UPPER LAYER SWITCHING

Transcription

1 DATA COMMUNICATIONS MANAGEMENT UPPER LAYER SWITCHING Gilbert Held INSIDE Upper Layer Operations; Address Translation; Layer 3 Switching; Layer 4 Switching OVERVIEW The first series of LAN switches to reach the market operated at Layer 2 of the ISO Reference Model. In doing, so they represented a multi-port bridge because they would forward, filter, or flood frames based on the destination MAC address in each frame. Exhibit 1 illustrates a symmetrical 4-by-4 or 16-port LAN switch. As frames reach the switch from either directly connected workstations, servers, or shared media hubs, the switch first checks the destination address of the frame. In doing so, the switch searches its port-address table. The port-address table represents a linear table of MAC addresses associated with each port that the switch learns by noting the source address in each frame. The first time the switch is powered on, its port-address table is empty. Thus, the first frame that arrives at the switch cannot have a match occur between the destination address in the frame and the switch s port-address table. This means the switch will record the source address of the frame in its port-address table and associate that address with the port where the frame entered the switch, flooding the frame onto all ports other than the port where the frame entered the switch. Thus, the switch initially is not too efficient; however, as entries build up into its port-address table, it gains efficiency. For example, the 16-port switch shown in Exhibit 1 has the capability PAYOFF IDEA Over the past decade, LAN switches grew in their use in organizational networks from experimental devices to the point where they have replaced the use of a majority of conventional hubs. At the same time, LAN switches made a significant penetration of organizational networks, and numerous features were added to different vendor products. One of those features that significantly alters the performance capability of a LAN switch is its ability to switch at layers above the media access control (MAC) layer. By understanding how LAN switches can operate above the MAC layer, one can obtain an appreciation for how this additional capability can be used in a network. This, in turn, will enable one to consider if the extra cost of LAN switches that operate at higher layers in the International Standards Organization (ISO) Open System Interconnection (OSI) Reference Model is warranted, or if a switch that operates at a lower layer in the reference model might satisfy one s organizational requirements.

2 EXHIBIT 1 A 16-Port LAN Switch with 8 Simultaneous Cross- Connections to support a maximum of 16/2, or 8 simultaneous conversations on a frame-by-frame basis. If each port is a Fast Ethernet port operating at 100 Mbps, then the maximum throughput of the switch becomes 100 Mbps 8, or 800 Mbps. In comparison, a Fast Ethernet shared hub is limited to a maximum data transfer of 100 Mbps. UPPER LAYER OPERATIONS To obtain an appreciation for the manner in which a LAN switch can be modified to operate at higher layers in the ISO Reference Model requires a review of how higher layer protocols are transported in a LAN frame. Because there are numerous LAN and WAN protocols, the focus here is on the use of Ethernet to transport the TCP/IP protocol suite because these two protocols represent the vast majority of LAN and WAN protocols in use today. Exhibit 2 illustrates the formation of an Ethernet LAN frame to transport the TCP/IP protocol suite. In examining Exhibit 2, note that the TCP/IP protocol suite predated the effort of the International Standards Organization (ISO) in developing its Open System Interconnection Reference Model. Due to the development of the TCP/IP protocol suite prior to the OSI Reference Model, the suite used five layers, with its fifth layer representing Layers 5 through 7 (Session, Presentation, and Application) of the OSI Reference Model. As TCP/IP application data is generated, an applicable transport layer protocol is added. Although TCP and UDP are shown as the transport headers in Exhibit 2, in actuality the protocol suite supports additional transport layer protocols. However, TCP and UDP probably account for in excess of 99 percent of transport layer protocols used in the suite.

3 EXHIBIT 2 The Transport of the TCP/IP Protocol Suite by an Ethernet LAN Frame

4 At the transport layer, the destination port number in the TCP or UPD header destination identifies the application being transported. For example, TCP port 21 identifies Telnet, while port 80 identifies HyperText Transport Protocol (HTTP) Web traffic being transported by TCP. As one moves down the TCP/IP protocol suite, the IP header is added at the network layer. The IP header includes both a 32-bit destination address and a 32-bit source address field that identify the recipient and originator of the packet flowing over the WAN. At the local area network (MAC layer), packets are transported via LAN frames. In an Ethernet environment, the LAN header consists of a preamble for synchronization, destination and source MAC addresses, and a length field. The Ethernet payload field is limited to transporting a maximum of 1500 bytes, whereas an IP datagram can be up to 65 Kbytes in length. Therefore, to enable datagrams with a length exceeding 1500 bytes to be transported via an Ethernet LAN, a router is responsible for fragmenting datagrams to ensure they fit within the Ethernet payload. ADDRESS TRANSLATION At Layer 2, MAC addresses are used, with frames delivered based on the destination MAC address contained in a frame. Because IP datagrams are routed based on the destination IP address contained in the IP header, one might be puzzled as to the manner by which an IP datagram is delivered to a destination on an Ethernet network that uses MAC addresses. The answer to this is the Address Resolution Protocol (ARP). When a router receives an IP datagram for delivery onto a LAN, it needs to create a LAN frame with a MAC address that corresponds to the destination IP address in the datagram. The router will first check its cache memory to see if it previously learned the MAC address required for the delivery of the datagram. Assuming that that address was not previously learned, the router will broadcast an ARP frame onto the LAN. This frame will contain the destination IP address of the datagram that is known and set the field of the MAC addresses to all zeroes because that value is not known. The LAN station that has the IP address in the ARP frame will copy that frame off the LAN, insert its MAC address into the frame, and direct the frame back to the router. The ARP response informs the router of the MAC address it needs to use to create a frame to deliver the IP datagram. While this method of address resolution is relatively efficient, when the ARP frame is broadcast and a response flows back to the issuing device, other traffic is precluded from flowing on the network. Thus, a large number of address resolution operations can adversely affect the throughput obtainable on the LAN. Now that one has an appreciation for the manner by which IP datagrams are transported via Ethernet frames and the address translation process, one can focus on how upper layer switching occurs, how different types of upper layer

5 switches can be used, and the advantages and disadvantages associated with different higher layer switching methods. LAYER 3 SWITCHING The first method of upper layer switching to be incorporated into LAN switches is what is referred to as Layer 3 switching. A Layer 3 switch looks further into each Ethernet frame (see Exhibit 2) to determine the destination IP address being transported. The switch then uses the IP address as a mechanism for the delivery of frames. The key advantage associated with a Layer 3 switch is the fact that it can be configured to route frames based on network segment addressing. For example, if the organization has the Class C IP network address of , one might have previously subnetted the network into a number of subnets. If one used eight subnets, one would then reduce the host address portion of the last byte of the network address to 5 bits because 3 bits would be used for the subnet. Using 5 bits for each subnet would enable a maximum of 2 5 2, or 30, devices per subnet because a subnet address of all zeroes and a subnet address of all ones cannot be used. This means one could place a group of up to 30 devices on a conventional hub and connect each hub to one of eight switch ports to enable the switch to route traffic to their applicable destination. Because a Layer 3 switch looks inside each frame to determine the IP address, this eliminates the necessity to perform ARP. In addition, broadcasts are normally restricted to each segment, which further enhances the efficiency of the Layer 3 switch. While the use of a Layer 3 switch can reduce broadcasts and eliminate ARP, its level of overall switching performance is less than that of a Layer 2 switch. This is because a Layer 3 switch must look further into each frame to make its switching decisions based on the destination IP address transported within a frame. In addition, because some IP datagrams can be transported by multiple frames, the Layer 3 switch must keep track of this fact and know that subsequent frames without the IP header are part of a flow and must be routed to the same destination. Needless to say, this adds to the complexity of the software used to perform Layer 3 switching as well as its throughput capability. Another disadvantage associated with a Layer 3 switch is the fact that it is not self-learning. This means one must take the time to configure the switch, with the amount of time required to do so based on the number of ports on the switch and the ease of using its configuration screen setup facility. Although the additional software required to perform switching at the network layer initially resulted in a high premium for Layer 3 switching, today this capability can be included in some Layer 2/3 LAN switches without any additional cost. What the network manager and LAN admin-

6 istrator must consider is if the lower rate of frame processing, typically expressed in frames per second for frame lengths of 128, 256, 512, and 1526 bytes, is sufficient to support the application. Unless the organization is transporting real-time voice where any additional delay can be critical to the capability to reconstruct digitized voice, the additional delay associated with the use of Layer 3 switching is essentially transparent to FTP and Web traffic. Two examples of popular Layer 3 switches are the 3Com Switch 4005 and the Cisco Systems Catalyst The 3Com Switch 4005 represents a low-cost, high-performance modular switch in a 14-slot chassis. The switch can be configured to support up to 24 Gigabit Ethernet or 96 Fast Ethernet ports and supports IP routing at Layer 3 of the OSI Reference Model. The Cisco 4000 provides a similar capability by supporting 24 Gigabit Ethernet or 96 Fast Ethernet connections. Both vendors also manufacture numerous additional Layer 3 switches that extend the support of IP switching to ATM, Token Ring, and even FDDI transports by looking into the Layer 2 frames to make Layer 3 switching decisions. LAYER 4 SWITCHING One of the limitations associated with Layer 3 switching is the fact that it does not include the capability to recognize applications and act upon the application being transported. Layer 4 switching solves this limitation by looking further into the frame so that it reads the transport header, such as the TCP header or the UDP header. As previously noted, the TCP and UDP headers include a destination port field, the value of which identifies the application being transported. By reading further into the LAN frame, a Layer 4 switch obtains the ability to be configured to route or switch frames based on the application being transported. For example, a Layer 4 switch could be configured to route all FTP traffic to one port, all Telnet traffic to a second port, all Web traffic to a third port, etc. By itself, a Layer 4 switch is not too practical. However, additional software in the form of load balancing has resulted in Layer 4 switches being referred to as an application layer switch that performs certain functions to include load balancing. Because a Layer 4 switch looks further into a LAN frame, its frame processing rate is a bit slower (no pun intended) than a Layer 3 switch. In addition, similar to a Layer 3 switch, a Layer 4 switch must be configured. However, the biggest disadvantage of a Layer 4 switch is the fact that for many organizations its use is not practical. The reason for a Layer 4 switch being impractical for many organizations results from the fact that many organizations commonly run multiple FTP and Web servers and until recently were forced to purchase expensive load balancing hardware that would route frames based on both the contents of the destination port in the TCP or UDP header, previously routed traffic, and the

7 total number of configured servers. Because many organizations that maintained multiple servers and a load balancer also used LAN switches, the addition of load balancing to a Layer 4 LAN switch represented a natural evolution of LAN switching. Such switches are now commonly referred to as application layer switches, of which load balancing represents one of several popular applications. Other applications included in certain Layer 4 LAN switches include authentication, authorization, and accounting (AAA), which were previously performed by a separate server connected to a LAN. RECOMMENDED COURSE OF ACTION Similar to any hardware product, the selection of an applicable LAN switch should be based on an organization s requirements. If the organization needs to transport time-critical frames, one will probably want to use a Layer 2 switch. If the organization needs to move frames directly onto different networks, one will probably want to consider a Layer 3 switch. If the organization requires the routing of traffic based on the application being transported, a Layer 4 switch should be considered. However, as noted earlier in this article, one may wish to support a specific application within a Layer 4 switch, such as load balancing. In this event, the use of an application layer LAN switch should be considered. By matching organizational requirements against the capabilities of different types of LAN switches, the selection process will result in a device best suited to satisfy organizational requirements. Gilbert Held is an award-winning lecturer and author. Gil is the author of over 40 books and 400 technical articles. Some of Gil s published titles include High Speed LAN Switching, published by John Wiley & Sons, and Internetworking Voice and Data Networks, 3rd edition, published by Osborne McGraw-Hill. Gil can be reached via at gil_held@yahoo.com.