![]() |
|||
![]()
|
![]() |
![]() Click Here! |
![]() |
Another rather simpler solution is to place all the workgroup segments and subnets in one big VLAN, and the resources that need to be secured in another VLAN. Then users can move around between any of the workgroup segments without needing changes of IP address and without there being any need to update VLAN boundaries. But all traffic to and from the secured resources is forced to pass through the Layer 3 forwarding function, where the appropriate security checks can be applied. The only potential area of concern with this solution is the size of the broadcast domain that contains all the workgroup segments, and the possibility that excessive broadcast traffic might cause problems. The extent to which this applies in any particular case can easily be established by experimentation, or by extrapolation from measurements of broadcast traffic on the existing network. (See Exhibit 2-2-4.)
MULTILAYER SWITCHES AND ROUTING PROTOCOLS We have described a multilayer switch as a device which combines Layer 2 switching (for example, Ethernet switching or Token Ring switching) with Layer 3 forwarding (for example, IP or IPX routing) so as to provide a complete solution for the needs of high performance LANs. However, we have not so far made reference to the routing protocols which are needed to update the routing tables used to make Layer 3 forwarding decisions. Routers employ a variety of routing protocols to exchange information about network topology and the reachability of subnets. Examples of standard routing protocols are Routing Information Protocol (RIP) and Open Shortest Path First (OSPF). The information which is exchanged by these protocols is processed by the router to maintain the routing tables which map IP address prefixes to router ports. The Layer 3 forwarding function in a multilayer switch needs exactly the same kinds of routing tables as a conventional router. Furthermore, multilayer switches need to be able to operate in networks that contain conventional routers. It follows that multilayer switches must be able to participate in the normal exchange of information that takes place between routers via the routing protocols. In practice there are two different approaches to the support of routing protocols in multilayer switches. With the self-contained approach, the Layer 3 forwarding function in each multilayer switch engages in the routing protocols just as if it were a conventional router. In the route server approach, a central function in the network engages in the routing protocols on behalf of one or more multilayer switches, and uses some new and additional protocols to communicate routing table updates to the multilayer switches. The route server approach has the potential to offer a lower cost solution in large networks with many switches, because it can reduce the complexity of the multilayer switch by moving responsibility for the routing protocols elsewhere. However, in most practical situations large networks can be built by combining simple Layer 2 switches with a much smaller number of multilayer switches. When two stations that belong to different subnets are inter-communicating across a number of switch hops, only one of the switches in the path needs to be a multilayer switch to perform the Layer 3 forwarding function, so it makes sense to use conventional Layer 2 LAN switches in the workgroup, with multilayer switches in the backbone. In this case, the cost saved by simplifying the multilayer switches may be more than offset by the complexity that comes with a separate route server function. Furthermore, there are no standards in place for the protocols used to distribute routing table updates from the route server in frame-based networks, so these kinds of solutions are highly proprietary. Whichever of these two techniques are employedself-contained routing protocol support in each multilayer switch, or distributed routing based on route serversthe Layer 3 forwarding function of multilayer switching makes use of conventional routing protocols and is therefore compatible with existing routers. This means that multilayer switches can be deployed in networks that contain routers, and that the multilayer switches will look just like peer routers from the point of view of any existing routers. Schemes that provide fault tolerance based on multiple redundant routes can therefore be implemented with any mix of routers and multilayer switches. (See Exhibit 2-2-5.)
|
![]() |
|
Use of this site is subject certain Terms & Conditions. Copyright (c) 1996-1999 EarthWeb, Inc.. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of EarthWeb is prohibited. Please read our privacy policy for details. |