Layer-3 Switch Technology and Its Application in VLAN subnet Planning

Currently, layer-3 switches are widely used, especially in small and medium-sized enterprises. Here we mainly introduce the layer-3 Switch Technology and Its Application in VLAN subnet planning. In the traditional campus network mode, network interconnection is generally a multi-level switch connected to one or more trunk switches. The switches communicate with each other through routers, traditional routers work at the network layer of the OSI model and perform route computing and packet forwarding based on software.
 
With the expansion of campus network, the increase of users, and the rapid development of various IP-based applications such as video conferencing and distance education, traditional routes are increasingly becoming a bottleneck in campus network security management and traffic control, while traditional switches have fast processing capabilities. However, it is essentially a multi-port bridge that inevitably produces broadcasting and cannot implement routing. To solve this conflict, network vendors propose the idea of a layer-3 switch.

Working Principle and functions of layer-3 switches

A traditional router works at the network layer of the OSI Layer-7 model. When it receives any packet, including a broadcast packet, it removes the information on the layer-2 data link layer of the packet, view information on the third layer. Then, determine the route of the data packet based on the route table, encapsulate the second layer of information, and finally forward the data packet. The bottleneck of a router is that it is a connectionless device and its working mechanism makes it a forwarding and forgetting network device. Even all data packets sent from the same source address to the same destination address must repeat the same routing process, which makes it impossible for the router to have a high throughput. In addition, the complex processing and powerful functions of a router are mainly implemented by software, which inevitably makes it a network bottleneck.

With the development of the routing technology, the exchange technology, which is one of the solutions for network transmission bandwidth, has developed rapidly. The exchange network is a network system centered on switches. The network switches and multi-port bridges are very similar because they all work at the data link layer. When the network switches transmit data between different ports, they are also the destination MAC address based on data packets. The realization of a vswitch usually adopts a full hardware structure and is fast, but it does not have the ability to isolate broadcast data packets like a bridge.

L3 switching technology LAYER3SWITCHING is an emerging network interconnection technology that integrates the advantages of the above two technologies, also known as layer-3 switch technology. If you only consider IP, it is called IP exchange technology. Layer-3 Exchange routers use an ASIC chip that integrates the routing processing function on the basis of the dedicated data packet forwarding function, and combine the high-speed forwarding of the traditional layer-2 switch with the router routing function, the implementation of line rate routing solves the bottleneck of the router. There are two types of L3 switching technology solutions: Core-based and edge-Based Multi-layer Hybrid Switching. The former represents cisco's netflow switching and tagswitching switching, emphasizing the speed of the core layer of the switch, completely using ASIC hardware to achieve routing and switching at line speed, and the latter represents 3com's fastip, cabletron's virtual fast and secure network adopts the method of routing once on the third layer, and then switching the end-to-end network stream data group on the second layer. This is "one route, then swap "the policy. The powerful functions of the layer-3 Switch are as follows:

1) routes are calculated based on the L3 protocol. The supported routing protocols include r1_1, V2, and OSPF.

2) supports IGMP, DVMRP, and other common IP multicast protocols. When a vro receives a multicast packet, it first forwards the packet to the VLAN that contains the multicast group members, then, the packet is forwarded to the port of the multicast group member.

3) Quality of Service (QoS): the packets are given a specific priority, and packets with different priorities are delivered to different queues for forwarding.

4) supports standard SNMP Network Management Protocols and traditional command line interface (CLI ).

5) Multiple partitioning policies for virtual networks. In particular, they not only support traditional port-based VLAN division, but also support VLAN division based on IP addresses, subnet numbers, and protocol types, this brings great convenience to campus network management.

Therefore, the new layer-3 switch is used as the main device in the LAN of the campus and building. In addition to providing high bandwidth for message forwarding and the above features, it also provides security, monitors, manages, and configures services.

Application of layer-3 switching router in Virtual Network Planning

Virtual LAN (VLANVirtualLocalAreaNetwork), also known as virtual network, is defined as a location-independent LAN broadcast domain in terms of network management. VLAN technology is generated with the emergence of the exchange technology. It has the following benefits to divide several virtual subnets in a campus network:

1. Isolated broadcast. After dividing the virtual subnet, all broadcasts will be confined to the subnet of the current VLAN, which effectively increases the overall effective bandwidth of the network and isolates the broadcast storm of the network.

2. easy assignment and management of working groups. After virtual networks are divided, the working groups are no longer limited to their physical locations, but can be divided according to their functions, so as to achieve the independence between the physical structure of the network and the virtual subnet.

3. Enhanced network security. Because of the logical independence of VLAN subnets, you can define security policies for each virtual network based on actual conditions to effectively avoid illegal intrusion and improve the security of each virtual network.

Before the launch of the layer-3 switch, the switch provides only two VLAN division methods. The first is based on the port. That is, you can divide machines on one or more ports into one VLAN, which is similar to physical network segments and cannot implement location-independent virtual network configurations. The second is based on the MAC address. That is, the subnet is divided by the MAC address. This policy implements a location-independent virtual network. However, it is inconvenient to add or delete nodes in the subnet.