Layer 3 Switches

Virtuoso X · 1st May 2012, 1:56 AM

hi guys
wanted to know a few things about 'layer 3 switches' and how they exactly work(call me old fashion)
Switch im talking about is a Cisco SG300-10 (http://www.cisco.com/en/US/products/...omparison.html third one down)
i wanted to know in layer 3, does the switch have to be connected to a router to have internet access or can the L3 Switch just be directly connected to the modem that supplies the internet (in this case DPQ3212 which has one ethernet port) to supply internet to the clients attached to the switch

since its layer 3/ 2 i assume this will work? since a router does the same working in the same layers

thanks!

cacaw · 1st May 2012, 4:15 AM

Taken from:

https://learningnetwork.cisco.com/thread/10642

Quote:

1- L3 Switch do switching at layer 3 by preserving the source and destination mac and preserving the TTL value of the IP header of the 1st routed packet, so the first packet is routed using normal routing lookup, but after that all packet are switched.

2- router do normal routing lookup, but by introducing fast switching and CEF, packets are also now switched on a router.

3- Switches doesnt support some QoS features.

4- Switches doesnt support NAT.

5- The forwarding on switches is done on ASIC (Application Specific Integrated Circuits) which is done in hardware rather than a software.

6- Forwarding on routers are done in a software.

7- router supports different WAN technologies (modules) unlike switches.

If you intend to use L3 switching for your internet egress/ingress traffic, this is overkill, unless of course you have upwards of gigabit connections (we have 40gbps at work). Routers are more than capable of routing packets at wirespeed under these conditions. L3 switching is primarily used to switch packets between VLANs with different subnets within an organisation LAN environment.

Someone can correct me if I am wrong.

EDIT: CEF = Cisco Express Forwarding

biatch · 1st May 2012, 7:53 AM

Quote:

Originally Posted by Virtuoso X

in layer 3, does the switch have to be connected to a router to have internet access or can the L3 Switch just be directly connected to the modem that supplies the internet (in this case DPQ3212 which has one ethernet port) to supply internet to the clients attached to the switch

The L3 switch won't NAT, so yes you'll still need a router behind the modem.

Unless the DPQ3212 has some router functionality but a quick google suggested that it's a straight modem.

ltd73 · 1st May 2012, 8:08 AM

[note: i 'make' switches for a living]

a L2 switch switches on ethernet frames - forwarding on destination mac-address and flooding any unknowns.

L3 is where IP is at. a L3 switch forwards based on IP addresses, i.e. the same as what a 'router' does.
the differences between a 'L3 switch' and a 'router' are that the latter is typically forwarding in software, so its much much slower, typically orders of magnitude more limited in performance.
A L3 switch is superior in performance but that comes at a price. The 'price' is not the $$$ it costs but rather that its likely its logic for forwarding is baked into silicon and can never be changed or upgraded. It can never do more than what the underlying logic can do.

To give you an example, lets say you bought your L3 switch in 1990, well before L3 switching of IPv6 existed. Lets say you bought a crappy cisco c2501 router at the same time.
The c2501 could have been upgraded in the meantime with software to make it capable of routing IPv6. The L3 switch could not.

2nd post is not correct in terms of "CEF", thats just marketing from a certain vendor. ultimately what is going on is something that obeys the rules of IP forwarding, i.e. longest-prefix-match first.

Virtuoso X · 1st May 2012, 1:18 PM

thanks for all the info! very informative.

shift · 1st May 2012, 1:26 PM

A layer 3 switch will do quite complicated routing; but probably won't do PPPOE or NAT which would be required for most consumer Internet connections.

Virtuoso X · 1st May 2012, 1:40 PM

Quote:

Originally Posted by shift

A layer 3 switch will do quite complicated routing; but probably won't do PPPOE or NAT which would be required for most consumer Internet connections.

I understand now that layer 3 is better designed for 'inward routing' rather than outward, i assumed that because a router also functions on layer 3 the l3 switch would be able to do the same, using the same procedure, but unfortunately not.
Nonetheless a L3 switch would be great replacement to experiment with in my lab.

FiShy · 1st May 2012, 1:50 PM

I want a switch that makes coffee, ltd get to it.

shift · 1st May 2012, 1:54 PM

Quote:

Originally Posted by Virtuoso X

I understand now that layer 3 is better designed for 'inward routing' rather than outward, i assumed that because a router also functions on layer 3 the l3 switch would be able to do the same, using the same procedure, but unfortunately not.
Nonetheless a L3 switch would be great replacement to experiment with in my lab.

They can do great for 'outward' routing on a non-consumer connection as well, because they generally handle BGP.

It's just the mostly "consumery" stuff they don't handle (and generally aren't priced for).

Virtuoso X · 1st May 2012, 2:50 PM

Quote:

Originally Posted by shift

They can do great for 'outward' routing on a non-consumer connection as well, because they generally handle BGP.

It's just the mostly "consumery" stuff they don't handle (and generally aren't priced for).

thanks shift!

ltd73 · 1st May 2012, 7:19 PM

Quote:

Originally Posted by FiShy

I want a switch that makes coffee, ltd get to it.

ok!

Code:

$ ssh ltd@203.9.111.10
Password: 
Last login: Tue May  1 05:05:09 2012 from 203.9.111.27
switch>en
switch#copy ?
  boot-extensions       Copy boot extensions configuration
  extension:            Source file path
  file:                 Source file path
  flash:                Source file path
  ftp:                  Source file path
  http:                 Source file path
  https:                Source file path
  installed-extensions  Copy installed extensions status
  running-config        Copy from current system configuration
  scp:                  Source file path
  sftp:                 Source file path
  startup-config        Copy from startup configuration
  system:               Source file path
  tftp:                 Source file path

switch#copy ftp://ftp.pbone.net/mirror/archive.f....fc14.i686.rpm ?
  boot-extensions  Copy to boot extensions configuration
  extension:       Destination file path
  file:            Destination file path
  flash:           Destination file path
  ftp:             Destination file path
  http:            Destination file path
  https:           Destination file path
  running-config   Update (merge with) current system configuration
  scp:             Destination file path
  sftp:            Destination file path
  startup-config   Copy to startup configuration
  system:          Destination file path
  tftp:            Destination file path

switch#copy ftp://ftp.pbone.net/mirror/archive.f....fc14.i686.rpm extension:
switch#                                                                                                                                                   
switch#show extensions 
Name                                       Version/Release           Status RPMs
------------------------------------------ ------------------------- ------ ----
kaffeine-1.2.2-1.fc14.i686.rpm             1.2.2/1.fc14              A, NI     1

A: available | NA: not available | I: installed | NI: not installed | F: forced
switch#exte
switch#extension ?
  kaffeine-1.2.2-1.fc14.i686.rpm  NI

switch#extension kaffeine-1.2.2-1.fc14.i686.rpm 
% Error installing kaffeine-1.2.2-1.fc14.i686.rpm: RPM install error: Transaction check failed: kdebase-runtime is needed by kaffeine-1.2.2-1.fc14.i686
kdelibs4 >= 4.6.3 is needed by kaffeine-1.2.2-1.fc14.i686
libQtCore.so.4 is needed by kaffeine-1.2.2-1.fc14.i686
libQtDBus.so.4 is needed by kaffeine-1.2.2-1.fc14.i686
libQtGui.so.4 is needed by kaffeine-1.2.2-1.fc14.i686
libQtNetwork.so.4 is needed by kaffeine-1.2.2-1.fc14.i686
libQtSql.so.4 is needed by kaffeine-1.2.2-1.fc14.i686
libQtSvg.so.4 is needed by kaffeine-1.2.2-1.fc14.i686
libQtXml.so.4 is needed by kaffeine-1.2.2-1.fc14.i686
libX11.so.6 is needed by kaffeine-1.2.2-1.fc14.i686
libXss.so.1 is needed by kaffeine-1.2.2-1.fc14.i686
libkdecore.so.5 is needed by kaffeine-1.2.2-1.fc14.i686
libkdeui.so.5 is needed by kaffeine-1.2.2-1.fc14.i686
libkfile.so.4 is needed by kaffeine-1.2.2-1.fc14.i686
libkio.so.5 is needed by kaffeine-1.2.2-1.fc14.i686
libsolid.so.4 is needed by kaffeine-1.2.2-1.fc14.i686
libxine.so.1 is needed by kaffeine-1.2.2-1.fc14.i686

switch#extension kaffeine-1.2.2-1.fc14.i686.rpm force
switch# 
switch#show extensions 
Name                                       Version/Release           Status RPMs
------------------------------------------ ------------------------- ------ ----
kaffeine-1.2.2-1.fc14.i686.rpm             1.2.2/1.fc14              A, F      1

A: available | NA: not available | I: installed | NI: not installed | F: forced

switch#bash sudo rpm -qa | grep kaf
kaffeine-1.2.2-1.fc14.i686

switch#bash sudo su
bash-4.1# kaffeine
kaffeine: error while loading shared libraries: libQtSql.so.4: cannot open shared object file: No such file or directory

FiShy · 1st May 2012, 10:09 PM

Much better... and to think people wonder why you pay so much for support contracts.

Virtuoso X · 1st May 2012, 10:12 PM

Quote:

Originally Posted by FiShy

Much better... and to think people wonder why you pay so much for support contracts.

haha Lol

itsmydamnation · 1st May 2012, 10:16 PM

why do people keep bring up NAT as a thing L3 switches cant do, NAT's just a table, inside local, outside local, inside global, outside global. Infact NAT is one thing that would quite easily fit into a hardware table, much like ACL's.

Virtuoso X · 1st May 2012, 10:27 PM

Quote:

Originally Posted by itsmydamnation

why do people keep bring up NAT as a thing L3 switches cant do, NAT's just a table, inside local, outside local, inside global, outside global. Infact NAT is one thing that would quite easily fit into a hardware table, much like ACL's.

i believe the L3 switch is capable of doing NAT within a VLAN environment correct me if im wrong.

1st May 2012, 1:56 AM	#1
Virtuoso X Member Join Date: Jul 2010 Location: Melbourne Posts: 261	Layer 3 Switches hi guys wanted to know a few things about 'layer 3 switches' and how they exactly work(call me old fashion) Switch im talking about is a Cisco SG300-10 (http://www.cisco.com/en/US/products/...omparison.html third one down) i wanted to know in layer 3, does the switch have to be connected to a router to have internet access or can the L3 Switch just be directly connected to the modem that supplies the internet (in this case DPQ3212 which has one ethernet port) to supply internet to the clients attached to the switch since its layer 3/ 2 i assume this will work? since a router does the same working in the same layers thanks! __________________ X V Rig: i7 2700k 4.6Ghz @ 1.31 24/7 \| Asus Maximus IV Extreme ROG! \| Ripjaws X 16GB 2133mhz \| H100 \| WD Blacks 4TB Vertex 3 240GB SSD \| Thermaltake Level 10 GT \| 1.2kW StriderGold \| GTX590 Gear: G9X \| G15 \| G35 \| SCARAB /X V Never Give Up Last edited by Virtuoso X; 1st May 2012 at 1:58 AM.

1st May 2012, 1:18 PM	#5
Virtuoso X Member Join Date: Jul 2010 Location: Melbourne Posts: 261	thanks for all the info! very informative. __________________ X V Rig: i7 2700k 4.6Ghz @ 1.31 24/7 \| Asus Maximus IV Extreme ROG! \| Ripjaws X 16GB 2133mhz \| H100 \| WD Blacks 4TB Vertex 3 240GB SSD \| Thermaltake Level 10 GT \| 1.2kW StriderGold \| GTX590 Gear: G9X \| G15 \| G35 \| SCARAB /X V Never Give Up

1st May 2012, 1:26 PM	#6
shift Member Join Date: Jul 2001 Location: Hillcrest, Logan Posts: 2,878	A layer 3 switch will do quite complicated routing; but probably won't do PPPOE or NAT which would be required for most consumer Internet connections. __________________ "The best thing about the internet is you can make up anything." - Ghandi "Mit der Dummheit kämpfen Götter selbst vergebens" (Against stupidity the gods themselves struggle in vain.) - Friedrich Schiller

1st May 2012, 10:16 PM	#14
itsmydamnation Member Join Date: Apr 2003 Location: Canberra Posts: 8,421	why do people keep bring up NAT as a thing L3 switches cant do, NAT's just a table, inside local, outside local, inside global, outside global. Infact NAT is one thing that would quite easily fit into a hardware table, much like ACL's. __________________ OCAU Guitar Players Club #22 xp2500 @2310 210x11 stock hsf \|asus a7n8x deluxe \| 1024mb ddr400 \| X800 445/515 Get a grip adolf, you lost the war, and you can't kill any more jews. Rhythm in jump. dancing close to you

1st May 2012, 8:08 AM	#4
ltd73 Member Join Date: Apr 2005 Posts: 1,724	[note: i 'make' switches for a living] a L2 switch switches on ethernet frames - forwarding on destination mac-address and flooding any unknowns. L3 is where IP is at. a L3 switch forwards based on IP addresses, i.e. the same as what a 'router' does. the differences between a 'L3 switch' and a 'router' are that the latter is typically forwarding in software, so its much much slower, typically orders of magnitude more limited in performance. A L3 switch is superior in performance but that comes at a price. The 'price' is not the $$$ it costs but rather that its likely its logic for forwarding is baked into silicon and can never be changed or upgraded. It can never do more than what the underlying logic can do. To give you an example, lets say you bought your L3 switch in 1990, well before L3 switching of IPv6 existed. Lets say you bought a crappy cisco c2501 router at the same time. The c2501 could have been upgraded in the meantime with software to make it capable of routing IPv6. The L3 switch could not. 2nd post is not correct in terms of "CEF", thats just marketing from a certain vendor. ultimately what is going on is something that obeys the rules of IP forwarding, i.e. longest-prefix-match first.