Partners
Log in
The switching technology is a type of data forwarding technology emerged along with the switching equipment. It is primarily divided into types: L2 switching technology and L3 switching technology.
As a traditional switching technology, the L2 switching technology requires the switch to maintain a hardware forwarding table, including MAC address and port. Upon receiving a data packet, the switch queries the hardware forwarding table according to the destination MAC address of the packet, and forwards the packet at wire speed based on the corresponding port after matching the destination MAC address.
In contrast, the L3 switching requires the switch to maintain a hardware forwarding table that includes the destination IP address and the next hop MAC address as a minimum. When receiving a data packet ,the switch queries the hardware forwarding table according to the destination IP address information contained in the data packet, finds the relevant table entry and then performs data forwarding. Hardware chip or high-speed cache is used to achieve wire speed.
Typical L3 Switching Technologies
1. One routing and multiple switching
Operating mechanism: The CPU implements L3 routing for the first packet of a data stream. Then the switch forwards the data stream on the Layer 3 according to relevant table entries (source IP address, destination IP address, next hop MAC address, MAC address of forwarding port) and download them to the ASIC chip, through which the L3 forwarding of subsequent packets is completed by the way of hardware-based exact match. The L3 switching goes through the same process for other data streams, that is, one routing and multiple switching.
There are two distinct disadvantages of the above mentioned L3 switching mode. Firstly, the CPU software is adopted to implement routing for the first packet of each type of data streams. In complex data stream scenarios such as a large-scale network, a huge number of applications, and severe virus attacks, the L3 data forwarding takes up a huge amount of CPU resources, which not only impacts the efficiency but also can result in equipment down due to high CPU utilization. Secondly, since the hardware forwarding mode of exact matching is adopted, it is a great challenge to the storage space of the hardware forwarding table of the switch in complex data stream scenarios such as a large-scale network and a huge number of applications. In particular, in a network with virus attacks, since each data packet may be a separate data stream, it may cause the hardware storage space to overflow in a very short period of time. As a result, other data streams can only use pure CPU software to implement L3 routing, in turn, the switch is down rapidly due to resources being used up.
2. Hardware-based L3 switching of Longest Prefix Matching (LPM)
The LPM L3 switching technology can solve the storage space problem of the traditional multiple switching mode that adopts exact stream matching. The LPM technology supports static routes. All the routes learnt dynamically are stored in the hardware forwarding table in the form of network segments. A destination network segment is a forwarding table entry. The direct route network segment is the destination IP address entry of the host forwarding table. All the other data packets with the IP addresses of unclear destination network segments are forwarded directly through the default routes. Generally speaking, LPM can save a lot of storage space, and forward virus attack data through the hardware network segment routes or the default routes without additional hardware table entries, and thus avoiding the storage overflow problem and ensuring the normal operation of equipment.
LPM still requires the CPU to participate in one routing. This will bring some impact on the efficiency of L3 forwarding when there is direct route network segment on the L3 equipment and there are a large number of host forwarding tables, even though each segment has only one demand on CPU participation. The Host Direct Route (HDR) technology can further optimize the efficiency of LPM by making up for the deficiency of CPU's participation in one routing. The HDR supports the L3 equipment to directly download the corresponding MAC address to the hardware forwarding table when running the ARP at the next hop node and the data forwarding port during the longest matching forwarding. Therefore, all the hosts in the network can conduct L3 forwarding directly via the longest matching hardware forwarding table without the impact from the CPU's first participation in the routing.
The LPM and HDR L3 switching technology does not require the CPU participation. This saves cache space. Moreover, it largely improves the routing efficiency, avoids the impact of virus attacks on the network equipment, and improves the equipment stability.
CSS Security System: Best Practice of the MPLS VPN Technology in the Dalian Government Network
The Dalian E-government has been taking the lead in the whole nation. Together with the government websites of Beijing and Shanghai, “Dalian China”, the government portal website maintained by the Dalian Information Center is appraised as the first three leading government websites in China. The Dalian Information Center has been awarded with the Government Website with Chinese Characteristics and Innovation Prize and the Leading Public Choice of Chinese City Government Portal Websites Prize by the Dalian Municipal Government in recent years.
With the expansion of the service scopes of the Dalian Information Center, the Information Center starts to construct the E-government MAN for Dalian this year and plans to run the services of the municipal and county organizations and bureaus of Dalian on the government extranet.
To ensure that the E-government network can stably bear multiple government services and the services of organizations and bureaus on the Dalian China website after the Dalian E-government network is constructed, the Dalian Information Center evaluates the networking solution (switching network versus routing networking) and tests products in real situation before selecting 10 sets of our S8600 switches as the core for the construction of the 10G MPLS E-government network of Dalian.
The following figure shows the topology of the 10G MPLS E-government network of Dalian constructed by 10 sets of RG-S8600. As shown in the figure, 2 sets of S8610 switches are connected as the core of the MPLS network, 6 sets of S8606 switches serve as PEs to connect the VPNs of various municipal bureaus, such as the taxation bureau and the labor bureau, and the other 2 sets of S8606 switches also serve as PEs to connect the data centers and egress areas of the network. The VPNs of organizations and bureaus have a uniform egress on the MPLS network to access the network.
Overview of the MPLS VPN of Ruijie Networks
Ruijie Networks fully supports point-to-multipoint dynamic L3 VPN (BGP MPLS VPN), point-to-point L2 VPN (VPWS) and point-to-multipoint dynamic L2 VPN (VPLS). Moreover, it supports 10G performance, and can implement flexible isolation and mutual access to safe areas.
Ruijie Networks websites use cookies to deliver and improve the website experience.
See our cookie policy for further details on how we use cookies and how to change your cookie settings.
Cookie Manager
When you visit any website, the website will store or retrieve the information on your browser. This process is mostly in the form of cookies. Such information may involve your personal information, preferences or equipment, and is mainly used to enable the website to provide services in accordance with your expectations. Such information usually does not directly identify your personal information, but it can provide you with a more personalized network experience. We fully respect your privacy, so you can choose not to allow certain types of cookies. You only need to click on the names of different cookie categories to learn more and change the default settings. However, blocking certain types of cookies may affect your website experience and the services we can provide you.
Through this type of cookie, we can count website visits and traffic sources in order to evaluate and improve the performance of our website. This type of cookie can also help us understand the popularity of the page and the activity of visitors on the site. All information collected by such cookies will be aggregated to ensure the anonymity of the information. If you do not allow such cookies, we will have no way of knowing when you visited our website, and we will not be able to monitor website performance.
This type of cookie is necessary for the normal operation of the website and cannot be turned off in our system. Usually, they are only set for the actions you do, which are equivalent to service requests, such as setting your privacy preferences, logging in, or filling out forms. You can set your browser to block or remind you of such cookies, but certain functions of the website will not be available. Such cookies do not store any personally identifiable information.
Contact Us
How can we help you?
Global / EN
