Advanced Layer 3/4 Services
SmartSwitch 6000/2000 Firmware Upgrade
Introduction
The flow of packetized information within the enterprise
network is typically controlled using a layered hierarchy.
With the introduction of new standards such as VLANs (802.1Q)
and traffic prioritization (802.1p), data traffic is analyzed
more thoroughly than ever as it approaches the core of the
network, by devices that inspect specific packet
"identifiers" associated with the layers of the OSI
model and apply various filtering, containment, security, and
Quality of Service (QoS) techniques.A logically stratified
approach such as this serves the dual purpose of minimizing
complexity, while also aiding in the enforcement of QoS
policies within a switched network.This design principle also
best supports the common client/server architecture, where
shared corporate resources are centralized into a "server
farm" and network users are provided with the most
efficient and secure path possible through the network.
New switches are being introduced with support for
industry-standard VLANs and traffic prioritization.These two
relatively new standards allow a user to configure VLANs and
set priority rules throughout their entire network.As ingress
switches classify frames to VLANs and/or priority, the
specific information (VLAN/priority) is shared among switches
in the network via a frame tag, which is inserted into the
original frame.When each frame reaches the last switch nearest
the end user, the frame tag is removed and the frame is
delivered to the user.
The best place to assign or classify frames to a VLAN and/or
assign priority is at the point where a user's frame enters
the network fabric, or the network edge.This is the first (and
sometimes the only) place where frames are assigned to VLANs
and/or have priority parameters assigned.When a frame tag is
inserted in the original frame, other switches further
upstream will make frame forwarding decisions based upon the
VLAN and the priority placed within the frame tag.
Most switches today have limited functionality in the ability
to assign frames to VLANs and assign priority parameters for
frame classification. Most switches rely on the ingress or
receive port as their only criteria for frame
classification.This means that all frames received on a given
port will be classified as belonging to the same VLAN and as
having the same assigned priority parameters. In most
networks, this is not the desired mode of operation.An
individual user or workstation can be sourcing numerous
protocols (IP/IPX) and within each protocol many applications
may exist.
A wiring closet switch sits at the crucial
"middle-tier" of an enterprise network, positioned
squarely between the backbone switching device and the
workgroup switches or end stations. In this role, the device's
primary responsibility is to efficiently deliver network
traffic by serving primarily as a Layer 2 forwarding device.To
further ensure the highest possible degree of interoperability
and manageability, the SmartSwitch 6000 and 2000 not only
support the 802.1Q and 802.1p standards, but also come
equipped with a multitude of advanced Layer 3 and Layer 4
capabilities—at no extra charge. These advanced services
provide more intelligence for the switching decisions that
will increase performance, provide security, ensure
mission-critical services, and place control of the network in
the hands of network administrators. The SmartSwitch 6000 and
2000 products offer these advanced services without the higher
price or increased complexity of routers.
Bringing Layer 3/4 functionality closer to the desktop gives
network managers more flexibility in configuring their
networks to support business-critical protocols and
applications.The SmartSwitch 6000 and 2000 are supporting and
adding to the capabilities of important standards such as
802.1Q VLANs, 802.1p Traffic Class Expediting, and IGMP.
Advanced Layer 3/4 Services, including IGMP Snooping, protocol
classification and application prioritization, all provide the
SmartSwitch 6000 and 2000 products with enhanced network
traffic management functionality. As built-in features, these
capabilities make the switched network more dynamic and
intelligent.Through a simple firmware upgrade, these services
are available for second-generation SmartSwitch 6000 and 2000
products currently installed in the field. This is done
instantly, without upgrading any of the hardware.This goes
beyond the traditional "port-based VLAN" model,
providing not only that model, but also MAC-based VLANs,
protocol classification, Layer 3 addressing classification,
and Layer 4 socket/port classifications—all within the
SmartSwitch 6000/2000 and without the expense or complexities
of router products.These features provide four distinct
options for the network administrator: containment, filtering,
security, and QoS of each frame within the network.
SmartSwitch Architecture Advantage
Cabletron's SmartSwitches utilize a "hybrid"
processing design that maximizes switching performance while
guaranteeing the highest degree of control over network
traffic.Within this architecture, separate processing
functions are assigned to the areas for which they are best
suited. Packet forwarding for example, where high performance
and low latency are of utmost importance, is carried out by
hardware ASICs. Other crucial, more specialized functions such
as network management and embedded internetworking
capabilities, are handled by flexible microprocessors.
The fast but flexible SmartSwitch design enables the seamless
incorporation of new functionality, as well as support for new
standards.The collection of Advanced Layer 3/4 Services on the
second-generation SmartSwitch 6000 and 2000 products includes
Internet Group Management Protocol (IGMP) Snooping, port-based
VLANs, MAC-based VLANs, Layer 3 protocol classification and
Layer 4 socket/port classification.
IGMP Snooping—With the increasing deployment of multimedia
and other real-time applications running on the Internet and
enterprise intranets, a method of efficiently distributing
them has quickly become a requirement. IP Multicast and the
IGMP protocol have rapidly emerged as the industry-standard
technologies for enabling the smoothest possible delivery of
"one-to-many" or "many-to-many" services
such as webcasting, videocasting, and market data-feeds within
an IP-based network.
By eliminating the need to replicate and then transmit
multiple packet flows to each and every client participating
in a multicast communication, IP Multicast technology
conserves network bandwidth as well as valuable user CPU
resources. In traditional Layer 2 switched (bridged)
environments however, IP Multicast communications are treated
in the same way as broadcast transmissions and flooded out all
ports in the broadcast domain (VLAN); still resulting in some
degree of bandwidth inefficiency.
The IGMP Snooping feature on the second-generation SmartSwitch
6000 and 2000 products (in 802.1p/D/Q mode) delivers
standards-based "multicast awareness," optimizing
bandwidth utilization in Layer 2 switched environments.
The IGMP standard (IETF RFC1112) defines the format for
establishing IP multicast routes in a network.According to
IGMP operation, end-stations access IP Multicast applications
by transmitting "join" and "leave"
messages (to a querier/router) that advertise the clients'
preferred status in relation to the specific application. IGMP
Snooping recognizes these requests and builds (or prunes) a
multicast distribution tree accordingly, dynamically
distributing Layer 3 IP Multicast flows only to those end
stations configured and registered to receive the service.
Both IGMP version 1 and version 2 messaging are supported, and
this feature can be enabled/disabled on a per-VLAN basis
within the SmartSwitch. The benefit of this feature is not
only limited to ensuring the availability of bandwidth within
the network, but also in eliminating this type of traffic to
any or all users. Even if the user desires or applies to
receive this traffic, the network administrator has the
control to allow or disallow these types of services to each
and every user.
Port-Based VLANs—
This simplistic method is the default classification method
for 802.1Q switches.All frames received on a port are
classified as belonging to the same VLAN and receive the same
priority assigned to the port.
MAC-Based VLANs—
This method of classification relies on user-programmed
classification rules based upon source MAC address (or
possible destination MAC address).This method provides greater
flexibility as compared to the simple port classification
method, although it is tedious to implement in a network.This
method could be used to assign specific MAC addresses to VLANs
or specific priorities.
Protocol Classification—
The advanced SmartSwitch architecture is also able to
recognize traffic by protocols such as IP, IPX, SNA,AppleTalk,
NetBIOS, Banyan and DECnet, enabling QoS policies to be
applied to these specific protocols. Protocol classification
is a significant enhancement to simple port-based
configuration, and works well for containment of protocols
within the network for unknown/broadcast containment.This
method can also be used to filter certain protocols from
entering a network based upon the users' needs.
Layer 3 Address—
This method of classification allows a user to classify frames
based upon their Layer 3 or network address. Using this
classification method a user is capable of assigning VLANs
based upon the IP addressing subnet schemes or Novell network
address.This also allows a user to assign priority to frames
based upon network address.This may be useful in that the
specific IP address of a server can be specified as high
priority, and all frames to or from this server will be given
preferential treatment throughout the network. This method
also works well for security purposes in that a user can
specify that a specific IP address (such as the router) is
only allowed access to the network.
Layer 4 Socket/Port—
This method of classification allows a user to classify frames
based upon Layer 4 or application information.This type of
method could be used for containment, in that all Novell
server SAP advertisements could be contained within a VLAN
boundary where only Novell servers reside.With this
classification method different priority levels can be
assigned to different applications based upon user need.
The flexibility to define and create 802.1Q VLANs based on
protocol, Layer 3 or Layer 4 classifications can have many
important applications in the switched network, some of these
including:
- Traffic Containment—
Broadcast-intensive protocols such as IPX and AppleTalk
can be confined only to the intended users, servers and
segments by creating VLANs specifically for that purpose.
- Traffic Filtering—
Any unwanted protocol types, possibly originating from a
shared segment, can be filtered out of the switched
network altogether by disallowing that protocol at the
ingress switch port.
- Traffic Security—
Any company- or industry-specific protocols can be
confined to only authorized switched ports or users.
- Traffic QoS Prioritization—
Timeout-sensitive Voice over IP (VoIP) traffic can be
prioritized or "expedited" over less
business-critical applications using 802.1D(p) and
priority queuing.
With the SmartSwitch 6000 and 2000, any protocol with an
Ethertype value can be controlled and/or prioritized. Quality
of Service through Traffic Prioritization is one component of
a networking strategy. Giving priority to specific network
traffic can assure delivery of mission-critical protocols
during periods of high bandwidth demand.
Conclusion
Enabling the delivery of key traffic control capabilities
without any drastic changes or hardware upgrades,Advanced
Layer 3/4 Services dramatically improve the level of bandwidth
management possible in switched networks. Highly compatible
with the industry-leading capabilities of the SmartSwitch
Router, including wire-speed routing of IP/IPX and IP
Multicast (DVMRP and PIM), these exciting new features enable
superior control of both emerging and legacy applications.
|
E-Mail
Related