Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1174
Views
0
Helpful
3
Replies

Layer 3 switches in access layer?

a.pijpaert
Level 1
Level 1

‎06-19-2003 05:54 AM - edited ‎03-02-2019 08:16 AM

Hello,

I see that in most campus networks layer 3 switches are used in core and distribution layer and layer 2 switches in the acces layer.

If not considering costs, are there any benefits of implementing layer 3 switches in the access level?

I've read somewhere on the net that by using layer 3 in the workgroup we're able to provide a better end-to-end QoS? Is this true? Any advantages in relation to multicating? Or are the advantages minimal so that we should stick to layer 2 switches at acces level?

Thanks,

Labels:
0 Helpful
3 Replies 3

scottmac
Level 10
Level 10

‎06-19-2003 07:51 AM

A Layer 3 switch in the Access Layer would give you the ability to implement much tighter control over the users (well, most users).

For example, you could have each port as a broadcast segment using a /30 mask (255.255.255.252) ... meaning that the user would have exactly one address available. You can also tie that to a DHCP scope with the parameters you want used. If you toss in some MAC security (available in L2) you can limit that user to using one specific computer.

That being said, if the user were to connect many / most / all of the SOHO gateway / router products available to the consumer market, they can spoof the MAC, and use NAT to hang another 253 devices behind the gateway / router ... so the effectiveness of what I mentioned above would be situational; how much physical control do you have with the users?

Regarding Multicast / Broadcast control ... it would (by way of access list) give you some tighter control over who-can-get-to-what ... including peer-peer, and should eliminate broadcasts to the user (other than protocol-specific stuff, like ARP).

You would get some additional QOS capability, I believe, but I'm not sure it's the type and nature of QOS that would be beneficial at the user level.

You may see some benefits from HSRP by splitting an L2 switch and feeding each "half" to another distribution path to the resources by way of an L3 switch.

There is no black and white "It's a good thing" or "It's a bad thing;" it's going to depend (like nearly everything else in networking) on what goal you are trying to achieve. You don't buy the equipment, then figure out what coool stuff you can do: you figure out you need to do, then buy the equipment that can accomplish your goals.

FWIW

Scott

0 Helpful

a.pijpaert
Level 1
Level 1
In response to scottmac

‎06-20-2003 12:26 AM

"There is no black and white "It's a good thing" or "It's a bad thing;" it's going to depend (like nearly everything else in networking) on what goal you are trying to achieve. You don't buy the equipment, then figure out what coool stuff you can do: you figure out you need to do, then buy the equipment that can accomplish your goals. "

I understand that there is no "black and white" when it comes to selecting network devices. And for sure I wouldn't buy equipment then figuring out what 'cool' things I could do with it. I'm doing a research at the moment and try to find the benefits of a 'complete' layer 3 switched network design.

Another question I have though is how does a layer 3 switch have effect on multicast traffic? Say I have a layer 2 switch in the access and a video/audio stream enters the switch. Only one user is member of the multicast group will the data still be sent to, say 48 users that are connected to the switch? Without taking VLAN's in consideration...

I also read somewhere that IGMP snooping is not required when using a layer 3 switch in the access level. Is this true?

0 Helpful

scottmac
Level 10
Level 10
In response to a.pijpaert

‎06-20-2003 02:28 PM

Well, by default, a Layer 2 switch would flood broadcast and multicast out all ports, that's the nature of the protocol.

Multicast-aware switches give you the luxury of pruning back the flooding to ports that actually have devices that are listening to that group. Membership is determined (by the L2, MC-Aware) switch by using IGMP snooping to a participating router, or using CGMP (to a participating router).

The difference in an L3 Switch (in the access stratum), since it's just a router with a new pair of running shoes, is that for all intents and purposes you would have exactly one member (one machine on one port) per forwarded group. You would be able to control exactly which groups any one station could participate in (using access lists).

Since the L3 switch is "the router" upstream from the member, the router is already managing group membership ... so there is no place to "snoop;" an L2 switch peeks into the upstream router's multicast tables to see who's-getting-what so it'll know which ports it can prune ... since the L3 switch OWNS the multicast table ... there's nothing to snoop (you don't snoop what you already manage).

I hope I didn't give you the wrong impression with the "black and white" comment, I wasn't scolding you / giving you a hard time. Sometimes it's helpful to other readers to remind them of the basics (evidence: look at all the "What's the best ..." threads on this and other forums).

Good Luck

Scott

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card