In this paper, we will learn and discuss various characteristics and applications of layer -2 and Layer -3 switches in the OSI Reference Model, as well as the differences in working modes between them.

The two types of switches work differently:

• layer 2 switches can recognize MAC addresses in data packets, forward them according to MAC addresses, and record these MAC addresses and corresponding ports in an internal address table. Layer -2 switches do not follow the routing algorithm.

• Layer -3 switches forward data based on the destination IP address. The destination of data packets is the defined next hop. Layer -3 switches follow the routing algorithm.

Layer 2 switch

if layer -2 switches do not follow the routing algorithm, how will they learn the MAC address of the next hop?  It is implemented by following ARP (Address Resolution Protocol).

Photo source: technology House 

ARP works as follows: 

let's take the network as an example. One switch is connected to four host devices, called PC1, PC2, PC3, and pc4. Now, PC1 sends a data packet to PC2 for the first time.

  Although PC1 knows the IP address of PC2 at the first communication, it does not know the MAC address of the receiving host. Therefore, the switch sends ARP requests to all ports (excluding the ports connected to PC1). After PC2 receives the ARP request, it will reply an ARP response message with its MAC address. In this way, PC2 collects the MAC address of PC1. 

Through the message flow back and forth, the switch knows which MAC addresses are assigned to which ports. Similarly, when PC2 sends its MAC address in an ARP response message, the switch collects the MAC address of PC2 and stores it in its own MAC address table. 

From now on, whenever PC1 wants to send any data to PC2, the switch only needs to find and forward it to the target port of PC2. 

In this way, the switch will continue to maintain the hardware address of each connected host. 

Conflict and broadcast domain

in Layer 2 switching, conflicts may occur when two or more hosts attempt to communicate at the same time interval on the same network link. When data frames conflict, the device must resend the data. Conflicts have a serious negative impact on network performance, so conflicts must be avoided. 

Broadcasting is a way of information dissemination, which means that a device in the network sends data to all other devices in the network at the same time. The range to which this data can be broadcast is the broadcast domain. Simply put, a broadcast domain is a collection of all devices in the network that can receive the same broadcast message. 

Using an Ethernet consisting of one or more switches, all sites are in the same broadcast domain. As the number of switches increases, the scope of the broadcast domain will also become larger, resulting in problems such as difficult maintenance, broadcast storms, and security. 

As mentioned above, if a host wants to obtain the MAC address of the host in another CIDR block, it needs to send an ARP broadcast request to obtain the MAC address of the host. This broadcast request will be broadcast to each host, which is easy to cause broadcast storms.

VLAN

in order to overcome conflicts and broadcast domain problems, VLAN (Virtual Local area network) technology is introduced into the computer network system. 

There are two ways to separate broadcast domains:

 1. Physical separation: the network is physically divided into several small networks

2. Logical separation: logically divide the network into several small virtual networks, namely VLAN 

physical separation has many disadvantages, which will make the design of Lan lack flexibility, while VLAN has flexibility and scalability. VLAN configuration is completed at the switch level by using different interfaces. Different switches can have different or identical VLAN configurations and can be set according to network needs. 

Devices and users in the same VLAN are not limited by their physical locations. They can be organized according to factors such as functions, departments, and applications, communication between each other is just like in the same network segment. Therefore, hosts connected to different switches can share the same broadcast domain. 

To better understand VLAN, let's take a chestnut. One uses VLAN and the other does not use VLAN.

  If there is no VLAN, broadcast messages sent from host 1 will reach all devices in the network. 

VLAN not used 

if you add an interface card named fast Ethernet 0 and fast Ethernet 1 (usually Fa0/0) to two switches in the network to configure VLAN, broadcast messages from host 1 are sent only to host 2.

Networks that use VLAN 

this happens when configuring: only host 1 and host 2 are defined under the same VLAN, while other device components are members of other VLAN networks.

  It should be noted that, layer -2 switches can only allow host devices to communicate with hosts of the same VLAN. To reach the host device of another network, you need a layer -3 switch or router.

  VLAN networks are highly secure because of their configuration type, any file can be sent through two predefined hosts of the same VLAN that are physically not connected. Broadcast traffic is also managed by it because messages will only be sent and received to the defined VLAN set, not every device on the network. 

Access and relay ports 

you can configure various types of vSwitch ports and assign an access port to a VLAN to access a single VLAN network. 

The access port is used when we simply configure the host terminal device to a specific VLAN network. 

If you need to access multiple switches and different VLAN, configure the interface as the trunk port of the switch. The trunk port is smart enough to withstand traffic from multiple VLANs. 

Configure VLAN 

• to configure VLAN on a switch, first enable IOS mode on the switch.
• The command to create a VLAN is onfig mode VLAN NUMBER.... Switch(config)# VLAN 10.
• By using interface commands, we can assign Fast Ethernet ports under VLAN.
• By using switchport to access the command line, we can specify the access mode of the interface.
• The next command assigns the VLAN number to the switch port access mode.

Switch(config) #vlan 10
Switch(config-vlan) #exit
Switch(config) #int fa0/1
Switch(config-if) #switchport mode access
Switch(config-if) #switchport access vlan 10

• the switchport access mode command can only be assigned to a single VLAN. When you need to configure multiple VLANs, use the switchport trunk mode interface command because it can carry traffic from multiple VLANs.

Features of Layer 2 switches

• The layer -2 Switch can act as a bridge to connect various terminal devices of the computer network system to a platform. They can transfer data from the source of the LAN network to the destination very quickly and effectively.
• The layer -2 Switch learns the MAC address of the destination node from the address table of the switch and performs the exchange function to rearrange the data frames from the source to the destination.
• The MAC address table provides a unique address for Layer 2 devices, which is used to identify the terminal devices and nodes for data distribution.
• Layer -2 switches split large and complex LAN networks into small VLAN networks.
• By configuring multiple VLANs in a large LAN network, switching becomes faster without physical connections.

Application of Layer 2 switches

• With layer -2 switches, we can easily send data frames in the same VLAN from the source to the destination without physical connection or location.
• Therefore, software companies' servers can be centrally placed in one location, while clients scattered in other locations can easily access data without delay, thus saving server costs and time.
• Organizations can use these types of switches to configure hosts in the same VLAN without any Internet connection, thus realizing internal communication.

Layer 3 switch

when we need to transfer data between different LAN or VLAN, layer -2 switches cannot meet the requirements. In this case, layer -3 switches are required because the technology for them to route data packets to the destination is IP address and subnet division.

  Layer -3 switches work at Layer 3 of the OSI reference model and use IP addresses to route data packets. They have faster switching speeds than layer -2 switches and even faster than traditional routers because they do not use additional hops to route data packets, resulting in better performance.

Photo source: technology House 

to understand the functions of layer -3 switches, you must first understand the concept of routing. 

The source device in Layer 3 first looks at its own route table, which contains all information about the source IP address, destination IP address, and subnet mask. Then, according to the information it collects from the routing table, the data packet is sent to the destination and data can be further transmitted between different LAN, MAN, and WAN networks. It follows the shortest and secure path to transfer data between terminal devices. This is the general concept of routing. 

Various networks can be connected through STM links. STM links have high bandwidth, and DS3 links can also be used. The type of connection depends on various network parameters.

Features of layer -3 switches

• static routing is performed to transfer data between different VLANs. However, layer -2 devices can only transmit data between the same VLAN network.
• Dynamic Routing is performed in the same way as routers. This dynamic routing technology allows switches to perform optimal packet routing.
• Provides a set of multiple paths to transmit data packets based on real-time network scenarios. Vswitches can choose the most feasible path to route data packets. Currently, popular routing technologies include RIP and OSPF.
• The IP address of the vSwitch that has the ability to identify traffic flows.
• QoS classification can be deployed based on subnet division or VLAN traffic mark, instead of manually configuring switch ports like layer -2 switches.
• More power is required to run and more bandwidth links are provided between switches, which exceed almost 10Gbits.
• Provides a highly secure path for data exchange.

Application of layer -3 switches

• it is widely used in large parks such as data centers. Layer -3 switches have the characteristics of static routing and dynamic routing, and the switching speed is faster than that of routers. Therefore, they are used in LAN connection and interconnect multiple VLAN networks with LAN networks.
• The combination of layer -3 switches and multiple layer -2 switches allows more users to access the network without the need to deploy additional layer -3 switches and more bandwidth. If the number of end users on a network platform increases, it is easy to accommodate them in the same running scenario without any network enhancement.
• The layer -3 switch can easily handle high-bandwidth resources and end-user applications. It provides 10Gbits of bandwidth.
• Layer -3 switches have the ability to relieve the burden of overloaded routers. In a wan scenario, each layer -3 switch has a primary router so that the switch can manage all local VLAN routes.
• By following the preceding scenarios, the router will be more efficient and can be specifically used for long-distance (WAN) connections and data transmission.
• Layer -3 switches are very intelligent and can use their high bandwidth to process and manage the routing and traffic control of locally connected servers and terminal devices. Therefore, companies usually use layer -3 switches to connect their monitoring servers and host nodes in the subsystem NOC center.

Inter-VLAN routing for Layer -3 switches

the following figure shows the cross-VLAN routing operations of layer -3 switches and layer -2 switches. 

Let's give another chestnut to help understand:

PC 1 of a teaching staff VLAN wants to communicate with pc2 in other teaching staff VLAN. Since the two terminal devices belong to different VLAN, we need a layer -3 switch to route data from PC 1 to PC 2.

  First, the layer -2 Switch locates the target host by using the MAC address table of the hardware part. Then learn the destination address of the receiving host from the MAC table. After that, the layer -3 switch switches and routes according to the IP address and subnet mask. It will determine which VLAN network PC1 wants to communicate with the target PC. Once it collects all necessary information, it establishes links between them and routes data from the sender to the receiver. This completes the communication between different VLANs.

Summary

there are the following differences between layer -2 and Layer -3 switches: 

different levels of work: layer -2 switches work at the data link layer and layer -3 switches work at the network layer. Layer -3 switches not only implement high-speed packet forwarding, but also achieve optimal network performance according to different network conditions. 

The principle is different: the principle of layer -2 switches is that when a switch receives a data packet from a port, it reads the source MAC address in the packet first, and then reads the destination MAC address in the packet, find the corresponding port in the address table. If there is a port corresponding to the destination MAC address in the table, copy the data packet directly to this port. The principle of layer -3 switches is relatively simple, that is, one route is exchanged multiple times. Generally speaking, it is the first route from source to destination. Layer -3 switches will transfer this data to layer -2, the next time, you can quickly switch between the source and destination. 

Different functions: layer -2 switches access data only based on MAC addresses and cannot configure IP addresses. Layer -3 switches combine layer -2 switching technology with Layer -3 forwarding functions, in other words, layer -3 switches have added routing functions on the basis of layer -2 switches. Ip addresses of different vlans can be configured, and communication between different vlans can be realized through layer -3 routing.

  Different applications: layer -2 switches are mainly used for the network access layer and convergence layer, while Layer -3 switches are mainly used for the network core layer. However, a small number of layer -3 switches are also used for convergence layer. The following figure shows the actual application examples of layer -3 switches.

Photo source: technology house 

different protocols are supported: layer -2 switches support physical layer and data link layer protocols, while layer -3 switches support physical layer, data link layer, and network layer protocols.

‧‧‧‧‧‧‧‧‧‧‧‧‧‧‧‧ END ‧‧‧‧‧‧‧‧‧‧‧‧‧‧‧‧

reprint statement: Reprint for this article, please indicate the author and source, if there are copyright issues in the article published in this number, please leave a message to contact us, thank you.

Source: architect technology alliance