L2, L3, and L4 Switches

Layer 2 switching

The development of L2 Switch Technology is relatively mature. L2 Switch is a data link layer device that can identify the MAC address information in the data packet and forward it according to the MAC address, the MAC addresses and corresponding ports are recorded in an internal address table.

The specific workflow is as follows:

(1) When the switch receives a packet from a port, it first reads the source MAC address from the packet header, so that it knows the port on which the machine with the source MAC address is connected;

(2) read the target MAC address in the header and find the corresponding port in the address table;

(3) If the table contains a port corresponding to the destination MAC address, copy the data packet directly to the port;

(4) If no corresponding port is found in the table, the packet is broadcast to all ports. When the target machine responds to the source machine, the switch can learn which port the target MAC address corresponds, the next time you transmit data, you no longer need to broadcast all ports. In this process, the MAC address information of the entire network can be learned. The second-layer switch creates and maintains its own address table.

The working principle of a L2 Switch can be inferred from the following three points:

(1) because the switch exchanges data on most ports at the same time, it requires a wide switching bus bandwidth. If the L2 Switch has N ports, the bandwidth of each port is M, if the bandwidth of the vswitch bus exceeds n × m, the vswitch can achieve line rate switching;

(2) the MAC address of the machine connected by the Learning port, write the address table, and the size of the address table (two common expressions: one is beffer ram, and the other is the Mac Table value ), the address table size affects the access capacity of the vswitch;

(3) Another layer-2 switch generally contains an ASIC (Application Specific Integrated Circuit) chip used to process packet forwarding, so the forwarding speed can be very fast. Because different manufacturers use different ASIC, the product performance is directly affected.

The above three points are also the main technical parameters used to judge the performance of Layer 2 and Layer 3 switches. Please pay attention to the comparison when considering device selection.

Layer-3 Switching

Next, let's take a look at the working process of a layer-3 Switch through a simple network.

Device A with IP address ---------------------- layer-3 Switch ---------------------- Device B with IP Address

For example, if a wants to send data to B and the target IP address is known, A uses the subnet mask to obtain the network address and determine whether the destination IP address is in the same network segment as itself. If a is in the same network segment but does not know the MAC address required for data forwarding, A sends an ARP request, B returns its MAC address, and a uses this mac encapsulation packet to send it to the switch concurrently, the second-layer switch module is used to find the MAC address table and forward data packets to the corresponding port.

If the destination IP address is not displayed in the same CIDR block, a needs to communicate with B, and there is no corresponding MAC address entry in the stream cache entry, send the first normal data packet to a default gateway. This default gateway is usually set in the operating system and corresponds to the layer-3 routing module. Therefore, we can see that for data not in the same subnet, the MAC address of the default gateway is first placed in the Mac table. Then, the layer-3 module receives the packet and queries the route table to determine the route to B. A new frame header is constructed, the MAC address of the default gateway is the source MAC address, and the MAC address of host B is the target MAC address. Through a certain identification trigger mechanism, it establishes the MAC address and forwarding port correspondence between host a and host B, and records the data from host a to host B in the stream cache entry table, it is directly submitted to the layer-2 Switching Module. This is generally referred to as one-time route forwarding.

The above is a brief summary of the three-layer switch process. We can see the characteristics of the three-layer switch:

(1) hardware is combined to achieve high-speed data forwarding. This is not a simple superposition of Layer 2 switches and routers. The Layer 3 routing module is directly superimposed on the Layer 2 switching high-speed backplane bus, breaking through the interface speed limit of traditional routers, the speed can reach dozens of Gbit/s. Calculating the backboard bandwidth is two important parameters for the performance of a layer-3 switch.

(2) Concise routing software simplifies the routing process. Most of the data forwarding, except for the necessary route selection, is handled by the routing software, and is a layer-2 module for high-speed forwarding. Most of the routing software is an efficient optimization software that has been processed, it is not a simple copy of the software in the router.

Selection of L2 and L3 Switches

L2 switches are used in small local networks. There is no need to talk about this. In a small LAN, broadcast packets have little impact, the two-layer switch's fast switching function, multiple access ports, and low price provide a perfect solution for small network users.

The advantage of a vro lies in its rich interface types, powerful three-tier functions, and powerful routing capabilities. It is suitable for routing between large networks. Its advantage lies in the selection of the best route and load balancing, router functions such as link backup and exchange of route information with other networks.

The most important function of a layer-3 switch is to accelerate the fast data forwarding within a large local area network. If a large network is divided into small local networks by department, region, and other factors, this will lead to a large number of Internet mutual access. Simply using a layer-2 switch cannot achieve Internet mutual access. For example, simply using a router, due to the limited number of interfaces and slow route forwarding speed, the network speed and network scale will be limited. Using a layer-3 switch with the routing function for fast forwarding will become the first choice.

In general, in a network with a large volume of intranet data streams and fast response requirements, if all three-layer switches do this, the layer-3 switches will be overloaded and the response speed will be affected, it is a good networking strategy to make full use of the advantages of different devices by handing over the routes between networks to routers. Of course, the premise is that the customer's pockets are great; otherwise, they will leave for the second place, the layer-3 switch is also connected to the Internet.

========================================================== ==================

A simple definition of layer-4 switching is that it is a function that determines that transmission is not only based on the MAC address (layer-2 Bridge) or the source/Target IP address (layer-3 route ), based on the TCP/UDP (Layer 4) application port number. The layer-4 switching function is like a virtual IP address pointing to a physical server. Its transmission services are subject to a variety of protocols, including HTTP, FTP, NFS, telnet, or other protocols. These services require complex load balancing based on physical serversAlgorithm.

In the IP address world, the service type is determined by the TCP or UDP port address of the terminal. The application interval in the layer-4 switch is jointly determined by the source and terminal IP addresses, TCP and UDP ports. In the layer-4 switch, a virtual IP address (VIP) is set up for each server group for search. Each group of servers supports an application. Each application server address stored in the Domain Name Server (DNS) is a VIP address, rather than a real server address. When a user applies for an application, a VIP Connection Request (such as a tcp syn Packet) with the target server group is sent to the server switch. The server switch selects the best server in the group, replaces the VIP in the terminal address with the actual Server IP address, and sends the connection request to the server. In this way, all packets in the same range are mapped by the server switch and transmitted between the user and the same server.

Principle of layer-4 Switching

The fourth layer of the OSI model is the transport layer. The transport layer is responsible for peer communication, that is, coordinated communication between the network source and the target system. In the IP protocol stack, This is the protocol layer of TCP (a Transport Protocol) and UDP (user data packet protocol.

In layer-4, the TCP and UDP headers contain port numbers, which uniquely differentiate which application protocols (such as HTTP and FTP) are contained in each packet ). The endpoint system uses this information to distinguish packet data, especially the port number, so that a computer system at the receiving end can determine the type of the IP packet it receives and hand it over to appropriate high-level software. A combination of port numbers and device IP addresses is usually called "socket )". The port numbers between 1 and 255 are retained. They are called "well-known" ports, that is, these ports are the same in all TCP/I p protocol stack implementations of the host. In addition to the "well-known" port, standard UNIX services are allocated between port 256 and port 1024. custom applications generally allocate port numbers over port 1024. You can find the latest list of allocated port numbers on rfc1700 "Assigned Numbers.

The additional information provided by the TCP/UDP port number can be used by the network switch, which is the basis for layer-4 switching. A vswitch with the layer-4 function can act as the "virtual IP" (VIP) frontend connected to the server. Each server and server group supporting a single or common application is configured with a VIP address. This vip address is sent and registered on the domain name system. When a service request is sent, the layer-4 switch identifies the start of a session by determining the start of TCP. Then it uses complex algorithms to determine the best server for processing this request. Once this decision is made, the switch associates the session with a specific IP address and replaces the VIP address on the server with the real IP address of the server.

Each layer-4 switch stores a source IP address that matches the selected server and a connection table associated with the source TCP port. The layer-4 switch then forwards the connection request to the server. All subsequent packets are reinjected and forwarded between the client and the server until the switch discovers a session. When layer-4 switching is used, the access can be connected to a real server to meet user-defined rules, for example, the number of connections on each server is equal or the transmission stream is allocated based on the capacity of different servers.

How to choose a layer-4 Switch

(1) Speed

To be effective in Enterprise Networks, layer-4 switching must provide comparable performance with layer-3 line rate routers. That is to say, layer-4 switching must operate on all ports at full-media speed, even on multiple Gigabit Ethernet connections. The Gigabit Ethernet speed is equal to the maximum speed of 1488000 packets per second (assuming the worst case, that is, all packets are the minimum size defined by the network and are 64 bytes long ).

(2) server capacity balancing algorithm

Based on the desired capacity balancing interval, there are many algorithms for layer-4 switches to allocate applications to servers, there are simple detection loop recent connections, detection loop latency, or detection server closed loop feedback. Among all predictions, closed-loop feedback provides the most accurate detection that reflects the current business volume of the server.

(3) Table capacity

It should be noted that the switch for layer-4 Switching requires the ability to differentiate and store a large number of sending table items. This is especially true for vswitches at the core of a CEN instance. The size of many second/third-layer switches tends to be proportional to the number of network devices. For a layer-4 switch, this quantity must be multiplied by the number of different application protocols and Sessions used in the network. Therefore, the size of the table to be sent increases rapidly as the number of device and application types increases. Layer-4 switch designers need to consider this growth when designing their products. Large table capacity is critical to manufacturing high-performance switches that support line rate transmission of layer-4 traffic.

(4) Redundancy

The layer-4 switch supports the redundant topology. When there is a dual-link network card with fault tolerance connection, it is possible to establish a completely redundant system from a server to the network card, the link and the server switch.

Manageable vswitches

Network Management switches can be managed through the following channels: Through RS-232 serial port (or parallel port) management, through Web browser management and through network management software management.

1. Manage through serial port

A serial port cable is attached to a network management switch for management. First, insert one end of the serial port cable into the serial port on the back of the switch, and the other end into the serial port of the general computer. Connect the vswitch to the computer. Both Windows 98 and Windows 2000 provide "Super Terminal"Program. Open "Super Terminal". After setting the connection parameters, you can use the serial port cable to interact with the switch, as shown in figure 1. This method does not occupy the bandwidth of A vswitch. Therefore, it is called "out of band ).

In this mode, the switch provides a menu-driven console interface or command line interface. You can use the "tab" key or the arrow key to move the menu and sub-menu, press the Enter key to execute the corresponding command, or use a dedicated switch to manage the switch. The command sets of vswitches of different brands are different. Even vswitches of the same brand have different commands. It is more convenient to use menu commands.

2. Web Management

A network management switch can be managed through a Web browser, but an IP address must be specified for the switch. This IP address is not used unless used by the Management Switch. By default, a vswitch does not have an IP address. You must specify an IP address through the serial port or other methods before you can enable this management mode.

When you use a web browser to manage a vswitch, The vswitch is equivalent to a Web server, but the webpage is not stored in the hard disk, but in the nvram of the vswitch. You can upgrade the web program in NVRAM through a program. When the Administrator enters the IP address of the switch in the browser, the switch will pass the webpage to the computer just like a server. At this time, it will give you the feeling that you are visiting a website, as shown in 2. This method occupies the bandwidth of A vswitch, so it is called "in band ).

If you want to manage a vswitch, you only need to click the corresponding function on the webpage and change the vswitch parameters in the text box or drop-down list. Web management can be implemented on the LAN, so remote management can be implemented.

3. Manage through network management software

All network management switches comply with the SNMP protocol (Simple Network Management Protocol). The SNMP protocol is a complete set of network equipment management specifications that comply with international standards. All devices that follow the SNMP protocol can be managed through the network management software. You only need to install an SNMP network management software on a network management workstation. Through the LAN, you can easily manage vswitches, routers, and servers on the network. As shown in Interface 3 of SNMP network management software, it is also an in-band management mode.

You can manage network management switches in the preceding three ways. Which method is used? When a vswitch is initially set, it usually needs to be managed out of band. After an IP address is set, you can use the in-band management mode. In-band management because the management data is transmitted through the public LAN, remote management can be implemented, but the security is not strong. Out-of-band management is implemented through serial communication, and data is transmitted only between switches and Management machines. Therefore, it is highly secure. However, due to the limitation of the length of the serial port cable, remote management cannot be implemented. So which method you use depends on your security and manageability requirements.