The difference between Layer 2, Layer 3 and Layer 4 switches

Layer 2 switching

The Layer 2 switching technology is mature. The Layer 2 switch is a data link layer device that can identify the MAC address information in the data packet and forward it according to the MAC address. These MAC addresses and corresponding ports are recorded in an internal address table. The specific workflow is as follows:

When the switch receives a packet from a port, it first reads the source MAC address in the packet header, so that it knows which port the source MAC address machine is connected to;

Then read the destination MAC address in the packet header and look up the corresponding port in the address table.

If there is a port corresponding to the destination MAC address in the table, copy the data packet directly to this port;

If the corresponding port is not found in the table, the data packet is broadcast to all ports. When the destination machine responds to the source machine, the switch can learn which port the destination MAC address corresponds to. It is no longer necessary to broadcast all ports when transferring data next time. This process is continuously cycled, and the MAC address information of the entire network can be learned. The Layer 2 switch establishes and maintains its own address table.

Routing technology

The router works in the third layer (network layer) of the OSI model, and its working mode is similar to that of the Layer 2 switching, but the router works at the third layer. This distinction determines the way routing and switching use different control information when delivering packets, and the way they implement functionality is different. The working principle is that there is also a table inside the router. The table indicates that if you want to go to a certain place, the next step should be to go there. If you can find the packet from the routing table and go there, forward the link layer information. If you don't know where to go next, discard the packet and return a message to the source address.

Routing technology has two functions: determining the optimal route and forwarding packets. Various information is written in the routing table, and the routing algorithm calculates the best path to the destination address, and then sends the data packet by a simple direct forwarding mechanism. The next router that accepts the data continues to forward in the same way, and so on, until the packet arrives at the destination router. There are two different ways to maintain routing tables. One is the update of routing information, which advertises part or all of the routing information. The router learns the topology of the whole network by learning the routing information from each other. This type of routing protocol is called the distance vector routing protocol. The other is that the router broadcasts its own link state information, learns the routing information of the entire network by teaching each other, and then calculates the optimal forwarding path. This type of routing protocol is called a link state routing protocol.

Since the router needs to do a lot of path calculation work, the working ability of the general processor directly determines the performance of its performance. Of course, this judgment is still for low-end and mid-range routers, because high-end routers often adopt a distributed processing system architecture.

Till now ,do you get more understand about layer 2,and today i wanna intoduce something about  latest ccna exam.

Three-layer switching technology

Device A using IP, Layer 3 switch, Device B using IP. For example, if A wants to send data to B and knows the destination IP, then A uses the subnet mask to obtain the network address and determines whether the destination IP is on the same network segment as itself.

If it is on the same network segment but does not know the MAC address required to forward the data, A sends an ARP request and B returns its MAC address. A uses this MAC to encapsulate the data packet and send it to the switch. The switch enables the Layer 2 switching module to look up the MAC address table and forward the data packet to the corresponding port.

If the destination IP address is not displayed on the same network segment, then A needs to communicate with B. If there is no corresponding MAC address entry in the flow cache entry, the first normal data packet is sent to a default gateway. This default gateway is set in the operating system and corresponds to the Layer 3 routing module. Therefore, for data that is not the same subnet, the MAC address of the default gateway is first placed in the MAC table. The packet is then received by the Layer 3 module, and the routing table is queried to determine the route to B, which will construct a new frame header. The MAC address of the default gateway is the source MAC address, and the MAC address of the host B is the destination MAC address. Through a certain identification trigger mechanism, the correspondence between the MAC address and the forwarding port of the host A and the B is established, and the inflow cache entry table is recorded, and the data of the subsequent A to B is directly submitted to the layer 2 switching module. This is usually referred to as a route that is forwarded multiple times.

Layer 2 switches are used in small local area networks. Needless to say, this. In small LANs, broadcast packets have little effect. The fast switching function of the Layer 2 switch, multiple access ports and low price provide a perfect solution for small network users.

The router has the advantages of rich interface types, powerful Layer 3 support, and powerful routing capabilities, which are suitable for routing between large networks. Its advantages are to choose the best route, load sharing, link backup and exchange of routing information with other networks, etc.

The most important function of the Layer 3 switch is to speed up the fast forwarding of data within the large LAN. The routing function is also used for this purpose. If large networks are divided into small LANs according to departments, regions, etc., this will lead to a large number of Internet access, and the use of Layer 2 switches alone will not enable Internet access. If the router is simply used, the number of interfaces is limited and the route forwarding speed is slow, which will limit the speed and network scale of the network. The fast-forwarding Layer 3 switch with routing function becomes the first choice.

Four-layer exchange

A simple definition of Layer 4 switching is that it is a function that determines whether the transmission is based not only on the MAC address (Layer 2 bridge) or the source/destination IP address (Layer 3 routing), but also on TCP/UDP (Layer 4) Application port number. The fourth layer of switching functions is like a virtual IP, pointing to a physical server. The services it transmits are subject to a variety of protocols, including HTTP, FTP, NFS, Telnet, or other protocols. These services require complex load balancing algorithms based on physical servers. In the IP world, the service type is determined by the terminal TCP or UDP port address, and the application interval in the fourth layer exchange is determined by the source and terminal IP addresses, TCP and UDP ports. In the Layer 4 exchange, a virtual IP address (VIP) is set up for each server group used for the search, and each group of servers supports an application.

Each application server address stored in the Domain Name Server (DNS) is a VIP, not a real server address. When a user applies for an application, a VIP connection request with a target server group (for example, a TCP SYN packet) is sent to the server switch. The server switch selects the best server in the group, replaces the VIP in the terminal address with the IP of the actual server, and transmits the connection request to the server. In this way, all packets in the same interval are mapped by the server switch and transmitted between the user and the same server. The principle of Layer 4 Switching The fourth layer of the OSI model is the transport layer. The transport layer is responsible for end-to-end communication, is coordinating communication between the network source and the target system. In the IP stack, this is the protocol layer where TCP (a transport protocol) and UDP (user data packet protocol) are located.

In the fourth layer, the TCP and UDP headers contain port numbers, which uniquely distinguish which application protocols (such as HTTP, FTP, etc.) are included in each packet. The endpoint system uses this information to distinguish the data in the packet, especially the port number that enables a receiving computer system to determine the type of IP packet it receives and hand it over to the appropriate high-level software. The combination of port number and device IP address is often referred to as a "socket." The port numbers between 1 and 255 are reserved, they are referred to as "well known" ports, that is, in all host TCP/I P protocol stack implementations, these port numbers are the same. In addition to the "well-known" ports, standard UNIX services are allocated in the 256 to 1024 port range, and custom applications typically allocate port numbers above 1024. A recent list of assigned port numbers can be found on RFc1700 "Assigned Numbers". The additional information provided by the TCP/UDP port number can be utilized by the network switch, which is the basis for Layer 4 switching.

A switch with Layer 4 capabilities can function as a "virtual IP" (VIP) front end connected to the server. Each server and server group that supports single or universal applications are configured with a single VIP address. This VIP address is sent out and registered on the domain name system. When a service request is made, the Layer 4 switch identifies the beginning of a session by determining the start of TCP. It then uses sophisticated algorithms to determine the best server to handle this request. Once this decision is made, the switch associates the session with a specific IP address and replaces the VIP address on the server with the server's real IP address.

Each Layer 4 switch maintains a source IP address that matches the selected server and a connection table associated with the source TCP port. The Layer 4 switch then forwards the connection request to this server. All subsequent packets are remapped and forwarded between the client and the server until the switch discovers the session. In the case of Layer 4 switching, the access can be connected to a real server to satisfy user-defined rules, such as having an equal number of accesses per server or allocating transport streams according to the capacity of different servers.