A Free Trial That Lets You Build Big!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
We often mention that an Ethernet switch is actually a multi-port L2 network device based on the bridge technology, it provides low-latency and Low-overhead channels for data frame forwarding from one port to another.
It can be seen that the core of the switch should have an exchange matrix to provide a channel for communication between any two ports, or a fast exchange bus, to send data frames received by any port from other ports. In actual devices, the function of the switching matrix is usually completed by a dedicated chip (ASIC. In addition, there is an important assumption in the design philosophy of the Ethernet switch, that is, the speed of the switching core is very fast, so that the normal large-volume data will not cause congestion. In other words, the exchange capability is infinite relative to the amount of information transmitted (on the contrary, the design idea of the ATM switch is that the exchange capability is limited to the amount of information transmitted ).
Although the second layer Ethernet switch is developed based on a multi-port bridge, after all, the switch has more features, making it the best way to get more bandwidth, it also makes the network easier to manage.
A router is a group exchange device (or network layer Relay Device) in the network layer of the OSI protocol model. The basic function of a router is to transmit data (IP packets) to the correct network, including:
1. IP datagram forwarding, including path finding and transmission of the datagram;
2. subnet isolation to prevent broadcast storms;
3. Maintain the route table and exchange route information with other routers. This is the basis for IP packet forwarding.
4. IP datagram error handling and simple congestion control;
5. Filtering and accounting of IP datagram.
Vrouters of different regions have different roles.
On the backbone network, the main role of a router is routing selection. The router on the backbone network must know the path to all the lower-Layer Networks. This requires maintaining a large route table and responding to connection status changes as quickly as possible. A Router failure may cause serious information transmission problems.
In the regional network, the main role of the router is network connection and route selection, that is, to connect to the lower-layer grass-roots network units-the campus network, while responsible for data forwarding between the lower-Layer Networks.
Inside the campus network, the main role of a router is to separate subnets. In the early days, the basic unit of the Internet connection was LAN, where all hosts were in the same logical network. With the continuous expansion of the network scale, the LAN has evolved into a campus network composed of multiple subnets connected to the high-speed trunk and router. The subnet is logically independent, and the router is the only device that can separate them. It is responsible for packet forwarding and broadcast isolation between subnets, the vro on the border is responsible for connecting to the upper-layer network.
3 What are the differences between vswitches and vrouters on Layer 2?
Traditional switches are developed from bridges and belong to the OSI Layer 2 (data link layer device. It selects routes from the station table based on MAC address addressing. The establishment and maintenance of the station table is automatically implemented by the switch. A router is a layer-3 network-layer device of OSI. It is addressing based on IP addresses and is generated through the route table routing protocol. The biggest advantage of a vswitch is that it is fast. Because the vswitch only needs to identify the MAC address in the frame, the selection of forwarding Port Based on the MAC address is simple, Which is easy for ASIC implementation. Therefore, the forwarding speed is extremely high. However, the working mechanism of vswitches also brings about some problems.
1. Loop: Based on the vswitch address learning algorithm and the station table, no loop is allowed between vswitches. Once a loop exists, the Spanning Tree Algorithm must be enabled to block the ports that generate the loop. The router routing protocol does not solve this problem. There are multiple channels between routers to balance the load and improve reliability.
2. Load aggregation: only one channel is available between switches, so that information is concentrated on one communication link and cannot be dynamically allocated to balance the load. The router routing protocol algorithm can avoid this. The OSPF routing protocol algorithm can not only generate multiple routes, but also select different optimal routes for different network applications.
3. Broadcast control: A vswitch can only narrow down the conflicted domain, but not the broadcast domain. The entire exchange network is a large broadcast domain, where broadcast packets are scattered across the entire exchange network. Vrouters can isolate broadcast domains, and broadcast packets cannot be broadcast through vrouters.
4. subnet division: The switch can only recognize MAC addresses. The MAC address is a physical address and uses a flat address structure. Therefore, you cannot divide subnets Based on the MAC address. Vro identifies IP addresses. IP addresses are allocated by network administrators. They are logical addresses and IP addresses have hierarchies. They are divided into network numbers and host numbers, which can be easily used to divide subnets, the main function of a vro is to connect to different networks.
5. confidentiality: although the switch can also filter Frames Based on the source MAC address, target MAC address, and other frames, however, the vro filters packets based on the source IP address, destination IP address, and TCP port address of the packets, making them more intuitive and convenient.
6. media-related: A switch can also be used as a bridge device to convert between the link layer and the physical layer. However, this conversion process is complicated and is not suitable for ASIC implementation. This will inevitably reduce the forwarding speed of the switch. Therefore, currently, vswitches primarily Interconnect Networks with the same or similar physical media and link protocols, instead of connecting networks with different physical media and link layer protocols. Different routers are used for interconnection between different networks, so they can connect networks with different physical media, link layer protocols, and network layer protocols. Although a vro has a functional advantage, it is expensive and has a low packet forwarding speed.
In recent years, vswitches have made many improvements to improve performance. The most prominent improvement is the virtual network and layer-3 switching.
Dividing subnets can narrow the broadcast domain and reduce the impact of broadcast storms on the network. Each vro interface is connected to a subnet. broadcast packets cannot be broadcast by the vro. The subnets connected to different vro interfaces belong to different subnets. The subnet ranges are physically divided by the vro. For a vswitch, each port corresponds to a CIDR block. Because the subnet consists of several CIDR blocks, you can logically divide subnets by combining vswitch ports. Broadcast packets can only be broadcast within the subnet and cannot be spread to another subnet. By rationally dividing the logical subnet, broadcast can be controlled. Because logical subnets are composed of vswitch ports and have no physical correlation, they are called virtual subnets or virtual networks. The virtual network technology eliminates the need for routers to isolate broadcast packets, and the virtual network INTRANET segment has nothing to do with its physical location, that is, the adjacent network segment can belong to different virtual networks, however, the two CIDR blocks that are far from each other may belong to different virtual networks, while the two CIDR blocks that are far from each other may belong to the same virtual network. Terminals in different virtual networks cannot communicate with each other, enhancing access control over network data.
Vswitches and vrouters are the contradiction between performance and functions. The switch exchange speed is fast, but the control function is weak, the vro control performance is strong, but the packet forwarding speed is slow. The latest technology to resolve this conflict is layer-3 switching, which provides both the ability to forward packets at the wire speed of the switch and the good control function of the router.
4. Differences between layer-3 vswitches and vrouters
Before the emergence of layer-3 switching technology, there was almost no need to distinguish routing devices from routers. They were exactly the same: Providing routing functions is working on routers. However, currently, layer-3 vswitches can fully perform most of the functions of traditional routers. As a device for network interconnection, layer-3 switches have the following features:
1. forward business flows based on layer-3 addresses;
2. full exchange of functions;
3. Special services such as packet filtering or authentication can be completed;
4. perform or not perform route processing.
Layer-3 vswitches have the following advantages over traditional vrouters::
1. transmission bandwidth between subnets can be arbitrarily allocated: each interface of a traditional router connects to a subnet, and the transmission rate of the subnet through the router is limited by the bandwidth of the interface. The layer-3 switch is different. It can define multiple ports as a virtual network and use a virtual network composed of multiple ports as a virtual network interface, the information in the virtual network can be sent to the layer-3 Switch through the port that forms the virtual network. The number of ports can be specified arbitrarily, so there is no limit on the inter-subnet transmission bandwidth.
2. reasonable configuration of Information Resources: As there is no difference between the resource rate in the subnet access and the resource rate in the global network access, it is of little significance to set a separate server in the subnet. Setting a server group in the global network not only saves money, more reasonable configuration of information resources.
3. Cost Reduction: Generally, vswitches are used to form subnets and vrouters are used to interconnect subnets. Currently, a three-tier switch is used for network design. It can be divided into any virtual subnet, and inter-subnet communication can be completed through the three-tier routing function of the switch, which saves the cost of a router.
4. Flexible Connections between vswitches: As vswitches, no loops are allowed between them. As vrouters, there are multiple channels to improve reliability and balance load. Layer-3 switches use the Spanning Tree Algorithm to block the loop port. However, when selecting a route, the blocked path is still used as an optional path for route selection.
To sum up, the switch is generally used for the LAN-WAN connection, the switch belongs to the bridge, is the data link layer equipment, some switches can also realize the third layer of the exchange. A vro is used for WAN-WAN connections. It can resolve forwarding groups between different networks and act on the network layer. They only accept the input group from one line and then forward it to another line. These two lines may belong to different networks and adopt different protocols. In comparison, vro features more powerful than vswitches, but the speed is relatively slow and expensive. layer-3 vswitches have both the ability to forward packets at the wire speed of vswitches and the good control function of vrouters, therefore, it can be broadcast applications. Article entry: csh responsible editor: csh
Start building with 50+ products and up to 12 months usage for Elastic Compute Service