Layer-3 Switch selection and some precautions

Modern LAN infrastructure needs to provide a new solution to the problem of data transmission through network boundaries. This requires a second-layer switch and LAN router at the same time, in addition, the latency is less than the brand-new device of the traditional LAN router. We usually call it a layer-3 switch.

Not all networks are based on Ethernet. FDDI and ATM are also the most commonly used LAN backbone technologies. ATM was once seen as the only network technology in the multimedia era. Many other technologies, such as Gigabit Ethernet, have the potential to become the backbone technology of tomorrow's LAN. A considerable number of Gigabit Ethernet switches support QoS and CoS, and provide high bandwidth, with the ability to transmit sound, images, multimedia data, and so on. Although its QoS stability is not as good as that of ATM, its low price and low complexity are better than that of ATM technology, and it is easy to connect with existing network products. From the above facts, it can be inferred that any network device to be used for backbone networks must support the interconnection between these technologies and provide the ability to upgrade between these technologies.

In the past, only about 20% of the data in the network was normally communicated with the central server or other part of the enterprise network through the backbone router, and the proportion has been increased to 50% today. We all know that in order to cope with the increasing data traffic, shared media networks have been replaced by switching networks. This change has a direct impact on the traditional routers used for network segmentation. In view of the large traffic that spans the IP address or IPX subnet, the router has actually become the bottleneck of network transmission. The reason is that traditional routers focus more on multiple media types and transmission speeds. Currently, data buffering and conversion capabilities are more important than line rate throughput and low latency. Although the performance of the router has also been improved recently-about 1 mpps-the cost of using this router is also astonishing.

Currently, the mainstream layer-3 switches on the market mainly include Cisco's Catalyst 2948G and 3Com's CoreBuilder 3500. When selecting a layer-3 switch, you can determine and select the above products based on your needs. I will introduce the above two products, so that you can fully understand the mainstream layer-3 switches, select an appropriate model based on your situation.

Cisco Catalyst 948G-L3 switch supports Internet Protocol IP addresses), Internet Packet Exchange IPX)

Fixed layer-3 L3 L3 Ethernet switches that provide line rate switching with IP multiplexing. This type of Catalyst switch can provide the required high performance for medium-sized campus trunk with the appropriate port density. It is ideal for working group switches that are concentrated in multiple wiring rooms or as other backbone switches such as Catalyst 2900, Catalyst 3500, Catalyst 4000, or Catalyst 5000 switches.

The Catalyst 2948-L3 switch not only provides non-blocking routing and switching for IP, IPX, and IP multi-channel transmission, but also provides non-blocking routing and switching for non-routing protocols, the second layer of line rate switching is also provided for non-routing protocols. For example, NetBIOS and DECnet local transmission LAT ). This feature allows network administrators to expand their multi-protocol backbone network through Gatalyst 2948GO-L3 without having to build a parallel network as if they were using only IP switches.

Catalyst 2948G-L3 has the following features:

* 48 dedicated 10/100-Mbps Ethernet ports and two 1000BaseX Gigabit Ethernet ports that support GBIC. All ports have layer-3 switching functions.
* High Performance: layer-3 switching and routing of 10 Mbps over IP address, IPX switch, and IP address multiplexing.
* 22 Gbit/s non-blocking switching optical fiber.
* High-performance CPU with Cisco IOS software.
* Service Quality Q o S) -- multiple queues with Weighted Round-trip WRR) transfer.
* A comprehensive management tool based on standard Cisco Works2000 applications.
* Optional redundant external power supply

The vswitch is ideal in an environment that requires layer-3 line rate performance but does not require many 10/100 Mbps Ethernet ports. It can also be used to deploy small-and medium-sized network trunk to provide Gigabit Ethernet density for the Catalyst 6000 and Catalyst 8500 series switches.

The Catalyst 2948G-L3 can provide a set throughput of over 10 Mbps. This data rate is the result of a real layer-3 Switching Using High-Speed Application dedicated Integrated Circuit ASIC) technology on each port, not only applicable to IP and IPX traffic, it also applies to IP address multiplexing and bridge traffic. Catalyst 2948G-L3 supports a high-performance architecture with 22 Gbps bandwidth. The Switched Optical Fiber supports all 48 10/100 ports and 2 gigabit uplink connections at a wire speed.

The Catalyst 2948G-L3 can be installed in a 1.5RU chassis and can be equipped with an optional external redundant power supply. It supports 22 Gbit/s shared memory, completely non-blocking switching optical fiber, and a high-performance RISC processor that provides routing intelligence and ASIC based on different ports for layer-3 switching. Catalst 2948G-L3 uses the Cisco Express Forwarding (CEF) developed for Cisco 12000 series Gigabit exchange router GSR, Catalyst 8500 and Cisco 7500 ). This technology provides layer-3 Switching Based on the entire network topology that is distributed to each port-Based ASIC. This allows it to independently make exchange decisions without the involvement of a centralized CPU.

The unique 3Com CoreBuilder 3500 is also an excellent layer-3 switch. It is built around the key third-generation structure of fire asic. This structure not only improves the performance of layer-2 switching, but also provides performance levels with more flexibility and line rate, such as layer-3 routing, multicast, and user-selectable policy services. The performance mismatch between Layer 2 and Layer 3 will no longer exist. The real layer-3 switching network structure can achieve both the performance of the layer-2 and the control capability of the layer-3 network, without compromising the network performance.

The CoreBuilder 3500 switch uses advanced distributed ASIC + RISC technology to provide Layer 2 and Layer 3 communication capabilities for line speed. The total data throughput can exceed 4 million packets per second. Because a policy-based service mechanism is used to support QoS and service category CoS, and dynamic traffic classification PACE technology and resource retention protocol RSVP are used ), the vswitch supports real-time multimedia network communication to improve throughput, reduce latency, and ensure security. At the same time, because the switch, HUB, and nic adopt a unified system environment, the performance of the switch is brought to full play, and image transmission can be supported in the Ethernet environment.

In addition, 3Com CoreBuilder has the following features:

Dynamic and scalable Storage

The high performance of the vswitch comes from the intelligent design of the storage subsystem. It uses FIRE, and some buffer storage is directly associated with the forwarding engine. In addition, because the interface module is added together with their respective forwarding engines, the memory can be expanded accordingly. Memory is not statically integrated with a forwarding engine, but is effective for all forwarding engines of the system. This physically distributed but globally shared memory greatly improves the performance, especially for multicast transmission. FIRE dynamically allocates a buffer based on the size of the received package. Both the large package and the small package can obtain a buffer with the proper size. This can effectively use the memory and improve the reliability of the system when processing large burst data streams. These dynamically constructed buffers are allocated at each port and public storage pool. This arrangement enables the FIRE to effectively change the buffer size of each port in case of burst data streams without consuming resources. The result is an excellent performance that improves the network rate.

Advanced Queuing Organization

The traditional LAN switches use a single first-in-first-out queue to buffer the output. When the queue is full, the excess parts are discarded.

To reduce this situation, the queue must be large, which increases the latency. These properties make it difficult to apply to real-time or multimedia network applications. In this case, 3Com introduced the PACE technology. PACE technology provides different types of services on the same Ethernet and controls latency and jitter. The FIRE structure uses the PACE technology and introduces a four-level output queue to meet the needs of more transmission categories. The weighted fair queue (WFQ) algorithm can serve high-priority queues more frequently while ensuring the services of low-priority queues.

Automatic traffic classification

FIRE can guide its package processing pipeline to differentiate different types of transmission defined by users. These user-defined priority settings are implemented at the chip level. The results are shown in reduced latency, high-priority transmission, and congestion avoidance. The AutoClass pilot assembly line classifies data streams and gives them queue-based priority. This operation is independent of media and can be applied to Ethernet, FDDI, and ATM. AutoClass can identify data connection encapsulation such as SNAP and LLC, and distinguish protocol types, such as IP, UDP, TCP source address, destination address, and common port. In addition to the default classification, the ing between 802.1p and 802.1Q services can also be used as a classification. To make the classification of transmission management easier, the TranscendWare Network Management Program provides a simple configuration method for classification and queue.

In large networks, especially large transportation management information systems, security is critical. CoreBuilder 3500 layer-3 switches support security level and virtual subnet division. Considering that a department may be dispersed in different buildings, the virtual network in the 3500 switch is not divided by the location, but by the Application Department, in addition, the security levels of each sub-network are different. Departments with higher security levels are allowed to access departments with lower security levels. Otherwise, they are not allowed. This not only enables information flow by department, but also enables traffic control and security isolation. In addition, the 3Com device has the anti-theft function. You can use the network management system to disable unused ports. This prevents network attacks by using the protocol analyzer and confidential information leakage.