system. A traditional vro is a network device that connects subnets of the same or different network systems.
Let's take a look at the layer-3 switch. A layer-3 switch is actually a network device that combines a traditional switch with a traditional router. It can complete both the port switching function of a traditional switch and the routing function of some routers. Of course, the combination of Layer 2 devices and Layer 3 devices is not a simple physical combination, but a logical combination of strengths and strengths. The most important manifestation is that, when the first data stream of a source enters the layer-3 switch, the routing system generates a MAC address and IP address ing table and stores the table, when subsequent data streams from the same information source enter the layer-3 Switch again, the switch will directly transfer the source address to the destination address from the layer-2 based on the address ing table generated and saved for the first time, instead of being processed by the layer-3 routing system, the network delay caused by route selection is eliminated, the data packet forwarding efficiency is improved, and the speed bottleneck caused by route information transmission between networks is solved.
As mentioned above, a layer-3 Switch combines the advantages of a layer-2 switch and a layer-3 router into an organic and flexible overall switching solution that provides line rate performance at all levels. Policy Management attributes supported in the layer-3 Exchange integration structure not only associate layer-2 with layer-3, it also provides multiple features, including traffic prioritization, security, and dynamic deployment of Trunking, virtual network, and Intranet. In addition, the goal of layer-3 switching is also very clear, that is, you only need to establish a more direct and fast layer-2 path between the source address and the target address, instead of forwarding each packet with the same information through a router.
In fact, the layer-3 switching solution is a solution that supports dynamic integration at all levels of classification. Although such multi-layer dynamic integration can also be completed by a traditional router and a layer-2 switch, however, compared with the third-tier switch, this scheme requires more device configurations, larger space, more wiring, and higher costs, in addition, the data transmission performance is much worse, because in massive data transmission, the routers in the solution cannot overcome the transmission rate bottleneck.
Ii. Advantages of layer-3 switches
When talking with some friends, I often hear something similar to "Will a layer-3 Switch replace a router if it can implement the functions of a router ?" Such a question. Indeed, layer-3 switches are becoming more and more mature, and their applications are becoming more and more popular. within a certain range, they have great advantages over vrouters. However, layer-3 switches are quite different from vrouters, in the LAN field, layer-3 switches have obvious advantages.
1. The transmission bandwidth between subnets can be allocated to any serial port of a traditional router to connect to a subnet. The speed of the subnet transmitted through the router is directly limited by the interface bandwidth. The layer-3 switch is different. It can define multiple ports as a virtual network VLAN) and use a virtual network composed of multiple ports as a virtual network interface, the information in the virtual network can be sent to the layer-3 Switch through the port that forms the virtual network. The number of ports can be specified arbitrarily, so there is no limit on the transmission bandwidth between subnets.
2. reasonable configuration of information resources because the network system connected by the layer-3 Switch has no difference in the resource access rate in the subnet and the resource access rate in the global network, it makes no sense to set up a separate server in the subnet. In this way, Server clusters can be set directly in the global network. By ensuring the Intranet broadband transmission rate, Server clusters can not only save money, but also take advantage of the hardware and software resources of Server clusters, more reasonable configuration and management of all information resources. This is difficult to achieve in vro networking.
3. cost reduction in enterprise network design, because people usually only use Layer 2 switches to form a subnet of the same broadcast domain, and use routers to interconnect subnets, so that the enterprise network can form an intranet, vrouters are expensive, so enterprise networks that support intranets cannot reduce costs on devices. Currently, when a layer-3 switch is used to design an inline network system, the system can be divided into any virtual subnets and communicate between subnets through the layer-3 routing function of the switch, that is, you can use vswitches to create subnets and inline subnets, greatly saving the cost of expensive vrouters.
4. vswitches are flexibly connected to each other in computer network communication devices. No loop is allowed between vswitches. As a vro, multiple channels can be used, such as the master and slave routes) to improve network reliability and load balancing. To solve this problem, layer-3 switches use the Spanning Tree Algorithm to block the loop ports, the blocked path can still be used as the available path to participate in route selection, which greatly improves the flexibility of Switch Connection.
From the above introduction, we can see that no matter the second layer switch or the third layer switch, they all belong to the bridge class and are the data link layer devices, layer-3 switching only implements the layer-3 routing function of the router, so that it has the ability to forward packets at line rate. Therefore, they are only used for the connection to the LAN-WAN. A vro can be used for WAN-WAN connections and act on group exchange devices in the network layer. It has the protocol exchange capability and is mainly used for packet forwarding between heterogeneous networks, this type of group forwarding only accepts input groups from one line and forwards the packets to another line. The two lines may belong to different topology networks and adopt different protocols, this is what layer-3 switches cannot do and is also the main difference with vrouters.
To sum up, layer-3 switches are very suitable for LAN, while routers can be a hero in the Wide Area Network. That is to say, layer-3 switches cannot adapt to different network topologies and different Wan environments with different transmission protocols. However, in recent years, with the development and innovation of the Third-layer switch technology, the application of the Third-layer switch has penetrated into the network edge access layer from the backbone layer and convergence layer of the enterprise network environment, in particular, with the development of residential broadband networks, the third-layer switch is perfect for placing it at the residential center and the aggregation layer of multiple residential areas. Therefore, although layer-3 switches cannot replace routers, they have completely shaken the status of enterprise routers. That is, in the enterprise's inline network system, layer-3 switches are replacing routers.
3. application fields of layer-3 switches
Currently, VLAN is widely used in the layer-3 Switch Technology of enterprise networks, mainly VLAN, because VLAN breaks many inherent concepts of traditional networks and makes the network structure more flexible, changeable, convenient, and free to use. The so-called VLAN does not need to consider the user's physical location, users can be logically divided into working groups with relatively independent functions based on specific tags and application factors such as IP addresses and user names of information terminals that directly communicate with users, each user host is connected to a switch port supporting VLAN and belongs to a VLAN. Members in the same VLAN share the broadcast information, and the broadcast information between different VLANs is isolated from each other. This is equivalent to dividing the entire network into multiple different broadcast domains, thus enhancing the management and maintenance of Enterprise inline networks. Therefore, layer-3 switches are most suitable for enterprise inline networks that do not require remote access or are supplemented by remote access, or most subnet systems are concentrated, but only some enterprise inline networks that remotely access subnets.