Layer 3 Exchange Technology

1. Introduction In today's network construction, the new three-tier switch has become our first choice. It is recognized and praised by users for its efficient performance and excellent performance and price ratio. At present, layer-3 switches have been widely used in enterprise network/campus network construction, Smart Community Access, and many other occasions. market demands and technological updates promote the development of such applications in depth. 　　2. Traditional Exchange Technology A traditional LAN switch is a L2 network device that constantly collects information during operations to create a MAC address table. This table is quite simple and basically shows the port on which a MAC address is found. Then, when the switch receives an Ethernet packet, it will view the destination MAC address of the packet and check its address table to confirm the port from which the packet is sent. But when the switch receives an unknown packet, that is to say, if the destination MAC address is not in the MAC address table, the switch will "spread" the packet, that is, it will be sent from all ports, just as a vswitch receives a broadcast packet, this exposes the weakness of a traditional LAN switch: it cannot effectively solve broadcast, heterogeneous network interconnection, security control, and other problems. Therefore, the VLAN (Virtual LAN) technology on the switch is generated. 　　3. layer-3 Exchange Technology Layer-3 switching (also known as multi-layer switching technology or IP address switching technology) is proposed in contrast to the traditional concept of switching. As we all know, the traditional exchange technology operates on the Layer 2-data link layer in the OSI Standard network model, while the Layer 3 exchange technology implements high-speed packet forwarding in the network model. Simply put, layer-3 switching technology is "layer-2 switching technology + layer-3 forwarding ". The emergence of layer-3 switching technology solves the problem that the subnet in the network segment must be managed by the router after the network segment is divided in the LAN, and solves the network bottleneck problem caused by the low speed and complexity of the traditional router. A device with layer-3 switching is a layer-2 switch with layer-3 routing, but it is an organic combination of the two, instead of simply adding the hardware and software of the router device to the LAN switch. The following example shows how a layer-3 Switch works. Assume that two sites A and B that use the IP protocol communicate with each other through the layer-3 Switch. When sending Site A, they will first compare their IP addresses with the IP addresses of site B, determine whether Site B is in the same subnet as itself. If the destination site B and the destination site A are in the same subnet, Layer 2 Forwarding is performed. To obtain the MAC address of Site B, site a first sends an ARP broadcast packet to request the MAC address of site B. After the ARP request packet enters the switch, it first learns the source MAC address. The chip automatically enters the MAC address of Site A and the port number of the switch into the MAC address table of the chip, then, search for the target address in the MAC address table. Because it is a broadcast packet, the switch broadcasts the broadcast packet from the VLAN to which the switch port belongs. After receiving the ARP request, site B immediately sends an ARP reply packet, which is a single broadcast packet with the target address as the MAC address of Site. After the package enters the vswitch, it also learns the source MAC address and then searches for the target address. Because the MAC address table already contains a match entry for the MAC address of Site, therefore, the switch forwards the packet directly from the corresponding port. Through the previous ARP process, the exchange chip saves the information of Site A and site B in its MAC address table. After communication between A and B, or other sites in the same network segment want to communicate with A or B, the switch will know the port from which the packet is sent. It must also be noted that, when searching for the MAC address table, the match Table item cannot be found, and the message is not a broadcast or multi-broadcast file, in this case, this message is called the DLF (destination lookup failure) packet. The switch processes such packets as when it receives a broadcast packet, spread the packet from the VLAN to which the incoming port belongs. From the above process, we can see that all layer-2 Forwarding is completed by hardware. No software intervention is involved in both the learning process of the MAC address table and the process of determining the output port by searching the destination address. Next, let's take a look at how two sites implement cross-network communication through a layer-3 switch. In the preceding example, sites A and B communicate with each other through a layer-3 switch. The CIDR blocks of Site A and site B both belong to the direct connection CIDR blocks of the vswitch. If Site A and site B are not in the same subnet, the sender a must first send an ARP request packet to the "Default Gateway, the IP address of the "Default Gateway" is actually the IP address of the VLAN to which site a belongs on the layer-3 switch. When station a broadcasted an ARP request to the IP address of the "Default Gateway", the switch sent an ARP reply packet to Station A, telling the MAC address of the VLAN of the Site, at the same time, you can set the IP address, MAC address, and port number of Site A directly connected to the switch to the layer-3 hardware table of the switch chip through software. After receiving the ARP reply packet, Site A replaces the destination MAC address and sends the packet to B to the switch first. After receiving the package, the switch first learns the source MAC address. The destination MAC address is the MAC address of the switch, in this case, the paper will be sent to the layer-3 engine of the switch chip for processing. Generally, the layer-3 engine has two tables, one of which is the host route table, which is indexed by IP addresses, which stores information such as the destination IP address, Next Hop MAC address, and port number. If a matching table item is found, the packet will be forwarded from the specified port in the table after some operations (such as replacing the destination MAC with the source MAC, and decreasing the TTL by 1) are performed. If no matching entry is found in the host route table, the route table of the CIDR Block in the other table is queried. This table stores the network segment address, next-hop MAC address, port number, and other information. In general, this table has much fewer entries, but it covers a large range. As long as it is set properly, it can basically ensure that most of the packets entering the switch are forwarded by hardware, this not only greatly improves the forwarding speed, but also reduces the CPU load. If no matching table is found for the CIDR Block route table, the switch Chip sends the packet to the CPU for processing and performs a soft route. Because Site B is one of the direct connection CIDR blocks of the switch, after the CPU receives this IP packet, it will directly check the ARP cache with the IP address of B as the index. If there is no MAC address of Site B, then, an ARP request is sent to Station B based on the route information. Station B receives the ARP request and replies to the switch with its MAC address. When the CPU receives the ARP reply packet, you can also set the IP address, MAC address, and port number of the Site B to the layer-3 hardware table of the switch chip through software, then, the IP packet sent from site A is forwarded to Site B, which completes the first one-way communication between Site A and site B. Because the layer-3 engine inside the chip has saved the routing information of Site A and site B, the sites that will communicate with site A and site B in the future or other network segments want to communicate with sites A and site B, the switch chip directly forwards the package from the port specified in the three-tier hardware table item, without having to hand over the package to the CPU for processing. This method greatly improves the forwarding speed through "one route and multiple exchanges. It should be noted that the route table items in the layer-3 engine are mostly set through software.