(1) The source host before initiating the communication, the host's IP and the destination host's IP comparison, if the two are located in the same network segment (with the network mask calculated with the same network number), then the source host directly to the destination host to send ARP requests, After receiving the ARP response of the destination host, obtain the other's physical layer (MAC) address, and then use the other Mac as the message for the purpose of the Mac to send messages. This is the case when the host is in the same VLAN (network segment), and the switch for interconnection is used for two-layer switching and forwarding;
(2) The source host to determine the destination host and the host is located in different network segments, it will be through the gateway to submit the message, that is, send ARP request to obtain the gateway IP address corresponding to the Mac, after the gateway ARP reply, use the Gateway Mac as the purpose of the message Mac packet sent. Note that the source IP of the sending message is the IP of the source host, and the destination IP is still the IP of the destination host. This is the case when host visits are in different VLANs (network segments), when the switch used for interconnection is three-layer exchange forwarding.
For the next discussion of the three-layer switching principle is easy to understand, here is a brief introduction to the three-layer switch internal structure, as shown in Figure 1:
Figure 13 Layer Switch hardware structure
The two parts of the three-layer switch are ASID and CPUs, and they work as follows:
1.ASIC: Complete the main two or three-layer forwarding function, including the MAC address table for the second-level forwarding and the three-layer forwarding to the IP;
2.CPU: For the control of forwarding, mainly maintain some software table items (including software routing table, software ARP table and so on), and according to the Software table item forwarding information to configure the ASIC hardware three-layer forwarding. Of course, the CPU itself can also complete the software three layer forwarding.
From the structure and function of the three-layer switch, it can be seen that the real decision to forward the high-speed switching is the two or three-tier hardware table entry in the ASIC, and the ASIC hardware table entries are derived from the CPU-maintained software table entries.
7.7.53-Layer Switching principle
The two layer data exchange of the two-layer switch is generally implemented using the CAM table in the hardware chip of the ASIC (application specific Integrated circuit, ASIC), because it is hardware forwarding, so the forwarding performance is very high. The layer three forwarding of the layer three switch is also dependent on the ASIC chip (the router's routing function relies mainly on CPU software), but in addition to the two-layer switching cam table, there is a three-layer hardware forwarding dedicated to the three-tier relay.
The three-layer switching principle of layer three switches is complex, and the three-layer switching process of three-layer switches in different network environments is not identical. As shown in Figure 7-55 is only a direct connection to a three-layer switch on the two different network segment host three layer exchange of the basic process, the main steps are explained as follows:
(1) The source host before initiating the communication, the IP address of the destination host and compare their own, if the source host to determine the destination host and its own in different network segments, it needs to pass the network interfacing to submit the message, So it first needs to get the MAC address of the gateway through an ARP request message (in case the source host does not know the Gateway MAC address), that is, the source host sends the ARP Request frame first to obtain the MAC address corresponding to the gateway IP address.
(2) The gateway responds with an ARP reply message after receiving the ARP request message from the source host, and the "source MAC address" in the reply message contains the MAC address of the gateway.
(3) After receiving the ARP response of the gateway, the source host then uses the Gateway MAC address as the "Destination MAC address" of the message, the IP address of the source host as the "Source IP address" of the message, and the IP address of the destination host as the "Destination IP address", first sends the data sent to the destination host to the gateway.
Figure 7-55 Basic process of three-layer exchange
(4) The gateway after receiving the source host sent to the destination host's data, because the view that the source host and destination host IP address is not the same network segment, so the data is uploaded to the three-layer switching engine (ASIC chip), in the inside to see if there is no destination host three-layer forwarding.
(5) If the corresponding table entry for the destination host is not found in the three-layer hardware forwarding list, the Software routing table is requested to the CPU, and if there is a routing table entry for the network segment of the destination host, the MAC address of the destination host is also required because the packet is to be encapsulated in the link layer. The three-layer switch CPU then sends an ARP broadcast request packet to the destination host's network segment to obtain the destination host MAC address.
(6) After the switch obtains the destination host MAC address, the corresponding table entry is added to the ARP table, and the Reiki packet is forwarded by the source host to the destination host. The three-layer switch three-tier engine combines the routing table to generate three-layer hardware forwarding for the destination host.
The data packets that arrive at the destination host can be exchanged directly using the forwarding items in the three-layer hardware forwarding table, without having to look at the routing tables in the CPU.
The above process applies to host visits in different VLANs (network segments) in this case, when the switch for interconnection is three-layer exchange forwarding. This is the principle of "one route, multiple exchanges".
7.7.63-Layer Exchange Example
In three-layer switching, the basic principle of different network segment host communication on the same switch and different network segment host communication on different switches is the same, but the specific process is different. This section explains the three-layer switching principle described in the previous section only in the relatively simple case of "host communication on different segments of the same switch".
As shown in Figure 7-56, the source of the communication, the destination host is connected to the same three-layer switch, but they are located in different VLANs (also located in different network segments). For a layer three switch, both hosts are in its direct-attached network segment, and their IP-corresponding routes are direct-attached. The image shows the MAC address, IP address, gateway IP address (i.e. the corresponding VLAN interface IP address) of the two hosts, and the MAC address of the three-tier switch.
"description" This example divides the VLAN, but in the following data forwarding process we do not mention the VLAN tag, that is because in this example, both sides of the communication host are connected to the same layer three switch, the port type is the type of access, the data frames sent and received are not VLAN-tagged. In the example described in the next section, VLAN tagging issues will be involved in the forwarding of data.
Figure 7-56 Example of a three-layer exchange between different network segment hosts on the same switch
When PC A wants to send a packet to PC B for the first time, the transmission flow of the packet is as follows: (assuming no hardware forwarding is currently established on layer three switches)
(1) PC A first check out the destination IP address 2.1.1.2 (PC B) and their own not the same network segment, feel that the direct transmission is not possible, so the packet to be sent first cache up. It knows that the packet has to be forwarded by the gateway, so first look at the MAC address of the gateway (that is, see if there is a MAC Address table entry corresponding to the gateway IP address in the ARP table of the PC a host). If yes, the packet to PC B is packaged into a data frame, the value of the "Destination MAC Address" field is set to the MAC address of the gateway (that is, the MAC address of the three-tier switch Mac, the ports on the switch, the VLANs are shared one or more MAC addresses).
(2) If PC A does not find the gateway MAC address in its own ARP table, a ARP broadcast request message is first issued to the Gateway (in fact, to all nodes within the VLAN) to obtain the corresponding MAC address for the gateway IP address 1.1.1.1. The "Source MAC address" field for this ARP request message is PC A's MAC address "Mac a", "Destination MAC address" because unknown, filled in full 0 format; "Source IP Address" and "Destination IP Address" fields are respectively populated with PC The IP address of a (1.1.1.2) and the IP address of the gateway (1.1.1.1).
The ARP request message is transferred down to the Ethernet data Link layer and is again encapsulated as an Ethernet frame, and the "Source MAC Address" field value in the Ethernet frame header is still the MAC address of PC a "Mac a", the "Destination MAC Address" field value for the broadcast MAC address Ff-ff-ff-ff-ff-ff, " The Frame Type field is filled with ARP protocol number 0x0806. See section 7.3.10 for ARP messages and ARP frame formats.
(3) Three layer switch after receiving the ARP request message from PC A, check the request packet to find the requested IP address (that is, "Destination IP address") is its own three-layer interface IP address, then to PCA a sent back an ARP reply message, and the corresponding three-layer interface Mac (Mac S) is populated with the "Destination MAC address" field in the reply message. At the same time, through the analysis of the ARP request message sent by PC A, the IP address of PC A and the corresponding relation of MAC address (1.1.1.2<==>mac a) are recorded to their ARP table, then the IP address of PC a (as "Destination IP address") and MAC address (as " The next hop MAC address "), and the port number connected directly to the switch, are sent to the three-layer hardware forwarding panel in the three-layer switch ASIC chip. At this point in the three-tier hardware forwarding, there is the first forwarding item, which is the forwarding item of PC A.
"description" in the layer three switch, the key is that it has a dedicated three-layer forwarding of the "three-layer hardware to publish", it and "ARP table" has a connection between, but there are differences. The ARP table is simply a mapping of the IP address and the MAC address, excluding the forwarding exit and the corresponding VLAN ID, while the three-layer hardware forwarding includes all of these, forming a relational table entry for the destination IP address, VLAN ID, Port, and next hop MAC address. Because in the three-layer forwarding, the change is the frame after the source and destination MAC address of the two fields, the original input IP packet "destination MAC address" as the forwarding "Next hop MAC Address", the original "source MAC address" changed to the three layer switch itself MAC address, Both the source and destination IP addresses are the same (because this is encapsulated in the "Data" section of the frame). In addition, three-layer forwarding is stored on the ASCI hardware chip, directly called by the ASIC chip, and the ARP table is stored in the intrinsic, by the CPU software calls. However, the three-tier hardware forwarding item is also provided by the CPU.
(4) PC A after receiving the ARP response message from the gateway, the packet to be sent to PC B after the frame-encapsulated "Destination MAC Address" modified to the Gateway MAC address (Mac S1), the other unchanged, the first packet to the gateway (layer three switch).
(5) Three layer switch after receiving this packet, because "Destination MAC address" is the switch's own MAC address, and "Destination IP address" and "Source IP address" is not the same network segment, so will be directly submitted to the three layer switching ASIC chip, according to the package "Destination IP address" (PC B's IP address 2.1.1.2) in the three-tier hardware forwarding table to see if there are no corresponding tables, because it is the first communication, so the result is a lookup failure, so the packet is then forwarded to the CPU for software routing processing.
(6) The CPU will also be based on the "Destination IP address" in the package to find its software routing table, found matching a direct network segment (PC b corresponding network segment), and then continue to look in the ARP table to find the corresponding MAC address entry. The same is true for the first time, so the lookup still fails. If the corresponding MAC address is found in the ARP table, the data can be forwarded directly by the Software routing table.
(7) The following is still not found in the ARP table and PC B corresponding to the MAC address as an example to introduce. At this point, the three-layer switch CPU will send an ARP broadcast request message to all ports in an 3 of the network segment where PC B is located, and find the corresponding MAC address for the destination IP address of 2.1.1.2. The "Source MAC address" of the message after the frame encapsulation is the MAC address of the three-layer switch (Mac S), the "Destination MAC address" is all 0, "Source IP address" is the VLAN 3 segment Gateway IP address (2.1.1.1), "Destination IP address" is the IP address of PC B (2.1.1.2).
(8) PC B receives the ARP request message sent by the three-layer switch CPU, checks that the requested IP address is its own IP address, sends an ARP reply message, and includes its MAC address (Mac B). At the same time, the gateway IP address of the VLAN 3 segment on the three-layer switch and the corresponding relationship of the MAC address (2.1.1.1<==>mac S) are recorded in the ARP table.
(9) Three layer switch CPU after receiving the ARP response message from PC B, the IP address and MAC address correspondence (2.1.1.2<==>mac B) are recorded to their ARP table, the IP address of PC B, MAC address, Information such as the port number into the switch is sent to the three-tier forwarding of the three-layer switch. At this point in the forwarding table, you will get to pc A and PC B, the corresponding two entries.
(10) The three-layer switch CPU transfers the IP packets from pc A to PC B based on the MAC address and port information of PC B obtained, and the software routing table information, thus completing the first one-way communication between PC A and PC B. Since the three-layer engine inside the chip has already saved the full forwarding path information from pc A to PC B, the communication between PC A and PC B is later, or if the site of another network segment wants to communicate with PC A or PC B, The ASIC chip of the layer three switch forwards the packet directly from the port specified in the corresponding three-layer hardware forwarding item without having to pass the packet over to the CPU for routing. This is the so-called "one-time route (referred to by the CPU routing table to the corresponding direct connected network segment), multiple Exchange" principle, greatly improve the forwarding speed.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
