|
|
|
|
Network switch
|
| |
|
| |
A network switch is a computer networking device that connects network segments.
The term commonly refers to a Network bridge that processes and routes data at the Data link layer (layer 2) of the OSI model. Switches that additionally process data at the Network layer (layer 3 and above) are often referred to as Layer 3 switches or Multilayer switches.
The term network switch does not generally encompass unintelligent or passive network devices such as hubs and repeaters.
The first Ethernet switch was introduced by Kalpana in 1990.
Discussion
Ask a question about 'Network switch' Start a new discussion about 'Network switch' Answer questions from other users |
Encyclopedia
A network switch is a computer networking device that connects network segments.
The term commonly refers to a Network bridge that processes and routes data at the Data link layer (layer 2) of the OSI model. Switches that additionally process data at the Network layer (layer 3 and above) are often referred to as Layer 3 switches or Multilayer switches.
The term network switch does not generally encompass unintelligent or passive network devices such as hubs and repeaters.
The first Ethernet switch was introduced by Kalpana in 1990.
Function
As with hubs, Ethernet implementations of network switches support either 10/100 Mbit/s or 10/100/1000 Mbit/s ports Ethernet standards. Large switches may have 10 Gbit/s ports. Switches differ from hubs in that they can have ports of different speed.
The network switch, packet switch (or just switch) plays an integral part in most Ethernet local area networks or LANs. Mid-to-large sized LANs contain a number of linked managed switches. Small office, home office (SOHO) applications typically use a single switch, or an all-purpose converged device such as gateway access to small office/home office broadband services such as DSL router or cable, Wi-Fi router. In most of these cases, the end user device contains a router and components that interface to the particular physical broadband technology, as in the Linksys 8-port and 48-port devices. User devices may also include a telephone interface to VoIP.
In the context of a standard 10/100 Ethernet switch, a switch operates at the data-link layer of the OSI model to create a different collision domain per switch port. If you have 4 computers A/B/C/D on 4 switch ports, then A and B can transfer data between them as well as C and D at the same time, and they will never interfere with each others' conversations. In the case of a "hub" then they would all have to share the bandwidth, run in half-duplex and there would be collisions and retransmissions. Using a switch is called micro-segmentation. It allows you to have dedicated bandwidth on point to point connections with every computer and to therefore run in full duplex with no collisions.
Role of switches in networks
Network switch is a marketing term rather than a technical one. Switches may operate at one or more OSI layers, including physical, data link, network, or transport (i.e., end-to-end). A device that operates simultaneously at more than one of these layers is called a multilayer switch, although use of the term is diminishing.
In switches intended for commercial use, built-in or modular interfaces make it possible to connect different types of networks, for example Ethernet, Fibre Channel, ATM, and 802.11. This connectivity can be at any of the layers mentioned. While Layer 2 functionality is adequate for speed-shifting within one technology, interconnecting technologies such as Ethernet and token ring are easier at Layer 3.
Interconnection of different Layer 3 networks is done by routers. If there are any features that characterize "Layer-3 switches" as opposed to general-purpose routers, it tends to be that they are optimized, in larger switches, for high-density Ethernet connectivity.
In some service provider and other environments where there is a need for much analysis of network performance and security, switches may be connected between WAN routers as places for analytic modules. Some vendors provide firewall, network intrusion detection, and performance analysis modules that can plug into switch ports. Some of these functions may be on combined modules.
In other cases, the switch is used to create a mirror image of data that can go to an external device. Since most switch port mirroring provides only one mirrored stream, network hubs can be useful for fanning out data to several read-only analyzers, such as intrusion detection systems and packet sniffers.
Layer-specific functionality
While switches may learn about topologies at many layers, and forward at one or more layers, they do tend to have common features. Other than for computer-room very high performance applications, modern commercial switches use primarily Ethernet interfaces, which can have different input and output speeds of 10, 100, 1000 or 10,000 megabits per second. Switch ports almost always default to full-duplex operation, unless there is a requirement for interoperability with devices that are strictly half duplex. Half-duplex means that the device can only send or receive at any given time, whereas full-duplex can send and receive at the same time.
At any layer, a modern switch may implement power over Ethernet (PoE), which avoids the need for attached devices, such as an IP telephone or wireless access point, to have a separate power supply. Since switches can have redundant power circuits connected to uninterruptible power supplies, the connected device can continue operating even when regular office power fails.
Layer-1 hubs versus higher-layer switches
A network hub, or repeater, is a fairly unsophisticated network device, and is rapidly becoming obsolete. Hubs do not manage any of the traffic that comes through them. Any packet entering a port is broadcast out or "repeated" on every other port, except for the port of entry. Since every packet is repeated on every other port, packet collisions result, which slows down the network.
Hubs have actually become hard to find, due to the widespread use of switches. There are specialized applications where a hub can be useful, such as copying traffic to multiple network sensors. High end switches have a feature which does the same thing called port mirroring. There is no longer any significant price difference between a hub and a low-end switch.
Layer 2
A network bridge, operating at the Media Access Control (MAC) sublayer of the data link layer, may interconnect a small number of devices in a home or office. This is a trivial case of bridging, in which the bridge learns the MAC address of each connected device. Single bridges also can provide extremely high performance in specialized applications such as storage area networks.
Bridges may also interconnect using a spanning tree protocol that allows the best path to be found within the constraint that it is a tree. In contrast to routers, bridges must have topologies with only one active path between two points. The older IEEE 802.1D spanning tree protocol could be quite slow, with forwarding stopping for 30–90 seconds while the spanning tree would reconverge. A Rapid Spanning Tree Protocol was introduced as IEEE 802.1w, but the newest edition of IEEE 802.1D-2004, adopts the 802.1w extensions as the base standard.
While "layer 2 switch" remains more of a marketing term than a technical term, the products that were introduced as "switches" tended to use microsegmentation and full duplex to prevent collisions among devices connected to Ethernets. By using an internal forwarding plane much faster than any interface, they give the impression of simultaneous paths among multiple devices.
Once a bridge learns the topology through a spanning tree protocol, it forwards data link layer frames using a layer 2 forwarding method. There are four forwarding methods a bridge can use, of which the second through fourth method were performance-increasing methods when used on "switch" products with the same input and output port speeds:
- Store and forward: The switch buffers and, typically, performs a checksum on each frame before forwarding it on.
- Cut through: The switch reads only up to the frame's hardware address before starting to forward it. There is no error checking with this method.
- Fragment free: A method that attempts to retain the benefits of both "store and forward" and "cut through". Fragment free checks the first 64 bytes of the frame, where addressing information is stored. According to Ethernet specifications, collisions should be detected during the first 64 bytes of the frame, so frames that are in error because of a collision will not be forwarded. This way the frame will always reach its intended destination. Error checking of the actual data in the packet is left for the end device in Layer 3 or Layer 4 (OSI), typically a router.
- Adaptive switching: A method of automatically switching between the other three modes.
Cut-through switches have to fall back to store and forward if the outgoing port is busy at the time the packet arrives. While there are specialized applications, such as storage area networks, where the input and output interfaces are the same speed, this is rarely the case in general LAN applications. In LANs, a switch used for end user access typically concentrates lower speed (e.g., 10/100 Mbit/s) into a higher speed (at least 1 Gbit/s). Alternatively, a switch that provides access to server ports usually connects to them at a much higher speed than is used by end user devices.
Layer 3
Within the confines of the Ethernet physical layer, a layer 3 switch can perform some or all of the functions normally performed by a router. A true router is able to forward traffic from one type of network connection (e.g., T1, DSL) to another (e.g., Ethernet, WiFi).
The most common layer-3 capability is awareness of IP multicast. With this awareness, a layer-3 switch can increase efficiency by delivering the traffic of a multicast group only to ports where the attached device has signaled that it wants to listen to that group. If a switch is not aware of multicasting and broadcasting, frames are also forwarded on all ports of each broadcast domain, but in the case of IP multicast this causes inefficient use of bandwidth. To work around this problem some switches implement IGMP snooping.
Layer 4
While the exact meaning of the term Layer-4 switch is vendor-dependent, it almost always starts with a capability for network address translation, but then adds some type of load distribution based on TCP sessions.
The device may include a stateful firewall, a VPN concentrator, or be an IPSec security gateway.
Layer 7
Layer 7 switches may distribute loads based on URL or by some installation-specific technique to recognize application-level transactions. A Layer-7 switch may include a web cache and participate in a content delivery network.
Types of switches
Form factor
- Desktop, not mounted in an enclosure, typically intended to be used in a home or office environment outside of a wiring closet
- Rack mounted
- Chassis — with swappable "switch module" cards. e.g. Alcatel's OmniSwitch 7000; Cisco Catalyst switch 4500 and 6500; 3Com 7700, 7900E, 8800.
Configuration options
- Unmanaged switches — These switches have no configuration interface or options. They are plug-and-play. They are typically the least expensive switches, found in home, SOHO, or small businesses. They can be desktop or rack mounted.
- Managed switches — These switches have one or more ways, or interfaces, to modify the operation of the switch. Common management methods include: a serial console or Command Line Interface accessed via telnet or Secure Shell; an embedded Simple Network Management Protocol SNMP agent allowing management from a remote console or management station; a web interface for management from a web browser. Examples of configuration changes that one can do from a managed switch include: enable features such as Spanning Tree Protocol; set port speed; create or modify VLANs, etc. Two sub-classes of managed switches are marketed today:
- Smart (or intelligent) switches — These are managed switches with a limited set of management features. Likewise "web-managed" switches are switches which fall in a market niche between unmanaged and managed. For a price much lower than a fully managed switch they provide a web interface (and usually no CLI access) and allow configuration of basic settings, such as VLANs, port-speed and duplex.
- Enterprise Managed (or fully managed) switches - These have a full set of management features, including Command Line Interface, SNMP agent, and web interface. They may have additional features to manipulate configurations, such as the ability to display, modify, backup and restore configurations. Compared with smart switches, enterprise switches have more features that can be customized or optimized, and are generally more expensive than "smart" switches. Enterprise switches are typically found in networks with larger number of switches and connections, where centralized management is a significant savings in administrative time and effort. A Stackable switch is a version of enterprise-managed switch.
Traffic monitoring on a switched network
Unless port mirroring or other methods such as RMON or SMON are implemented in a switch, it is difficult to monitor traffic that is bridged using a switch because all ports are isolated until one transmits data, and even then only the sending and receiving ports can see the traffic. These monitoring features rarely are present on consumer-grade switches.
Two popular methods that are specifically designed to allow a network analyst to monitor traffic are:
- Port mirroring — the switch sends a copy of network packets to a monitoring network connection.
- SMON — "Switch Monitoring" is described by RFC 2613 and is a protocol for controlling facilities such as port mirroring.
Another method to monitor may be to connect a Layer-1 hub between the monitored device and its switch port. This will induce minor delay, but will provide multiple interfaces that can be used to monitor the individual switch port.
Typical switch management features
(In order of basic to advanced):
Link aggregation allows you to use multiple ports for the same connection achieving higher data transfer speeds. Creating VLANs can serve security and performance goals by reducing the size of the broadcast domain.
See also
External links
|
| |
|
|
