Ethernet and multi-layer switching routers eliminate
choke points in the network and deliver a performance
of more than 100 times that of traditional routers,
at a fraction of the cost. by Uday Birje
are designed to support applications that can make businesses
more effective and efficient. But a combination of factors
like server consolidation, rich media types, and bandwidth-hungry
applications, can create situations in which the demand
for applications outstrips the available bandwidth.
When this occurs the network acts like a 'funnel'applications
compete for bandwidth or are kept off the network altogether.
The choke points in these 'funnel' networks are at the
aggregation spotsin wiring closets and backboneswhere
performance and services intersect. Legacy software-based
routers which have traditionally occupied these aggregation
points were never designed for the enormous traffic
loads and the anywhere-to-anywhere traffic that is now
the norm. Gigabit Ethernet and multi-layer switching
routers eliminate these choke points, in a sense, flipping
the 'funnel' over. By delivering a performance of more
than 100 times that of traditional routers at a fraction
of the cost, these devices offer true scalability, providing
the bandwidth required for current applications and
future applications as well.
Adding bandwidth is only one piece of the solution.
However, as the mix of applications in a network becomes
more complicated, IS professionals need the ability
to manage the traffic flowing through their network.
In order to manage this traffic, they must first measure
and track the traffic flows. Once traffic patterns are
understood, advanced services such as security and prioritization
can be used to optimize the network.
It is the ability to satisfy the dual requirements of
performance and control that has created the excitement
around the new breed of products called switching routers.
Packet Switching Performance
The shortcomings of software-based routing are well
known. When network traffic remained predominantly in
the workgroup, software-based routers were adequate.
Since the majority of the traffic did not cross a router
boundary, a router's slow performance was not a crippling
detrimentthe router's role was predominantly to
control the modest amount of traffic that came its way.
This became known as the 80/20 rule: 80 percent of the
traffic remained in the workgroup and 20 percent crossed
But the environment has changed the use of Web
technologies has exploded, traffic patterns have become
unpredictable, the number of users has increased exponentially.
While controlling traffic remains a crucial network
requirement, the performance penalty that software-based
routers bring is no longer acceptable. We are now hearing
that the rule has reversed to 20/80.
In the industry buzz surrounding switching routers,
performance has taken center stage. Indeed, the performance
of switching routers is impressive. If software-based
routers forwarded packets at the rate of several hundred
thousand packets per second, switching routers forward
packets at rates of tens of millions of packets per
secondan increase of two orders of magnitude.
This 100-fold improvement in performance occurs because
of an architectural change: Legacy routers use software
running on microprocessors to forward packets. Switching
routers, on the other hand, use hardware, namely, Application
Specific Integrated Circuits (ASICs).
Network Functionality and Control
A single client/server conversation generates a
stream of packets between the client and the server.
This stream, called a flow, can be identified at Layer
2, Layer 3 or Layer 4. Each layer provides more detailed
information about the flow. The fundamental task in
managing a network is controlling these flows of traffic.
At Layer 2, each packet in the flow is identified by
the MAC address of the source and destination end-stations.
The ability to control the flow is thus limited to the
broadcast domain. Traditionally, products that switch
traffic at Layer 2 deliver performance but little functionality,
since the source and destination MAC address is a crude
translation of the information in the packet.
At Layer 3, flows are identified by source and destination
network addresses, and the ability to control the flow
is limited to source/destination pairs. Some of the
switching routers, often marketed as Layer 3 switches,
operate at this level of granularity. If a client is
using several applications from the same server, Layer
3 information does not provide visibility into each
application flow, so individual rules cannot be applied
to each flow.
Legacy routers always had the ability to read into the
Layer 4 header. For example, in software-based routers,
Layer 4 information is used to set security filters,
an important component in controlling network traffic.
But for software-based routers, reading deeply into
the packet was extremely costly in terms of performance.
Indeed, in many software-based routers, performance
dropped by as much as 70 percent when security filters
Benefits of Application-Level Control
Application-Level QoS: The demand for QoS is undeniable.
Rich data types, mixed media, video conferencing, real-time
audio and video multicasting, Internet telephony and
interactive transaction processing combine with mission-critical
applications to create the need for tight control over
latency and throughput.
True QoS strategy strives to meet the needs of all traffic
flows in the network by providing wire-speed bandwidth
and low latency to all applications. However, when output
wires on a switch are overloaded and internal buffers
are filled, QoS is required to prioritize traffic by
creating rules or 'policies' that stipulate priority.
Policy-based QoS gives network managers control over
latency and throughput.
Layer 4 switching allows QoS policies to be set on application-level
flows, thereby giving network managers complete control
over bandwidth usage in the network backbone. With Layer
2 or Layer 3 switching, QoS policies can only set priorities
for traffic based on source or destination addresses.
Applying QoS policies on Layer 4 application flows means
priorities can be set on individual host-to-host application
Application-Level Security: Traditional routers have
used security filters and access control lists for secure
access to the corporate networks and databases. Historically,
access control consisted of software-based processing
of Layer 2, Layer 3 and Layer 4 information in every
packet, and comparing the data with a list of permissible
addresses and applications. A natural consequence of
software-based processing was that router performance
severely degraded whenever security filters were enabled.
This was due to the increased number of instructions
that the central processing unit (CPU) was required
to execute on every packet. For example, setting a DNS
filter in some routers may result in up to a 70 percent
drop in performance.
Layer 4 switching eliminates the performance loss associated
with security features. A true Layer 4 switch should
deliver wire-speed performance when all the advanced
features, including security are activated. For example,
access to corporate information can be controlled as
per the user's application instead of blocking all users
of a particular application. This gives the network
administrator better flexibility and control over the
Support for the Full Range of Routing Protocols
While switching routers gain their performance/functionality
boost through hardware implementations, route processing
remains a software-based activity. Route processing
is the process through which the route table is dynamically
updated. This activity, often described as 'control
plane,' is separate from the 'forwarding path' described
Switching routers vary in their support for the dynamic
routing protocols. Rudimentary switching routers (often
fixed-configuration as opposed to chassis-based) support
only Router Information Protocol (RIP), a distance vector
protocol. For a simple network, RIP is often adequate.
It provides periodic updates to the routing tables,
convergence around failed links, etc.
More complicated networks require a more complicated
routing protocol. Switching routers designed for implementation
in large networks require Open Shortest Path First (OSPF)
routing protocol. While it is significantly more complicated
than RIP, OSPF has some very desirable propertiesincluding
rapid convergence around failed links and few route
updates in stable topologies.
Switching routers that do not support all these routing
protocols will be relegated to providing partial solutions.
Conversely, switching routers that can deliver performance,
functionality, and the rich mix of protocols will be
the future building blocks of durable networks.
The writer is Country Manager, Enterasys Networks