Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document.
Note: Even the most advanced machine translation cannot match the quality of professional translators.
Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Layer 3 Switching
Background of Layer 3 Switches
In early stage of network deployment, most local area networks (LANs) were established using Layer 2 switches, and routers completed communication between LANs. At that time, intra-LAN traffic accounted for most of network traffic and little traffic was transmitted between LANs. A few routers were enough to handle traffic transmission between LANs.
As data communication networks expand and more services emerge on the networks, increasing traffic needs to be transmitted between networks. Routers cannot adapt to this development trend because of their high costs, low forwarding performance, and small port quantities. New devices capable of high-speed Layer 3 forwarding are required. Layer 3 switches are such devices.
Routers use CPUs to complete Layer 3 forwarding, whereas Layer 3 switches use hardware to complete Layer 3 forwarding. Hardware forwarding has a much higher performance than software forwarding (CPU based forwarding). Switches cannot replace routers in all scenarios because routers provide rich interface types, good service class control, and powerful routing capabilities that Layer 3 switches cannot provide.
Layer 3 Forwarding Mechanism
Layer 3 switches divide a Layer 2 network into multiple VLANs. They implement Layer 2 switching within the VLANs and Layer 3 IP connectivity between VLANs. Two hosts on different networks communicate with each other through the following process:
- Before the source host starts communicating with the destination host, it compares its own IP address with the IP address of the destination host. If IP addresses of the two hosts have the same network ID (calculated by an AND operation between the IP addresses and masks), the hosts are located on the same network segment. In this case, the source host sends an Address Resolution Protocol (ARP) request to the destination host. After receiving an ARP reply from the destination host, the source host obtains the MAC address of the destination host and sends packets to this destination MAC address.
- If the source and destination hosts are located on different network segments, the source host sends an ARP request to obtain the MAC address mapping the gateway IP address. After receiving an ARP reply from the gateway, the source host sends packets to the MAC address of the gateway. In these packets, the source IP address is the IP address of the source host, and destination IP address is still the IP address of the destination host.
The following is the detailed Layer 3 switching process.
As shown in Figure 1-7, the source and destination hosts connect to the same Layer 3 switch but belong to different VLANs (network segments). Both the two hosts are located on the directly connected network segments of the Layer 3 switch, so the routes to the IP addresses of the hosts are direct routes.
Figure 1-7 shows the MAC addresses, IP addresses, and gateway addresses of the hosts, MAC address of the Layer 3 switch, and IP addresses of Layer 3 interfaces configured in VLANs on the Layer 3 switch. The process of a ping from PC A to PC B is as follows (the Layer 3 switch has not created any MAC address entry):
- PC A finds that the destination IP address 10.2.1.2 (PC B) is on a different network segment than its own IP address. Therefore, PC A sends an ARP request to request for the MAC address mapping the gateway address 10.1.1.1.
- L3 Switch receives the ARP request from PC A and finds that 10.1.1.1 is the IP address of its own Layer 3 interface. L3 switch then sends an ARP reply to PC A. The ARP reply carries the MAC address of its Layer 3 interface (MAC Switch). In addition, L3 switch adds the mapping between the IP address and MAC address of PC A (10.1.1.2 and MAC A) to its ARP table. The IP address and MAC address of PC A are carried in the ARP request sent from PC A. And L3 Switch adds the mapping between the source MAC address and VLAN ID of the packet and outbound port to its MAC table.
- After PC A receives the ARP reply from the gateway (L3 Switch), it sends an ICMP request packet. In the ICMP request packet, the destination MAC address (DMAC) is MAC Switch; the source MAC address (SMAC) is MAC A; the source IP address (SIP) is 10.1.1.2; the destination IP address (DIP) is 10.2.1.2.
- When L3 Switch receives the ICMP request packet, it looks up the MAC address table according to the destination MAC address and VLAN ID of the packet and finds the entry with the MAC address of its Layer 3 interface, the packet needs to be forwarded at Layer 3. Then L3 Switch looks up Layer 3 forwarding entries of the switching chip to guide Layer 3 forwarding.
- The switching chip loops up Layer 3 forwarding entries according to the destination IP address of the packet. The entry lookup fails because no entry has been created. The switching chip then sends the packet to the CPU for software processing.
- The CPU looks up the software routing table according to the destination IP address of the packet and finds a directly connected network segment, network segment of PC B. Then the CPU looks up its ARP table, and the lookup still fails. Therefore, L3 Switch sends an ARP request to all ports in VLAN 3 (network segment of PC B), to request the MAC address mapping IP address 10.2.1.2.
- After PC B receives the ARP request from L3 Switch, it checks the ARP request and finds that 10.2.1.2 is its own IP address. PC B then sends an ARP reply carrying its MAC address (MAC B). Meanwhile, PC B records the mapping between the IP address and MAC address of L3 Switch (10.2.1.1 and MAC Switch) in its ARP table.
- When L3 Switch receives the ARP reply from PC B, it records the mapping between the IP address and MAC address of PC B (10.2.1.2 and MAC B) in its ARP table. L3 Switch changes the destination MAC address in the ICMP request packet sent from PC A to MAC B and changes the source MAC address to its own MAC address (MAC Switch), and then sends the ICMP request to PC B. The Layer 3 forwarding entry containing the IP address and MAC address of PC B, outbound VLAN ID, and outbound port is also added to the Layer 3 forwarding of the switching chip. Subsequent packets sent from PC A to PC B are directly forwarded according to this hardware entry.
- When PC B receives the ICMP request packet from L3 Switch, it sends an ICMP reply packet to PC A. The forwarding process for the ICMP reply packet is similar to that for the ICMP request packet except that the ICMP reply packet is directly forwarded to PC A by the switching chip according to the hardware entry. The reason is that L3 Switch has obtained the mapping between the IP address and MAC address of PC A and added matching Layer 3 forwarding entry to the L3 forwarding table of the switching chip.
- Subsequent packets exchanged between PC A and PC B are forwarded following the same process: MAC address table lookup, Layer 3 forwarding table lookup, and hardware forwarding by the switching chip.