Let's say that the switches in your data center or wiring closet are old. You know that you need to replace them and have heard about Layer 3 switches. But what is a Layer 3 switch, what can it do for you, and how does it differ from a regular switch or router? Here we cover what every network engineer needs to know.
How do switches and routers work?
Before defining what a Layer 3 switch is, let's make sure that we are all on common ground and understand what a regular switch and a router do.
In the Cisco world, the bridge forwarding table is called a CAM Table, or Content Addressable Memory table. If a switch receives an Ethernet frame for a destination that it doesn't have in its table, it floods that frame out to all ports (like a hub does all the time). However, the switch learns from the response of that flood and records the response to that frame in its forwarding table for the next time. Switches form collision domains. In other words, the switches "play traffic cop" with the inbound frames by buffering each packet before switching it. This way, there are no collisions and, to each device connected to the switch, it seems like that device has its own Ethernet segment and can talk at full speed, without risk of collisions.
A router, on the other hand, works at Layer 3 of the OSI model (Network). It is a WAN device that connects a LAN to a WAN or a subnetted LAN to another subnetted LAN. A router routes IP packets between IP networks. Routers do this using an IP routing table. In that table, they have either static or dynamic routes. When an IP packet comes in, the router looks up the destination IP in the IP routing table. If that destination IP is not found in the table the router drops the packet, unless it has a default route. Routers form broadcast domains because they drop broadcast packets.
How does a Layer 3 switch work?
A Layer 3 switch works much like a router because it has the same IP routing table for lookups and it forms a broadcast domain. However, the "switch" part of "Layer 3 switch" is there because:
- The layer 3 switch looks like a switch. It has 24+ Ethernet ports and no WAN interfaces.
- The layer 3 switch will act like a switch when it is connecting devices that are on the same network.
- The layer 3 switch is the same as a switch with the router's IP routing intelligence built in.
- The switch works very quickly to switch or route the packets it is sent.
In other words, the Layer 3 switch is really like a high-speed router without the WAN connectivity.
You might be asking yourself why you would want the routing functionality of a router in your switch if you don't have WAN interfaces. Well, the routing functionality of the Layer 3 switch is there to route between different subnets or VLANs on a campus LAN or any sort of large LAN. This means that the Layer 3 switch is really for large Ethernet networks that need to subnet into smaller networks. Most of the time, this is done using VLANs.
When it comes to Layer 3 switching, there are two kinds: hardware and software. With a hardware-based solution, the device is using an ASIC (a dedicated chip) to perform the function. With the software implementation, the device is using a computer processor and software to perform the function. Generally, Layer 3 switches and high-end routers route packets using hardware (ASICs) and general-purpose routers use software to perform routing functions.
What is a VLAN?
A VLAN is a virtual LAN. This virtual LAN is also an IP subnet. The difference between just subnetting a network and using VLANs is the flexibility that VLANs can provide for your LAN subnetting. Here is an example: Say that you have a single switch port in one VLAN, in one building. One hundred yards away, you can have another switch port, in another building. Both of those switch ports can be in the same VLAN and only those two switch ports can talk, despite the fact that they are separated by multiple buildings and are connected by a 100 yard fiber optic cable. Without a VLAN, this type of organization wouldn't be possible.
In a traditional VLAN, switches tag the VLAN traffic, and only the devices on the same VLAN can communicate with one another. If devices on different VLANs need to communicate, they would talk to each other via a trunk port on a router. That trunk port and the processing power of the router would create a bottleneck for communications. With a Layer 3 switch, routing and trunking are performed at very high speeds.
Besides the functionality mentioned above, a VLAN has a number of other features such as:
- Performance & broadcast control
- Segregating departments or project networks
This article can't begin to cover all that you need to know about VLANs. What you need to know is that Layer 3 switches are used to make VLANs easier and faster. Layer 3 switches make VLANs easier to configure because you don't need a separate router between VLANs. All the routing can be done right on the switch. Layer 3 switches make VLANs faster because they eliminate the bottleneck that results from a router forming a single link between VLANs.
Do I need a Layer 3 switch?
You should investigate getting a Layer 3 switch if you can answer yes to any of the following questions:
- Do you have a network with a lot of broadcasts that needs better performance?
- Do you have subnets and/or VLANs that are currently connected via a router?
- Do you need higher performance VLANs?
- Do departments need their own broadcast domains for performance or security?
- Are you considering implementing VLANs?
Here is what we have learned:
- Routers work at Layer 3 and route IP packets between networks.
- Switches work at Layer 2 and switch Ethernet frames between Ethernet devices.
- For some of the higher-end Cisco switches, enabling Layer 3 switching is simply a software upgrade available for a fee.
- Layer 3 switches are used primarily for inter-VLAN routing.
- Layer 3 switches don't have WAN connectivity
About the author:
David Davis (CCIE #9369, CWNA, MCSE, CISSP, Linux+, CEH) has been in the IT industry for 15 years. Currently, he manages a group of systems/network administrators for a privately owned retail company and authors IT-related material in his spare time. He has written over fifty articles, eight practice tests and three video courses and has co-authored one book. His website is at www.happyrouter.com.
This was first published in April 2006