Layer 4 Switching

The term Layer 4 switches (L4 switches) refers to a type of switching in which the switch considers the information in the Layer 4 headers when forwarding the packet. In some cases, the forwarding decision is based upon information inside the Layer 4 headers. In other cases, L3 forwarding is used, but the switch does accounting based on the Layer 4 headers. Both are considered to be Layer 4 switching.

The key to understanding L4 switching is to remember the function of TCP and UDP port numbers, as covered in Chapter 6, "Fundamentals of TCP and UDP." Port numbers identify the application process of the sender and the receiver of a packet. An L4 switch can make the decision of where to forward the packet based on the information in the TCP or UDP header, typically the port numbers. Alternately, it can also simply keep track of the numbers of packets and bytes sent per TCP port number, while still performing Layer 3 forwarding.

Figure 10-10 shows an example with an L4 switch making its forwarding decisions based on the TCP port number. The figure shows a server farm, with two servers that have replicated web content, meaning that either server can be used to server any user. The third server processes all FTP traffic—so when a user of the web server clicks something to start an FTP download, the download comes from SVR-3.

Figure 10-10 L4 Switching Based on TCP Port Numbers

Replicated Web FTP Server

Servers Only

SVR-1 SVR-2 SVR-3

L4 Switching: Consider Destination Port Numbers

L4 Switching: Consider Destination Port Numbers

All requests for the web servers or for FTP services would be directed to the server farm via a single IP address that represents all three servers. Upon seeing the first packet in a new TCP connection going to the web destination port (port 80), the L4 switch would pick either SVR-1 or SVR-2. After this choice, all packets for that individual TCP connection would be switched to that same server. Similarly, when a new TCP connection was requested, with destination port 21 (FTP), the switch would know to just forward the request to SVR-3.

To perform L4 switching, the switch must keep track of every individual Layer 4 flow. If you had 1000 concurrent TCP connections into the server farm, you would now need 1000 entries in the L4 forwarding table. Comparing that to L3 switching, you would need only one route in the L3 routing table to support forwarding packets to the subnet of the server farm. So, L4 switching does require more switching capacity than does the equivalent with L3 switching.

Finally, L4 switching does not always imply a change in how packets are forwarded. A switch can perform accounting to track the volumes of traffic per TCP and UDP port number but still make the decisions based on L3 switching logic. With Cisco switches, you can enable a feature called NetFlow switching, which performs the accounting based on Layer 4 information while forwarding traffic like a Layer 3 switch.

0 0

Post a comment