Layer 4 Switching



Introduction

As networks have evolved and new technologies have emerged, multi-layer capable switches have become a popular alternative to the traditional hub, bridge or layer 2 switch. Layer 4 switching refers to an added feature and capability of Layer 3 switches. It enhances their ability to control and forward network traffic based on the information that can be derived from protocols that operate at Layer 4 of the OSI model. (For an overview of the OSI model, click here.)

Before discussing Layer 4 switches, Layer 2 and 3 capable switches should be mentioned. Traditional switches use hardware to forward network traffic at Layer 2, based on the physical MAC address of each network device. These operate very quickly and are an efficient means of handling network transmissions within LANs. Basically, it is like having a bridge, which learns, filters and forwards based on the MAC address, operate on every single port. In this way, they also reduce the amount of data that will be forwarded to the routers.

On the other hand, switches that operate at Layer 3 (similar to routers), actually calculate routes based on the logical address that is assigned by software to the data packet (such as IP addresses). Similar to routers, they have the ability to connect WANs and are more intelligent devices that can further segment network traffic to reduce congestion by calculating routes between various network links. Unlike traditional routers, which implement this technology through software and a general purpose processor that tends to have a slower data throughput, switches can perform these operations at full wire speeds. Because of increasingly advanced technology, especially in producing more advanced ICs, and especially ASICs (Application Specific Integrated Circuits), multi-layer switches are able to combine the speed and efficiency of Layer 2 switching with Layer 3 routing using a hardware implementation. This wirespeed routing technology uses hardware to perform the same functions of traditional routers, routing each packet individually, offering the advantage of being non-proprietary, and also providing the advantage of high speed communications and data throughput.

Layer 4, the Transport layer, which takes care of things like flow control and reliable and accurate delivery of the data to the next layer, uses protocols such as TCP and UDP. These protocols include the port number information in the header, which helps identify what application the packet is being used by or is intended for. This information can be very useful in handling network traffic because many well known applications use designated ports. For example, port 80 is generally used by HTTP, and ports 20 and 21 by FTP. (Click here to view a listing of the well known ports.) Because a Layer 4 switch can identify this information, together with the IP address that is identified on Layer 3, it not only knows where the data needs to go, but also what application will use it. The combination of a Layer 4 TCP or UDP port number and the Layer 3 address is called a socket.

This information can be used to enhance the features of a Layer 3 switch, which essentially performs packet routing at high speeds by means of hardware, by allowing it to filter network traffic and perform switching based on the application the data is intended for. So, a Layer 4 switch has the ability to not only examine the IP address, but also to control the traffic based on the port numbers located at Layer 4 of the OSI model.

Packet Filtering and Prioritization

This gives Layer 4 switches the ability to implement a variety of services that take advantage of this application specific information. For example, routers are often used as a network firewall, filtering packets and providing security features by either allowing or blocking certain connections. A Layer 4 switch can offer this same service, but implement it by means of hardware, thus offering the same service with a much higher speed of data throughput.

Layer 4 switches can also use this information to prioritize traffic flow. Because it can see both the port number and IP address of a data packet, it can give priority to data intended for mission critical applications. For example, data intended for the HTTP (port 80) application on a web server can be given higher priority than data intended for another application that may be running on that same server. This provides that application a higher class of service. This can be used to ensure QoS (Quality of Service), which basically refers to a guaranteed throughput level.

Load Balancing

Another service that can be made possible by a Layer 4 switch is load balancing. Load balancing can be implemented to more efficiently control the amount of information that a particular server, among a group of servers supporting the same application, may receive.

For example, a group of physical servers that are being used as a web server farm can all be grouped together into one virtual, or logical, server. The new virtual server, made up of these physical servers, would be assigned just one IP address. Traffic intended for these servers would be directed towards this IP address. A Layer 4 switch can then manage load balancing among the group that makes up the virtual server. The data can be balanced among the servers based on a number of factors. For instance, by keeping track of how many sessions each individual server is supporting, traffic can be forwarded to the server with the least number of sessions. Or, traffic can be distributed based on a percentage. The faster servers can be assigned a higher percentage, and the slower servers can be assigned a smaller percentage of the overall network traffic. These are just a couple of ways this load balancing can be implemented. But in any case, this provides a more efficient means of handling traffic on the network by avoiding overloading any one physical server.

The way that I was able to visualize how this works and make sense of this load balancing feature was by thinking about how traffic lights at a major intersection are programmed and timed. Since the major roadway handles the majority of the traffic, the traffic light for that path is set to have a larger portion of time to allow for the traffic to flow. Then, the side streets that pour into that road are given a smaller percentage of time, based on how much traffic they produce. Of course, this method of balancing the timing of the lights based on traffic needs makes more sense than giving each light an equal amount of time. And so to me, this is why it makes sense for a network to make use of load balancing as well.

Conclusion

Based on this research, Layer 4 switching technology greatly enhances the intelligence of the network. It allows the switch to make specific, intelligent decisions based on the information it derives from both Layers 3 and 4 so that it can handle this data in the most efficient way. One of the greatest benefits of a Layer 4 switch is that this intelligent decision making capability is implemented by means of high speed hardware, thus allowing todays high capacity networks to function very efficiently.

ComTest Technologies proudly represents a number of manufacturers offering multi-layer capapble switches. These include, but are not limited to, the following:

If you would like to contact one of ComTest's engineers to find out more about one of these products, click here.

To learn more about Layer 4 switching, visit these links:





References

This page was written by Will Twiggs, an associate with ComTest Technologies, Inc. For more information or if you have questions about this material, you can contact the author at william@comtest.com

Cutting Through Layer 4 Hype by Foundry Networks

White Paper written by Jonathan Bransky and L. David Passmore Published September 1997: Layer 4 Switching (http://www.tbg.com/Public/WhitePapers/L4_switching.html)


This page created by Will Twiggs
Best viewed at "800x600" using MS IE 4+
Last updated on 1/2/2001