Describes the new performance of 10-ge switches.

From fast Ethernet to Gigabit Ethernet and then to 10-Gigabit Ethernet, technical updates meet the needs of high-speed Bandwidth growth and next-generation applications brought about by the new generation of Internet technology, I hope this article will teach you more things.

There is an organic whole between blocks. The distribution and maintenance of Internet routing information requires the participation of various modules, and there will always be such problems: because the addressing of the local hardware chip is insufficient and the participation of the central management module is required, the performance of the switch will be compromised.

How does the latest 10-ge switch solve this problem? There are two main ways: one is to separate the control channel from the data forwarding channel, and the other is to use high-performance CPU to participate in each interface module. The separation of control channels and data forwarding channels is to implement two different parallel crossover matrices on the vswitch. In this way, the backplane capacity we mentioned will be fully used for the use of data channels, while also guaranteeing 10g

The security of the switch hardware, and the local high-performance CPU participation makes the central management module never process the data forwarding involving each interface, so as to implement a true distributed architecture. Of course, there are still many factors involved in the architecture of 10-Gigabit Ethernet, such as large-capacity

SDRAM and TCAM (which can achieve more than 1 billion searches in one second), such as whether the local routing mode is based on the topology. More importantly, whether the 10G switch software adopts the multi-thread mode and whether the software provides the latest two/three layer technical standards. These

The second/third layer technology includes the latest requirements of the next generation network, such as link binding Based on 10-Gigabit Ethernet ports, whether to provide various technologies for Fast Link redundancy, whether to provide security technologies from Port Security to various user authentication, and whether to provide complete IPv4 and IPv6

Specification, whether fast BGP routing technology is provided, whether redundant routing protocols are provided, whether two or three layers of security features are provided, whether the anti-attack feature of the switch is provided, whether the switch itself provides intelligent CPU protection, and whether all these features are implemented by hardware.

IPv6 provides a variety of devices to access the Internet, not just PCs and servers, but also overcomes some of the shortcomings of IPv4. The combination of 10 Gigabit Ethernet and Pv6 is the only way to build a new generation of high-performance network in the future. There are usually three ways to implement IPv6: In the current vswitch

It can be implemented through software, or a new hardware module is used to insert it into the existing system to enhance IPv4/IPv6 forwarding performance, or a newly designed IPv6 10-ge switch. Security and network traffic management are currently the most important topics for users. As a backbone device, you not only need to consider the security protection of the device.

It also provides user protection, that is, it must be immune and provide powerful blocking measures to protect network users, all defense measures should be implemented based on hardware. However, all security measures are based on known attack methods and security vulnerabilities. If we cannot monitor the entire network, security will not be a complete feature ., Taking into account the high-speed forwarding of 10-ge switches and routes, the previous method of collecting traffic by CPU will not work, and the integrated distributed traffic collection system in ASIC brings an innovation of 10-ge switches. SFlow is an advanced traffic management specification, which can provide IPv4

Data can also provide IPv6 data. If we can provide all the traffic of all devices without affecting the performance, we can easily observe the network traffic, which can be the activity of a specific user on a port, it can also be abnormal traffic on the current network. A distributed traffic monitoring system is like a road monitoring system in the dark. It is hard to imagine the consequences of a traffic management system lacking in a core backbone device.

To measure the throughput of A 10-ge switch, first test whether it can reach the line rate forwarding throughput and observe the end-to-end transmission delay, an excellent 10-ge switch should be able to forward data packets at no speed and without loading key applications (such as Multicast Applications, IPv6 applications, and large-capacity access list control, in addition, the end-to-end data latency is minimized.

Second, to measure the performance of 10-ge switches, test key protocols, such as BGP4 capacity, route convergence, and route fluctuation. Test the attack prevention characteristics and test the key features of traffic management. Redundancy testing is also very important. Redundancy includes the redundancy of hardware systems and software features. It can be said that selecting a 10-ge Ethernet switch is not only a few single functions, but also a comprehensive evaluation of the system selection.

Not only do vswitches have different roles in different network environments, but the impact of adding new vswitches and adding switch ports of existing vswitches on the network is also different in the same network environment. Fully understanding and understanding the network traffic mode is a very important factor in whether the switch can play a role.

Because the purpose of using a vswitch is to minimize and filter data traffic in the network, if a vswitch in the network needs to forward almost all received packets due to improper installation location settings, instead of optimizing network performance, a vswitch reduces data transmission speeds and increases network latency.

1. Let's talk about the "potential rules" of the security switch"
2. Summarize the market status of high-end Switches
3. Security risks of LAN switches
4. PythonAndroid analyzes the differences and relationships between layer-3 switches and other layer Switches
5. Measure the Power Consumption Characteristics of LAN switches.