Brief Introduction to green and secure Ethernet Switches

Vro functions are more powerful than vswitches, but the speed is relatively slow and expensive. The ethernet switch has both the ability to forward packets at the wire speed and the good control function of the vro, therefore, it has been widely used by many enterprises.

"Switch" is the most frequently used word on the network today. It can be applied on any occasions from the bridge to the ATM to the telephone system, so you cannot figure out what is the real exchange. In fact, the word exchange first appeared in the telephone system, specifically to achieve the exchange of voice signals between two different telephones, the device to complete this work is the telephone switch.

Therefore, in terms of intention, exchange is only a technical concept, that is, to complete the forwarding of signals from the device entry to the exit. Therefore, any device that complies with this definition can be called an exchange device. It can be seen that "Exchange" is a widely used term. When it is used to describe the second layer of the data network, it actually refers to a bridge device;

When it is used to describe the third-layer device of the data network, it also refers to a routing device. We often mention that an Ethernet switch is actually a multi-port L2 network device based on the bridge technology, it provides low-latency and Low-overhead channels for data frame forwarding from one port to another.

It can be seen that the core of the switch should have an exchange matrix to provide a channel for communication between any two ports, or a fast exchange bus, to send data frames received by any port from other ports. In the actual device.

The function of the switching matrix is often completed by a dedicated chip ASIC. In addition, there is an important assumption in the design philosophy of the Ethernet switch, that is, the speed of the switching core is very fast, so that the normal large-volume data will not cause congestion. In other words, the exchange capability is infinite relative to the information transmitted. In contrast, the design of the ATM switch is that the exchange capability is limited compared with the Information transmitted ).

On the backbone network, the main role of a router is routing selection. The router on the backbone network must know the path to all the lower-Layer Networks. This requires maintaining a large route table and responding to connection status changes as quickly as possible. A Router failure may cause serious information transmission problems.

In the regional network, the main role of the router is network connection and route selection, that is, to connect to the lower-layer grass-roots network units-the campus network, while responsible for data forwarding between the lower-Layer Networks.
Inside the campus network, the main role of a router is to separate subnets.

In the early days, the grass-roots unit of the Internet was LAN. All hosts were in the same logical network. With the continuous expansion of the network scale, the LAN has evolved into a campus network composed of multiple subnets connected to the high-speed trunk and router. The subnet is logically independent, and the router is the only device that can separate them. It is responsible for packet forwarding and broadcast isolation between subnets, the vro on the border is responsible for connecting to the upper-layer network.

Dividing subnets can narrow the broadcast domain and reduce the impact of broadcast storms on the network. Each vro interface is connected to a subnet. broadcast packets cannot be broadcast by the vro. The subnets connected to different vro interfaces belong to different subnets. The subnet ranges are physically divided by the vro.

For a vswitch, each port corresponds to a CIDR block. Because the subnet consists of several CIDR blocks, you can logically divide subnets by combining vswitch ports. Broadcast packets can only be broadcast within the subnet and cannot be spread to another subnet. By rationally dividing the logical subnet, broadcast can be controlled.

• Perform full resolution on Cisco Ethernet switch policies
• Can the status quo of Ethernet switches be changed?
• Describes how to configure STP for an Ethernet switch.
• Brief introduction to what is the real core of an Ethernet switch?
• Broadcast storm caused by Ethernet Switches

Because logical subnets are composed of vswitch ports and have no physical correlation, they are called virtual subnets or virtual networks. The virtual network technology eliminates the need for routers to isolate broadcast packets, and the virtual network INTRANET segment has nothing to do with its physical location.

That is, the adjacent CIDR blocks can belong to different virtual networks, while the two CIDR blocks that are far from each other may belong to different virtual networks, while the two CIDR blocks that are far from each other may belong to the same virtual network. Terminals in different virtual networks cannot communicate with each other, enhancing access control over network data.

Vswitches and vrouters are the contradiction between performance and functions. The switch exchange speed is fast, but the control function is weak, the vro control performance is strong, but the packet forwarding speed is slow. The latest technology to resolve this conflict is layer-3 switching, which provides both the ability to forward packets at the wire speed of the switch and the good control function of the router.

Layer-3 vswitches have the following advantages over traditional vrouters:

1. transmission bandwidth between subnets can be arbitrarily allocated: each interface of a traditional router connects to a subnet, and the transmission rate of the subnet through the router is limited by the bandwidth of the interface. A layer-3 switch can define multiple ports as a virtual network and use a virtual network composed of multiple ports as a virtual network interface. The information in the virtual network can be sent to the layer-3 Switch through the port that forms the virtual network. The number of ports can be specified arbitrarily, so there is no limit on the inter-subnet transmission bandwidth.

2. reasonable configuration of Information Resources: As there is no difference between the resource rate in the subnet access and the resource rate in the global network access, it is of little significance to set a separate server in the subnet. Setting a server group in the global network not only saves money, more reasonable configuration of information resources.

3. Cost Reduction: Generally, vswitches are used to form subnets and vrouters are used to interconnect subnets. Currently, a three-tier switch is used for network design. It can be divided into any virtual subnet, and inter-subnet communication can be completed through the three-tier routing function of the switch, which saves the cost of a router.

4. Flexible Connections between vswitches: As vswitches, no loops are allowed between them. As vrouters, there are multiple channels to improve reliability and balance load. Layer-3 switches use the Spanning Tree Algorithm to block the loop port. However, when selecting a route, the blocked path is still used as an optional path for route selection.