All right, already �� enough layers!

Kevin Walsh

Let's play the networking technology name game: If Layer 2 switching is fast, and Layer 3 switching is fast and scalable, then it stands to reason that Layer 4 switching must be the next big thing in switching. Once the industry latches onto a successful term, we tend to milk it for all it's worth.

The problem, though, is that Layer 4 switching does not exist - and it never will. While a network device can perform many good and useful tasks with Layer 4 information, switching is not one of them.

The attraction to vendors of Layer 4 switching is irresistible: the Layer 2 (LAN) switch market exploded because these switches inexpensively micro-segmented LANs, thus providing vast performance improvements at a fraction of the cost of routers. People loved these switches, and many companies profited handsomely from the demand.

But Layer 2 switches, really being bridges, for the most part flunked the scalability test - unless they had virtual LAN capability, they couldn't contain broadcast traffic. Hence, Layer 3 switches emerged. Layer 3 switches are, essentially, really fast routers. A number of flavors of Layer 3 switches have made the news - hardware-based routing, IP switching, multiprotocol over ATM, tag switching, etc. - all offering new ways to make routing faster.

Both of these developments started the 'name game' that now appears to culminate with Layer 4 switching (if not, then be on the look out for Layer 7 switching !). Layer 4 is also known as the transportation layer of the ISO seven-layer reference model. Layer 4 information consists of TCP ports or SPX sockets that identify an application (HTTP, FTP, SMTP, etc.) on the source and destination hosts.

In networks today, Layer 4 information can play a crucial role in influencing how a switch forwards traffic. Switches can use Layer 4 information to differentiate quality of service (QoS) for security purposes, or to create broadcast domains. All of these are good and useful things. But they are not switching.

Let's analyze what it means to 'switch' data. In both Layer 2 and Layer 3 switching products, data is switched from one interface to another using locally unique address information. Examples of locally unique address information include MAC addresses, IP addresses, frame relay DLCIs, ATM VCI/VPIs, etc.

A Layer 2 switch will use the unique destination MAC address carried within a frame to properly forward traffic to its destination. In other words, a Layer 2 switch can use Layer 2 information alone to make the correct forwarding decision. The same applies in a Layer 3 switch; it looks at the globally unique destination IP subnet number or IPX network number in order to forward traffic.

ATM and frame relay switches are slightly different in that they examine a virtual circuit identifier to move traffic to the appropriate output port. Nevertheless, the circuit identifier is unique to that switch so it is able to correctly switch traffic.

Now, imagine you are a Layer 4 switch sitting in the middle of the network and you must make forwarding decisions based exclusively on Layer 4 information. You receive a packet. You look at the Layer 4 address and determine this is, in this case, an HTTP flow. Where do you send the traffic?

You really can't correctly forward the packet because you don't have enough information to calculate the output interface; all you know is that this packet is part of an HTTP flow. It would be like calling a telephone operator and saying: 'Hello, I speak French, could you please connect me?' The only place where Layer 4 information is unique is within the source and destination computers, not within the network.

Beware of vendors claiming that they do Layer 4 switching. Look instead for vendors who are using Layer 4 information to provide additional services such as security firewall functionality that can interrogate Layer 4 information in order to make a filtering decision. Layer 4 information is also useful in setting policy-based QoS. A switch can see that a flow is Web traffic and know that it should get a lower priority than database or video data. Layer 4 addresses also can be used to build broadcast domains or virtual LANs.

But you may be asking, 'Why worry about the details of Layer 4 switching?' Because networking is becoming more complicated by the day. Demanding proper clarification of the benefits of a technology can go a long way toward better understanding it. Plus, it might keep us from looking for something else to call switching.

Walsh is the vice president of marketing for Xylan Corp., Calabasas, Calif.

COPYRIGHT 1998 Nelson Publishing
COPYRIGHT 2004 Gale Group