Multilayer switching: Switching at the speed of wire

If you're looking for the best of both worlds, routing and switching, then have a look at multilayer switching with Robert McIntire!

Once upon a time in the networking world, there was a distinct line drawn between the concepts of switching and routing. Switching occurred at Layer 2 and routing at Layer 3. It was that simple. That is, until the last decade of the last century when certain networking vendors began to blur the lines, and the terms "multilayer switching" (MLS) and "Layer 3 switching" were introduced into the vernacular.

In this Daily Feature, I will introduce you to the concept of multilayer switching, or Layer 3 switching, and explain when you should use it and when you shouldn’t.

What is Layer 3 switching, by the way?
So, what is Layer 3 switching? It is a combination of the best of both switching and routing. It provides the speed of switching and the intelligence of routing. How, you may ask, do we achieve this modern marvel of networking? It is achieved through a cooperative process between devices at both Layers 2 and 3. In this Daily Feature, I’ll be discussing how this is achieved in a pure Cisco networking environment. Cisco requires three entities to implement multilayer switching: the switching engine (SE), the route processor (RP), and the MLS protocol. As one might surmise, the SE performs the switching function, the RP performs the routing function, and the MLS protocol provides for communication between these two devices. This aside, there is one very simple concept that makes it all possible: the flow.

A flow can be defined as a stream of packets from the same source to the same destination using the same application. As an example, a flow could be an HTTP session between a source browser and a target server. In a Cisco MLS network, the initial packet in a session is routed via the RP, but all subsequent packets in that particular session are switched by the SE. The SE maintains a cache about these flows and can determine whether or not a given packet is part of an established session. If so, the SE rewrites the pertinent packet info as if it had been processed by the router and then switches the packet. This process is commonly referred to as “route once, switch many.” It occurs at switch speed, not at the slower router speed.

When and how to use Layer 3 switching
Layer 3 switching is generally implemented in network environments that require a higher level of performance in packet transfer speed. In a routing-only environment, each packet destined for a different subnet on your internal network must be sent from the switch to the router, which will determine how best to deliver the packet. At that point, the router will send the packet out the appropriate interface to reach the destination. This process introduces an inherent measure of latency for all packets destined to cross subnet boundaries. If the router shows persistently high CPU usage, this can mean even greater delays. To shortcut this process, the switch can participate, thereby off-loading some of the packet processing responsibility from the router.

For this to happen, several hardware and software requirements must be provided. From a hardware perspective, the switch must be MLS capable, and the proper MLS component must be installed. Oftentimes, a switch must be outfitted with a daughter card for the supervisor engine. The RP (router) must also be MLS-capable. Certain models provide this as an option. and others don’t. A full discussion of the many different configuration scenarios for MLS is beyond the scope of this Daily Feature. A matrix of MLS devices and options can be found at the Cisco support Web site.

Once you have the MLS hardware in place, you’ll also need OS (and IOS) versions that support the MLS function. Generally speaking, there are internal and external RP configurations. Most networks already have a router in place, and often this router can be configured as an external RP for one or more MLS switches. If your existing router is stressed with the current inter-VLAN routing load, it could be a prime candidate for the MLS RP. Not only would you be reducing the routing load but you would also be gaining faster Layer 3 switching in the process. Or, you could simply upgrade the router and skip MLS altogether. In the latter case, you may improve your inter-VLAN routing latency time, but you won’t achieve wire speed switching. The internal RP option is implemented with an internal Layer 3 routing module installed in the switch and is very similar to the external implementation. In some network configurations, all modular switches in the network are outfitted with a Layer 3 module. This would tend to be the optimum configuration, as a packet would never leave the switch and traverse the network media in the routing process. Packets would simply be passed back and forth across the switch backplane between Layer 2 and 3 modules.

When not to use Layer 3 switching
One thing that can throw a kink into your MLS configuration is an access list on the RP. The MLS flow cache can function in several different modes, using different masks. One mask only operates on the destination IP and is not compatible with any access lists. Another maintains both source and destination IP addresses and will only work with standard access lists. The IP flow mask mode maintains source, destination, and port info and is the only mode that can accommodate extended access lists. Conflicts can also arise when using IOS server load balancing (SLB) on some switch models. Also, certain features, such as header compression, can cause MLS to be disabled.

Stay tuned…
So, now that we’ve got a general idea of what Layer 3 switching is and when to use it, how do we configure it on our Cisco devices? Stay tuned for the next installment in this series on Cisco MLS, when we’ll be doing just that.