Summary of layer-4 Switch Technology Theory and Practice

The main difference between layer-4 switching and layer-3 switching is that this filtering capability is implemented in ASIC dedicated high-speed chips, and even the same brand of switches have different commands. It is more convenient to use menu commands.

1. Data Packet Filtering: On a traditional router, use the layer-4 Information port number to define the access control list filtering rule. Layer-4 Switching also uses the concept of control list, but unlike software-based routers, layer-4 switching is implemented in ASIC dedicated high-speed chips, so that the filtering control can be implemented at line rate.

2. Service Quality: The layer-4 Information of TCP/UDP can also be used to establish the priority of Application Communication. Layer-4 switching allows the use of port-based applications) to differentiate priorities and set priority queues to ensure that important traffic, such as VOIP and video, is processed as quickly as possible, enable emergency applications to obtain high-level network services.

3. Server Load balancer: the principle of layer-4 Server Load balancer is to exchange virtual connections based on IP addresses and TCP ports, and send data packets directly to the corresponding ports of the target computer. A switch with layer-4 Switching capabilities can act as a hardware Load balancer to achieve server load balancing.

The layer-4 switch is based on the hardware chip, so the performance is very good. Especially for the speed of network transmission, the switching speed far exceeds the normal packet forwarding speed. The layer-4 switch is used. All cluster hosts are connected to the external Internet through the layer-4 switch. When an external customer asks a server, the layer-4 switch dynamically allocates the server to achieve dynamic load balancing, when one of the servers fails, the switch dynamically distributes all traffic to other hosts in the cluster.

4. host backup connection: the host backup connection provides redundant connections to port Devices to effectively protect the system in the event of a switch failure. This service allows you to define a Master/Slave switch, as defined in a virtual server, they have the same configuration parameters.

Because the layer-4 switch shares the same MAC address, the backup switch receives the same data as the master unit. This enables the backup switch to monitor the communication content of the master switch service. The primary switch continuously notifies the backup switch of data, MAC data, and its power status at Layer 4. When the primary switch fails, the backup switch automatically takes over without interrupting the conversation or connection.

5. Statistics and report: by querying layer-4 data packets, layer-4 switches can provide more detailed statistics records. Because the administrator can collect more detailed information about which IP address to communicate with, and even collect communication information based on which Application Layer Service is involved in the communication.

When the server supports multiple services, these statistics are particularly effective for examining the load of each application on the server. The added statistical service is also useful for Server Load balancer connections using vswitches. Including detailed real-time reports and historical reports. The comprehensive report function provides administrators with full control over bandwidth resources, so that enterprises can make more appropriate business decisions.

The fourth layer switch has a common name in the industry called "Application Switch", more famous there are the following: F5 companies in the United States BIG-IP 2400 series link application switch can be customized load balancing, traffic Priority arrangement, policy-based traffic guidance, source, destination, and application exchange.

Radware's Web Server ctor Application Switch ensures the full availability, optimized operation, and complete security of Server Clusters, so as to ensure high reliability and performance for applications within the network and data center. American Foundry ServerIronGT-C2404F Application Switch can realize global server load balancing, high performance VPN/firewall load balancing, transparent cache switching, link load balancing, anti DoS attack protection server.

Summary:

With the development of network information systems from small to medium-sized to large, the exchange technology also evolved from the original MAC address-based exchange to IP address-based exchange, the layer-4 switching technology is introduced in this article.

Now, some products have proposed a layer-7 Content-based exchange ). It can be seen that the continuous development of network exchange technology has changed from data-based exchange to application-based exchange, which not only improves the network access speed, but also constantly optimizes the overall network performance.

1. Let's talk about the "potential rules" of the security switch"
2. Summarize the market status of high-end Switches
3. Security risks of LAN switches
4. PythonAndroid analyzes the differences and relationships between layer-3 switches and other layer Switches
5. Measure the Power Consumption Characteristics of LAN switches.