Analyze layer-4 switch basic knowledge and important technologies

Layer-4 switches are quite common, So I studied the basic knowledge and important technologies of layer-4 switches. I would like to share them with you here, hoping they will be useful to you. With the increasing popularity of Mbit/s, Gbit/s, and even Mbit/s local area networks, broadband MAN networks and even broadband wide area networks are widely used. Whether it is Intranet, exclusive, or residential intelligent networks, it is increasingly expanding to massive amounts of information, it is forcing people to transmit audio, video, data and other information in the network system more and more demanding.

With the rapid development of Internet, the use of e-commerce, e-government, e-trade, e-futures and other online trading methods accelerates logistics and capital flow turnover while accelerating the rapid increase of information, this puts a great deal of pressure on the Network Information Center servers, so that the general need to ease the pressure on the network core system is too high. To this end, the industry has to begin to consider the layer-4 Switching concept to meet the requirements of policy-based networking, advanced QoSQualityofService: service quality) and other service improvements. The huge market potential has greatly stimulated significant investment by manufacturers in key network equipment, so that in a very short period of time, the emergence of a traditional second-layer switch, to the Advanced Layer-3 Switch, to the latest layer-4 or even layer-7 switch product.

When a layer-4 switch differs from a layer-3 switch, it not only applies the IP exchange technology in the layer-3 switch, but also stands at a higher level, you can view the content of the source address and destination address of the third-level data packet header. You can take corresponding actions based on the observed information, implement the key functions of bandwidth allocation, fault diagnosis, and access control over TCP/IP application data streams. Obviously, layer-4 switches can optimize the network/server interface while assigning tasks and balancing loads to improve server reliability and scalability, it also provides detailed traffic statistics and accounting information to solve network congestion, network security, and network management issues at the network application layer level, making the network more "intelligent" and manageable.

Establishing an internal external network system that is high-speed, broadband, stable, reliable, and able to integrate new demands such as security and confidentiality is the current trend of enterprise network development. High-speed LAN applications have easily integrated voice, video, and other communication types that require high latency, jitter, and packet loss into the same data network for transmission. The most ideal preventive measure for security threats within the enterprise network is to control the permissions of different users to prevent unauthorized communication. Do not be suspicious. All of these require the support of all-new LAN switches. In addition, from the perspective of improving service quality, although we have an effective and simple method of increasing network bandwidth, no matter how high the bandwidth of the vswitch's backboard, no matter how big the packet forwarding rate of the vswitch is, no matter how fast the data transmission rate is, network congestion always exists in the network. This tells us from one side that the absence of Service Quality Control also means that data packets may be lost and the latency may increase. It can be seen that working on switches at a higher level, supporting quality services, relying on software operation and high-level management is an important position in modern enterprise networks. Next we will briefly introduce the performance, technology, application fields and development trends of the layer-4 switch.

I. What is a layer-4 switch?

To understand the layer-4 switch, you must first understand the basic working principle and performance of the traditional layer-2 switch and the currently widely used layer-3 switch, only then can you identify the layer-4 switch. As we all know, the second layer switch performs end-to-end data exchange based on the MAC address of the second layer data link layer and the route selection through the station table. Because the establishment and maintenance of the station table is automatically completed by the switch, and the router is a layer-3 device, the addressing process is based on IP address addressing and generated through the route table and routing protocol. Therefore, the biggest advantage of the second-layer switch is that the data transmission speed is fast, because it only needs to identify the MAC address in the data frame, and the algorithm for directly generating the forwarding Port Based on the MAC address is very simple, it is easy to use ASIC dedicated chips. Obviously, the second-layer switch solution is actually a cheap solution of "switch everywhere". Although this solution can also divide subnets, restrict broadcasting, and establish VLANs, however, it has little control capability and is not flexible enough, and cannot control the traffic of various information points. It lacks generic and convenient routing functions.

The layer-3 Switch directly performs end-to-end data exchange based on the layer-3 network layer IP address. On the surface, layer-3 switches are the combination of layer-2 switches and routers. However, this combination is not a simple physical combination, but a logical combination of strengths. When the first data stream of a certain information source performs layer-3 switching, the routing system generates a MAC ing table between the MAC address and IP address, the table is stored. When subsequent data streams from the same information source enter the switching environment again, the switch will map the table based on the address generated and saved for the first time, the second layer is directly transmitted from the source address to the destination address, which is no longer processed by the third route system. This eliminates the network delay caused by Route Selection and improves the packet forwarding efficiency, this solves the speed bottleneck caused by routes when inter-network information is transmitted. Therefore, the layer-3 switch can complete both the port switching function of the layer-2 switch and the routing function of some routers. That is, the switch solution of the layer-3 switch is actually a solution that supports multi-layer dynamic integration, although this multi-layer dynamic integration function can also be carried out by traditional routers and second-layer switches to some extent, compared with the three-layer switch, not only does it require more device configurations, more space, more wiring, and higher costs, but also significantly lower data transmission performance, because in massive data transmission, the router in the carrying solution cannot overcome the bottleneck of the route transmission rate.

Apparently, both layer-2 and layer-3 switches are end-to-end exchange processes based on port addresses. Although this vswitch technology is based on MAC addresses and IP addresses, it can greatly improve the data transmission rate between nodes, but cannot determine or dynamically limit the port exchange process and data traffic according to the application requirements of the port host, that is, there is a lack of layer-4 intelligent application exchange requirements. The layer-4 switch not only performs end-to-end switching, but also determines or limits the switching traffic based on the Application Characteristics of the port host. To put it simply, the layer-4 switch is based on the packet exchange process at the transport layer. It is a new type of LAN switch based on the Application exchange requirements at the TCP/IP application layer. The layer-4 switch supports all protocols below the layer-4 of TCP/UDP. It can identify the packet header length of at least 80 bytes and distinguish the application type of data packets based on the TCP/UDP port number, in this way, access control at the application layer and service quality assurance are achieved. Therefore, a layer-4 switch is not so much a hardware network device as a software network management system. That is to say, the layer-4 switch is a kind of network management switching equipment that focuses on software technology and supplemented by hardware technology.

It is worth noting that some people still have some vague concepts to varying degrees, the layer-4 switch adds the ability to identify the layer-4 protocol port on the layer-3 switch, and only adds some value-added software on the layer-3 switch, as a result, it does not work on the transmission layer, but still performs exchange operations on the third layer, but is more sensitive to the third layer exchange. It fundamentally denies the key technology and role of the fourth layer exchange. We know that the layer-2 802.1p field of the data packet or the layer-3 IPToS field can be used to distinguish the priority of the data packet itself. We say that the layer-4 switch is based on the layer-4 Data Packet Exchange, this means that it can analyze the data packet application type based on the layer-4 TCP/UDP port number, that is, the layer-4 switch not only has all the switching functions and performance of the layer-3 switch, it also supports smart functions that are impossible for layer-3 switches to control network traffic and service quality.

Ii. What are the important technologies supported by layer-4 vswitches?

As mentioned above, layer-2 switching devices rely on the MAC address and VLAN tag information of the 802.1Q protocol to complete the link layer switching process, layer-3 switching/routing devices use IP address information for network path selection to complete the switching process, the layer-4 switching device uses the packet header information of the transport layer to help information exchange and transmission. That is to say, the specific content described in the switch information of the layer-4 switch is essentially all the protocols or processes contained in each IP packet, such as HTTP for Web transmission and FTP for file transmission, telnet for terminal communication, SSL for secure communication, and other protocols. In this way, the layer-4 Exchange Protocol is generally used in an IP network, in fact, TCP is used for connection-based conversations, such as FTP) and UDP is used for connectionless communication, for example, SNMP or SMTP.

Because the packet headers of TCP and UDP packets not only include the domain "port number", it also specifies the type of network data of the packets being transmitted, using this information port number related to a specific application), you can complete a large number of quality services related to network data and information transmission and exchange, among them, the following five important application technologies are worth noting, because they are the main technologies widely used by layer-4 switches.

(1) packet filtering/Security Control: In most routers, using layer-4 Information to define filtering rules has become the default standard. Therefore, many routers are used as packet filtering firewalls, this firewall not only allows or disables connections between IP subnets, but also controls the communication between specified TCP and UDP ports. Unlike traditional software-based routers, layer-4 switching is different from layer-3 switching, that is, this filtering capability is implemented in ASIC dedicated high-speed chips, so that the security filtering control mechanism can be implemented at full speed, greatly improving the packet filtering rate.

(2) Service Quality: in the hierarchy of the network system, the layer-4 TCP/UDP information is often used to establish application-level communication priority permissions. Without the layer-4 switch concept, the service quality/service level must be subject to the information provided by layer-2 and layer-3, such as the MAC address, switching port, IP subnet, or VLAN. Obviously, in information communication, priority of emergency applications cannot be discussed because of the lack of layer-4 Information, which will greatly prevent the rapid transmission of emergency applications on the network. The layer-4 vswitch allows a combination of application services based on the destination address and destination port number to differentiate the priority. Therefore, an emergency application can obtain high-level services of the network.

(3) Server Load balancer: layer-4 information is crucial when multiple servers with similar service content provide balanced traffic load support. Therefore, layer-4 switches are an important application in the core network system for server load balancing. The server load balancing method supported by the layer-4 switch is to attach an IP address of the Server Load balancer service to a set of different physical servers to provide the same service together, and define it as a separate virtual server. This virtual server is a logic server with a separate IP address. User data streams only point to the IP address of the virtual server, instead of directly communicating with the real IP address of the physical server. Only after the network address is converted to NAT by the switch), the server that has not registered an IP address can be accessed. Another advantage of this definition of virtual server is that, after hiding the actual IP address of the server, it can effectively prevent unauthorized access.

The virtual server is defined based on the layer-4 TCP/UDP port number of the application service, so that the independent server can be a member of the virtual server. Using the layer-4 dialog mark information, the layer-4 switch can use many Load Balancing Methods to convert communication traffic in the virtual server group, among them, OSPF, RIP, VRRP and other protocols are consistent with line rate switching and load balancing. The layer-4 switch can also use the complex mechanism provided by the TRLTransactionRateLimiting function to curb or reject services of different application types based on traffic characteristics. CRLConnectionsRate Limiting can be used to enable the network administrator to specify the number of connections allowed within a specified period of time to ensure QoS. you can also use the SYN-Guard function to make sure that valid connections that meet the TCP protocol can be used to query network services.

(4) host backup connection: the host backup connection provides redundant connections for Port Devices to effectively protect the system in the event of a switch failure. This service allows you to define a Master/Slave switch, as defined by a virtual server, they have the same configuration parameters. Because the layer-4 switch shares the same MAC address, the backup switch receives the same data as the master unit. This enables the backup switch to monitor the communication content of the master switch service. The primary switch continuously notifies the backup switch of data, MAC data, and its power status at Layer 4. When the primary switch fails, the backup switch automatically takes over without interrupting the conversation or connection.

Layer 4 switch provides more detailed statistics by querying Layer 4 data packets. Because the administrator can collect more detailed information about which IP address to communicate with, and even collect communication information based on which Application Layer Service is involved in the communication. When the server supports multiple services, these statistics are particularly effective for examining the load of each application on the server. The added statistical service is also useful for Server Load balancer connections using vswitches.