In a well-established LAN, how to implement LAN switch maintenance and testing skills, as well as problems encountered during LAN switch debugging, I found some related solutions on relevant forums, share with you for mutual learning and communication.
In an IP address-based VLAN, the new site does not need to perform too many configurations when accessing the network, and the switch automatically divides it into different VLANs based on the network address of each site. Among the three VLAN implementation technologies, VLAN intelligence based on IP addresses is the highest, and the implementation is also the most complex.
As a new generation of network technology, VLAN provides a good solution for the flexible configuration of network sites and network security issues. Although there are still many problems to be solved in VLAN technology, such as the unification of technical standards, the overhead of VLAN management, and the automation of VALN configurations.
However, with the continuous advancement of technology, the above problems will be gradually solved, and VLAN technology will be more widely used in network construction, this will play a greater role in improving network efficiency. In fact, a VLAN (Virtual LAN) is a broadcast domain.
To avoid broadcast storms caused by broadcasting on large switches, you can divide the networks connected to large switches into multiple VLANs (Virtual LAN ). In a VLAN (Virtual LAN), Information sent from a workstation can only be sent to other sites with the same VLAN (Virtual LAN) number. Other VLAN (Virtual LAN) members cannot receive the information or broadcast frames.
Using VLANs has the following advantages:
1. Suppress broadcast storms on the network;
2. Increased network security;
3. centralized management and control.
This is the original intention of adopting VLAN (Virtual LAN) technology on LAN switches, and has indeed solved some problems. However, this technology also raises some new problems: with the upgrade of applications, network planning/implementers can divide users into different VLANs (Virtual LAN) in the switched LAN environment as needed.
However, communication between VLANs (Virtual LAN) is not allowed. This also includes IP Address Resolution (ARP) packets. To communicate, you need to use a router to bridge these VLANs (Virtual LAN ). This is the problem of VLAN (Virtual LAN): It is too slow to use a router.
Vswitches are fast but cannot solve the broadcast storm problem. VLAN (Virtual LAN) technology can be used in vswitches to solve the broadcast storm problem. However, you must place vrouters to implement VLAN (Virtual LAN) communication between them. Formed an insurmountable Strange Circle. This is the core of the network and the hub router. In this network system integration mode, routers are the core.
The role of a router is:
1. Connect the network segment to the vro ):
2. Network Security Control;
3. VLAN (Virtual LAN) interconnection;
4. Interconnection between heterogeneous networks.
Lan bottleneck
1. Problems arising when vrouters are used as the core of the network:
● The vro adds the time required for layer-3 routing, resulting in low data transmission efficiency;
● Increasing, moving, and changing node complexity increases;
● The router is expensive and complex in structure;
● Adding subnet/VLAN (Virtual LAN) interconnection means adding vro ports and increasing investment.
In contrast, a router operates at the network layer in the OSI Layer-7 network model. It receives any packet (including a broadcast packet) in the network ), you must remove the information of the second layer (data link layer) of the packet (called "unpacking") and view the IP address of the third layer ).
Then, the route of the data packet is determined based on the route table, and then the security access table is checked. If it is passed, the second-layer information is encapsulated (called "package"), and the data packet is finally forwarded. If the network address of the corresponding MAC address is not found in the route table, the router returns a message to the origin site and discards the packet.
Compared with vswitches, vrouters can obviously provide a series of access control mechanisms that constitute the enterprise network security control policies. Because a vro requires a "split" process for any data packet, even all data packets sent from the same source address to the same destination address must be repeated.
This makes it impossible for a vro to have a high throughput, which is also one of the reasons why the vro becomes a network bottleneck. If the router only exchanges data packets between the subnet and subnet, and between the network and the network, we may buy a router that is much cheaper than today.
In fact, the router works far more than this. It also needs to complete data packet filtering, data packet compression, protocol conversion, route table maintenance, route calculation, and even firewall. All of these require a large amount of CPU resources. Therefore, vrouters are expensive and increasingly become network bottlenecks.
2. Improving the hardware performance of the router cannot solve the router bottleneck problem:
Improving the hardware performance of a vro (using a higher speed and larger memory size) is not enough to improve its performance. In addition to hardware support, the router's "complex processing and powerful functions" are mainly implemented through software, which inevitably makes it a network bottleneck.
In addition, when the traffic flowing through the vro exceeds its throughput, congestion will occur inside the vro. Continuous congestion will not only delay the forwarded data packets, but also cause the loss of data packets flowing through the router. These problems have brought great trouble to network applications. The complexity of the router also puts a heavy burden on network maintenance. For example, to add, move, or change users on the network, it is very complicated to configure the router.
3. vswitch combination vro limitations:
Combining vswitches and vrouters is also the network solution adopted by most enterprises today. It is functional and feasible. However, there are obvious shortcomings: From the Perspective of network users, the entire network is divided into two levels of performance.
Packets directly processed by the vswitch enjoy fast and stable highway transmission performance. However, packets that must pass through the vro can only use slow channels. When traffic load is severe, this will lead to another headache. Vswitches and vrouters are different devices in the network. They must be purchased, set up, and managed separately. They must spend more than one integrated and complete solution.
- Correct Interpretation and test of vswitch Port
- Summarize the market status of high-end Switches
- Resolve core layer switch faults
- PythonAndroid: Learn how to select a 24-port Gigabit Switch
- Let's talk about the stacking of Ethernet switches.