Transition from layer-3 Exchange Technology to layer-4 Exchange Technology

The development of switch technology is very rapid. From the third-layer switch technology to the fourth-layer switch technology, the experience is very short, meeting more needs of users. When I first heard the word "Layer 3", I had some puzzles. The subsequent concepts of Layer 4 switching and Layer 7 switching are even more confusing. In fact, in strict terms, exchange means the connection between the source and the target address. Any technology above the second layer cannot be called exchange technology.

The term Server Load balancer has largely replaced the fourth layer of exchange, just as the term application cognition has largely replaced the Seventh Layer of exchange. However, I'm afraid the third-layer exchange will always be called like this. Of course, this statement is just a saying. The key is to recognize the benefits of these technologies in improving network performance. Therefore, this article still uses the "layer-7 switching" method.

Layer 3 Exchange Technology

Layer-3 exchange technology is also known as IP exchange technology and high-speed technology. This is a mechanism that uses information in the third layer to enhance the second layer exchange function. Most of today's enterprise networks have become the intranets that implement TCP/IP Web technology. User data is often transmitted across the local network over the Internet, so the devices are often overwhelmed.

One way is to install a super router with higher performance. However, this is too costly. If it is to build a exchange network, this investment is obviously unreasonable. The goal of layer-3 switching is that as long as there is a more direct layer-2 channel between the source address and the destination address, there is no need to forward data packets through the router. The layer-3 Switch uses the layer-3 route to determine the transfer path. This path can be used only once or later. Then, data packets are quickly sent through a virtual circuit bypass the router. Currently, the main layer-3 exchange technologies include:

IpsilonIP exchange: Ipsilon is the first initiative in Ipsilon. It identifies data packet streams and tries its best to switch data packets on the second layer to bypass routers and improve network performance. Ipsilon improves the ATM switch, removes the software in the controller, and adds an IP exchange controller to communicate with the ATM switch. This technology is applicable to lan and campus networks within an organization.

Tag switching: a label is attached to a data packet. The label is read from the switching node to determine the packet transfer path. This technology applies to large networks and the Internet.

3. ComFastIP: focuses on data policy management, priority and service quality. The FastIP protocol ensures that real-time audio or video data streams can obtain the required bandwidth. Fast IP supports other protocols (such as IPX) and can run in other SWAP environments except ATM. The client must have software with priority levels.

IBMARIS (AggregateRoute-basedIP Switching): similar to the label exchange technology, the packet is attached with a tag to traverse the exchange network. ARIS is generally used in ATM Networks and can be extended to other exchange technologies. A border device is the entry to the ATM Switching environment and contains a route table mapped to the layer-3 virtual circuit. Allow more than two computers on the same end of the ATM network to send data through a virtual circuit, thus reducing network traffic. MPOA (MultiProtocolOverATM): A specification proposed by the ATM Forum. When requested by the source client, the optimal transmission path is provided after the route is calculated. Then, you can build an switched virtual circuit to bypass the subnet boundary without routing.

At present, Cisco, 3Com, Nortel Network, Lucent, Cabletron, Foundry, Extreme and other companies have launched mature third-tier exchange products and modules. The following uses 3Com technology as an example to illustrate the evolution of layer-3 exchange technology. The first generation switch is a mixture of discrete electronic components and primitive software frameworks. The functions of the software run on a processing machine with fixed memory. With the improvement of management support and protocol functions, the functions of the software are also increasing. When your daily business is more dependent on the network and the traffic on the network increases, it becomes a bottleneck. Although processors and devices become faster and more effective, they still cannot catch up with the increasing traffic. The first step to solve the problem is to simplify the network layer: replace vrouters with vswitches to reduce the overhead of data packets and significantly increase the transaction processing speed. 3Com introduced a dedicated Integrated Circuit (ASIC) dedicated to optimizing Layer 2 processing, which increased the performance by 10 times and reduced the overall cost of the system.

The flexible and intelligent routing engine FIRE announced the arrival of the third generation of exchange technology. This generation is not only based on the progress of the second generation, but also provides line rate performance for layer-3 routing, Multicast, and optional policies, the performance of Layer 2 and Layer 3 is no longer inconsistent. FIRE is the core part of 3Com's third-generation Layer-3 switch. It is an innovative and integrated network interconnection architecture that provides a wide range of layer-2 and layer-3 functions, it also provides line rate performance on multiple network interface types.

Layer-4 Switching

End-to-end performance and service quality require that the loads of all networked devices be carefully balanced to ensure smooth data flow between clients. Layer 2 and Layer 3 exchange products play a good role in solving LAN and network bandwidth and capacity issues. However, this may not be enough and more performance is required, this is the application of layer-4 Exchange.

Layer-4 exchange technology uses information in layer-3 and layer-4 headers to identify Application Data Stream sessions, including TCP/User Datagram Protocol (UDP) port number, the "SYN/FIN" bit indicating the start and end of the Application Session, and the IP source/destination address. With this information, the layer-4 switch can make intelligent decisions on where to forward session transmission streams. For large enterprise data centers, Internet service providers, or content providers that use different systems to support an application, layer-4 Exchange is particularly important. Similarly, when performing replication on many servers, layer-4 Switching also plays a significant role. When forwarding different data packets, the router and the layer-3 switch do not know which package is in the front and which package is in the rear. Layer-4 Exchange Technology tracks and maintains sessions from the beginning to the end. Therefore, the layer-4 switch is a real "session switch ".

The router determines the Forwarding Based on the availability and performance of the link or network node, and the layer-4 switch determines the Forwarding Based on the session and application layer information. Because of this, user requests can be forwarded to the "best" server according to different rules. Therefore, layer-4 switching is an ideal mechanism for data transmission and load balancing among multiple servers. A vswitch with the layer-4 function can act as the "virtual IP" (VIP) frontend connected to the server. Each server and server group supporting a single or common application is configured with a VIP address. This VIP address is sent and registered on the domain name system. When a service request is sent, the layer-4 switch identifies the start of a session by determining the start of TCP. Then it uses complex algorithms to determine the best server for processing this request. Once this decision is made, the switch associates the session with a specific IP address and replaces the VIP address on the server with the real IP address of the server.

The layer-4 switching technology stores a connection table that matches the source IP address and source TCP port of the selected server. The layer-4 switch then forwards the connection request to the server. All subsequent packets are reinjected and forwarded between the client and the server until the switch discovers a session. When layer-4 switching is used, the access can be connected to a real server to meet user-defined rules, for example, the number of connections on each server is equal or the transmission stream is allocated based on the capacity of different servers. Currently, a single-function Server Load balancer product can connect between 400 and 800 connections per second. At the same time, the next-generation products with Layer 2 and Layer 4 features use the hardware-based load balancing function of customized dedicated integrated circuits. The connection speed exceeds 0.1 million times per second.

The key issue in all these cases is how to determine the most available server for which the transfer is sent. Currently, multiple methods are used to determine the Server Load balancer instance. Based on the granularity of the required Server Load balancer, layer-4 switches can allocate application sessions to servers in multiple ways. These methods include simple weighted loops for least weighted access, round-trip latency measurement, and server closed loop feedback.

Closed Loop Feedback is the most advanced method. It uses specific system information such as available memory, I/O interrupt, and CPU utilization, which can be automatically obtained for the Adapter Driver and layer-4 switch. The current closed loop feedback mechanism requires that software agents be installed on each server. The form and function of the layer-4 switch are completely different from those of the dedicated server Load balancer. Traditional hardware-based Load balancer is an optimized two-port device with a speed of 45 Mbps.