Exchange basics: horizontal comparison between exchange vrouters and traditional vswitches

Source: Internet
Author: User
Tags file transfer protocol

The comparison between a vswitch and a vro is a common problem, but they cannot be completely replaced. Here we analyze some features and principles of a vro. Nowadays, the difference between vrouters and vswitches is becoming increasingly blurred. Can Both vrouters and vswitches implement switching and routing functions at the same time? Are there any differences between them? What are their respective features? How can we make better choices based on application requirements?

I. Traditional vswitches and Routers

Common switches work on the second layer of the Open Systems Interconnection (OSI) layer-7 model, that is, the data link layer. The exchange is based on the Media Access Control (MAC) address, it can identify the MAC address of the Source and Destination sites of each data packet in the data stream and provide low-cost, high-bandwidth network connections. However, the ability to control data packets is limited in the broadcast domain; the router works on the layer 3 of the OSI Layer 7 model, that is, the network layer, which can identify the source and destination network addresses of Data Streams. The ability to control data packets is limited to the Source and Destination Address pairs, with built-in routing protocols, at the same time, it has a high-capacity cache capability. Generally, the routing software is used to achieve interconnection between networks.

Common vswitches and vrouters have their own shortcomings. For example, if a vro requires a powerful processor, its huge route table may cause a delay in the network, resulting in slow forwarding and expensive forwarding, which is often the bottleneck restricting the high-speed network transmission; because the common switch located at Layer 1 only reads the source MAC address and does not obtain the higher layer information in the data packet, the switching function is limited and does not have the necessary control capability for the main data stream.

2. layer-3 Switch and route Switch

With the help of wire speed switching technology, layer-3 switching achieves the data transmission speed on the transmission line, eliminating the bottleneck of switching. The key role of line rate switching is to use hardware (a dedicated processor) instead of traditional software to implement Protocol Resolution and packet forwarding. Line rate switching has the advantages of simple design, high reliability, low power consumption, and many features. The implementation of line rate switching also relies on distributed processing technology, which can process data streams from multiple ports at the same time. Therefore, layer-3 switching is generally a parallel processing system used by a central processor (CPU), a simplified instruction set computer (RISC), and a dedicated Integrated Circuit (ASIC.

The layer-3 switch technology is used, and the switch that integrates some routing functions is the layer-3 switch or routing switch. It retains the network topology and services on the third layer. These structures and services have great advantages in network segmentation, security, manageability, and broadcast suppression, it has the ability to identify various application layer protocols and helps implement policy-based network control. Vswitches have high routing capabilities and low latency, support both network protocols (IP addresses) and IPX, and have some security mechanisms, such as Access Control. However, the routing switch lacks the flexibility of the router, supports only limited routing protocols, and lacks the caching capability of the advanced router.

3. layer-4 Exchange and exchange vro

Each access to the network generates a series of data packets between the client and the server. The data streams composed of these data packets can be identified on the second, third, or fourth layers respectively, the layers provide more and more detailed information about the data stream in sequence. One of the most basic tasks of network management is to control these network data streams. If a client uses multiple applications on the same server at the same time, reading only the layer-3 information will not know that multiple different applications are used on the same server, in this way, data streams of different applications cannot be recognized, and different targeted control rules cannot be implemented for each data stream one by one. The layer-3 Switch integrates the switching and routing functions to combine the layer-2 switching and routing functions, solving some performance shortcomings of traditional routers. However, it cannot complete all routing functions, nor can it provide control over data streams at the application layer.

Obviously, to take into account the forwarding performance of data packets and the control function of data streams, we must further identify data streams on the fourth layer of the network. The fourth layer of the OSI model is the transport layer, which coordinates the communication between the network source and the target system. Both the Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) are on the fourth layer, and their headers contain port numbers. These port numbers can determine the application protocol contained in each package, for example, port 21 corresponds to the file transfer protocol (FTP), Port 80 corresponds to Hypertext Transfer Protocol (HTTP), and so on. Therefore, the layer-4 recognition can obtain some information about these applications in each data packet. By combining the port number information of the layer-4 header with the source and target information of the layer-3 header, You can implement more precise control over different applications between the client and the server, if a vro is fully functional, all this work can be done at a wire speed and multiple types of control can be implemented. Such a vswitch is called a vro.

The query and control functions of the swagon router are implemented by hardware ASIC. The more information ASIC can collect about the traffic of the first packet, the more precise the control level that can act on the Data Packet Flow. One client/server can have multiple different application sessions at the same time, and one enterprise backbone network can have thousands of client/server pairs, therefore, a backbone network-level exchange router must have a large table capacity to store up to hundreds of layer-4 information. Generally, a route switch does not have a large-capacity cache sufficient to store information about the layer-4 data stream.

Iv. Advantages of exchange vrouters

A vro can exchange layer-4 information. You can read the layer-4 header information. The layer-4 TCP and UDP headers both contain port numbers, indicating the application protocol contained in each package, therefore, the Switch Router can implement the control function on the layer-4, which brings many benefits.

1. More reasonable service quality policies for Applications

The real quality of service (QOS) policy should be able to provide line-rate bandwidth and low latency for all applications to meet the needs of all communication traffic in the network. When an output port of a vswitch is overloaded and the internal buffer is full, the service quality should have priority rules to prioritize network traffic.

The exchange router allows you to set a service quality policy for the traffic at the application layer, so that network administrators can fully control the bandwidth usage of the backbone network. In Layer 2 and Layer 4 switching, the service quality policy can only control the network traffic based on the source and target addresses. The use of service quality policies based on different applications on the fourth layer means that application conversations between individual clients and hosts can also be prioritized. Such QOS policies are more reasonable and comprehensive.

2. flexible and efficient network security measures based on the Application Layer

Traditional routers use security filters and access control lists to control different access implementations for the company's network and database security requirements. One consequence of software-based processing is that once the secure transformer is enabled, the central processor needs to execute a significant increase in the number of commands on each package, which causes a sharp reduction in the performance of the router, for example, setting a DNS filter in some routers may cause a 70% performance reduction.

The performance loss related to the security characteristics of the exchange router is much smaller. When all the advanced features, including security, are activated, the exchange router can also provide the line rate performance. In a switched router, data packets are processed in a specific ASIC. Because the source and destination port information is captured, the application layer security and line rate performance may be achieved at the same time. For example, a network administrator can control users' access to company information based on their applications, rather than forbidding all users to access a specific application. This gives the network administrator more flexibility and better control over the company's network, and enables the desktop machine to choose to use more applications.

3. Improved traffic information for specific applications

Management measurement is an important part of network management. It cannot effectively manage networks without measuring network traffic. By tracking application flows, the exchange router improves traffic measurement, accounting, and performance monitoring capabilities. The accounting information is directly converted to RMON/RMON2 on the standard port, and no independent external RMON/RMON2 detector is required. In this way, the exchange router can always provide the line rate RMON/RMON2 (including all functional groups) on all ports, and the administrator can also directly access RMON/RMON2 from the exchange router.

Detailed accounting allows network administrators to understand which applications are consuming a large amount of bandwidth to balance the load between servers. For Internet service providers (ISPs), this detailed accounting feature enables them to provide a "phone bill" detailing the applications and bandwidth used by each user.

V. Summary

The development of network applications has promoted the improvement of network equipment. Although the third-layer switch solves the performance and price issues of IP/IPX routing, It is not ideal in application stream Recognition and Control. The exchange router solves this problem. It uses advanced ASIC Technology and uses hardware to directly process the layer-4 data stream. The exchange router has the following advantages: even during peak network usage, the application layer QOS policy can be used to ensure the optimal performance of the intelligent exchange router; detailed port traffic statistics allow you to quickly and conveniently diagnose network problems. To ensure the security of the trunk link, the line rate access control function ensures the stability of network performance.

Currently, many companies' smart exchange routers can provide the second, third, and fourth layer switch functions of the gibits per second on all ports, the high-speed dedicated ASIC chip performs packet forwarding by searching the second, third, and fourth layer headers of data packets. In addition, smart exchange routers can implement bandwidth allocation, fault judgment, and access control over TCP/IP application data streams by exchanging data packets on the layer, it also provides detailed traffic statistics and accounting information, as well as application-layer QOS policies and access control capabilities. Although the performance and functions of the exchange router are greatly improved through ASIC, the update process of the dynamic route table is still based on software. The original exchange router only supports the Router Information Protocol (RIP). For a simple network, RIP is generally enough, however, backbone exchange routers of large networks must support Open Shortest Path First (OSPF) routing protocols and other more complex routing protocols.

Recently, as multi-point Multicast (Multicast) applications become increasingly popular, a full set of standard-based Multicast protocols should be implemented for exchange routers, including support for multiple routing protocols, for example, the distance from the vector Multicast Routing Protocol (DVMRP) and the more scalable protocol-Independent Multicast Protocol (PM ).

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.