Layer 3 switches - Why are they named as such?

JJBladesterJJBladester Member Posts: 38 ■■□□□□□□□□
I'm reading in my cisco book the following:
A router is needed anytime devices on different Layer 3 networks need to communicate, regardless of whether VLANs are used.

I'm not sure I agree with this statement.

I know each interface on a router corresponds to a different layer 3 subnet. However, a layer 3 switch can route between different layer 3 subnets using SVI's (switch virtual interfaces), right? I mean, technically routing between VLANs is probably more of a layer 2 thing because VLANs are layer 2 related... I think.

So, is the whole point of calling a layer 3 switch "layer 3" tied to the idea that usually VLANs are on different subnets, not that layer 3 switches actually handle IP addresses in packet headers?

Comments

  • deth1kdeth1k Member Posts: 312
    Yes, layer 3 switches do handle IP addresses and route traffic between different subnets and therefore are effectively multi port routers and routing between vlans (SVIs) is a layer 3 function, not layer 2. Also you don't necessarily need to have vlans on L3 switch as any port can be turned into L3 interface (no switchport).
  • JJBladesterJJBladester Member Posts: 38 ■■□□□□□□□□
    Yes, layer 3 switches do handle IP addresses and route traffic between different subnets and therefore are effectively multi port routers and routing between vlans (SVIs) is a layer 3 function, not layer 2. Also you don't necessarily need to have vlans on L3 switch as any port can be turned into L3 interface (no switchport).

    So let's say I have a setup with two PCs, A and B. PC A is on VLAN 10 and PC B is on VLAN 20. When a layer 3 switch between the two PCs receives a frame (which includes VLAN info in its header) from A destined for B, what does the switch do?

    Diagram:

    PCA ---- Access Switch A -- Distribution Switch (Layer 3) -- Access Switch B ---- PC B

    Nothing in my book (given it's an intro book, not in-depth) states that IP information (L3) needs to be examined. If I'm interpreting my book correctly, the switch would look at the 12-bit VID (VLAN ID) which Access Layer Switch A added to the original frame and then route the packet through its SVI 20 logical interface which would push the packet out all ports assigned to VLAN 20. Correct? Or am I missing something?

    Can you give me a situation in which a layer 3 switch would need to explicitly examine IP addresses?
  • RTmarcRTmarc Member Posts: 1,082 ■■■□□□□□□□
    So let's say I have a setup with two PCs, A and B. PC A is on VLAN 10 and PC B is on VLAN 20. When a layer 3 switch between the two PCs receives a frame (which includes VLAN info in its header) from A destined for B, what does the switch do?

    Diagram:

    PCA ---- Access Switch A -- Distribution Switch (Layer 3) -- Access Switch B ---- PC B

    Nothing in my book (given it's an intro book, not in-depth) states that IP information (L3) needs to be examined. If I'm interpreting my book correctly, the switch would look at the 12-bit VID (VLAN ID) which Access Layer Switch A added to the original frame and then route the packet through its SVI 20 logical interface which would push the packet out all ports assigned to VLAN 20. Correct? Or am I missing something?

    Can you give me a situation in which a layer 3 switch would need to explicitly examine IP addresses?

    Layer 3 switches can/do run routing protocols. To answer your question specifically, if PCA and PCB are on different VLANs they'll need to go through a Layer 3 device for communication. That can be a router or a L3 switch.
  • JJBladesterJJBladester Member Posts: 38 ■■□□□□□□□□
    When would a layer 3 switch need to run a routing (EIGRP, OSPF, etc) protocol? You wouldn't have a layer 3 switch as your network gateway, right? I'm not seeing the specific application / situation for when a layer 3 switch has to touch IP packet header data.

    Other than these questions, was I correct in my hypothetical example with the two PCs and the three switches in my previous post?
  • pham0329pham0329 Member Posts: 556
    In our environment, we have a routed access layer, which means that all our access switches runs EIGRP and peer with the distribution. If you have multiple vlans/subnet behind your L3 switch, chances are, you'll need a routing protocol to advertise those subnet to the upstream router/gateway so it has a route to those network. The 6500 series switches are often use as the distribution layer, and most of them runs routing protocols.

    In your example, when A wants to communicate with B, it will realize that it's on a different network, and send the packet to its default gateway, which would be the L3 switch. The packet will contain the destination IP of host B, and a destination Mac of the L3 switch.

    When the switch receives the frame, it sees it's own mac address as the destination, so it knows that the packet is either destined for itself, or to be routed through it. It then looks at the destination IP, if it's not the IP of itself, it looks in its cef/routing table and find the next hop.

    If the L3 switch does not examine the L3 headers, there's no way it would know whether the packet is for the switch, or if its for someone else. You mentioned the switch will look at the vlan header and route it accordingly, but the vlan header contains the vlan id of the source vlan, not the destination vlan.

    Your interpretation seems to be more of how a L2 switch would process an incoming frame for the same VLAN.
  • ptilsenptilsen Member Posts: 2,835 ■■■■■■■■■■
    I mean, technically routing between VLANs is probably more of a layer 2 thing because VLANs are layer 2 related... I think.
    Routing, by definition, is only layer 3. VLANs have nothing to do with routing, or even the OSI model -- they are simply a way of creating separate broadcast domains within the same switch.

    I think your confusion is simply with the terminology. A layer 3 switch is a router. However, a layer 3 switch's primary purpose is switching, not routing, which is why they are named as such.
    Working B.S., Computer Science
    Complete: 55/120 credits SPAN 201, LIT 100, ETHS 200, AP Lang, MATH 120, WRIT 231, ICS 140, MATH 215, ECON 202, ECON 201, ICS 141, MATH 210, LING 111, ICS 240
    In progress: CLEP US GOV,
    Next up: MATH 211, ECON 352, ICS 340
  • ptilsenptilsen Member Posts: 2,835 ■■■■■■■■■■
    So let's say I have a setup with two PCs, A and B. PC A is on VLAN 10 and PC B is on VLAN 20. When a layer 3 switch between the two PCs receives a frame (which includes VLAN info in its header) from A destined for B, what does the switch do?

    Diagram:

    PCA ---- Access Switch A -- Distribution Switch (Layer 3) -- Access Switch B ---- PC B

    Nothing in my book (given it's an intro book, not in-depth) states that IP information (L3) needs to be examined. If I'm interpreting my book correctly, the switch would look at the 12-bit VID (VLAN ID) which Access Layer Switch A added to the original frame and then route the packet through its SVI 20 logical interface which would push the packet out all ports assigned to VLAN 20. Correct? Or am I missing something?

    Can you give me a situation in which a layer 3 switch would need to explicitly examine IP addresses?
    Pham's explanation is accurate. By definition, the device cannot switch packets between different subnets -- they must be routed. In fact, you could plug PC A and PC B into the same hub, forgetting switches and VLANs. They will not communicate if they are on different non-overlapping subnets without a router.

    Take VLANs out of the picture for a minute and go back to the OSI model. Two devices on different subnets (read: different networks) need something to route their packets. It does not matter if they are on a VLAN, dumb switch, bridge or even hub. It does not matter if they are directly connected to each other with a crossover cable. They will not take each others packets unless there is a router (keep in mind they can be setup to route between each other).
    Working B.S., Computer Science
    Complete: 55/120 credits SPAN 201, LIT 100, ETHS 200, AP Lang, MATH 120, WRIT 231, ICS 140, MATH 215, ECON 202, ECON 201, ICS 141, MATH 210, LING 111, ICS 240
    In progress: CLEP US GOV,
    Next up: MATH 211, ECON 352, ICS 340
  • JJBladesterJJBladester Member Posts: 38 ■■□□□□□□□□
    If the L3 switch does not examine the L3 headers, there's no way it would know whether the packet is for the switch, or if its for someone else. You mentioned the switch will look at the vlan header and route it accordingly, but the vlan header contains the vlan id of the source vlan, not the destination vlan.

    Thank you, this makes a lot of sense. Now in your post, you didn't mention SVI's. Where/how would they play a role in the communication between PC A and PC B (which are on different subnets and VLANS)? Are the SVI's the "code inside the L3 switch" that tie subnets to VLANs?

    My course hasn't started yet... I'm just reading the book beforehand so I can get a good overall view before the semester. Thanks again for your input.
  • JJBladesterJJBladester Member Posts: 38 ■■□□□□□□□□
    Thanks ptilsen... It seems that I'll need supplemental reading outside of this book to really grasp this. I also feel as though I'm over-thinking the topic and forgetting the basics, as you pointed out, of the OSI model.
  • networker050184networker050184 Mod Posts: 11,962 Mod
    Thank you, this makes a lot of sense. Now in your post, you didn't mention SVI's. Where/how would they play a role in the communication between PC A and PC B (which are on different subnets and VLANS)? Are the SVI's the "code inside the L3 switch" that tie subnets to VLANs?

    My course hasn't started yet... I'm just reading the book beforehand so I can get a good overall view before the semester. Thanks again for your input.

    Think of an SVI as an interface just like a physical interface on a router, just virtual. When traffic arrives at the SVI (the host will send any traffic not located on its local subnet to the gateway address) it is treated like any arriving L3 traffic and is looked up in the L3 forwarding table. If its just routed between SVIs on the same device then its forwarded out the destination SVI just like any other outging interface on a router.
    An expert is a man who has made all the mistakes which can be made.
  • JJBladesterJJBladester Member Posts: 38 ■■□□□□□□□□
    If its just routed between SVIs on the same device then its forwarded out the destination SVI just like any other outging interface on a router.

    When you say that a frame is forwarded out the destination SVI, since it's a logical interface, how does this work? I know you said to think of an SVI as an interface on a router, but since it's not...

    Is "SVI" just a construct that cisco created for us in the networking community to understand L3 switch behavior in terms that we already understand ("regular", physical router interfaces)?
  • networker050184networker050184 Mod Posts: 11,962 Mod
    The SVI is needed as a point of reference in the switch. If you think of it from a purely architectural point of view, the forwarding function needs an output interface to route the packets to. The switch build this virtual "pointer" in the forwarding table as a destination. When traffic is destined to this outgoing pointer its processed in the same fashion it would be a regular switch and seperate router, just all done in one boxes software (actually its ASICS that run micro code, but thats getting a little deeper than I think we need to go). The "routing engine" or CEF has L2 adjacency info stored for this outgoing pointer as well. So when the traffic is routed towards this SVI it now has the L2 forwarding address and can be forwarded as a normal L2 frame.

    So basically the traffic is forwaded between a couple ASICS inside the switch and then output the correct interface like magic. :D
    An expert is a man who has made all the mistakes which can be made.
Sign In or Register to comment.