Layer 3 Router

Suppose I have a cisco 3560 24 port Layer 3 switch, it looks something like this.

It will route traffic between vlan in my local network and it will be connected to 3 switches Layer 2 model OSI, access layer, cisco 2960 switches, and the cisco 3560 will act as a distribution layer switch. Let me remind you that the second layer switches traffic based on mac addresses. The access layer is where the end devices are connected, in our case computers, servers or printers… Below is a diagram.

What is a Layer 2 switch

A Layer 2 switch is a piece of hardware that operates at Layer 2 of the OSI network model.

Switches traffic based on mac addresses.
Used as an access layer.
Used for primary segmentation of local networks
Lowest cost per port/user

In technical documents, a Layer 2 switch is identified by this icon

What is a Layer 3 Switch

A Layer 3 switch is a piece of hardware that operates at Layer 3 of the OSI model:

In the technical documentation Layer 3 switch means this icon

To help me create the test bed will be a network simulator program, Cisco packet tracer 6.2. Download Cisco packet tracer 6.2, available here. Here is a more detailed diagram of my test site. As a core I have cisco catalyst 3560, it has two vlan: 2 and 3, with static ip addresses VLAN2 192.168.1.251 and VLAN3 192.168.2.251. Below are two access level switches, used to organize VLANs and as uplinks. There are four computers in the local network, two in each vlan. You need PC3 from vlan2 to ping PC5 from vlan3.

Configuring a Layer 2 Cisco switch

Setting up a Layer 2 switch is very simple. Let's start configuring the ciscoatalyst 2960, as you can see I have PC03 and PC04 computers connected to Switch0, ports fa0/1 and fa0/2. The plan is for our Switch0 to have two vlan. Let's go ahead and create them. Switch to privileged mode and enter the command

Now add the fa0/1 interface into vlan 2 and fa0/2 into vlan 3. Let's write the command.

Now let's save it all in the switch memory with the command

Now let's set up the trunk port. My trunk port will be the gig 0/1 gigabit port. Enter the command to configure the gig 0/1 port.

Save the settings. The Layer 2 switch setup is almost done.

Now configure Switch1 and PC5 computers in VLAN2 and PC6 in VLAN3 the same way. That's it for Layer 2 of the OSI model, let's move on to Layer 3.

Core Layer Switches

The main task of such equipment is to provide fast and fail-safe transportation of the huge amount of traffic. Of course, without delays. Also, you need to take care of configuring ACL and routing in general, otherwise the traffic will slow down a lot.

Often in case of problems with peak performance you have to cut your teeth and completely change the network infrastructure to a more powerful one. Classic expansion will not do the trick, since 8 ports of 100Mbit + 8 ports of 100Mbit are a headache compared to 4 ports of 1Gbit. And don't forget the backup ring just in case.

Kernel-level network devices often work on a per-node Distribution-layer VLAN basis. Who the hell are they? Well, let's introduce them now.

Distribution (aggregation) layer switches

Simply speaking, they are distributors of traffic between VLANs with further filtering using ACL protocol. These devices are focused on describing the network policy for the end user. They also form broadcast streams of Broadcast and Multicast domains and dispatches. Your IPTV is their business.

Static routes based on dynamic protocols are used here occasionally. It is not uncommon to find traffic distribution devices with an impressive capacity of SFP ports, which are both expansion ports (additional devices, clustering) and a tool for using links with switches of the layer below. With the same help of a certain number of nodes are combined into a ring.

Also, switches of this kind switches are often found with L2+ (L3 Lite) functionality and the calibration principle "VLAN of each service corresponds to one Access node".

As you understand, we're getting to the third category of devices

What are the levels of L1, L2, L3, L4 switches and so on…

In fact, the classic switches do not go higher than the third level – L3. And even then, these devices can be called full-fledged routers, adjusted for functionality. But we will go through the classic hierarchy and discuss in detail how the network equipment according to the OSI model works.

Layer 1 (L1) networking equipment

L1 devices operate on the physical layer. In other words, they are capable of processing various electrical signals from the host to the end consumer and converting the pulses into logical zeros and ones. On this basis, we can say that the designation "L1 switch" is not quite correct. L1 category networking equipment includes hubs, repeaters and repeaters, which are almost dead today. The cheapest in operation products with zero traffic protection and the same functionality. What the difference between these devices and switches you can read in this article.

Layer 2 (L2) switches

At this stage the physical layer is connected to the channel, i.e. the address layer. In this case, all information, as mentioned above, is distributed through the network using frames (frames). All data is divided into logical blocks of a certain size to make it easier for the switching device to distribute the flow. Addressing is done by tying the MAC address of the equipment to be connected to a specific port. This makes it easier to send packets and makes the channel secure.

Layer 3 (L3) switches

At this point, the capabilities of L2-type network equipment are complemented by IP routing. In combination with MAC addresses, packet transmission along the optimal path becomes even faster, safer and more convenient. The switch calculates the path of a data packet as a GPS navigator calculates the route of a car before a journey. That's why this functionality of the device is called routing.

Differences between Layer 2 and Layer 3 switches

As it was said above, the physical sending of traffic takes place on the first three stages. We discard the first because of obsolescence and remain two – the second and third, the difference between which is as follows:

models The second layer switchessend data only by destination port MAC-address, ignoring all other ports. In this case, the device does not calculate the path that the frame follows, which can lead to load swings and congestion in different parts of the network.
Layer 3 models perform static or dynamic traffic routing because they have MAC and IP address tables. Plus have the ability to combine multiple devices within one or many VLANs.

Thus, the main difference between Layer 2 and Layer 3 switches is the routing function that provides communication within a VLAN – a virtual local area network – with packets routed to the optimal route without losses or delays, taking into account network load.

Not surprisingly, Layer 3 switch models are more expensive than their predecessors, since the routing function makes data transmission much faster, more secure and more efficient. Related useful features include:

Among other things, managed routing Layer L3 managed routing switches have more power and high bandwidth because they are often used as aggregation and core switches, which requires improved performance. However, not everyone needs the advanced functionality that requires paying a rather high price. For those who are worried about overpaying for L3 and do not like L2 features, the networking market offers a compromise solution – L2+.

From words to deeds! Let's compare different switches by example

To make it clear, we will choose three models of the same level. It is clear that L2, L2+ and L3 switches have very different features. That is why we have to use some common features. For example, to compare switches with 5 and 50 ports (including Uplink) will be incorrect.

Note that externally the devices are quite similar, which can not be said about their capabilities and intended roles. For clarity, here is a small fragment of a comparison table of functions.

And there are a lot of functions in these switch models. In order not to try to grasp the immensity, we chose the most obvious functional areas: traffic management, security and routing. The other groups of options are also different, but not so obvious.

Zyxel XGS4600-32 is a Layer 3 switch

Has 24 Gigabit twisted-pair ports, four Combo ports (SFP/RJ-45) and four integrated 10-Gigabit SFP+
Supports physical stacking with one or two 10-Gigabit SFP+ slots
Supports both static and dynamic routing.
Has two separate power connectors.

Figure 2: The Zyxel XGS4600-32 switch is a Layer 3 switch.

Zyxel XGS2210 – Layer 2+ switch

One purpose is to create a network for VoIP traffic, videoconferencing, IPTV and IP surveillance cameras and traffic management of modern convergent applications.

Supports physical stacking with two 10-Gigabit SFP+ ports.

Supports PoE (IEEE 802.3af PoE and 802.3at PoE Plus) up to 30W per port to power devices with higher power consumption, such as 802.11ac access points and IP video phones.

This model has additional security features like IP source guard, DHCP snooping and ARP inspection, L2, L3 and L4 filtering mechanisms, MAC freeze feature, port isolation and guest VLAN creation.

To sum it up

Every thing is good in its place (thanks, Captain Hindsight).

There's no point in overpaying for a higher level switch just because it seems cooler. At the same time, a stingy person pays twice, and the lack of a critical function may require additional costs in the form of a switch replacement.

In some cases, L2+ switches help as a compromise option. Features that are not in the L2, but are in the L2+ can be very useful and can take your network infrastructure to the next level of resiliency and security

What are Layer 2 & Layer 3 switches?

The Layer of a network switch is its position in the OSI network model, which determines the degree of intelligence and functionality of the device and, importantly for customers, its price. The terms Layer 2 & Layer 3 are taken from the Open System Interconnect (OSI) model, which is the reference model for describing and explaining network communications. The OSI model has seven layers: application layer, presentation layer, session layer, transport layer, network layer, link layer, and physical layer, of which the link layer is Layer 2 and the network layer is Layer 3. Switches operating in these layers are called the Layer 2 switch and the Layer 3 switch, respectively.

Layer 2 switch vs. Layer 3 switch

Features of the Layer 2 (L2) switch

It operates at the data link layer. L2 switch can handle not just electrical signals, but frames of information (called frames). It implements a physical addressing logic based on the MAC addresses of the sending and receiving devices.

Layer 3 (L3) switch features

Such a device works at the network layer. In a comparison of L2 and L3 switches, the latter wins – it is able to operate with IP addresses of senders and receivers of information and build optimal data transmission routes. That is why the L3 switch has an alternative name – router.

The difference between Layer 2 vs Layer 3 switches

The main difference between Layer 2 and Layer 3 is the routing function. This is also the biggest difference between a Layer 2 switch and a Layer 3 switch. A Layer 2 switch only works with MAC addresses and doesn't care about IP addresses or any higher layer elements. The Layer 3 switch or multilayer switch can do all the work that the Layer 2 switch does. It can also do static and dynamic routing. This means that the Layer 3 switch has a MAC address table and an IP routing table and handles communication within VLANs and routing packets between different VLANs. A switch that adds only static routing is known as Layer 2+ or Layer 3 Lite. In addition to packet routing, Layer 3 switches also include some features that require the ability to understand the IP address information of the data coming into the switch, such as marking VLAN traffic based on the IP address instead of manually configuring the port. Layer 3 switches have increased power and security as required.

When lingering between Layer 2 and Layer 3 switches, you have to think about where it will be used. If you have a pure Layer 2 domain, you can simply move to a Layer 2 switch. A pure Layer 2 domain is where the hosts are connected, so the Layer 2 switch will work fine there. This is usually called the access layer in the network topology. If you need a switch to aggregate multiple access and routing switches within a VLAN, then you need a Layer 3 switch. This is known as the propagation layer in the network topology.

L3 switch : mixing and matching of Layer 2/3 switching

A Layer 3 switch (L3 switch, Layer 3 switch) is a device that forwards traffic based on Layer 3 information (mainly through the mac address). The L3 switch supports all switching functions and also has some routing functions between VLANs. It is designed as a technology to improve network routing performance in large LANs. For the Layer 3 switch, layer forwarding is done by specialized ASICs – it's faster than routers, but they usually lack the advanced capabilities of routers. Unlike routers, the L3 switch is less prone to network latency because packets do not need to go through the router extra steps. The L3 switch performs the same functions as a Layer 2 switch, so it is also called a "multilayer" switch, and some 10GbE and Gigabit PoE switches are of this type.

Router: for different networks and protocols

A router is ubiquitous in home and small business networks. It allows communication between the devices connected to it and the Internet. A router can forward traffic (packets) based on Layer 3 information using an IP address. This allows the network to pass through different protocols. The router also serves as the first line of security, protecting the network from any attacks and intrusions. Working to route packets to their destination, the router analyzes the Layer 3 destination address of each packet and determines the best next hop for it. This process takes time and, therefore, each packet encounters some delay.

The router is designed to connect the local area network (LAN) to the Wide Area Network (WAN), i.e. it routes traffic to and from the outside world (Internet, branch offices, remote employees).

The main characteristics of a Layer 3 switch and router:

Repeater. Hub.

Repeater and concentrator work at the same level, so in terms of the OSI network model they are depicted in the same way. For the convenience of representing network devices, we will map them between our computers.

Repeater and concentrator are devices of the first (physical) layer. They receive the signal, recognize it, and forward the signal on to all active ports.

Network Bridge. Switch.

A network bridge and a switch also work at the same layer (link layer) and they are represented accordingly in the same way.

Both devices are already second layer, so in addition to recognizing the signal (like hubs on layer one) they decapsulate it (the signal) into frames. The second level compares the checksum of the trailer of the frame. Then from the header frame learns the MAC-address of the recipient, and checks its presence in the switched table. If the address is present, the frame is encapsulated back into bits and sent (as a signal) to the corresponding port. If the address is not found, the address is searched for in the connected networks.

Data transmission systems (SPD)

Data Transfer Systems (DTS) are designed to create an object network infrastructure – the main component of the system of information interaction between users of the local area network, which provides the structure of management tools and switched data communication networks, the implementation of traffic transfer and priority management, bandwidth and accounting used resources of the computer network.

Questions about this product?

SPD equipment includes routers, firewalls, switches, wireless network controllers, access points and other active devices.

LAN switches can be classified according to the layers of the OSI model in which they transmit, filter and switch frames. A distinction is made between Layer 2 (L2) Switches and Layer 3 (L3) Switches.

Layer 2 switches analyze incoming frames, decide on their further transmission and transmit them to the destinations based on the link layer MAC addresses of the OSI model. The main advantage of Layer 2 switches is transparency to the upper layer protocols. Because the switch operates at Layer 2, it does not need to analyze information from the upper layers of the OSI model.

Layer 2 switching is hardware based. It has high performance. Frame transmission in a switch can be done by a specialized ASIC controller. Layer 2 switches are mainly used for network segmentation and workgroup interconnection.Despite the advantages of Layer 2 switching, it still has some limitations. The presence of switches in the network does not prevent broadcast frames from being distributed to all network segments.

Layer 3 switches perform switching and filtering based on channel (Layer 2) and network (Layer 3) addresses of the OSI model. Layer 3 switches perform switching within a workgroup and routing between different subnets or virtual local area networks (VLANs).

Layer 3 switches route packets similar to traditional routers. They support RIP (Routing Information Protocol), OSPF (Open Shortest Path First), BGP (Border Gateway Protocol) to allow communication with other Layer 3 switches or routers and build routing tables, policy-based routing, multicast traffic management.

Layer differences: comparison analysis

To choose the right switch, you need to pay attention not only to its functionality, but also to the characteristics of the network, its parameters. The choice is made according to the levels, because they describe the capabilities of the group as a whole. So, if you need only traffic transfer, you should pay attention to switches of L2 and L3 level. L1 devices are outdated today and can be safely thrown out of consideration. At L4 there is no data transfer, so you have to choose between L2 and L3. It is between them and it is necessary to choose. Let us have a closer look at the difference between them.

The difference between L2 and L3 switches

The first thing to pay attention to is the way the data is sent. The Layer 2 switch uses only the MAC address of the destination port. All other data is ignored. It does not calculate the path along which the information will be transmitted, which can lead to increased load on certain areas of the network, its jumps.

Layer 3 switches already provide both static and dynamic data routing. They use both MAC and IP addresses. They are also capable of combining several individual devices within a single VLAN network or even several.

That is the main difference between L2 and L3 switches is in the presence of routing in the latter. It is with its help the interaction within the VLAN will be performed and data will be routed to the right address. Regardless of the load on the network, data transmission will be performed without delays and losses.

Greater functionality and convenience is reflected in the price of the Layer 3 switch – it is significantly higher than that of Layer 2 devices. There are additional features:

high level of information transmission security;
the ability to switch two or more managed devices into one large stack to increase the number of ports through which more equipment can be connected;
Use of automatic traffic marking based on a particular IP-address.

Additional layers

In addition to the OSI model layers described, there are other concepts such as:

Access layer. This refers to the group of switches that provide connections for users to the network.
The aggregation (distribution) layer. This includes switches from the access layer that allow routing and management to be configured. Forward Uplinks to the next layer.
Core Layer. The main node that brings all of the aggregation layer switches into a single network. These switches have higher capacity, which allows them to redirect traffic instantly.

Access layer functionality can be provided by Layer 2 switches. But if you have to work at the aggregation level, then you need Layer 3 devices.

That is, all levels of switches have a specific purpose, which determines the scope of their application. The main task of the user is to navigate in the bottom and choose the right option in terms of functionality, cost, security and reliability. If you are not sure that you can cope with this task, ask Xelent specialists for advice and professional help.

Rent a server and data storage of necessary productivity. All equipment is placed in our own fail-proof Data Center with reserved systems of power supply, cooling and communication channels.

Renting a terminal server is a great alternative to buying expensive computer equipment. The client purchases a ready-made Windows-based system designed for corporate users. Company employees will get cloud access to standard OS applications and specialized programs (1C: Accounting, PayDox, etc.).

Xelent Data Center provides the possibility of renting a rack in the data center at a price that is flexible and depends on the number of occupied units.

What is a LAN

Name the two types of router interfaces

Managed Router

Router is

Router definition

What's a firewall in a router