Measure the test taker's knowledge about the basic features of a layer-3 Switch to achieve a technological leap.

Understanding the basic features of a layer-3 Switch makes a technological leap. Improper use of the basic features of a layer-3 switch will not cause many simple problems. Next, let's look into the reasons for the inability to access the Internet and provide some answers, it allows you to reasonably set up the use of layer-3 switches to solve related problems.

In the overview section, we provide a summary of the basic features of layer-3 switches, which have the following features:
◆ Layer-2 switching and layer-3 Intercommunication
◆ Implement layer-3 exact match Query
◆ Optimized for LAN, especially Ethernet
◆ Introduced some features that do not exist on both L2 switches and L3 Routers
◆ Implemented initial BAS Functions

Generally, a layer-3 switch can be called as long as it can achieve the first point. However, most of the currently popular layer-3 switches are not limited to the first point, but implement most of the above functions. Therefore, in order to better understand the layer-3 switch, we will detail the above features.

Layer-2 switching and layer-3 Intercommunication

A layer-3 switch is a switch, that is, the layer-2 switch function. On Ethernet, like a common L2 Switch, a l3 switch also maintains an address table for L2 switching, which is usually called a CAM table. This table is the correspondence between the MAC address and the outbound interface.

In this way, when an Ethernet data frame is received, the layer-3 Switch determines how to determine the basic features of the layer-3 switch if the data frame is not sent to itself, in the following sections, we will explain in detail). Then, the CAM table is queried based on the target MAC address of the data frame. If it can hit the so-called hit, is to find the forwarding item corresponding to the MAC address in the CAM table), then based on the query result, it is usually an output interface list for forwarding. If the data frame cannot be hit, the data frame is broadcast to all ports.

The cam table of the vswitch can be obtained in multiple ways, such as static configuration and dynamic learning. For multicast, you can also get attention through various multicast protocols, such as IGMP Snoop and GMRP, multicast forwarding tables cannot be obtained through learning. Different from normal forwarding items, multicast forwarding entries may have more than one egress but an egress set, if you want to learn more about some basic concepts of multicast, refer to the previous topic materials ). But for unicast, the most important way to establish it is to learn.

When the switch receives a data frame, it extracts the target MAC address of the data frame and queries the CAM table accordingly. If the result can be found, it forwards the data frame according to the result, if the hit is not hit, it is copied to all ports except the acceptor port.

While forwarding data, the switch also performs a learning process. The switch extracts the source MAC address of the data frame and queries the CAM table, check whether there are forwarding entries for this MAC address in the CAM table. If not, bind the MAC address to the port on which the MAC address is received, and insert the entries in the CAM table, in this way, when receiving a data frame sent to the MAC address, you do not need to broadcast to all ports, but only send to this port.

It should be noted that the data Frame Forwarding is based on the target MAC address to query the CAM table, while the learning of the CAM table is based on the source MAC address. The CAM table of vswitch dynamic learning is not static, but starts a timer. When the timer decreases to zero, the CAM table is deleted, each time this CAM table item is used for forwarding, the initial timer value is restored.

In this case, no VLAN is used. Currently, all vswitches implement VLAN (Virtual LAN). For details, refer to the relevant Ethernet tutorial ), in this way, the CAM table for forwarding on the switch is changed from the original two corresponding MAC addresses and interfaces) to three corresponding MAC addresses, vlan id, and egress ), in this way, when a data frame is received, the switch queries the CAM table based on the destination MAC address and vlan id of the data frame, finds the interface, and forwards the data frame.

However, if the switch fails to query the CAM table based on the MAC address and vlan id, it does not have a correspondence with the MAC and vlan id, the switch copies the data frame to all ports included in the VLAN except the receiving port. If you only use the CAM table to determine which ports are contained in a VLAN, you must traverse the entire CAM table. In this way, if the CAM table is large, it is generally 4 K or above ), the efficiency is particularly low.

Therefore, when VLAN is implemented on a general switch, another table is created, namely, the VLAN configuration table, which contains the correspondence between VLAN IDs and all ports, that is, you can query the table by vlan id to find all ports contained in the VLAN. This makes it very easy to broadcast packets in the VLAN. Another problem is how the vlan id of the data frame is obtained. A vswitch attaches a vlan id to a data frame according to the following principles:

◆ If the port receiving the data frame is a non-TAG port and the data frame is a common data frame, the default vlan id of the port is appended: when a non-TAG port receives a data frame containing a vlan id, make a judgment. If the vlan id = port PVID, it can receive the data; otherwise, it is discarded.

◆ If the port receiving the data frame is a TAG port and the data frame is a common data frame, the default vlan id of the port is appended;

◆ If the received data frame port is a TAG port and the data frame carries its own vlan id through the 802.1Q Protocol), the vlan id of the data frame is the vlan id carried. note that before querying the CAM table for forwarding, the VLAN switch first attaches the vlan id to the data frame.

The above functions are both layer-2 functions. As a layer-3 switch, the above functions must be implemented, but the basic feature of the layer-3 switch is the interconnection between VLANs. On a layer-3 Switch, VLAN communication is achieved by implementing a virtual VLAN interface. For each VLAN, the switch maintains an interface corresponding to the VLAN, this interface is invisible to external users and is a virtual interface. However, this interface has all the features of physical interfaces, such as MAC addresses, you can configure the maximum transmission unit and the Ethernet frame type for transmission.

In the above description, we mentioned that when the switch receives a data frame, it determines whether it is sent to itself, check whether the MAC address is the MAC address of the interface of the VLAN where the received data frame is located. If yes, perform layer-3 processing. If not, perform layer-2 processing, forward data according to the preceding process.

Since Layer-3 Forwarding is implemented, the switch must maintain a layer-3 forwarding table. This table can be a FIB table based on the longest matching query, or a layer-3 Forwarding Table Based on the precise matching of the destination network address, this is related to the manufacturers. In this way, when the switch receives a data frame, the destination MAC address of the data frame is the same as the MAC address of the VLAN Interface corresponding to the data frame, layer-3 Forwarding is performed.

The forwarding process is to query the three-layer forwarding table. The query result is one or more. When the data frame is multicast, the egress and the corresponding two-layer encapsulated data are returned, the switch then modifies the three-layer data frame carried by the data frame, for example, IP or IPX datagram. For example, it modifies the CHECKSUM. In the IP protocol, it also degrades the TTL field and recalculates CHECKSUM, after this is done, the layer-3 data packet is encapsulated in layer-2 mode based on the layer-3 Forwarding Table query results) and sent from the corresponding interface.

The formation of this layer-3 forwarding table is very different from that of the layer-2 Forwarding Table CAM table. It is formed by querying the route table and passing through other protocols such as ARP. Later, we will introduce the formation of a three-tier forwarding table with examples.

◆ A layer-3 Switch has all the functions of a layer-2 switch, such as filtering MAC addresses, that is, unicast Forwarding Based on MAC addresses) and generating Tree Protocols;

◆ The basic features of a layer-3 Switch are that VLAN interfaces are interconnected by assigning a VLAN interface to each VLAN. The VLAN interface has its own MAC address and IP address. The destination MAC address is a data frame of the VLAN interface, all vswitches perform layer-3 forwarding or self-receive-depending on whether the destination IP address is the interface address of the vswitch.