Levels of Routing

By: Scott Bradner

What's in a name? We have been hearing a lot lately about level-3 and level-4 switches. But are these actually something new or just marketing people trying to convince potential buyers that they need some new toy?

Switches and routers have been around a long time but it is only recently that they have begun to blur together. Traditionally the basic difference between a switch and a router is that a switch makes forwarding decisions using level-2 addresses (Ethernet MAC addresses for example) where a router uses level-3 address (IP addresses for example). So what could a level-3 switch be? Unfortunately there are many answers to that question. It very much depends on the individual device being advertised as a level-3 switch.

Many level-3 switches are ordinary routers which have been renamed by the marketing people because switches sound faster and simpler than routers. But they were designed as normal routers and picked up the new name when it came time to start selling them.

Another group of level-3 switches are routers built using ASICS. In these devices the routing function is performed by integrated circuits rather than a general purpose processor. This can give the devices a better price performance ratio - the same routing functions at a higher speed for less money. Some of the vendors do make functionality tradeoffs to keep the complexity down enough to be easily implemented in silicon. Smaller routing tables and reduced filtering flexibility can make the device easier to build.

A mixed collection of devices make up a third category. Most routers deal with each packet as it shows up. They do a look up on the destination address, check any access filters and then forward the packet to the next hop along the path to the destination. But there are a number of devices which do something special on the first packet in a stream or after seeing a few packets for the same destination. Normally they work with some type of level-2 switched network such as ATM, frame relay, or switched Ethernet. After they identify that a stream of data is going to some destination they set up a mapping of the level-3 next-hop address with a level-2 address. and from then on forward packets destined to the level-3 address through the level-2 network using the level-2 address. These devices operate on the assumption that the level-2 infrastructure is less expensive for the same performance than a level-3 infrastructure. Multi-protocol over ATM (MPOA) and Ipisilon's IP-Switching are examples of this type of level-3 switch.

Whatever type they are, all level-3 switches look from the outside like routers. They run routing protocols, they separate subnets and broadcast domains, and they must be configured like routers. For just about any test they are routers. Sometimes they are cheaper, sometimes having a higher density of ports, sometimes they are faster but it is very hard to differentiate them from routers.

If this is the case what is all the talk about the great advantages of level-3 switches over routers? The vendors would have you believe that routers are dinosaurs and on their way to extension (at least in the corporate LAN). The claim seems to be 'put in level-3 switches and get rid of the ugly, complex and expensive to operate routers. This is clearly marketing fog and unrelated to the truth but most tall tales have some basis in fact -- what might be the bases in this case?

One thing that many of the level-3 switches have going for them is that they are packed in about the same way that level-2 Ethernet hubs and switches are. Just the right design to be replace hubs or switches in a local area network. If you do replace a local switch or hub with one of these level-3 switches you can then remove the higher level router backbone and use the routing in the level-3 switch instead. This does not remove routers or routing from the network but it does remove one layer of the hierarchy. Thus the big backbone routers go away to be replaced with a mesh of connections between the level-3 switches. This change makes it look like you have removed routers when you have actually only migrated the place that the routing is done from stand-alone routers into the local switches or hubs that you already had. The network diagram gets simpler, but does the network get easier to manage?

I do not think that the network gets easier or harder to manage. You still have the same routing protocols. You still have the same, or more, subnets. (You might have even more subnets because it is so easy to sub-divide the existing subnets when the function is so close to the end systems.) You still have the same security issues. In reality you have not changed the network design in any fundamental way.

OK - so most level-3 switches are just routers with a facelift what are level-4 switches?

In the Internet protocols one uses a "port number," which is carried in each packet just like the source and destination IP address, to let the other end of the communication know what application program should be invoked to handle the packet. Level-4 switches can use the port number to influence the forwarding decision that a level-3 switch might make. For example, web traffic to a host with a specific IP address can be forwarded to one of a number of hosts, each of which is using the same IP address. Each of the hosts in a group can be configured to deal with one value of the port field, i.e. with one application. This permits multiple computers to be set up to share the load. Some switches can even redirect traffic based on the port value and the load on a set of destination servers - new connections are directed to the server with the lightest load.

Level-3 and level-4 switches are useful, even if misleadingly named, types devices and we will be seeing many more companies competing to sell them to you.

Scott Bradner