Switches and Routers

Working Together to Build Scalable Networks Contents

Introduction Switching Technology Switches Are Like Bridges, Only Faster Forwarding Models Routing Technology Where to Use Switches Where to Use Routers Segmentation with Switches and Routers Switches Segment LANs Routers Segment Subnetworks Selecting a Switch or a Router for Segmentation Designing Networks with Switches and Routers Design for Workgroup Environments Small Workgroups Option #1: Routing Solution Option #2: Switching Solution Departmental Workgroups Broadcast Traffic Concerns Router as Insurance Policy Physical Segmentation Logical Segmentation Design for Backbone Environments Low-Density, High-Speed Data Links in the Data Center High-Density, High-Speed Data Links in the Data Center ATM to the Campus or Building Backbone Redundant Backbones Guarantee Network Availability Design for WAN Access Future of Switching Multimedia Support Future of Routing LAN and WAN Interfaces Summary 2 3 3 3 4 4 5 6 6 6 7 8 8 8 9 9 10 11 11 11 12 13 13 13 15 15 15 18 18 19 20 20

Copyright 1997, 3Com Corporation. All rights reserved.

Switches and Routers

Working Together to Build Scalable Networks By Chuck Semeria
Chuck Semeria has worked for 3Com for the past six years developing classroom and independent study courses for the education services department in the customer services organization. He has recently taken a new position as a marketing engineer in the network systems division. Prior to joining 3Com, Chuck was the senior course developer and instructor for Adept Technology, a robotics and vision systems company. Before that, he taught mathematics and computer science in California high schools and junior colleges. Chuck is a graduate of the University of California at Davis. Special thanks to Nick Brasier, Tim Jalland, Tom Maufer, Thomas Medrek, Robin Melnick, and Alison Seaman for their contributions to this paper.

Rather than choosing between switching and routing, network designers can combine the two technologies to build high-performance scalable networks. Introduction For the past few years, network managers have had several tools for building large, complex networks. This tool kit consisted of repeaters, hubs, bridges, routers, and gateways. In the past year, a new tool, the LAN switch, has taken the networking industry by storm. The impact of LAN switching has been dramatic, causing network administrators to rethink the fundamental rules of network design, and leading to confusion concerning the function and placement of switches and routers in corporate networks. 3Com believes that the best way to solve internetworking problems is to look at the business and technical requirements of the network, and then deploy the technologies that achieve the organizations specific design goals in the most cost-effective manner. Any proposed solution must be careful to consider application needs, traffic patterns, and workgroup composition. The solution must also consider the capabilities of the existing network, security, scalability, ease of use, and network management. There is a time and place for switching and for routing, and most environments will be required to use both. In certain applications within a network, a switch provides the ideal solution. In others, a router is the more appropriate choice. And there are some applications for which either a switch or a router may provide a satisfactory solution based on a careful examination of the network design goals. This paper will help you recognize these different applications so that you can arrive at the best network design using todays technologies while providing a cost-effective migration path to the next generation of networking technologies. Switching Technology Switching technology operates at layer 2 of the OSI Reference Model. The emerging popularity of switching products can be

LAN switching has taken the networking industry by storm, causing network administrators to rethink the fundamental rules of network design. This paper helps identify the capabilities and applications of switches and routers so that network designers can optimize their networks. A switch is a special-purpose device specifically designed to address LAN performance problems resulting from bandwidth shortages and network bottlenecks. A switch economically segments the network into smaller collision domains, providing a higher percentage of bandwidth to each end-station. The use of application-specific integrated circuit (ASIC) technology allows the switch to deliver higher performance over all ports at a relatively low cost per port. A router is a general-purpose device designed to segment a network with the goals of limiting broadcast traffic and providing security, control, and redundancy between individual broadcast domains. A router operates at a higher layer of the OSI Reference Model, distinguishing among network layer protocols and making intelligent packet-forwarding decisions. A router also provides firewall service and economical WAN access. If a network application requires limiting broadcast traffic, support for redundant paths, intelligent packet forwarding, or WAN access, a router must be selected. If the application requires only increased bandwidth to ease a traffic bottleneck, a switch is probably the better choice. The technology choices appropriate for a specific workgroup, department, or building backbone depend upon the organizations business and technical requirements. Switching and routing are complementary technologies that allow networks to scale to sizes far beyond those that can be achieved using either technology alone.

viewed as a resurgence of bridge technology in a simpler, lower-cost, higher-performance, and higherport-density device. Like a bridge, a switch makes a relatively simple forwarding decision based on the destination MAC address contained in each packet. Generally, this forwarding decision does not consider other information buried deep inside the packet. Unlike a bridge, a switch can forward data with very low latency, providing performance that is closer to single-LAN performance than bridgedLAN performance. Switching technology allows bandwidth to be scaled in both shared and dedicated LAN segments and can alleviate traffic bottlenecks between LANs. Today, switching products are available for Ethernet, Fast Ethernet, FDDI, and ATM technologies. In the near future, switching products will be available to add bandwidth in IEEE 802.5 Token Ring environments.

packets across all ports at wire speed. For example, a single Ethernet interface can support a maximum theoretical transmission of 14,880 pps for 64-octet (minimum-size) frames. This means that a twelve-port wire speed Ethernet switch, supporting six concurrent streams, must provide an aggregate throughput of 89,280 pps (6 streams x 14,880 pps/stream). The use of ASIC technology allows the switch to deliver this performance over more ports and at a lower cost per port than a traditional bridge.
Forwarding Models

Switches forward traffic based on one of two forwarding models: Cut-through switching Store-and-forward switching Cut-through switches start the forwarding process before the entire frame is received. Since the switch only has to read the destination MAC address before it begins to forward a frame, packets are processed faster and latency is at the same low level for both Switches Are Like Bridges, Only Faster short and long packets. The major disadLike traditional bridges, switches provide vantage of pure cut-through switching is that many internetworking benefits. Switches ecocorrupted frames, such as runt packets, jabber nomically segment the network into smaller packets, and frames with frame check collision domains, providing a higher persequence (FCS) errors, are forwarded by the centage of bandwidth to each end-station. switch. Cut-through switching brings the most Their protocol transparency allows them to be benefit when traffic is switched between ports installed in networks running multiple prothat have the same LAN speed. In contrast, a tocols with little or no software configuration. packet traveling from a 100 Mbps port to a 10 Switches use the existing cable plant, Mbps port will experience repeaters/hubs, and endsome level of buffering as station adapters without A switch can the packet is forwarded. expensive hardware forward data A store-and-forward upgrades. Finally, their total with very low switch reads and validates transparency to end-stations latency, prothe entire packet before makes administrative viding perinitiating the forwarding overhead very low, simformance that is closer to process. This allows the plifying adds, moves, and single-LAN perswitch to discard corchanges. formance than rupted packets and permits In addition to these bridged-LAN the network manager to benefits, the use of appliperformance. define custom packet cation-specific integrated filters to control the flow circuit (ASIC) technology allows a switch to provide greater performance of traffic through the switch. The disadvantage of store-and-forward switching is than a traditional bridge by supplying high that latency increases in proportion to the packet throughput with extremely low latency. This allows a switch to simultaneously forward size of the packet.

Source station 7 6 5 4 Application Presentation Session Transport Network Data link Physical Data link Physical Router Network layer Data link Physical

Destination station Application Presentation Session Transport Network Data link Physical 7 6 5 4 3 2 1

Acronyms
APPN Advanced Peer-to-Peer Network ASIC Application-specific integrated circuit ATM Asynchronous Transfer Mode BGP Border Gateway Protocol DLSw Data Link Switching FCS Frame check sequence FDDI Fiber Distributed Data Interface IETF Internet Engineering Task Force IGMP Internet Group Management Protocol IP Internet Protocol IPX Internet Packet eXchange ISDN Integrated Services Digital Network LU Logical unit MAC Media access control

3 2 1

Token ring

Ethernet

Figure 1. Routing Technology

Routing Technology Routers operate at layer 3 of the OSI Reference Model (Figure 1) and have more software features than a switch. Functioning at a higher layer than a switch, a router distinguishes among the different network layer protocols such IP, IPX, AppleTalk, or DECnet. The additional protocol knowledge available to a router allows it to make a more intelligent forwarding decision than a switch. Like a switch, a router provides users with seamless communication between individual LAN segments. Unlike a switch, a router determines the logical boundaries between groups of network segments. A router provides a firewall service, since it forwards only traffic that is specifically addressed to go across the router. This eliminates the possibility of broadcast storm propagation, the transmission of packets from unsupported protocols, and the transmission of packets destined for unknown networks across the router. To accomplish its task, a router must perform two basic functions. First, the router is responsible for the creation and maintenance of a routing table for each network layer protocol. These tables may be created either statically via manual configuration or dynamically using a distance-vector or link-state routing protocol. After the routing tables are created, the router is responsible for identifying the protocol contained in each packet, extracting the network layer destination address, and making a forwarding decision based on the data contained in the specific protocols routing table.

The enhanced intelligence of a router allows it to select the best forwarding path based on several factors rather than just the destination MAC address. These factors can include the hop count, line speed, transmission cost, delay, and traffic conditions. This increased intelligence can also result in enhanced data security, improved bandwidth utilization, and more control over network operations. The disadvantage is that the additional frame processing performed by a router can increase latency, reducing the routers performance when compared to a simpler switch architecture. Where to Use Switches One of the key factors determining the success of any network design is the ability of the network to provide satisfactory interaction between clients and their server. No matter what improvements are made to the campus backbone or wide area network (WAN) infrastructure, users judge a network by its ability to provide prompt and reliable service. A switch is a special-purpose device specifically designed and tuned to address LAN performance problems resulting from bandwidth shortages and network bottlenecks. Switches solve these problems by providing high aggregate bandwidth, high packet throughput, and low latency at an extremely low cost per port. They are not designed with the principal goal of providing intimate control over the network. Switches should be viewed as bandwidth providers, not as the ultimate source of security, redundancy, control, or network management.

There are several factors r farm Serve driving the need for additional bandwidth in the LAN enviater/ Repe hub ronment, including: ater/ Repe hub The ever-increasing ch 0 swit 10/10 number of network ater/ Repe nodes hub The continuing development of faster and rs r use more powerful microprocessors Powe for workstations and 10 Mbps shared servers 10 Mbps dedicated The emergence of a new 100 Mbps shared breed of bandwidthFigure 2. Switches Microsegment the LAN intensive client/server network boundaries makes it easier for a applications The growing trend toward the deployment of network manager to provide redundancy and to isolate problems resulting from broadcast centralized server farms to ease adminisstorms, misconfigurations, chatty hosts, and tration and reduce the total number of equipment failures. Routers keep these potenservers tially disastrous events local to the area in The traditional 80/20 rule of network which they occur, preventing them from design, in which 80 percent of LAN traffic spreading across the corporate network. remains local, is now being reversed, with the A router provides intelligent packet formajority of traffic required to traverse one or warding. Since a router operates at layer 3 of more internetworking devices. the OSI Reference Model and has access to Switches solve todays critical bandwidth more information than a switch, it has the shortages by segmenting a repeated LAN colability to calculate the most efficient path lision domain into smaller collision domains across a network based on a combination of (Figure 2). This segmentation reduces or metrics such as delay, throughput, reliability, nearly eliminates station contention for media and hop count. In addition, routers may employ access and provides each end-station with a other methods such as policy to control the larger share of the available LAN bandwidth. flow of traffic and restrict the propagation of Where to Use Routers routing information. These capabilities are most A router is a general-purpose device designed effective where WANs are used, or where to perform the following primary functions: multiple LAN technologies are involved. Segment the network into individual Routers are the only internetworking broadcast domains devices that can provide economical WAN Supply intelligent packet forwarding access (Figure 3 on page 6). When compared Provide cost-effective WAN access to a LAN environment, WAN bandwidth is Support redundant network paths scarce and expensive. Routers offer access to a Unlike a switch, which is specifically wide variety of WAN technologies, allowing designed to add bandwidth capacity, routers network managers to select the best economic are designed to provide security, policy, and value for their networking needs. Since routers network management. do not forward broadcast traffic, they help One of the primary functions of a router is control the traffic load on small WAN pipes. to provide traffic isolation to help diagnose Router-based techniques such as data comproblems. Because each port of a router is a pression, traffic prioritization, and packet separate subnetwork, broadcast traffic is not spoofing also help make efficient use of WAN forwarded across the router. The definition of bandwidth.

Acronyms (Continued)
MOSPF Multicast Open Shortest Path First NLSP NetWare Link Services Protocol OSI Open Systems Interconnection OSPF Open Shortest Path First PACE Priority Access Control Enabled POTS Plain old telephone service RIP Routing Information Protocol SAP Service Advertisement Protocol SMDS Switched Multimegabit Data Service SNA Systems Network Architecture STA Spanning Tree Algorithm VLAN Virtual LAN

Internet firewall protection

h Switc Route r

Switc

h Switc h

Switc

WAN

10 Mbps shared 10 Mbps dedicated 100 Mbps dedicated

each device performs a unique type of segmentation designed to benefit different application needs. A switch is a special-purpose device intended to segment a LAN with the particular goal of providing additional bandwidth. A router is a general-purpose device designed to segment a network with the goals of limiting broadcast traffic and providing security, control, and redundancy between individual broadcast domains.
Switches Segment LANs

Figure 3. Routers Provide WAN Access and Internet Firewalls

Another important benefit of routers is their ability to support mesh network topologies that provide active redundant paths. Unlike switches and bridges, which require a loop-free topology, routers impose no constraints on network topologies, not even on those that contain redundant paths and active loops. Routers guarantee that available bandwidth is never placed in a standby mode by the Spanning Tree Algorithm (STA). In addition, routers can perform load balancing over equal-cost paths to make the best use of available bandwidth. Routers have other important capabilities. These include: Providing security through the use of sophisticated packet filters in both WAN and LAN environments Consolidating legacy IBM mainframe networks with PC-based networks through the use of Data Link Switching (DLSw) Allowing the creation of hierarchical network designs that, through the delegation of authority, can foster the local management of separate regions of the internetwork Flexibly integrating disparate data link technologies such as Ethernet, Fast Ethernet, Token Ring, FDDI, and ATM Segmentation with Switches and Routers Probably the area of greatest confusion about switches and routers is their ability to segment a network. Since switches and routers operate at different layers of the OSI Reference Model,

For the purposes of this discussion, a LAN is defined as a repeated collision domain. A switch is designed to segment the LAN collision domain into several smaller collision domains. This can result in enhanced network performance because layer 2 segmentation reduces the number of stations competing for media access. Figure 4 illustrates how a switch segments a large collision domain into smaller collision domains. Each collision domain represents a separate 10 Mbps bandwidth. Before installing the switch, all stations in the LAN collision domain share 10 Mbps of bandwidth. The installation of the switch dramatically increases performance by providing users with an aggregate 60 Mbps of bandwidth. It is important to note that the individual collision domains created by the switch are still members of the same broadcast domain. This means that broadcast traffic originating in one collision domain is still forwarded to all other collision domains, ensuring that all stations in the network can still communicate with one another.
Routers Segment Subnetworks

A subnetwork is a bridged or switched broadcast domain composed of individual collision domains. A router is designed to interconnect and define the edges of the broadcast domains. Figure 5 shows a large broadcast domain that has been segmented by switches into smaller collision domains. In this switched environment, the broadcast traffic originating in one collision domain is forwarded to all other collision domains.

Before

After

Collision domain Collision domain LAN collision domain Collision domain Collision domain Broadcast domain Broadcast domain Switch Collision domain Collision domain

Figure 4. Switches Segment Large Collision Domains

Figure 6 illustrates the same network after it has been segmented by a router into two different broadcast domains. In a routed environment, the broadcast traffic generated within each broadcast domain is not flooded across the router into the other broadcast domain. As a result, the amount of traffic experienced by the internetwork as a whole is reduced.
Selecting a Switch or a Router for Segmentation

separate collision domain at each router interface. This means that either a switch or a router can be deployed to segment a LAN and provide additional bandwidth. Since either a switch or a router can perform this task, what is the best choice for designing todays networks? If the application

After understanding the different ways that switches and routers segment a network, there may still be confusion, because a router operating at layer 3 can also perform the layer 2 functions of a switch. Layer 3 segmentation not only creates separate broadcast domains, but also creates a

Collision domain Collision domain Switch Collision domain Collision domain Broadcast domain Collision domain

Collision domain Collision domain Switch Collision domain Collision domain

Figure 5. Switched Broadcast Domain

Collision domain Collision domain Switch Collision domain Collision domain Broadcast domain A Collision domain Router Collision domain

Collision domain Collision domain Switch Collision domain Collision domain Broadcast domain B

Figure 6. Routers Segment Network Broadcast Domains

requires support for Table 1. Data Link Technologies redundant paths, intelligent packet forwarding, Campus Building Workgroup or WAN access, a router Backbone Backbone Servers (shared or switched) must be selected. If the FDDI Fast Ethernet Fast Ethernet 10 Mbps Ethernet application requires only ATM FDDI FDDI Fast Ethernet increased bandwidth to ease a traffic bottleneck, a ATM ATM Token Ring switch is probably the better choice. Because a switch is a special-purpose Every network is different, with unique device, it provides wire-speed packet design goals and operational requirements. The throughput for a lower cost per port than a examples presented here should not be viewed router does. The cost for a given level of peras the recommended solution for a specific formance is the major differentiator in problem. Network designers must determine deciding whether to install a switch or a router their own priorities and deploy the appropriate in a workgroup environment. Network technologies at each topological point to designers must determine whether there are achieve their specific design objectives. other requirementssuch as redundancy, security, or the need to limit broadcast trafficthat justify the extra expense and com- Design for Workgroup Environments A workgroup is a collection of end-users that plexity of deploying a router within a share computing resources. A workgroup may workgroup environment. be large or small, located in the same building Designing Networks with Switches and Routers or in a campus environment, or a permanent or project-based association. When designed efficiently, a data communications network can become the lifeblood of a Small Workgroups business organization. If poorly designed, the network can become an obstacle to the success Figure 7 shows a typical workgroup environment prior to the installation of an internetof the organization. Network design encomworking device. Although the figure shows passes all aspects of the communications system, from the individual link level to global only two repeating hubs, the actual workgroup may contain from 10 to 20 repeating hubs that network management. In addition to meeting support more than 200 users. specific performance requirements, a sucIn this example, the network administrator cessful design must also fit within the budwants to maximize the bandwidth available to getary limitations of the organization. the server and divide the individual client PCs The remainder of this paper presents a series of examples illustrating how switches and routers work together to build sucater/ Repe hub cessful design solutions. The examples that follow discuss the benefits and limitations of deploying switches and routers in workgroup, ater/ Repe hub backbone, and WAN environments. The examples take a technology-neutral 10 Mbps shared approach to the construction of high-performance networks. This Collision domain means that any of the different linkBroadcast domain level technologies presented in Figure 7. Workgroup Before Installation of an Internetworking Device Table 1 may be deployed.

Route

ater/ Repe hub Serve r

10 Mbps shared 10 Mbps dedicated High-speed dedicated Collision domain Broadcast domain

cost perspective, the router will have a higher capital cost per port and the long-term management expenditures will be greater than for ater/ Repe a switch. From a technology b hu perspective, the router will generally provide lower packet r Powe throughput than a switch. Also, the user levels of broadcast traffic probably do not justify the additional complexity of separate broadcast domains created by dividing the workgroup into subnetworks, creating separate broadcast domains. Option #2: Switching Solution Figure 9 shows the same workgroup after a LAN switch is installed. In the switched environment, the broadcast domain is divided into four separate collision domains. The users attached to each of the repeater hubs share a 10 Mbps collision domain. Dedicated access for servers and power users eliminates contention for media access. The local server is also provided with a high-speed interface to eliminate potential bottlenecks. The inclusion of a high-speed port on the workgroup switch guarantees that packets are not delayed or dropped due to buffer limitations when traffic from several ports is sent to a single destination port. For example, assume an Ethernet environment where each of five 10 Mbps switch ports are receiving 64-octet packets addressed to the server at a rate of 4,000 pps. The total load on the server port will be 20,000 pps, which is well above standard Ethernets 14,880 pps

Figure 8. Routed Workgroup

into smaller collision domains with shared 10 Mbps access. Only a limited number of power users will require a dedicated 10 Mbps of bandwidth to run their applications. To achieve these results, the network administrator is debating between the installation of a switch or a router to migrate the network and eliminate the growing server bottleneck. Option #1: Routing Solution Figure 8 shows the workgroup topology in the unlikely event that the network manager elects to deploy a router. Although very few network administrators would actually consider a router for this application, we will discuss this potential solution to illustrate the differences between installing a switch and a router. The router is configured with a dedicated high-speed interface for the server and a large number of standard Ethernet interfaces, which are assigned to each of the repeating hubs and power users. By installing a router, the network administrator divides the large broadcast/ collision domain into several smaller broadcast/colater/ Repe lision domains. hub The selection of a router for this application is not the best economic or technology choice. From a Figure 9. Switched Workgroup

Switc

ater/ Repe hub r Powe user Serve r

10 Mbps shared 10 Mbps dedicated High-speed dedicated Collision domain Broadcast domain

limit for 64-octet frames. Concern about this type of problem evaporate when a highspeed Fast Ethernet interface is installed, since it is capable of up to 148,800 pps for 64-octet frames. If the workgroup needs to access a collapsed backbone device in the data center, a second high-speed downlink module may be added to the switch. Since the impact of highspeed technologies is expected to be felt first in the backbone and data center, workgroup switches must accommodate these technologies to provide a smooth migration path for customers to scale and grow their networks. When it comes to providing raw bandwidth within a workgroup, a switch is clearly a superior solution to a router. A switch has several advantages over a router for these types of applications: A switch offers wire-speed forwarding across all ports at all times. The performance of intermediate network devices becomes a critical issue as clients and servers are placed on different segments, eroding the traditional 80/20 rule of network design. As a larger percentage of traffic is required to pass through a greater number of internetworking devices to access peers and centralized server farms, the latency and throughput of each device is a critical factor in determining the successful operation of the network. A switch provides a high level of performance for a significantly lower cost per port than a router. Ethernet switches sell for as little as $200 per port while a typical
ater/ Repe hub Users

Ethernet router port costs approximately $2,000. Cost becomes an important factor as network managers purchase increasing numbers of internetworking devices to further segment their networks. A switch is easier to configure, manage, and troubleshoot than a router. As the number of internetworking devices increases, it is generally more desirable to have fewer complex devices and a larger number of simple devices.
Departmental Workgroups

A departmental workgroup is a larger workgroup composed of several smaller workgroups. Figure 10 illustrates a typical departmental workgroup. The high-end workgroup switch performs the same functions as the individual workgroup switches, but it offers leading-edge switching technology, a richer set of features, modular versatility, and a migration path to higher-speed technologies. In general, a departmental-level switch is a floorbased workgroup device, or sometimes a basement-based building device. As recommended in the previous example, each of the smaller switched workgroups is divided into separate collision domains and the local server is provided with a dedicated highspeed interface. If users need even more bandwidth, the installed base of repeating hubs can be selectively replaced with low-cost 10 Mbps switches.

l Loca r serve

10 Mbps shared 10 Mbps dedicated High-speed shared High-speed dedicated Collision domain Broadcast domain

tal rtmen Depa r farm rve se l Loca r serve Users Switc h

Switc

h Users

Users

t rtmen Depa ch it sw

Figure 10. Departmental Workgroup

10

The decision to install a router to prevent these potential problems is often based on the organizations psychological comfort level with the increasing size of its broadcast domains. Generally, the amount of broadcast traffic in a switched workgroup with 100 to 200 users is not a significant problem unless there are some grossly mistuned or misbehaving protocols. Broadcast Traffic Concerns The dominant risk factors with larger workDespite the high performance offered by groups are security and the cost of dealing with switches, some organizations may be cona broadcast storm or other type of behavior that cerned about high levels of broadcast and mul- brings down the whole network. ticast traffic in a switched environment. It is Routers can provide an extremely low important to understand that some protocols, cost-per-user insurance policy against these such as IP, generate a limited amount of types of problems. Today, a 100 Mbps Fast broadcast traffic. Other proEthernet router port costs tocols, such as IPX, make approximately $6,000. If For a typical heavy use of broadcast you want to maintain network, traffic for RIP, SAP, broadcast domains of 200 broadcast GetNearestServer requests, users, a router port provides traffic ranges and the like. from less than the required protection for To alleviate customer 0.1 percent to a capital cost of only $30 5 percent of concerns, some switch per user. Assuming the the total vendors have implemented router has a life expectancy traffic. The a broadcast throttle of five years, this amounts actual amount feature that is designed to to only $6 per user per year of broadcast limit the number of traffic depends to provide security and upon the broadcast packets forwarded minimize the scope of protocol used. through the switch. This downtime incidents. No software feature counts the matter what its initial cost, number of broadcast and the router is a relatively multicast packets received during a specified inexpensive insurance policy to make sure time interval. Once the threshold has been that downtime incidents and the effects of reached, no additional broadcast or multicast broadcast traffic are constrained to a limited traffic is forwarded until the start of the next group of users. A router can provide this interval. This feature is useful in large insurance by either physically or logically switched environments where there is concern segmenting the network into separate that high levels of broadcast traffic may affect broadcast domains. the performance of some network devices. Physical Segmentation Router as Insurance Policy Figure 11 on page 12 illustrates how a router As the number of users in the workgroup physically segments a network into broadcast increases, the growing size of the broadcast domains. In this example, the network admindomain can eventually cause legitimate istrator installs a router as an insurance policy concerns about such issues as: to guard against the effects of a broadcast Network performance incident that would bring down the entire Problem isolation network. The effects of broadcast radiation on endNote that the router has a dedicated station CPU performance interface to each department or workgroup Network security switch. This arrangement gives the router a The individual workgroups are combined into a larger workgroup using a modular departmental switch that provides high-speed interfacesFast Ethernet, FDDI, or ATM. All users are provided access to the departmental server farm via the departmental switch and a shared high-speed interface.

11

Serve r Serve Users Switc h t rtmen Depa witch s

r Users t rtmen Depa witch s r

h Switc Route

Switc

h Serve r Users

10 Mbps shared 10 Mbps dedicated High-speed shared High-speed dedicated Collision domain Broadcast domain

Switc

h Serve r

Users

Figure 11. Router Physically Segments a Network

private collision domain, which isolates it from the client/server traffic within each workgroup. If the traffic patterns have been understood and the network is properly designed, the switches do all of the forwarding between clients and servers. The only traffic that reaches the router is traffic that needs to go between the individual broadcast domains or across a WAN. Because a limited amount of traffic crosses the router, the importance of wire-speed router performance is reduced. Logical Segmentation The same goal can be achieved in a more flexible manner by using the router along with switches to connect separate virtual LANs (VLANs). A VLAN, in its simplest form, allows the creation of a virtual broadcast domain within a switched environment, irrespective of the physical infrastructure. With

VLANs, the network administrator has the ability to define a workgroup based on a logical grouping of individual workstations rather than the physical infrastructure of the network. Traffic within a VLAN is switched at wire speed among the members of the VLAN. Traffic between different VLANs is forwarded by a router. In Figure 12, the ports of each switch are configured as a member of either VLAN A or VLAN B. If an end-station transmits broadcast or multicast traffic, the traffic is forwarded to all ports in the source stations VLAN. Traffic that must flow between the two VLANs is forwarded by the router, which provides security and traffic management. The illustration shows a dedicated router, but the routing function may also be performed by a combination switch/router device.
Serve r

r Printe Serve P rinter A,B A S witch A B B A A,B B A r B A Switc B A h B

Route

10 Mbps dedicated High-speed dedicated

Figure 12. Routing Between VLANs

12

Design for Backbone Environments For several years, organizations have been deploying collapsed backbone building architectures in the data center. In a collapsed backbone environment, large amounts of enterprise data are transmitted across the backplane of the collapsed backbone device. The collapsed backbone approach (Figure 13) has a number of benefits when compared to the traditional distributed backbone architecture that it complements. A collapsed backbone design centralizes complexity, increases performance, reduces costs, and supports the server farm model. However, this approach does have limitations, since the collapsed backbone device may become a potential bottleneck and possibly a single point of failure. The device performing the collapsed backbone function may be either a high-performance switch or a router. If the primary function of the backbone device is pure performance, select a switch. If the goal is performance and security, select a router. A router is more complex and more expensive than a switch, but it does provide control, security, and (optionally) redundancy.
Low-Density, High-Speed Data Links in the Data Center

Floor ribution dist 3rd F witch Hub/s Floor ribution dist 2nd F witch Hub/s Floor ribution dist 1st Flo witch Hub/s or loor loor

Serve

r farm

WAN

psed Colla one b back e devic

us Camp ne ckbo ba ss acce

Figure 13. Collapsed Backbone Design

In Figure 14 on page 14, workgroup switches are deployed on each floor. They provide dedicated and shared 10 Mbps pipes to endusers, a dedicated high-speed interface to each workgroup server, and a high-speed downlink to the router in the data center. The servers in the data center are attached to a single high-speed router interface and share the available bandwidth. Note that the performance of each server in the building is optimized by attaching it to either a dedicated or shared high-speed interface. The collapsed backbone router provides connectivity among the switched workgroups on each floor, the server farm, the campus backbone, and the corporate WAN. Since the

router operates at the network layer, it divides the building into separate broadcast domains on each of its interfaces and provides the required security among the individual subnetworks. In this configuration, the router is central to the operation of the network within the building, while switching provides additional bandwidth toward the user edge of the network.
High-Density, High-Speed Data Links in the Data Center

If the organization is willing to accept a single broadcast domain for the entire building, the next step in the migration process might be the introduction of a high-density, high-speed LAN switch to the data center. This is illustrated in Figure 15 on page 15. Note that the introduction of the switch may change the logical topology of the internetwork, which may impact user addressing. The introduction of a high-speed switch allows connectivity to more floors and

13

Users Serve h Switc Users Serve h Switc r 1st Flo or r 2nd F loor

Serve

r farm WAN

Route

us camp FDDI bone back

10 Mbps shared 10 Mbps dedicated High-speed shared High-speed dedicated

Figure 14. Low-Density, High-Speed Data Links in the Data Center

increases performance by providing switched connections between the data center servers and each switched workgroup. Additional switches may be interconnected via highspeed repeating hubs to add even more floors to the switched building backbone. Note that in this configuration, the router is positioned at the campus edge of the building network, while switching creates a flat intra-building backbone, providing direct access to the server farm. Although Figure 15 shows a dedicated high-speed switch and stand-alone router, the individual functions performed by each device could be combined into an integrated switch/ router platform. However, an integrated device will not offer the full feature support of a dedicated router in terms of network layer protocols (IP, IPX, AppleTalk, DECnet, VINES, etc.) and routing protocols (RIP, OSPF, MOSPF, NLSP, BGP-4, and so on). Also, an

integrated switch/router will generally not be able to provide WAN access. If the organization is unwilling to accept a single broadcast domain for the building, then multiple high-speed router interfaces may need to be installed to support a data center switch for each of the required broadcast domains. While this configuration allows a large number of floors to be connected to the collapsed backbone router via their switch, it does not provide the same performance boost because there are no longer direct switched connections between the server farm and each switched workgroup. This configuration is shown in Figure 16 on page 16.
ATM to the Campus or Building Backbone

If either the building or campus backbone begins to experience congestion, a straightforward migration path is to replace the highspeed backbone with an ATM switch.

14

Users Serve Switc h r 2nd F loor

Users Serve Switc h r 1st Flo or

Serve

r farm

WAN

Route

d ter spee h/rou High- ch switc swit rated Integ us camp FDDI bone k bac

10 Mbps shared 10 Mbps dedicated High-speed shared High-speed dedicated

Figure 15. High-Density, High-Speed SwitchSingle Broadcast Domain

Figure 17 on page 17 shows how the appropriate ATM module is simply placed into the data center router or integrated switch/ router. Note that the switched connections within the building workgroup remain unchanged. Also, access to the campus server farm is provided via an ATM interface directly connected to the campus switch.
Redundant Backbones Guarantee Network Availability

In each of the previous examples, switches and routers worked together in a successful backbone design. An often overlooked but extremely important function of routers is their ability to enhance the reliability of the network by supporting redundant paths. Backbones are an essential part of the communications infrastructure that must be protected from failure. Figure 18 on page 17 illustrates how routers permit the construction of

redundant backbones, enhancing the reliability of the data network. Routers impose no constraints on network topologies, including those that contain redundant paths and active loops. Support for redundant paths guarantees the operational reliability, availability, and maintainability of todays mission-critical networks. A well-designed network should provide a failover capability so that if the primary building or campus backbone fails, a secondary backbone is available as an immediate and automatic backup. Design for WAN Access If an organization has offices located in different geographic areas, support for communications across a metropolitan or wide area network becomes a key requirement. A router is the only internetworking solution that can

15

Users Serve Users Switc h r

Switc Serve r

Users Serve r

Users

h Switc

Switc Serve r

h d spee High- ch swit r

Serve Route

r farm

d spee High- ch swit

rate Integ

d swit

ch/ro

uter

us camp FDDI bone back

10 Mbps shared 10 Mbps dedicated High-speed shared High-speed dedicated

Figure 16. High-Density, High-Speed SwitchMultiple Broadcast Domains

provide WAN access to local workgroups. Figure 19 on page 18 shows how routers give regional offices access to the organizations backbone network located at corporate headquarters. When compared to a LAN, WAN bandwidth is a scarce resource that must be carefully managed. Routing technology eliminates broadcast traffic over WAN pipes. On a 64 Kbps link, approximately 125 minimumsize (64-octet) packets can be transmitted per second. If a broadcast domain consists of 60 users and each user sources two broadcast packets per second, the entire capacity of the 64 Kbps link will be consumed with broadcast traffic. In this environment, it makes sense to deploy a router to preserve WAN bandwidth. In addition to limiting broadcast traffic, routers support several additional features that enable them to provide efficient WAN access:

The sophisticated packet filtering of a router allows the construction of internetwork firewalls to provide security and control access from outside the organization. Unauthorized access can result in lost business, loss of corporate secrets, corrupted data, and lower employee productivity. Firewalls also reduce the potential legal liability and other costs associated with harboring hacker activity. Routers offer a wide variety of choices for connecting offices located in different geographic areas. These include standard leased lines as well as cloud technologies such as X.25, Frame Relay, SMDS, and ATM. In addition, routers support dial technologies such as plain old telephone service (POTS) and Integrated Services Digital Network (ISDN). These services allow cost-saving dial-on-demand, dynamic dial pooling,

16

Users Serve Switc h r 2nd F loor

Users Serve h Switc r 1st Flo or

WAN

Serve

r farm ATM us camp h switc

ATM us camp r serve

Route

d ter spee h/rou High- ch switc swit ated r Integ us camp FDDI bone back

10 Mbps shared 10 Mbps dedicated High-speed shared High-speed dedicated ATM

Figure 17. ATM to the Campus Backbone

Routers may support history-based or perscheduled dial, and disaster recovery. This packet link-level compression, which array of options allows each organization to reduces the size of both headers and data. select the best economic value for their wide The implementation of compression techarea networking needs. niques allows serial lines to carry two to four Routers allow network designers to consolidate traditional terminal-to-host networks with their growing LAN-to-LAN ilding internetworks. Support for Data Link or bu Floor Switching (DLSw) allows the encapsulation of nonroutable r ing o Build ckbones h SNA and NetBIOS traffic a Switc pus b cam outer in routable IP packets R ATM for transmission across h h switc Switc the organizations r Route LAN-to-LAN internetwork. In addition, bone support for Advanced Peerback FDDI to-Peer Network (APPN) routing handles SNA LU 6.2Figure 18. Routers Support Redundant Backbones based applications.

17

us Camp arm rver f se te h rpora on e eadq uarte rs

Users

on ea

ch flo

or h Route r Build r ing #2

Switc

C Santa

lara c

Users

loor ach f h Switc Route Bu r

ckbo us ba Camp etwork n

ne

Route

#1 ilding

h or Switc hub Los A ngele s offic e Users h or Switc hub New York o ffice Users

WAN

Route

Route

Figure 19. Routing Provides WAN Connectivity

times more traffic than uncompressed lines at no additional expense. A routers knowledge of each protocol allows it to prioritize traffic on a perprotocol basis. This permits support for time-sensitive protocols by giving them a higher priority, resulting in reduced protocol timeouts across slower WAN links. Future of Switching The price of switching technology will continue to decline as a result of enhanced ASIC development coupled with efficient manufacturing and distribution techniques. As the cost per port of switches approaches that of repeating hubs, many users will elect to install switches. The widespread availability of low-cost switching technology will have implications for both building and campus backbone networks. There will be an increasing demand for higher-density backbone switches with a large number of high-speed ports to connect the links from individual workgroups. Eventually, the majority of desktops will be on dedicated 10 Mbps Ethernet connections, the majority of servers will be on switched high-speed connections, and ATM will be deployed in building downlinks and campus backbone networks.

Multimedia Support

Nobody can be certain what the future of multimedia applications will be or how they will be deployed. In a LAN environment, a private 10 Mbps pipe provides more than enough bandwidth to support compressed video for desktop videoconferencing. However, bandwidth alone is not enough. There must be a means of providing a higher priority to multimedia traffic so that traditional data traffic does not get in the way of time-sensitive multimedia data. In addition, there are still questions concerning the affordability of delivering multimedia applications across the WAN. The successful deployment of multimedia applications requires that the network provide high levels of performance and a fixed quality of service. There are several innovations that may be integrated into switching technology to enable enhanced support for future multimedia applications: On a private Ethernet segment, 40 to 50 percent bandwidth utilization is considered excellent performance due to collisions, timeouts, interframe gaps, and so on. On a private LAN interface, a technology such as Priority Access Control Enabled (PACE) ensures fair access to bandwidth, maintains smooth performance, and creates multiple

18

service levels. PACE allows real-time, multimedia, and traditional data applications to coexist. With PACE technology, bandwidth utilization can be increased to over 90 percent using existing applications, PCs, adapters, cabling, and management tools. The Internet Group Management Protocol (IGMP) is an IETF standard that allows a host to participate in an IP multicast group. Today, switches are required to forward IP multicast traffic on all interfaces, wasting bandwidth on those interfaces that have no multicast group members. Smart switches could snoop on IGMP messages to learn where there are listeners, and dynamically create filters to limit the flow of multicasts in the switched network. ASIC technology will allow switches to handle this added complexity without impacting performance.

Future of Routing Routing is the key to developing successful internetworking solutions. The challenge is to integrate switching with routing for a systems approach to network design. Each of the major router vendors has invested more than 300 man-years developing millions of lines of code for their router products. Each software release represents a tremendous engineering effort to ensure that the router supports the latest technologies and internetworking design trends. The availability of sophisticated routing will be a critical factor as organizations begin to deploy switching technology. Initially, switches will meet all of the organizations bandwidth scaling requirements and provide the performance that is needed. However, as network complexity increases, network

The 3Com Family of Switching and Routing Solutions For workgroups, departments, data centers, and WAN access, 3Com offers the widest range of innovative networking solutions. 3Com switches can revitalize overloaded LANs and open up desktop-to-server bottlenecks. Our routing and remote office products extend network reach, building and integrating LANs and WANs. As networks continue to grow, our products keep pace, scaling cost-effectively to meet increasing demands for ports and bandwidth. 3Com can meet all of your networking needs with high-performance solutions at any point in the network. 3Com leads the industry in its breadth of switch offerings with a total of three product families: LinkSwitch, CoreBuilder 2500 and 6000, and CoreBuilder 7000. The LinkSwitch family m akes it simple to enhance performance at the workgroup level with stackable convenience and plug-and-play simplicity. The CoreBuilder 2500 and 6000 family of workgroup/ department and data center switches provides peak performance and modular, scalable connections. Finally, the CoreBuilder 7000 family uses powerful, stateof-the-art cell-switching technology to deliver high-performance ATM to the backbone or in bandwidth-constrained departments. This broad choice of products ensures that you will have the precise switching functionality to meet any of your networking needs. The high-performance NETBuilder II family of bridge/routers provides ideal solutions for networks with diverse LAN technologies and growing WAN connections. These bridge/routers integrate Ethernet, Fast Ethernet, Token Ring, FDDI, and ATM connections, accommodate future high-speed networking, bring in SNA traffic, and add feature-rich WAN choices including ISDN. The NETBuilder Remote Office family of bridges and routers provides unmatched simplicity and ease of administration to support branch office connectivity employing either full access routing or the Boundary Routing system architecture. Both switching and routing are important components of 3Coms High-Performance Scalable Networking (HPSN) strategy, helping network managers to plan and implement the evolution of their networks. The HPSN framework encompasses all aspects of the networkthe workgroup, the building or campus backbone, and remote or personal offices connected over wide area links. Because management is key to HPSN, 3Com allows all parts of the network to be administered from a centralized management system3Coms Transcend suite of integrated network management applications. With 3Com as your networking partner, theres simply no better way to connecttoday and in the future.

19

managers will need to control their new switching environmentsusing segmentation, redundancy, firewalls, and security to make them work efficiently. At that point, the availability of sophisticated routing will be essential to grow and scale large switched networks. ASIC-assisted routers will approach wirespeed forwarding, reducing the performance gap between routers and switches. This raising of the performance bar is the next logical market differentiator for router vendors. As the market continues to expand, users will demand that router vendors make their products easier to install and configure. Three years ago it was perfectly acceptable for vendors to deliver products with arcane command line interfaces. Successful products in the future will be those that are easy to use in terms of installation, basic configuration, IBM legacy integration, and remote office connectivity. These enhancements will help reduce the cost of ownership, especially for organizations with multiple sites.
LAN and WAN Interfaces

As the number of LAN interfaces decreases, the market for WAN interfaces on central office routers is moving in two different directions. Some users will require an increasing number of low-speed WAN interfaces to connect their remote sites with leased line and dial connections. Other users will require fewer physical interfaces as cloud technologies such as Frame Relay and ISDN provide the performance of dedicated leased lines for a fraction of the cost. Summary Rather than choosing between switching and routing, network designers must understand how to combine these technologies to build high-performance, scalable networks. A network manager should be extremely skeptical of any vendor who suggests that a high-performance solution can be built using only switching or only routing technology. Switching and routing are complementary technologies that allow networks to scale to sizes far beyond those that can be achieved using either technology alone. Routing provides a number of key capabilities not offered by switching, such as broadcast control, redundancy, protocol control, and WAN access. Switching provides the network manager with a cost-effective migration path that eliminates bandwidth shortages. Switches can be integrated seamlessly into existing routed networks as replacements for the installed base of repeaters, hubs, and bridges. When ATM is eventually implemented in the backbone, routing will be a required technology to communicate among VLANs.

In general, routing within the building is moving toward a small number of high-performance interfaces to connect high-density switches to the router. This is a very costeffective model, especially when compared to the alternative of installing a router with a large number of low- to medium-speed LAN interfaces. Nonetheless, the large, high-port density router is not going to disappear. Many large companies will continue to maintain large routed networks where port density is a requirement.

20