Analysis on the advantages of VLAN Technology

An Analysis of the VLAN Technology of the switch gives full play to the biggest advantage of VLAN, which is the original intention of adopting VLAN (Virtual LAN) technology on the LAN switch, and indeed solved some problems. If the router only exchanges data packets between the subnet and subnet, and between the network and the network, we may buy a router that is much cheaper than today.

Using VLANs has the following advantages:
◆ Suppress broadcast storms on the network;
◆ Increase network security;
◆ Centralized management and control.

This is the original intention of adopting VLAN (Virtual LAN) technology on LAN switches, and has indeed solved some problems. However, this technology also raises some new problems: with the upgrade of applications, network planning/implementers can divide users into different VLANs (Virtual LAN) in the switched LAN environment as needed.

However, communication between VLANs (Virtual LAN) is not allowed. This also includes IP Address Resolution (ARP) packets. To communicate, you need to use a router to bridge these switch VLAN technologies (Virtual LAN ). This is the problem with the VLAN Technology (Virtual LAN) of a vswitch: It is too slow to use a vro, but it cannot solve the problem of broadcast storms.

The VLAN Technology of a vswitch (Virtual LAN) can solve the problem of broadcast storms. However, a vro must be placed to enable intercommunication between VLAN Technology (Virtual LAN) of a vswitch. Formed an insurmountable Strange Circle. This is the core of the network and the hub router. In this network system integration mode, routers are the core.

The role of a router is:
◆ Connect network segments with vrouters ):
◆ Network security control;
◆ Interconnection between VLANs (Virtual LAN;
◆ Interconnection between heterogeneous networks.

Lan bottleneck

Problems arising from using vrouters as the core of the network:
◆ The vro adds three layers of route selection time, resulting in low data transmission efficiency;
◆ The complexity of adding, moving, and changing nodes increases;
◆ The vro is expensive and has a complex structure;
◆ Adding subnet/switch VLAN Technology (Virtual LAN) interconnection means adding vro ports and increasing investment.

In contrast, a router operates at the network layer in the OSI Layer-7 network model. It receives any packet (including a broadcast packet) in the network ), you must remove the information of the second layer (data link layer) of the packet (called "unpacking") and view the IP address of the third layer ).

Then, the route of the data packet is determined based on the route table, and then the security access table is checked. If it is passed, the second-layer information is encapsulated (called "package"), and the data packet is finally forwarded. If the network address of the corresponding MAC address is not found in the route table, the router returns a message to the origin site and discards the packet.

Compared with vswitches, vrouters can obviously provide a series of access control mechanisms that constitute the enterprise network security control policies. Because a vro requires a "split" process for any data packet, even all data packets sent from the same source address to the same destination address must be repeated.

This makes it impossible for a vro to have a high throughput, which is also one of the reasons why the vro becomes a network bottleneck. If the router only exchanges data packets between the subnet and subnet, and between the network and the network, we may buy a router that is much cheaper than today.

In fact, the router works far more than this. It also needs to complete data packet filtering, data packet compression, protocol conversion, route table maintenance, route calculation, and even firewall. All of these require a large amount of CPU resources. Therefore, vrouters are expensive and increasingly become network bottlenecks.

The problem of router bottlenecks cannot be solved by improving the hardware performance of the router:

Improving the hardware performance of a vro (using a higher speed and larger memory size) is not enough to improve its performance. In addition to hardware support, the router's "complex processing and powerful functions" are mainly implemented through software, which inevitably makes it a network bottleneck.

In addition, when the traffic flowing through the vro exceeds its throughput, congestion will occur inside the vro. Continuous congestion will not only delay the forwarded data packets, but also cause the loss of data packets flowing through the router. These problems have brought great trouble to network applications. The complexity of the router also puts a heavy burden on network maintenance. For example, to add, move, or change users on the network, it is very complicated to configure the router.

Vswitch combination vro is insufficient:

Switch VLAN technology combines switches and routers. This is also the network solution adopted by most enterprises today. However, there are obvious shortcomings: From the Perspective of network users, the entire network is divided into two levels of performance: data Packets processed by vswitches enjoy fast and stable highway transmission performance;

However, the data packets that must pass through the router can only use the slow path. When the traffic load is heavy, it will lead to another headache. Vswitches and vrouters are different devices in the network. They must be purchased, set up, and managed separately. They must spend more than one integrated and complete solution.