With the development of the communication industry, vswitches and vrouters are widely used. Here we mainly introduce the network design and management modes of vswitches and vrouters. Over the years, the processing speed of traditional routers has increased significantly, but it is still insufficient to keep up with the pace of powerful applications.
For example, they can now forward nearly 1 million packets per second. However, considering a Gigabit Ethernet interface that can send 1,488,000 packets (pps) per second and receive packets at a speed of 1,488,000 pps, two Gigabit Ethernet ports can easily overload the system. In contrast, a multi-layer switch/router forwards data packets at the wire speed and the exchange ASIC exists in a distributed manner, allowing the entire system to efficiently deliver traffic.
These new switches/routers use a new network design and management mode. When line rate Forwarding is implemented today, congestion points can be effectively eliminated, and users can be farther away from data without worrying about performance degradation. As mentioned in the previous example, stock traders can now connect to servers or network data that are several floors or hundreds of miles away from themselves, the specific distance depends on the interface type supported by the vswitch/vro and the copper or optical fiber type used. In addition, the new IP address and the optimized Ethernet router technology are easier to manage. It takes only a small amount of time for managers to synchronize the network with new applications. Similar to the BigIron chassis products of the network, the BigIron can easily transmit all traffic from applications. At the same time, more modules can be added to meet the requirements of increasing capacity and speed.
To determine the type and capacity of network traffic, the new data packet sampling technology is built into ASIC to monitor the traffic of the entire system. RFC 3176 or sFlow has become an increasingly popular method for enterprises and service providers to monitor the traffic of all applications on the network in real time-to describe the bandwidth required for the traffic and the whereabouts of the traffic. It can be said that sFlow allows enterprises to better monitor the use of network resources across multiple departments; in universities, it can identify illegal wireless and wired applications in the network, and detects and stops DoS attacks before the network performance is affected. Currently, RFC 3176 is becoming a must-have for enterprises that are very concerned with security.
The functions of multi-layer switches/routers are no different from those of traditional routers and switches. They only integrate the scattered LAN and man (WAN) functions into a single device. They can implement local exchange (layer-7 Exchange) between users in the same group, and implement routing (layer-7 exchange or routing) between users in different groups ), it also provides security features and special services (layer-4 Switching) for applications ).
Vrouters become ideal security checkpoints because they are the ingress and egress of the network. After creating a complex rule called access control list (ACL) on a vro, The vro checks each packet according to this rule. For traditional routers, it is time-consuming to check data packets according to security rules. After the router finds the layer 3rd and layer 4th information in each packet, it must compare the information with the rules. Enabling the security filter feature has always been a "Nightmare", which slows down the speed of the router. Therefore, when the performance is greatly affected, you need to use special devices to share the workload.
Even multi-layer exchange routers face challenges when performing this function while maintaining line rate performance. When the security function is enabled, the speed of some new vswitches/routers will also slow down. However, most new vswitches/routers have integrated these security policies into hardware, so they can provide line rate forwarding performance even when ACL is enabled. The use of multi-layer switches/routers for security and traffic analysis is becoming increasingly popular, mainly because equipment vendors have built this technology into multi-layer switches/routers. More and more network devices are integrated into the same device. In this way, independent hardware is no longer needed to monitor traffic or security, which can bring great benefits to SMB users.