Multi-layer switching (also known as layer-3 switching technology or IP address switching technology) is proposed in contrast to the traditional concept of switching. As we all know, the traditional exchange technology operates on the data link layer, the second layer of the OSI network standard model, and the multi-layer exchange technology implements high-speed packet forwarding in the network model. To put it simply, the multi-layer exchange technology is the second-layer exchange technology + the third-layer forwarding technology.
The emergence of multi-layer switching technology solves the problem that after dividing the network segments in the LAN, The subnet must rely on routers for management, and solves the network bottleneck caused by the low speed and complexity of traditional routers. Of course, the multi-layer switch technology is not a simple stack of network switches and routers, but an organic combination of the two to form an integrated and complete solution.
Starting from switching and Routing
1. How does exchange technology forward data?
LAN switching technology is used to provide effective network segment division solutions for shared LAN. It enables each user to share the maximum bandwidth as much as possible. As mentioned above, the exchange technology operates on the data link layer in the OSI Layer-7 network model. Therefore, the switch forwards packets on MAC (Media Access Control) address-based on the physical address, it is transparent for the IP network protocol, that is, when the switch forwards data packets, it does not know the IP address of the source machine and the host machine, only the physical address is the MAC address. During the operation, the switch will constantly collect data to create an address table of itself. This table is quite simple. It shows the port on which a MAC address is found, so when the switch receives a TCP/IP packet, it will take a look at the destination MAC address of the label part of the packet, check your address table to confirm the port from which the packet is sent. Because the process is relatively simple, in addition, today this function is implemented by a brand new hardware-ASIC (Application Specific Interated Circuit), so the speed is quite high, generally only dozens of microseconds, the switch determines where an IP packet should be sent.
It is worth mentioning that if the switch receives an unknown packet, that is, if the destination MAC address cannot be found in the address table, the switch will "diffuse" the IP address packet, that is, it is sent out from every port, as if the switch handles a broadcast packet when it receives it. The weakness of a layer-2 switch is that it is too ineffective in handling broadcast packets. For example, when a switch receives a broadcast packet from a TCP/IP workstation, this packet will be sent to all other ports, even if some ports are connected to IPX or DECnet workstation! In this way, the bandwidth of non-TCP/IP contacts will be negatively affected, even if the same TCP/IP contacts, unless their subnets are the same as those of the workstation that sends the broadcast packet, otherwise, they will have no problems? It receives some network broadcasts irrelevant to them, and the efficiency of the entire network is greatly reduced.
2. What is the difference between router forwarding data and vswitches?
In contrast, a router operates at the network layer in the OSI Layer-7 network model. It receives any packet (including a broadcast packet) in the network ), the second layer (data link layer) information of the data packet must be removed (called "unpacking") to view the third layer information (IP address ). Then, the route of the data packet is determined based on the route table, and then the security access table is checked. If it is passed, the second-layer information is encapsulated (called "package"), and the data packet is finally forwarded. If the network address of the corresponding MAC address is not found in the route table, the router returns a message to the origin site and discards the packet.
Compared with vswitches, vrouters can obviously provide a series of access control mechanisms that constitute the enterprise network security control policies. Because a vro requires a "split" process for any data packet, even all data packets sent from the same source address to the same destination address must be repeated. This makes it impossible for a vro to have a high throughput, which is also one of the reasons why the vro becomes a network bottleneck.
3. Improve hardware performance and avoid router bottlenecks
Improving the hardware performance of a vro (using a higher speed and larger memory size) is not enough to improve its performance. In addition to hardware support, the router's "complex processing and powerful functions" are mainly implemented through software, which inevitably makes it a network bottleneck. In addition, when the traffic flowing through the vro exceeds its throughput, congestion will occur inside the vro. Continuous congestion will not only delay the forwarded data packets, but also cause the loss of data packets flowing through the router. These problems have brought great trouble to network applications. The complexity of the router also puts a heavy burden on network maintenance. For example, to add, move, or change users on the network, it is very complicated to configure the router.
4. vswitches and vrouters are also insufficient.
Combining vswitches with vrouters (which is also the network solution adopted by most enterprises today) is functionally feasible. However, there are obvious shortcomings:
Vswitches and vrouters are different devices in the network. They must be purchased, set up, and managed separately. They must spend more than one integrated and complete solution.
What problems does multi-layer exchange solve?
The limitations imposed by the traditional network structure on user applications are key issues to be addressed by the multi-layer switching technology. Currently, the maximum processing capacity of the most advanced vrouters on the market is 0.25 million packets per second, while the maximum processing capacity of the most advanced vswitches is more than 10 million packets per second. The difference between the two is 40 times. In a switching network, especially a large-scale switching network, it is unimaginable to have no routing function. However, the processing capability of the router limits the speed of the switching network, which is the problem to be solved by multi-layer switching.
To understand that layer-3 switching is not difficult, first look at the right: if A and B used to communicate through A switch before, if the switch in the middle supports layer-3 switching, then, the IP addresses of A and B and Their MAC addresses are recorded. When other hosts such as C want to communicate with A or B, the addressing packets sent to C are recorded, the layer-3 switch will send c a Reply packet to tell him the MAC address of A or B without thinking about it. Then C will of course use the MAC address of A or B to "directly" communicate with him.
Because no third party such as A vro is used by both parties, A, B, and C may belong to different subnets. Both of them can directly know the MAC address of the other party to communicate with each other. More importantly, layer-3 switches do not spread broadcast packets like other switches. layer-3 switches are called layer-3 switches because they can understand layer-3 information, such as IP addresses and ARP. Therefore, the layer-3 switch can understand the purpose of a broadcast packet, and meet the needs of the person who sends the broadcast packet without spreading it out, (whether they are in any subnet ). If the layer-3 switch is a router, it should also be called a super-high-speed anti-traditional router, because the layer-3 switch does not perform any "split" data packets, all packets passing by will not be modified and will be transferred to the destination at the exchange speed.
Article entry: dnbm responsibility Editor: dnbm