The IEEE defines VLANs as a group of devices participating in the same Layer 2 domain. All devices that can communicate with each other without needing to communicate through a router (only use hubs/repeaters and bridges, real or virtual) share the broadcast domain. The Layer 2 internetworking devices move frames through the broadcast domain by examining the destination MAC address. Then, by comparing the destination address to a table, the device can determine how to forward the frame towards the destination.
Some devices use other header information to determine how to move the frame. For example, Layer 3 switches examine the destination and source IP address and forward frames between broadcast domains when needed. Traditionally, routers perform Layer 3 switching. Frames enter the router, the router chooses the best path to get to the destination, and the router then forwards the frame to the next router hop as shown in Figure 5-4. The routing protocol that you activate in the router determines the best path. A best path might be the fewest hops. Or, it might be the set of highest bandwidth segments. Or, it might be a combination of metrics. In Figure 5-4, only one choice exists to get from Station A to Station B.
Figure 5-4. Traditional Frame Flow in a Routed Network
When the frame enters Router 2, the router not only determines the next hop to move the frame toward the destination, but it also performs a new Layer 2 encapsulation with a new destination/source MAC address pair, performs some Layer 3 activities such as decrementing the TTL value in an IP header, and calculates a new frame check sequence (FCS) value. Router 3 performs a similar set of actions before sending the frame to Station B. This is often called packet-by-packet switching.
The same process still occurs if you replace the shared wire segments in Figure 5-4 with a Layer 2 switched network. Figure 5-5 illustrates a similar network using Layer 2 switches and Layer 3 routers to interconnect the broadcast domains (VLANs). To get from Station A to B in the switched network, the frame must pass through three routers. Further, the frame must transit the link between Cat-C and Cat-D twice. Although this might be an exaggeration for such a small network, this can frequently happen in larger scale networks. In an extreme case, the frame can travel through the Layer 2 switched network multiple times as it passes from router to router on its way to the destination.
Figure 5-5. Traditional Frame Flow in a Switched Network
Layer 3 switching, on the other hand, circumvents the multiple entries and exits of the frame through routers. By adding a Netflow Feature Card and enabling Multilayer Switching (MLS) in a Catalyst 5000 supervisor module, a Catalyst 5000/5500 can rewrite a frame header like a router does. This gives the appearance of the frame passing through a router, yet it eliminates the need for a frame to actually pass in and out of a router interface. The Catalyst learns what to do with the frame header by watching a locally attached router.
MLS is discussed in more detail in Chapter 11, “Layer 3 Switching.” MLS creates a shortcut around each router as shown in Figure 5-6. When multiple routers are in the system, multiple MLS shortcuts exist between the source and destination devices. These shortcuts do not violate any Layer 3 routing rules because the NFFC does not perform any rewrites until the frames initially pass through a router. Further, when it does create the shortcut, the NFFC rewrites the frame header just as the router does.
Figure 5-6. NetFlow Shortcuts Between Routed VLANs
Another type of Layer 3 switching, Multiprotocol over ATM (MPOA), even eliminates the need to repeatedly pass a frame through the switched cloud. Functionally, MPOA in ATM equates to MLS in a frame network in that they both bypass routers. The routers in Figure 5-7 attach directly to an ATM cloud. Normally, when Station A wants to communicate with Station B, frames must pass in and out of the routers just as they do in the basic routed example of Figure 5-4. In Figure 5-7, the frames normally pass through the ATM cloud four times to reach Station B. However, MPOA creates a shortcut between two devices residing in different broadcast domains as shown in Figure 5-7. See Chapter 10, “Trunking with Multiprotocol Over ATM,” for more details.
Figure 5-7. MPOA Shortcut to Bypass Many Routers in an ATM Network
Other VLAN types use combinations of Layer 2, Layer 3, or even Layer 4 to create shortcuts in a system. Layer 4 switching creates shortcuts based upon the Layer 3 addresses and upon the Layer 4 port values. This is sometimes called application switching and provides a higher level of granularity for switching. Chapter 11 provides a more thorough discussion on this subject in the context of MLS.
Table 5-1 summarizes the various switch types found in the industry.
Table 5-1. Layered Switching Comparison
|Switch Type||Switch Criteria|
|Layer 2||Destination MAC address|
|Layer 3||Source and destination MAC addresses and source and destination IP addresses|
|Layer 4||Layer 3 criteria plus Layer 4 source and destination port values|