A Layer 3 switch is a switch with some router functions. The most important purpose of a Layer 3 switch is to speed up the data exchange within a large-scale local area network. The routing function it has is also for this purpose, and it can achieve one routing and multiple forwarding. Regular processes such as data packet forwarding are implemented by hardware at high speed, while functions such as routing information update, routing table maintenance, routing calculation, and routing determination are implemented by software.
1. Application background
For the sake of security and management convenience, mainly to reduce the harm of broadcast storms, large-scale local area networks must be divided into small local area networks according to functions or regions, which enables VLAN technology to be used in the network. A large number of applications, and the communication between different VLANs must be forwarded through routers, with the continuous increase of mutual visits between networks. Simply using routers to achieve inter-network access not only limits the number of ports, but also the routing speed is slow, which limits the scale and access speed of the network. Based on this situation, the Layer 3 switch came into being. The Layer 3 switch is designed for IP, the interface type is simple, and it has strong Layer 2 packet processing capability. It is very suitable for data routing and switching in large local area networks. It can work It replaces or partially completes the functions of traditional routers at the third layer of the protocol, and at the same time has almost the speed of the second layer switching, and the price is relatively cheap.
In enterprise networks and teaching networks, Layer 3 switches are generally used at the core layer of the network, and gigabit ports or 100M ports on Layer 3 switches are used to connect different subnets or VLANs. However, it should be clearly understood that the most important purpose of Layer 3 switches is to speed up data exchange within large-scale local area networks, and most of the routing functions they have are developed around this purpose, so their routing functions are not as strong as professional routers of the same grade. . After all, there are still many deficiencies in security, protocol support, etc., and it cannot completely replace the work of routers.
In the actual application process, the typical approach is: the interconnection of each subnet in the same local area network and the routing between VLANs in the local area network, using a three-layer switch to replace the router, and only the connection between the local area network and the public network needs to realize cross-connection. Only through professional routers when accessing the network in the region.
2. Working principle of
Layer 3 switch Layer 3 switching technology is Layer 2 switching technology + Layer 3 forwarding technology. The traditional switching technology operates on the second layer in the OSI network standard model - the data link layer, while the three-layer switching technology realizes the high-speed forwarding of data packets in the third layer of the network model. The application of the third-layer switching technology can realize the function of network routing, and can achieve the optimal network performance according to different network conditions.
3. Advantages of Layer 3 switches
a. Fast access speed.
b. Make full use of existing resources.
c. The bandwidth between subnets can be arbitrarily configured.
d. Reduce network costs.
e. Part of the security mechanism can be realized. The three-layer switch has the function of access list, which can realize one-way or two-way communication between different VLANs.
4. Problems when using routers for inter-VLAN routing
Now, knowing that as long as inter-VLAN routing can be provided, computers belonging to different VLANs can communicate with each other. However, if a router is used for inter-VLAN routing, with the continuous increase of traffic between VLANs, the router may become the bottleneck of the entire network.
The switch uses a dedicated hardware chip called ASIC (Application Specified Integrated Circuit) to process the exchange of data frames, which can be switched at wire speed (Wired Speed) on many models. Routers, on the other hand, are basically software-based. Even if a packet is received at cable speed, it cannot be forwarded without speed limit, so it becomes a speed bottleneck. As far as inter-VLAN routing is concerned, traffic is concentrated on the aggregated link part interconnected by routers and switches, and this part is particularly likely to become a speed bottleneck. And from the hardware point of view, since routers and switches need to be set up separately, in some environments with small space, even the setting place may be a problem.
5. Layer 3 Switch
In order to solve the above problems, the Layer 3 switch came into being. Layer 3 switches are essentially "layer 2 switches with routing functions". Routing is a function of the Layer 3 network layer in the OSI reference model, so switches with Layer 3 routing functions are called "Layer 3 switches".
6. For the internal structure of the Layer 3 switch, please refer to the following diagram. In a body, a switch module and a router module are set up respectively; and the built-in routing module is the same as the switch module, using ASIC hardware to process routing. Therefore, compared with conventional routers, high-speed routing can be achieved. In addition, the routing and switching modules are aggregated and linked, and due to the internal connection, a considerable bandwidth can be ensured. 7. How to use the Layer 3 switch for inter-VLAN routing (intra-VLAN communication) how does the data propagate inside the Layer 3 switch? Basically, it is the same as when using aggregate links to connect routers and switches. Suppose there are 4 computers as shown in the following figure interconnected with the Layer 3 switch. When using a router to connect, it is generally necessary to set sub-interfaces corresponding to each VLAN on the LAN interface; while the Layer 3 switch generates a "VLAN Interface (VLAN Interface)" internally. A VLAN interface is an interface used to send and receive data in each VLAN. (Note: On Cisco's Catalyst series switches, VLAN Interface is called SVI - Switched Virtual Interface)
In order to compare with the use of routers for inter-VLAN routing, let us also consider the communication between computer A and computer B. . First, the data frame with destination address B is sent to the switch; by retrieving the MAC address list of the same VLAN, it is found that computer B is connected to port 2 of the switch; therefore, the data frame is forwarded to port 2.
8. Using Layer 3 Switches for Inter-VLAN Routing (Inter-VLAN Communication)
Next, imagine the situation when computer A and computer C communicate. For the target IP address, computer A can determine that the communication object does not belong to the same network, so it sends data to the default gateway (Frame 1).
After retrieving the MAC address list, the switch forwards the data frame to the routing module via the internal aggregation link. When passing through the internal aggregation link, the data frame is attached with VLAN identification information (Frame 2) belonging to the red VLAN.
When the routing module receives the data frame, it first identifies that it belongs to the red VLAN from the VLAN identification information attached to the data frame, and then judges that the red VLAN interface is responsible for receiving and routing processing. Because the target network 192.168.2.0/24 is a network directly connected to the router and corresponds to the blue VLAN; therefore, it will be forwarded back to the switch module from the blue VLAN interface via the internal aggregation link. When passing through the aggregation link, this time the data frame is attached with identification information (Frame 3) belonging to the blue VLAN.
After the switch receives this frame, it retrieves the list of MAC addresses for the blue VLAN and confirms that it needs to be forwarded to port 3. Since port 3 is a common access link, the VLAN identification information will be removed before forwarding (Frame 4). Finally, computer C successfully receives the data frame forwarded by the switch.
The overall process is very similar to the situation when using an external router - it all needs to go through the sender → switch module → routing module → switch module → receiver.