3Com Switch Nível3
description
Transcript of 3Com Switch Nível3
®
Layer 3 Switching
3 C o m T e c h n i c a l P a p e r s
An Introduction
11
Layer 3 SwitchingAn Introduction
Contents
A Brief History of Protocol Layering 2
Effective Information Management 2
Layering 101 3
Contemporary Layering Model 3
Layer 1 4
Layer 2 4
Layer 3 5
Layer 4 6
Layer 5 6
Enter the Layer 3 Switch 6
A Layer 3 Switch Is a Router 7
Router Interfaces as Layer 2 Switching Domains 7
Effective Application of Policy 7
Ease of Management 8
Layer 3 Switching v. Traditional Routing 8
The Business Case for a Layer 3 Switch 8
Cost Savings 10
Case Study 10
Initial Network 11
Phase 1 11
Phase 2 12
Phase 3 12
Future Trends 12
Conclusion 13
Layer 3 SwitchingAn Introduction
By Robert Ciampa
Many people involved in the deployment ofinformation technology compare their professionto the world of Indiana Jones, a Hollywoodaction hero of great intelligence, challenged byfriendly and unfriendly forces while searching theworld for lost cities and hidden treasure. LikeIndiana Jones, IT managers might not have asecond chance if they make a wrong decision. Infact, the journey through the networking jungleis full of deception, wrong turns, and stumblingblocks.
In a competitive environment, the propertechnology decisions can catapult corporationsover their competitors, erasing barriers to entryand redrawing the battlefield. A prime exampleis amazon.com, which has used the Internet torevolutionize the bookselling industry, at theexpense of formidable competitors who nowattempt to mimic the techniques of their upstartfoe. On the other hand, blindly following tempo-rary technology fashion may leave IT managersstuck in the jungle, or out of a job.
This paper is a map through the jungle ofinternetworking infrastructure, particularlyfocusing on how Layer 2 switching and Layer 3routing have combined to form the powerfulLayer 3 switching architecture. The paper ana-lyzes Layer 3 switching from both a functionaland an operational perspective, helping thereader make an informed assessment of its meritsas an enabling technology.
A Brief History of Protocol Layering
To fully appreciate Layer 3 switching, it is use-ful to examine its ancestry, since many com-mon traits still prevail. Rather than go back tothe stone age of hierarchical networking, we’llbegin with the “modern era” of data commu-nications, a time of peer-to-peer networkingwith heterogeneous systems. It is interesting tonote that hierarchical networking—its bestexample being IBM’s Systems NetworkArchitecture (SNA)—was probably the quin-tessential—but immutable—client/server
architecture. SNA’s formal counterpart, theInternational Standards Organization (ISO)Open Systems Interconnect (OSI) model,which was a seven-element layout, succeededmore as a pedagogical tool than as an imple-mentation foundation. As a result, manyacademics, along with the some rare imple-menters (Digital Equipment Corporation withDECnet Phase V) were left in the networkingjungle.
Meanwhile, the Internet Protocol (IP)was enjoying some deployment success, firstthrough the U.S. Department of Defense’sARPANET—the genesis of the Internet—then into diverse university communities. IPand its associated higher-layer protocols, suchas User Datagram Protocol (UDP) and Trans-port Control Protocol (TCP), were supposedto be supplanted by the OSI protocols, butthe increasing complexity of OSI, exacerbatedby a prolonged ratification process, underminedits prospects. IP continued to be deployed,while other IP-like protocols such as NetWare’sIPX and Apple’s AppleTalk were enjoying theirown success. The similarity among IP, IPX,and AppleTalk is no accident: they share acommon lineage through Xerox Network Sys-tems (XNS), an older but simpler model thanOSI.
Effective Information Management
Just as there are many types of jungles, sothere are many types of data networks. Andjungles and networks have some striking simi-larities in the way they are organized. In thejungle, the parts of the whole are calledecosystems; in the network, they are called lay-ers. Each subsystem, or layer, is often quitedistinct from others within the same system ornetwork, but depends upon access to the oth-ers for its survival. Call it the food chain orcall it the protocol stack.
Knowledge of layering is crucial for thestrategic and tactical deployment of both net-working and information technology in anorganization. Many people view layering as anacademic exercise in which Layer 2 representsswitching and Layer 3 represents routing.Such shortsighted thinking leaves many orga-nizations at the mercy of the performance
22
Acronyms andAbbreviations
ASIC
application-specific
integrated circuit
ATM
Asynchronous Transfer Mode
BGP
Border Gateway Protocol
CoS
Class of Service
DHCP
Dynamic Host Configuration
Protocol
DNS
Domain Name System
FDDI
Fiber Distributed Data
Interface
FIRE
Flexible Intelligent Routing
Engine
IEEE
Institute of Electrical and
Electronics Engineers
IETF
Internet Engineering Task
Force
IP
Internet Protocol
IPsec
IP Security
ISO
International Standards
Organization
ISP
Internet service provider
MAC
Media Access Control
MIB
Management Information
Base
MPOA
Multiprotocol over ATM
constraints of their collapsed backbonerouters. Understanding the capabilities andlimits of each layer is the foundation for infor-mation management. Strategic decisions mustbe made about application deployment, net-work scalability, performance, and cost ofownership. Tactical decisions must be madeabout which products to apply as part of anoverall solution. This methodology becomeseven more important as voice, video, and datanetworks continue to converge, blurring theonce clear demarcation between data commu-nications and telecommunications.
Layering 101
Although this paper is about Layer 3 switch-ing, a quick overview of layering is needed.Layering schemes provide guidelines, ratherthan strict rules, for delegating networkingfunctionality. Figure 1 shows the basic princi-ples of layering. Elements at the same layer,shown on the horizontal, are known as peersand communicate via a well-known (and doc-umented) protocol. Messages are exchangedamong peers, the protocol defining the for-mat, syntax, semantics, and sequencing. Ele-ments within the same stack, shown on thevertical, communicate via an internal interface.This interface, though usually not well docu-mented nor standard, often exhibits the samecharacteristics as a protocol, the only differ-ence being that the interface protocol betweenLayer n and Layer n + 1 on stack 1 may bewholly different from that of stack 2.
As mentioned, communication withinone stack may be different from that within
other stacks and entirely proprietary, but com-munication between peers in different stacksmust be open and consistent. The notion ofopen systems has been a major factor in thegrowth and operation of the Internet, alongwith those of institutional organizations. It isalso important to note that an element at aparticular layer may be further broken downinto additional layers. This is most clearly seenwith Asynchronous Transfer Mode (ATM)models. Finally, in certain models, higher lay-ers may share information with lower layers toeither conserve system resources or improveperformance. The Internet Engineering TaskForce (IETF) Next-Hop Resolution Protocol(NHRP) is an example of this intra-layer com-munication, allowing Layer 3 “shortcuts.”This concept will be discussed later.
Contemporary Layering Model
For many years, the OSI model (Figure 2) wasthe reference layering paradigm for data net-working. The OSI model was an extremelypowerful architecture that included well-defined Layer n ⁄ Layer n + 1 protocols inaddition to rich peer-to-peer protocols. Unfor-tunately, much of this model succumbed tothe complexity of the protocols and the effectsof an overly rigorous standardization process.Since only a few elements survived to becomepart of the contemporary networking model,no further analysis will be made of this model.
The contemporary network layer archi-tecture is much simpler than its OSI counter-part. Originating from various research anddefense initiatives, the contemporary modelwas intended to be supplanted by OSI.Instead, it became the de facto networking
33
Acronyms andAbbreviations
NHRP
Next-Hop Resolution
Protocol
OSI
Open Systems Interconnect
OSPF
Open Shortest Path First
QoS
Quality of Service
RIP
Routing Information
Protocol
RMON
Remote Monitoring
RSVP
Resource Reservation
Protocol
RTP
Real Time Protocol
SDH
Synchronous Digital
Hierarchy
SLA
Service Level Agreement
SNA
Systems Network
Architecture
SONET
Synchronous Optical
Network
TCP
Transport Control Protocol
UDP
User Datagram Protocol
VPN
virtual private network
WAN
wide area network
WinSock
Windows Sockets
XNS
Xerox Network Systems
Layer n + 1 Layer n + 1
Layer n Layer n
Layer n – 1 Layer n – 1
Figure 1. Layering Reference Model
Application
Presentation
Session
Transport
Network
Data link
Physical
Figure 2. OSI Layering Model
standard, especially through IP. As mentioned,both IPX and AppleTalk are quite similar toIP, but are slowly becoming less prominent asIP dominance continues to grow. This discus-sion will emphasize IP, but the methods dis-cussed can easily be applied to environmentsusing NetWare and Apple protocols.
Figure 3 shows the contemporary net-working model based upon IP. Network par-ticipants, whether infrastructure equipment(switches and routers) or end systems (clientsand servers), may include some or all of theprotocol stack.
Layer 1
This layer, known as the interface layer, isresponsible for device connectivity. Thoughusually represented by well-known networktypes—Ethernet, Fast Ethernet, Gigabit Eth-ernet, Token Ring, FDDI, ATM, SONET/SDH, etc.—Layer 1 also covers the subtypes.For example, Fast Ethernet provides physicalconnectivity over copper media (100BASE-TX) and over fiber media (100BASE-FX).Fiber can be further divided into multimodeor single mode, with single mode further par-titioned based on its “reach,” the distance overwhich it can transmit. Certain technologiesare actually used as a pure Layer 1 element(SONET/SDH) or provide a virtual Layer 1element (ATM with SONET/SDH).
While the various types of Ethernet arerather straightforward, FDDI, ATM, andSONET/SDH add more complexity, whileproviding extended Layer 1 capabilities suchas fault tolerance and support for physicalmultiplexing to support distinct traffic flowssuch as voice and data. With these addedcapabilities comes added cost, and sometimesslower performance.
Layer 2
This layer, known as the switching layer,allows end station addressing and attachment.Because architectures up to Layer 2 allow endstation connectivity, it is often practical toconstruct a Layer 2–only network, providingsimple, inexpensive, high-performance con-nectivity for hundreds or even thousands ofend stations. The past five years have seen theextraordinary success of the “flat” networktopologies provided by Layer 2 switches con-nected to other Layer 2 switches or ATMswitches.
Layer 2 switching, also called bridging,forwards packets based on the unique MediaAccess Control (MAC) address of each endstation. Data packets consist of both infra-structure content, such as MAC addresses andother information, and end-user content. AtLayer 2, generally no modification is requiredto packet infrastructure content when goingbetween like Layer 1 interfaces, like Ethernetto Fast Ethernet. However, minor changes toinfrastructure content—not end-user datacontent—may occur when bridging betweenunlike types such as FDDI and Ethernet.Either way, processing impact is minimal andso is configuration complexity.
Layer 2 deployment has seen the moststriking infrastructure change over the pastdecade. Shared Ethernet, represented by par-ticular cable types or contained within sharedhubs, offered a very simple, and even moreinexpensive, approach for Layer 2. Thoughstill quite popular, shared technology, whereall stations use the same bandwidth slice, hasvery limited scaling capabilities. Dependingupon the applications being used, shared net-works of more than one hundred users arebecoming less common. Many networkdesigners have “tiered” their infrastructure byfeeding shared Layer 2 into switched Layer 2or even Layer 3. Switched Layer 3 apportionseach station—or port—its own dedicatedbandwidth segment. Recent enhancements atLayer 2 provide packet prioritization capabili-ties for the application of network policies.The new IEEE 802.1p standard defines Classof Service (CoS) policies capabilities for Layer2 segments.
44
Application
Transport
Routing
Switching
Interface
Figure 3. Contemporary Layering Model
Note that Layer 2 does not ordinarilyextend beyond the corporate boundary. Toconnect to the Internet usually requires arouter; in other words, scaling a Layer 2 net-work requires Layer 3 capabilities.
Layer 3
This layer, known as the routing layer, pro-vides logical partitioning of subnetworks, scal-ability, security, and Quality of Service (QoS).QoS, a recent enhancement to Layer 3, goesbeyond the simple packet prioritization foundin CoS by providing bandwidth reservationand packet delay bounding.
The backbone of the Internet, along withthose of many large organizations, is builtupon a Layer 3 foundation. IP is the premierLayer 3 protocol. In addition to Layer 2 MACaddresses, each IP packet also contains sourceand destination IP addresses. For an intranetpacket, one IP address addresses the client, theother the server.
IP in itself is not a particularly complexprotocol; extensive capabilities are supplied bythe other components of the IP suite. TheDomain Name System (DNS) removes theburden of remembering IP addresses by asso-ciating them with real names. The DynamicHost Configuration Protocol (DHCP) easesthe administration of IP addresses and is usedextensively by network administrators andInternet service providers (ISPs). Routing pro-tocols such as Open Shortest Path First(OSPF), Routing Information Protocol (RIP),and Border Gateway Protocol (BGP) provideinformation for Layer 3 devices to direct datatraffic to the intended destination. IP Security(IPsec) furnishes elements necessary for secu-rity, such as authentication and encryption. IPnot only allows for user-to-user communica-tion, but also for efficient dissemination overpoint-to-multipoint flows, known as IP Multi-cast. Higher-layer protocols, discussed later inthis paper, provide even greater versatility forcontent distribution.
Although many organizations receivedtremendous performance advantages by con-verting routed and shared networks to Layer 2switching, it became apparent that some levelof partitioning was still required. Consequently,
routers maintained a presence at many pointswithin a corporate network. For a while thispresented minimal problems, since a majorityof the data traffic stayed local to the subnet,which was increasingly being serviced by aLayer 2 switch. But concurrent with theincreasing acceptance of Layer 2 switching asan essential component of network infrastruc-ture were two other developments: the migra-tion of servers to server farms for increasedsecurity and management of data resources;and the deployment of intranets, organization-wide client/server communications based onWeb technology. These factors began movingdata flows off local subnets and onto therouted network, where the limitations ofrouter performance increasingly led to bottle-necks.
With the routers causing informationflow constriction, IT managers becameincreasingly reluctant to deploy new, enablingtechnologies, such as multicast-based applica-tions and middleware. Even the migration ofdesktops to higher-performance media con-nections, such as 100 Mbps Fast Ethernet,were scrutinized as long as 10 Mbps routerinterface funnels were in place.
Router vendors attempted to respond byoffering higher-performance interface cards,but throughput was fundamentally boundedby centralized, software-based architecturesthat simply could not go any faster. The samesoftware responsible for managing WAN links,X.25, and asynchronous terminal lines wasnow expected to handle next-generation giga-bit networks. Router vendors tried distribut-ing functionality to improve performance,resulting in a hodgepodge collection of routeprocessing and interface cards. Was the devicestill routing, or was it performing some otherpacket forwarding scheme?
Emerging QoS was even more suspect.The IETF was moving forward on ResourceReservation Protocol (RSVP), a signalingmethod to set up bandwidth and delay controlon packet-based internetworks. MonitoringRSVP flows, using a process know as policing,required extensive software support on alreadyoverburdened legacy routers. Could QoS bepractical on a contemporary LAN?
55
Meanwhile, standards bodies such as theATM Forum were working on methods tooffload the Layer 3 bottleneck by exploitingthe capabilities of the lower layers. One resultwas the Multiprotocol over ATM (MPOA)specification, which uses Layer 3 routinginformation and the IETF’s NHRP protocolto offload the routers and provide forwardingat the physical (ATM) layer. A Layer 3 switchcan route at Layer 3 or utilize MPOA; the per-formance is identical.
Layer 4
This layer, known as the transport layer, is thecommunication path between user applica-tions and the network infrastructure anddefines the method of communicating. TCPand UDP are well-known examples of ele-ments at the transport layer. TCP is a “con-nection-oriented” protocol, requiring theestablishment of parameters for transmissionprior to the exchange of data. Web technologyis based on TCP. UDP is “connectionless” andrequires no connection setup, which is espe-cially important for multicast flows. Elementsat this level also differ in the amount of errorrecovery provided and whether or not it is vis-ible to the user application. Both TCP andUDP are layered on IP, which has minimalerror recovery and detection mechanisms,leaving the burden at Layer 4 or higher. TCPforces retransmission of data that was lost bythe lower layers, whereas UDP makes theapplication responsible.
A major enhancement to multimedia sup-port at Layer 4 is the Real Time Protocol(RTP). RTP works in conjunction with UDP,and provides services necessary for packet tim-ing and sequencing. Many time-sensitiveapplications running over IP networks nowactually include both UDP and RTP.
Layer 5
This layer, known as the application layer,provides access to either the end user or sometype of information repository such as a data-base or data warehouse. Users communicatewith the application, which in turn deliversdata to the transport layer. Applications donot usually communicate with the lower layers;
rather, they are written to interface with a spe-cific communication library, like the popularWinSock library available in Windows-basedworkstations.
When defining the behavior of the appli-cations they are writing, developers decide onthe type of transport mechanism necessary.For example, database or Web access requiresrobust, error-free access and would demandTCP, though it could be implemented withmore code and in a more cumbersome man-ner with UDP. Multimedia, on the otherhand, cannot tolerate the overhead of connec-tion-oriented traffic and will commonly makeuse of UDP. For prioritization, either TCP norUDP can be selected, depending on the appli-cation or other parameters such as time of day.Any assistance that a network device can pro-vide in terms of prioritization of the applica-tion would be extremely beneficial to thenetwork manager, particularly during times oftraffic volume from the LAN to the WAN.
Enter the Layer 3 Switch
Traditional routers, once the core componentsof enterprise networks, became a major obsta-cle to the migration toward next-generationnetworks. All the magic and alchemy involvedin trying to make a software-based router for-ward packets more quickly created only anillusion of serious Layer 3 routing performance.A fundamental shift in technology wasrequired.
In 1992, 3Com, a pioneer in both Layer2 switching and traditional routing, beganintegrating its switching and routing products.The motivation was twofold: to reduce thenumber of devices to be managed, and tolower the cost of a combined Layer 2 and 3solution. Though the first solution was mostlysoftware based, subsequent products displayedincreasing use of application specific integratedcircuits (ASICs)—first for address table queries,then for forwarding packets. In 1997, 3Comdelivered its third-generation, fully ASIC-enabled Layer 3 CoreBuilder™ 3500 switch,based on the Flexible Intelligent RoutingEngine (FIRE) ASIC. For more informationon FIRE, see the white paper “Flexible Intelli-gent Routing Engine (FIRE): The Third-
66
Generation Layer 3 Switching Architecturefrom 3Com,” available at www.3com.com.
Table 1 shows 3Com’s Layer 3 switchingproduct evolution.
A Layer 3 Switch Is a Router
Vendors and the trade press alike have tried toapply the term “Layer 3 switch” to variousproducts of the day, succeeding only in con-fusing IT decision makers. This paper aims toremove that confusion. A Layer 3 switch doeseverything to a packet that a traditional routerdoes:• Determines forwarding path based on
Layer 3 information• Validates the integrity of the Layer 3 header
via checksum• Verifies packet expiration and updates
accordingly• Processes and responds to any option infor-
mation• Updates forwarding statistics in the Man-
agement Information Base (MIB)• Applies security controls if required
Because it is designed to handle high-per-formance LAN traffic, a Layer 3 switch can beplaced anywhere within a network core orbackbone, easily and cost-effectively replacingthe traditional collapsed backbone router. TheLayer 3 switch communicates with the WANrouter using industry-standard routing proto-cols like RIP and OSPF.
Router Interfaces as Layer 2 Switching Domains
The Layer 3 switch has inherent Layer 2switching domains per interface, allowing forindividual subnet bandwidth allocation, alongwith broadcast containment. Not all interfacesare created equal, so the ability to group ports
together, whether based on physical character-istics or protocol information, is an extremelypowerful tool for network designers concernedwith capacity planning. This architecture isinherently scalable, capable of supportingnumerous external Layer 2 switches that resideeither in the data center or the wiring closet.
Such a design model preserves the subnet-ted infrastructure, concurrently boosting per-formance of those subnets and enabling thedeployment of switched 10, 100, or 1000Mbps right to the desktop if so desired. Theconcept of “subnet preservation” is the key toeffective and trouble-free network migra-tion—it allows gradual migration, helping ITmanagers to work within their staffing con-straints without the need to renumber andreassign their entire network.
Effective Application of Policy
As previously stated, contemporary Layer 3switches perform their forwarding—whetherLayer 2, Layer 3, unicast, multicast, or broad-cast—in hardware. Software is deployed tohandle network administration, table manage-ment, and exception conditions. Some tech-nologists view the hardware component of aLayer 3 switch as inflexible. In fact, hardwareprovides the ultimate flexibility not only inperformance, but in parallel processing aswell. The parallel processing model allows thenetwork device to perform far more opera-tions on packets than previously imagined,especially with respect to the application ofpolicy.
A policy is a mechanism to alter the nor-mal forwarding of a packet through a net-working device. Familiar examples includesecurity, load balancing, and protocol option
77
Table 1. Layer 3 Switching Product Evolution
Generation Technology Product Routing Performance
First Software LANplex 5000 switch 50K pps
Second ISE ASIC CoreBuilder 2500, 6000 switch 100K–1.1M pps
Third FIRE ASIC CoreBuilder 3500, 9000 switch 3.5M–64M pps
processing. Newer policies include QoS, a wayto allocate bandwidth and control propagationdelay, in addition to CoS, a way to managepacket prioritization. QoS and CoS policiesare not only meant to enable new multimediaapplications, such as LAN telephony, but toensure network response time for mission-critical applications, such as telemedicine.Policy implemented by intelligent networkingdevices, such as Layer 3 switches, enables theintegration of voice, video, and data onto thesame infrastructure, a process 3Com callsconvergence.
Software-based architectures cannot seam-lessly administer policy controls at even mod-erate rates of speed (beyond 10 Mbps). TheLayer 3 switch solves the problem, enablingpolicies to be applied at the same performancelevels as ordinary Layer 2 and 3 forwarding.Further innovation allows the Layer 3 switchto apply policy based on Layer 4 information,such as TCP and UDP port information. For-ward thinkers refer to this as “Layer 4 switch-ing.” The FIRE architecture supports all thesepolicies, all the way to Layer 4.
Even with the massive capacity additionsbeing planned for many networks, effectivepolicy management enabled by Layer 3switching is key to the protection and avail-ability of critical resources.
Ease of Management
One of the critical success factors for the Layer2 switch was its implementation and opera-tional simplicity. Deployment was often aseasy as powering on the switch, assigning it anIP address, and making the physical networkconnections. Routers, on the other hand,required extensive training and forced users tosift through a multitude of arcane commands.Layer 3 switches remove such complexity.Setting up a routed environment is as simpleas setting up a Layer 2 switch, defining therouted interface, and enabling the routingprotocols. IT managers concerned about theirinvestment in training staff on traditionalrouter platforms must assess whether this istruly an investment, or simply a sunk costbased upon vendor lock-in schemes.
For the network management applicationperspective, a Layer 3 switch behaves exactlyas a legacy router does. Because of its Layer 2component, extensive Remote Monitoring(RMON) capabilities are available. However,since Layer 3 and Layer 4 capabilities are pre-sent in the Layer 3 switch, higher-layer moni-toring is available with RMON2 technology.RMON and RMON2 have historically beendeployed with expensive external devicesknown as probes. Moving the RMON/RMON2 capability into the Layer 3 switch isa major benefit for IT administrators.
Layer 3 Switching vs. Traditional Routing
By now, it should be clear that a Layer 3switch can be deployed anywhere in the LANwhere a traditional router can be or has beenused.
Table 2 compares the two types ofdevices. The Layer 3 switch has been opti-mized for high-performance LAN support andis not meant to service wide area connections(although it could easily satisfy the require-ments for high-performance MAN connectiv-ity, such as SONET). This optimization booststhe performance of a Layer 3 switch to as muchas ten times that of a legacy router, while dri-ving the price down to as little as a tenth. Thiscost comparison does not include the lowertraining costs for Layer 3 switch administra-tors or the increased productivity of a high-performance network.
There is another major architectural dif-ference between a Layer 3 switch and a router.A traditional router organizes bridging (Layer2) and routing (Layer 3) as peers. A Layer 3switch layers routing on top of switching, per-mitting a more natural networking architec-ture while greatly facilitating scalability.
The Business Case for a Layer 3 Switch
Some IT managers may be concerned aboutdeploying a “new” technology such as Layer 3switching to their network. But Layer 3switching is really an integration of twoproven technologies: switching and routing.In fact, some Layer 3 switches are running theexact same routing software that has been fullytested and used in mission-critical networks
88
for nearly a decade. So whether the decisionmaker is an early adopter of technology ormore conservative, the Layer 3 switch can sat-isfy both needs.
The first step toward the deployment ofnext-generation IT infrastructures is to ignorethe networking element. Although this mayseem absurd, it allows managers to focus onthe end users, services, and data without beingbound by historical network deficiencies. Thenetwork should be transparent. When therequirements for information transfer areknown, capacity planning techniques willdetermine the necessary client and serverinterconnects. Organizational and securitymandates are then applied, yielding the policyand subnetted infrastructure. Cost is thenfactored in. Finally, the decision is maderegarding the appropriate networking prod-ucts to satisfy these requirements.
Layer 3 switching technology must beconsidered from two perspectives. First, as amigration tool to move users forward tohigher-performance networking, or surpris-ingly, to squeeze more performance out ofwhat is currently installed. Many users com-plain about FDDI performance, only to dis-cover that the network is running at less than20 percent of capacity. The problem is not thenetwork, but rather the devices attached to it.The second perspective addresses what can bedone when network performance bottlenecksare removed. A high-performance network
enables a variety of steps to reduce costs andenhance security and business operations. Thefollowing are examples of several such steps.• Server farms. Today, the viability of many
organizations is closely related to their intel-lectual property, often stored on databasesor server devices. The security and protec-tion of these servers has been a major goalof IT managers, who have been at odds withthe users of those servers. The point of con-tention has been the dependence of serverperformance on the network topology. Theresponse has been to move servers withinthe same subnet or Layer 2 switchingdomain as users. With data traffic patternsbecoming more distributed, this approachwas breaking down. The Layer 3 switchallows servers to be centralized with no per-formance penalty, eliminating the cost ofnumerous server repositories while keepingend users satisfied.
• Intranets. Because of its secure nature,along with its higher capacity, the intranet isbecoming a viable corporate communica-tions vehicle with usage that includes HRrecord retrieval, major announcements,computer-based training, and live videobroadcasts. Delivering a wide variety of ser-vices, some requiring a huge amount ofbandwidth, can wreak havoc on the oldrouter. The Layer 3 switch, because of itshigher performance, traffic prioritization,
99
Table 2. Layer 3 Switch vs. Legacy Router
Characteristic Layer 3 Switch Legacy Router
Routes core LAN protocols:IP, IPX, AppleTalk Yes Yes
Subnet definition Layer 2 switch domain Port
Forwarding architecture Hardware Software
RMON support Yes No
Price Low High
Forwarding performance High Low
Policy performance High Low
WAN support No Yes
and subnet preservation, is ideally suited forthe deployment of intranets.
• Converged networks. For some time, tech-nological prognosticators have been extol-ling the virtues of multimedia and warningof the excessive demand it will place on ITinfrastructures. But many network man-agers have been disinclined to integrate theirvoice, video, and data traffic, concerned notonly with the bandwidth requirements, butfearing the degraded quality of the respec-tive elements. The ability to recognize andrespond to the unique attributes of voice,data, and video not only makes their inte-gration viable, but also attractive from a costand management perspective. The inherentflow recognition capabilities of Layer 3switching enable practical deployment ofconverged networks without performanceuncertainties.
Cost Savings
A traditional router may run U.S. $8,000 to$10,000 per Fast Ethernet interface, while aLayer 3 switch costs less than U.S. $1,000 per
port. Surprisingly, greater densities can beachieved with Layer 3 switching, freeing upvaluable rack space and saving on physicalcabling plant expansion. Training costs plum-met, too, as a four- to seven-day legacy routercourse is replaced with a one- or two-day classfor the Layer 3 switch.
Major savings also lie in the ancillaryeffects of applying Layer 3 switching technol-ogy. Cost savings realized through server cen-tralization, notably in physical plant andsecurity, can be substantial, especially whenspace is at a premium. Other, less tangibleeffects include improved response time andconformance with SLAs. Clearly, the overallcost of ownership benefits of Layer 3 switchesversus routers can be substantial.
Case Study
The following application scenario starts witha common contemporary network topologyand illustrates a migration path toward a next-generation infrastructure. The deploymentobjectives are as follows:• To minimize network disruption
1100
Shared hub
Data Center
Department
Client
Internet
FDDI ring
Corporate WAN
Client
Client
Shared hubLegacy
router
Legacy routerLegacy router
Legacy
router
Server
Department
server
Server
Figure 4. Initial Network Configuration
• To preserve subnet infrastructure• To avoid parallel network construction
Initial Network
The network core, shown in Figure 4, consistsof an FDDI backbone running at 20 percentcapacity, occasionally peaking at 40 percent.Collapsed backbone routers are the connec-tion points to the FDDI backbone, with theexception of some data center servers thatattach directly to the backbone. The legacyrouters supply mostly 10 Mbps Ethernetinterfaces, with some 100 Mbps Fast Ethernetinterfaces. Some of these Ethernet interfacesconnect to Layer 2 switches, which then cas-cade to hubs, while others connect to hubsdirectly. A majority of the desktops are shared10 Mbps Ethernet. Some of the servers areswitched. Departments may have their ownserver co-located on a subnet. The network isrunning IP and IPX, with the subnets for bothprotocols aligned with the other. The FDDIring contains one subnet for each protocol,and each router interface also provides a sub-
net for each protocol. Two of the routers ser-vice WAN access: one for corporate networkextension, the other for Internet service.
Phase 1
The first phase (Figure 5) consists of keylegacy router replacement for the data centerand for the most heavily used departments. Ifother legacy protocols such as DECnet orBanyan VINES are present, the Layer 3 switchand the router can be co-located in the wiringcloset or the data center, the Layer 3 switchbecoming the “express lane” for the contem-porary protocols. With the Layer 3 switch inplace, the department and data infrastructurebehind it can then be upgraded to higher-per-formance Layer 2 switches, ultimately bring-ing switched Ethernet to the desktop. Themigration of key departmental servers toserver farms may begin at this point. If thecapacity required for the aggregate client-server flows exceeds that of FDDI, the gradualevolution of the backbone may begin at thispoint, otherwise it will be covered in phase 2.
1111
Shared hub
Shared
hub
Data Center
Department
Client
Internet
FDDI ring
Corporate WAN
Client
Client
Legacy router
Layer 3 switch
Layer 3 switch
Legacy
router
Server
Server
Server
Figure 5. Data Center and Workgroup Upgrades to Layer 3 Switching
Phase 2
The second phase (Figure 6 on page 12) con-tinues the replacement of the routers on theFDDI backbone with Layer 3 switches. Therouters that were servicing the WAN connec-tions remain, but are now removed from thebackbone and connected via Ethernet or FastEthernet to a Layer 3 switch. The migrationof the backbone begins at this stage with thechoice of Gigabit Ethernet or ATM. (Thischoice depends upon a variety of factors,which are beyond the scope of this paper.)The 3Com Layer 3 switching methodology isfundamentally unaffected by the choicebetween Gigabit Ethernet and ATM. In fact,the backbone could very well support both.
Phase 3
The third phase (Figure 7) completes the evo-lution of the backbone, and introduces policyservices into the infrastructure. Such policy,administered by the network manager, mayextend as far as the desktop, enabling network
access and signaling mechanisms for CoS andQoS. With the infrastructure distributed, yetoverlaid with a logical management structure,performance metrics can be tuned and modi-fied, giving greater viability to Service LevelAgreements (SLAs). The legacy backbone hasnow been entirely eliminated and replaced byhigher-performance Gigabit Ethernet, ATM,or both. The new backbone is inherently scal-able and is ready for any future network evo-lution. Though beyond the scope of thispaper, the core network will also become thetermination point for virtual private networks(VPNs) as remote offices access the corporateinfrastructure via the Internet. For more infor-mation on VPNs, see the white paper “PrivateUse of Public Networks,” available atwww.3com.com.
Future Trends
The Layer 3 switching solution does not stophere. Expect more Layer 4 capabilities tobecome available, handling advancements in
1122
Shared hub
Layer 3 switch
Layer 3 switch
Layer 3 switchLayer 3 switch
Layer 2
switch
Data Center
DepartmentClient
Internet
FDDI ring
Corporate WAN
ClientClient
Fast
EthernetGigabit
EthernetLegacy router
Server
Department
server
Server
Figure 6. Backbone Migration Begins
middleware, along with providing more effi-cient Web server load balancing and caching.Directory-enabled networks will radically sim-plify the management paradigm using Layer 3switching as a key delivery mechanism. VPNswill become more tightly coupled with theenterprise, interfacing more closely to theLayer 3 infrastructure. VPNs will have anincreasingly significant role within the corpo-rate intranet, requiring more security capabili-ties in the Layer 3 switch.
Conclusion
With a bit of knowledge, the Layer 3 jungledoesn’t look so bad after all. In fact, Layer 3
switching is the natural evolution of net-working technology and an enabling platformfor next-generation applications. This progres-sion represents the erosion of networkingcomplexity, backed by increasing performanceand decreasing cost. A Layer 3 switch turnsout to be a well-known technology, not someentirely new model. But let the buyer beware.What looks like a true Layer 3 switch may notbe one at all, so it is safest to invest in a prod-uct that was born as a true Layer 3 switch.With the advent of Layer 3 switching, thenetwork is no longer a “Temple of Doom.”Instead, it can fulfill its promise as a key ele-ment of enterprise business success.
1133
Client
Internet
Corporate ATM WAN
Client
Gigabit
Ethernet
Gigabit
Ethernet
Fast
EthernetFast
EthernetVPN
Gigabit
Ethernet
Layer 3
switch
Layer 3
switch
Layer 3 switch
Layer 3 switch
Layer 2 switch
Layer 2 switchLayer 2
switch
Gigabit
Ethernet
Legacy router
Policy server
Remote access server
Department
Client
Department
server
Data CenterServer
Server
Figure 7. Backbone Upgrade Complete; Policy Enabled
1144
1155
1166
®
To learn more about 3Com products and services, visit our World Wide Web site at http://www.3com.com.
© 1998 3Com Corporation. All rights reserved. 3Com and LANplex are registered trademarks and CoreBuilder is a trademark of 3Com Corporation or its sub-sidiaries. AppleTalk is a trademark of Apple Computer. VINES is a trademark of Banyan Systems. DECnet is a trademark of Digital Equipment Corp. IPX andNetWare are trademarks of Novell. XNS is a trademark of Xerox. Other brand or product names may be trademarks or registered trademarks of their respec-tive owners. All specifications are subject to change without notice.
Printed in U.S.A. on recycled paper 500660-001 5/98
3Com CorporationP.O. Box 581455400 Bayfront PlazaSanta Clara, CA 95052-8145Phone: 1 800 NET 3Comor 1 408 764 5000
Fax: 1 408 764 5001World Wide Web:http://www.3com.com
Asia Pacific Rim
Sydney, Australia
Phone: 61 2 9937 5000Fax: 61 2 9956 6247
Melbourne, Australia
Phone: 61 3 9866 8022Fax: 61 3 9866 8219
Beijing, China
Phone: 86 10 68492 568Fax: 86 10 68492 789
Shanghai, China
Phone: 86 21 6350 1581Fax: 86 21 6350 1531
Hong Kong
Phone: 852 2501 1111Fax: 852 2537 1149
India
Phone: 91 11 644 3974Fax: 91 11 623 3192
Indonesia
Phone: 62 21 572 2088Fax: 62 21 572 2089
Osaka, Japan
Phone: 81 6 536 3303Fax: 81 6 536 3304
Tokyo, Japan
Phone: 81 3 3345 7251Fax: 81 3 3345 7261
Korea
Phone: 82 2 3455 6300Fax: 82 2 319 4710
Malaysia
Phone: 60 3 715 1333Fax: 60 3 715 2333
New Zealand
Phone: 64 9 366 9138Fax: 64 9 366 9139
Philippines
Phone: 632 892 4476Fax: 632 811 5493
Singapore
Phone: 65 538 9368Fax: 65 538 9369
Taiwan
Phone: 886 2 2 377 5850Fax: 886 2 2 377 5860
Thailand
Phone: 662 231 8151 5Fax: 662 231 8158
3Com Benelux B.V.
Belgium
Phone: 32 2 725 0202Fax: 32 2 720 1211
Netherlands
Phone: 31 346 58 62 11Fax: 31 346 58 62 22
3Com Canada
Calgary
Phone: 1 403 265 3266Fax: 1 403 265 3268
Edmonton
Phone: 1 403 423 3266Fax: 1 403 423 2368
Montreal
Phone: 1 514 683 3266Fax: 1 514 683 5122
Ottawa
Phone: 1 613 566 7055Fax: 1 613 233 9527
Toronto
Phone: 1 416 498 3266Fax: 1 416 498 1262
Vancouver
Phone: 1 604 434 3266Fax: 1 604 434 3264
3Com Eastern
Europe/CIS
Czech/Slovak Republics
Phone: 420 2 21845 800Fax: 420 2 21845 811
Hungary
Phone: 36 1 250 8341Fax: 36 1 250 8347
Poland
Phone: 48 22 6451351Fax: 48 22 6451352
Russia
Phone: 7 095 258 09 40Fax: 7 095 258 09 41
3Com France Phone: 33 1 69 86 68 00 Fax: 33 1 69 07 11 54
3Com GmbH
3Com Austria
Phone: 43 1 580 17 0Fax: 43 1 580 17 20
Berlin, Germany
Phone: 49 30 3498790Fax: 49 30 34987999
Munich, Germany
Phone: 49 89 627320Fax: 49 89 62732233
Switzerland
Phone: 41 844 833 933Fax: 41 844 833 934
3Com Iberia
Portugal
Phone: 351 1 3404505Fax: 351 1 3404575
Spain
Phone: 34 1 509 69 00Fax: 34 1 307 79 82
3Com IrelandPhone: 353 1 820 7077Fax: 353 1 820 7101
3Com Latin America
U.S. Headquarters
Phone: 1 408 326 2093Fax: 1 408 764 5730
Miami, Florida
Phone: 1 305 261 3266Fax: 1 305 261 4901
Argentina
Phone: 54 1 312 3266Fax: 54 1 314 3329
Brazil
Phone: 55 11 246 5001Fax: 55 11 246 3444
Chile (also serving
Bolivia and Peru)
Phone: 56 2 633 9242Fax: 56 2 633 8935
Colombia
Phone: 57 1 629 4847Fax: 57 1 629 4503
Mexico
Phone:52 5 520 7841/7847
Fax: 52 5 520 7837
Peru
Phone: 51 1 221 5399Fax: 51 1 221 5499
Venezuela
Phone: 58 2 953 8122Fax: 58 2 953 9686
3Com Mediterraneo
Milan, Italy
Phone: 39 2 253011Fax: 39 2 27304244
Rome, Italy
Phone: 39 6 5279941Fax: 39 6 52799423
3Com Middle EastPhone: 971 4 319533Fax: 971 4 316766
3Com Nordic AB
Denmark
Phone: 45 48 10 50 00Fax: 45 48 10 50 50
Finland
Phone: 358 9 435 420 67Fax: 358 9 455 51 66
Norway
Phone: 47 22 58 47 00Fax: 47 22 58 47 01
Sweden
Phone: 46 8 632 56 00Fax: 46 8 587 057 99
3Com Southern AfricaPhone: 27 11 807 4397Fax: 27 11 803 7405
3Com UK Ltd.
Edinburgh
Phone: 44 131 240 2900Fax: 44 131 240 2903
Manchester
Phone: 44 161 873 7717Fax: 44 161 873 8053
Marlow
Phone: 44 1628 897000Fax: 44 1628 897003