【 Weak current College 】 Network multilayer switched to router "smart" up

In today's world, the networking of higher and higher, and the means of communication between devices with each passing day, variety.
Some of the types of communication have been familiar for us, such as voice over IP (VoIP), digital images, multicast, video-on-demand, peer-to-peer file sharing, remote video conferencing, etc. However, all of these applications share a common characteristic, namely the demand for network bandwidth can be used in "greedy" is a term to describe.

In the long run, the bandwidth is always not enough in itself. Therefore, network infrastructure behind the smart "devices", i.e. the switch and router must shoulder in a smart way to keep up with the pace of hard bandwidth requirements. Like video and digital x-ray applications always require larger, more intelligent "transmission line", while the VoIP application requires low latency or response time and consistent transfer rate. In the mid-1990s, with the decline of traditional switches, people began to flourish is faster, more intelligent switches and routers. Silicon Valley Group genius who saw this market opportunity, which, in a technique called "multi-tiered Exchange Routing" on the basis of the new concept invented the network hardware and associated software. And at that time, the only software-based router, these new "smart" switch/routers to deliver greater speed and lower latency, at the same time to a variety of network device capabilities.

Originally, when the need for increased network bandwidth, network administrators are often passed on network redesign to avoid bottlenecks occur the router. Server is often not through router, reinstall the nearer from the user. In large enterprises, users typically classified as interconnection through the router implementation of some smaller network (subnet). This Division is usually run in accordance with geography, application type, the amount of data required and safety factors. For example, all financial sectors is often decorated in their own group, the reason for this is that in order to effectively protect the company's financial records, not taking into account the bandwidth used. While VoIP phones are often placed in its own network, because this will bypass the traditional router bottlenecks.

When a computer is required and your local network to communicate with other computers, in order to send the packet to groups outside, they must first send the packet to router away from their recently. Router provides companies with an Internet connection and security boundaries, and internal connections between groups (intranet).

Traditional router only when absolutely necessary, such as over a wide area network connecting remote offices, connect to the Internet or isolate the company with high-bandwidth requirements of the group. Traditional router was expensive, it is still true, but compared with the initial design and no significant progress in the use of component and a standard PC, and use more than one interface card running specialized software.

By contrast, multilayer switching router will all of the features of traditional router is concentrated in one dedicated integrated circuit (ASIC). ASIC than traditional router CPU expensive, and usually spread across multiple network port. Now, a typical switch/router may be in a single appliance including 50 ASIC, can support hundreds of interfaces. In addition, the new ASIC allows intelligent switches/routers on all port fast forwarding data, regardless of what type of network traffic, we can say that they are in the actual interface speed (often called the wire speed) forwarded data. At present, the market for corporate local area network (LAN) in a new switch/router in a single interface to megabits per second million (OC-192) of bandwidth forwarded data.

Out of the old era, toward the new world of Exchange

Due to the use of a centralized architecture, traditional router general lack of scalability. For traditional router, router, all packets must be sent to an area to be processed, so you have more of an interface, the heavier the load, causing the excessive consumption of resources. This greatly limits the network services, such as VoIP.

When one uses a centralized architecture of the router needs to address traffic out of their processing capacity, it will start to drop packets. And when the network application or computer not receive response information, they would send more packets tries to resume the session. In this way, the situation is worse because it is easy to cause cross-session overload. In this case, the router will overload the application, the priority of the user or the network destination/source addresses selectively discards the packet. Obviously, we need a new way to meet the requirements of traffic growth.

Over the years, the traditional router processing speed has been a significant increase, but still not enough to keep up with the pace of powerful applications. For example, they can be forwarded every second now nearly 100 000 packets. But consider a per seconds to send 1,488,000 packet (pps), to 1, 488, 000pps speed receives packets of Gigabit Ethernet interfaces, 2 Gigabit Ethernet ports are able to easily make system overload. In contrast, multilayer switch/router forwards the packets at wire speed, and, in exchange for ASIC to distributed way exists, allow the whole system to efficiently transfer traffic.

These new switch/router using a network design and management. To achieve wire-speed forward today, blocking points can be effective in eliminating, the distance from the data the user can even further, and don't have to worry about the performance decrease. We mentioned in the preceding example stock dealers can now connect to and from the several floors yourself or hundreds of miles of server or network data, specific distance depends on the switch/router supports interface type, and the use of copper or fibre type. In addition, the new IP and optimized Ethernet routers easier to manage, managers only takes a little time to make the network and new applicationsStay in sync. Like a net, Czech Republic, and networks BigIron enclosure series products, they can easily transfer all traffic from the application, at the same time, you can add more modules to meet capacity and speed increase.

To determine the type of network traffic and capacity, today's ASIC is built into the new packet sampling technology, to provide for the whole system flow monitoring. RFC3176 or sFlow now has become an increasingly popular way for enterprises and service providers on the networks of all application flow of real-time monitoring — describes flow required bandwidth, traffic direction, and so on. It can be said that the sFlow allows large enterprises better monitoring across multiple departments network resource usage; in the universities can recognize the network illegal wireless and wired applications, and network performance is affected by discovery and stop denial of service (DoS) attacks. Now, for those who attach great importance to the safety of enterprises, is fast becoming essential RFC3176.

Multilayer switch/router features and traditional routers and switches without distinction, they simply dispersed local area network (LAN) and metropolitan area networks (WAN) capabilities in a single device. They can be in the same group of users between the local Exchange (i.e. layer 2 switching) to different groups of users to achieve routing (i.e. layer 3 switching or routing), at the same time as the application provides security features, and special services (i.e. 4 Exchange).

Use a router to secure network

In a router using security filtering usually very necessary-even the world's Governments are recommended. The router is the ideal security "check point", because they are network ingress and egress. To create the routers are known as access control list (ACL) of complex rules, the router will be based on this set of rules to check each packet. For example, these rules can only allow specific authorized users to access company data.

For traditional router, depending on the security rules check the packet is a time-consuming process. When the router to find every packet layer 3 and layer 4 information, it must be compared with the rule. And enable secure filtering has always been a "nightmare", it will make slow routers. Therefore, when the performance impact is too large, it is necessary to use special equipment to share the workload.

Even if it is a multi-level switching router, they perform this function (while maintaining wire-speed performance) will face challenges. When you enable security features, part of the new switch/router speed will slow down. However, most of the new switch/routers have these security policies integrated into hardware, thus, even in the case of ACL enabled, forwarding is also able to provide wire-speed performance.

Use multi-layer switch/router security and traffic analysis is becoming increasingly popular, mainly because the device manufacturers will this technology built into the multilayer switch/router. An increasing number of network devices to be integrated into the same device. You no longer need a separate hardware to monitor the flow or some aspects of security, which can provide our network users bring great benefits.