If the network's Edge devices integrate QoS, rate limits, ACLs, PBR, and sflow into the hardware chip, these intelligences will not affect the basic two-layer, three-layer wire-speed forwarding performance,
Then the End-to-end Intelligent network can be carried out on a large scale, so that the whole network not only has a global connectivity capability, but also has global network intelligence.
From the past to the present, the network design concept has been several different ideas. On the two key points of penetration and intelligence, the difference of the degree of emphasis affects the design of the network: through the emphasis on connectivity, simple management, low price, intelligent emphasis on control and value-added capacity, so most of the complexity is higher, the cost is relatively high. In fact, the design is not the same, only depends on the actual needs of the user and funding budget.
Therefore, the network architecture can be a two-tier architecture, however, the scalability is poor, it can be a three-tier architecture, but the price is higher, and most of the planning will achieve a certain balance between the two, which produced a different architecture-the folding backbone network architecture and decentralized backbone network architecture. Among them, the folding backbone will be intelligent shrink to the top of the convergence equipment, while the lower level of access equipment is only the emphasis on through and wire speed. From the point of view of intelligent control, this is a kind of centralized design.
There are significant differences between the two architectures at the edge of the network. The folding backbone is more two-layer exchange as the edge, and the dispersed backbone is more three-layer exchange as the edge. If the intelligence of the network is judged simply by Exchange or routing, the three-layer exchange is better than the two-layer exchange. However, because more and more business in the same web open, the network's intelligent problem is no longer simply to two layer/three layer to determine, more often, the ability to implement QoS, provide the ability to specify access rate, ACL (Access control list) of the security shielding capabilities, Network traffic statistics and monitoring capabilities, as well as Policy Routing (PBR) support capabilities, can be more effective to determine the intelligence of the network. Therefore, with such a concept, whether the folding backbone of the edge of the two-tier exchange equipment, is a decentralized backbone of the edge of the three-tier exchange equipment, in many manufacturers of two-tier, three-tier switching equipment, users can be based on their own business needs to make a more specific choice.
Ability to perform QoS
In multimedia service, the requirements of data, voice and image are different for time delay, jitter and switch. In order to perform multimedia services better, it is best for users to include appropriate QoS tokens in packets, edge switches or read QoS and execute them, or, for untrusted sources, to classify, redistribute, and execute the QoS. QoS in the past has a two-level cos (service level) or three-tier IP precedence (IP priority), and now emphasizes the support capabilities of the differential service (DIFFSEW). As a result, edge switches play a critical role in End-to-end QoS support, as a QoS entry or outbound site. Providing hardware support for DIFFSEW is one of the key features of the switch.
Ability to specify the access rate
Although the popularization of Gigabit Ethernet makes the backbone has more abundant bandwidth, but this kind of resources is not inexhaustible. And it is most feasible to use user fees to control the efficient use of marginal bandwidth. Therefore, in the interface of the edge switch, not only to provide 10 trillion, hundred megabytes of the set capacity, but also to provide based on port, priority, VLAN, ACL classification rate limiting capabilities, and preferably inbound or outbound can perform rate limit , ranging from 256k to thousand trillion, the size of hardware chips can be hardware to deal with the scope of the appropriate, in general around 256k.
Application of Intelligent Switch Survey
In particular, it is important to emphasize that hardware processing is about the ability of the edge device to not affect its wire-forwarding packets because of the start rate limit, which is an essential performance indicator for edge devices. With the complete rate limiting function without affecting the performance of the network, the bandwidth resources of the network can be effectively managed.
Security shielding capability of ACL
In the network, ACLs can not only allow network managers to develop network policies, for individual users or specific data flow to allow or deny control, can also be used to enhance the network security shield. From simple ping to death attacks, TCP sync attacks, to more diverse and more sophisticated hacker attacks, ACLs can have a certain shielding effect. ACL has both standard ACL and extended ACL (Extended ACL), whether the edge is a two-tier switch or a three-tier switch, preferably with the ability to support standard ACLs and extended ACLs, in order to network security shielding and policy execution ability to spread to the edge of the network.
As with rate limits, network devices should not only perform full ACL functions, including inbound and outbound, but also emphasize the ability to handle hardware. This will not affect the ability of a two-tier or three-tier switching device to forward packets at the same time that the ACL is started.