Layer 3 Switch vs Router

peanutnoggin

TE,

Can someone explain (or point me in the direction) to explain to me the differences between a layer 3 switch and a router? I understand the fundamentals between switching and routing... I guess my real question is: how do the two compare in routing features? I know a layer 3 switch can run routing protocols... What are some of the high level features that a router can support that a layer 3 switch can't or shouldn't (in your professional opinion)? MPLS? BGP? All thoughts are welcomed... Thanks.

-Peanut

Daniel333

I am certainly no pro here. But Ill try.

Routers on the internet just route. A few ports, huge routing tables. But one thing I have noticed in the SMB market is that routers are often multipurposed as voice, firewalls, IDS as well as routers.

Now I have noticed when those features are not needed, it's just as easy to save rack space and buy a layer3 switch. Meets all their switching needs clearly. But they can flip one of the ports into a Router and plug right into their WAN.

I suppose it's just how they market the product line. In theory all these could be serpate products or even farther mixed together (you ever see a UC500?) just to meet business needs.

DevilWAH

Nothing really a layer 3 switch is a router.

the main difference is that a traditional router has multiply connection types such as serial and DSL, so can bridge WAN / LAN networks. But they are generaly (for same cost) lower port density and slower.

A layer 3 switch on the other hand had high port density but generally only have Ethernet connectivity. They can of course route at wire speed.

You can think of a layer 3 switch as a router with out all the bell and whistles (shcuh as VPN, firewall, advanced routing methods like BGP) but with higher port density and ability to switch at wire speed.

peanutnoggin

Thanks guys for the answer... I know the question was very vague and generic.

I'm asking more towards larger layer 3 switches such as the 6500 series. With those, you can add FW modules, IDS modules, etc... so if you have one of those in your network would you need a router? I know you would use a lot of CPU cycles by adding those additional modules, but are there any router only features that a 6500 couldn't handle? Lets take BGP or MPLS (two topics that I'm very unfamiliar with currently), can I configure/run them on 6500 switches that's acting as my core router? Thanks everyone for their inputs!!

-Peanut

Stotic

Yes you can run MPLS/BGP on 6500's.

ColbyG

L3 switches route, but they don't have a lot of features that routers have. "Switches" typically use ethernet and don't NAT or support encryption or some of the other technologies that are native to most routers.

We use L3 switches all over our environment (enterprise). Our campus core devices are all L3 switches, naturally. But at the internet edge we have regular old routers (7200s).

DevilWAH

the ios feature set matters a lot to. a layer 3 switch with an advanced feature set may well do more than a basic router with an entry level set. in general you need a tradinal router on the network edge. but for internal lan based routing a layer3 switch will cover it all

stuh84

At least in the Cisco realm, the L3 switches have the capability of running CEF, so that packet forwarding can be done in hardware, as the routing table and ARP table are converted into a form in which the ASIC hardware can use.

This means that rather than every packet going through the software side, and into the CPU for calculation each time, they can go through the forwarding plane without hitting the control plane.

Not all L3 switches do this though, and in my experience it doesn't always work perfectly, but I suppose if used right it has the potential to forward packets a lot quicker and with a lot less resources than a traditional router.

DevilWAH

Also penunt the idea is that the extra modules are hard ware so the over all CPU usage of the supervisor units should not increase.

peanutnoggin

DevilWAH wrote: »

Also penunt the idea is that the extra modules are hard ware so the over all CPU usage of the supervisor units should not increase.

Good point... you are absolutely correct on that DevilWah. The supervisor engines will perform their own processing directly on the hardware module.

ColbyG wrote: »

L3 switches route, but they don't have a lot of features that routers have. "Switches" typically use ethernet and don't NAT or support encryption or some of the other technologies that are native to most routers.

We use L3 switches all over our environment (enterprise). Our campus core devices are all L3 switches, naturally. But at the internet edge we have regular old routers (7200s).

This is precisely what I was looking for. The information about supporting NAT, Encryption, etc... I was unsure if different features (not necessarily those) but different features the switch didn't support, which in turn forced you to use routers on the edge.

To everyone, thank you for your valuable input. Anything in addition you can add... please feel free.

-Peanut

NoChance

I know it was mentioned earlier, but CEF is the key to understanding layer 3 switches. 4500's and 6500's. I really wasn't aware of it until I started recently studying the CCNP switching test. I'm summarizing my newly acquired knowledge, so bare with me if I don't get it exactly correct.

Cisco Express Forwarding is the idea that you can route a packet once, then use the source and destination information to populate Forward Information Base (FIB Table) and Adjancency Tables. Using the information stored in the tables, you can switch the packet rather than route it thus speeding up subsequent packets.

CEF - Route Once, Switch Many Times.

For a much more detailed explanation see Understanding CEF Routing-Bits

kalebksp

NoChance wrote: »

Cisco Express Forwarding is the idea that you can route a packet once, then use the source and destination information to populate Forward Information Base (FIB Table) and Adjancency Tables. Using the information stored in the tables, you can switch the packet rather than route it thus speeding up subsequent packets.

That's more like Fast Switching than CEF. CEF builds the entire FIB before any packets are switched.

ColbyG

Routers use CEF too...

DevilWAH

NoChance wrote: »

I know it was mentioned earlier, but CEF is the key to understanding layer 3 switches. 4500's and 6500's. I really wasn't aware of it until I started recently studying the CCNP switching test. I'm summarizing my newly acquired knowledge, so bare with me if I don't get it exactly correct.

Cisco Express Forwarding is the idea that you can route a packet once, then use the source and destination information to populate Forward Information Base (FIB Table) and Adjancency Tables. Using the information stored in the tables, you can switch the packet rather than route it thus speeding up subsequent packets.

CEF - Route Once, Switch Many Times.

For a much more detailed explanation see Understanding CEF Routing-Bits

CEF is not only used on layer 3 switches, many cisco "ROUTER" also support CEF.

CEF to routing is what a pixel pipe line is to a graphic card. It is simply using a bit of hardware that is built specifically to do a specific job/jobs. It does not add any special features, and the logical steps of routing are identical weather you use hardware that supports CEF or not. But is does significantly speed up the routing process, CEF is simply the process of using ASIC's to do the work, and an ASIC is simply a piece of hardware that is designed to do a specific job very fast, unlike a CPU that can do many different tasks but is far less efficient.

Think of the ASIC like a CCIE with 20 years of hands on experience fixing your network compared to the CPU being you average jack of all traded network admin. Give them a CISCO network problem and given enough time they will both solve it, but the CCIE will (you hope) do it far quicker. however ask them to configure a web server and you will often find the CCIE will not have a clue (ok i know many CCIE's would) , where are the network admin you would expect to preform better. Of course a web admin guru would do the job much faster still and would be the another type of ASIC.

You can if you want disable CEF on many layer 3 switches and apart from the CPU getting hammered and getting a massive performance drop, as far as features go there will be no difference.

ColbyG

CEF doesn't necessarily have to do with ASICs. CEF is just a forwardaing technology. Devices without ASICs can still use CEF.

Cisco Express Forwarding Overview - Cisco Systems

networker050184

I've come to see that CEF may possibly be the most misunderstood topic in Cisco certification.

DevilWAH

ColbyG wrote: »

CEF doesn't necessarily have to do with ASICs. CEF is just a forwardaing technology. Devices without ASICs can still use CEF.

Cisco Express Forwarding Overview - Cisco Systems

Sorry reading my post back I not sure I made it clear what I was trying to say.

your right that in reality you don't need an ASIC to preform CEF, In the same way you don't need a graphic card to render a 3d scene. You could just as well adapt some code to get the CPU to preform what a pixel pipe line does.

What CEF does is standardise part of the routing process. it takes the core of what is required to do the fundamental "routing" of packets and defined a standard way to achieve/streamline this with the FIB and ADJ tables.

and once you have this standard module way to do routing, you can then design the hardware to be optimised for it. Most router / switches that run CEF have specialised hardware to improve performance, so can there for be said to have ASIC's (Application-specific integrated circuit - Wikipedia, the free encyclopedia)

CEF is a method to achieve routing, it is not a different method of the actual routing process

networker050184

Your standard enterprise ISR is still doing CEF by the processor and not offloaded to an ASIC.

DevilWAH

networker050184 wrote: »

I've come to see that CEF may possibly be the most misunderstood topic in Cisco certification.

Really?

In my view there is pure switching and pure routing, and that's end of story.

all the other bells and whistles bolts on top of them, but nothing actually change these fundamentals.

I hate the term layer 3 switch because I think its misleading to people coming in to networking. This device is a layer 2 switch with routing capabilities, when its configured to route it treats packets just as a pure breed router would treat packets. When it Switches it treats frames like a layer 2 switch should. Yes there may be optimized paths to improve performance, but that's just how it achieves the goals at the hardware level.

networker050184

I see that not many people understand how CEF actually works, not the functioning of a router, switch or swouter/ritch.

peanutnoggin

networker050184 wrote: »

I see that not many people understand how CEF actually works, not the functioning of a router, switch or swouter/ritch.

Networker,

Do you mind elaborating? I'm a noob to CEF, but I think that ColbyG's explanation:

ColbyG wrote: »

CEF doesn't necessarily have to do with ASICs. CEF is just a forwardaing technology. Devices without ASICs can still use CEF.

Cisco Express Forwarding Overview - Cisco Systems

of CEF being a "forwarding" technology is pretty well summarized. To me it seems that CEF can be used with ASICs or without them. CEF can also be used at layer 2 or layer 3. So to me that seems as accurate as you're going to get on CEF. It's a forwarding technology. If you have more information that you'd like to add, I would love to hear. Thanks guys for really turning this into a very informative discussion on a relatively "misunderstood" topic.

-Peanut

kalebksp

peanutnoggin wrote: »

So to me that seems as accurate as you're going to get on CEF. It's a forwarding technology. If you have more information that you'd like to add, I would love to hear.

CEF is actually pretty complex if you get down to the nitty gritty, there are books written on the subject.

BTW, CEF is L3 forwarding, it's not used when doing pure L2 forwarding.

peanutnoggin

kalebksp wrote: »

CEF is actually pretty complex if you get down to the nitty gritty, there are books written on the subject.

BTW, CEF is L3 forwarding, it's not used when doing pure L2 forwarding.

Thanks Kalebksp for the info... I seen the adjacency table stored the layer 2 address information and thought that switches used it to provide layer 2 forwarding. Thanks again for the clarification. I think this'll be one of those topics that I'll always have questions about. Take care.

-Peanut

networker050184

peanutnoggin wrote: »

Thanks Kalebksp for the info... I seen the adjacency table stored the layer 2 address information and thought that switches used it to provide layer 2 forwarding. Thanks again for the clarification. I think this'll be one of those topics that I'll always have questions about. Take care.

-Peanut

See another example right there The adjacency table is not used for L2 forwarding. The adjacency table just holds the L2 header info needed to send the packet on the wire.

fonque

At my job, the explanation I was given for a layer 3 switch vs. router was a layer 3 switch has more port density and more performance. Used to switch packets as fast as possible for as many sources as possible.

Also I have found that using 6500 switches for WAN connections is not as efficient as using a pure router (and harder to troubleshoot). Case and point, at my job we had a 7200 with 4 t1 links to an off site location with a 6500 with a wan module. To make the load balancing more efficient, we tried to enable per-packet load balancing on the serial interfaces, the 7200 worked fine, but the 6500 with the WAN module did not support it. The 6500 accepted the commands but when we graphed the traffic flow, it made no difference. We ended up moving the remote site's T1 connections to a 2800 series router to enable per-packet load balancing.