Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
14106
Views
0
Helpful
11
Replies

when to use Layer 2 and when Layer 3 switch?

Go to solution
Safar Safarov
Level 1
Level 1

‎11-05-2011 11:42 PM - edited ‎03-07-2019 03:14 AM

Hello,

I have read a lot on forums about L2 vs L3 switches and L3 switches vs routers. However didn't get the point when to use L2 and when L3 while building a network. And what roles they used for.

It will be great if you could help me with that,

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Kishore Chennupati
Level 7
Level 7
In response to Safar Safarov

‎11-06-2011 01:53 AM

Hi Safar,

If I am allowed to jump in here.  In yuor above setup the trunk between your Catalyst 2970G-24TS-24 becomes the bottleneck in case of inter dept routing. Allow me to explain.  Your scenario is typically called "Router on a stick" which means for the 10 departmetns(10 different vlans) to comunicate with each other all the traffic must go into the router and come out of it as well. So, your not only in a way choking the BW on the port but also making the Router do all the hard work.

The router can only cef switch 245.76Mbps. That't it switching throughput. If you want more then the router will not be able to handle it and might crash or just stop processing the packet causing latency , packet loss etc

so , If your traffic requirements can go more than that then i would recommend you to upgrade to a L3 switch and create SVI( L3 vlans) and do the inter vlan routing between them. Only traffic to the internet should go to the router All other LAN traffic will be HW switched on the L3 device. Since all the switching is done in HW you get line rate speeds as well.

HTH

Kishore

View solution in original post

0 Helpful

Go to solution
Kishore Chennupati
Level 7
Level 7
In response to Safar Safarov

‎11-06-2011 03:49 AM

There are 2 things here.

1. Do you want these Depts to route to the internet? If that is the case then they still need the router.

2. You don't want intervlan routing then you need a L2 switched domain which means the traffic doesnt need to go to the router. this is possible just create vlans on the L2 switch and dont need to create a sub-interface on the router for that vlan. In this way you get a L2 switched domain.

HTH

Kishore

View solution in original post

0 Helpful
11 Replies 11

Go to solution
nkarpysh
Cisco Employee
Cisco Employee

‎11-06-2011 01:40 AM

Hello,

All based on your particular requirments. L3 switch is capable of inter- VLAN routing and does not need additional device connected like router on-a-stick. It can also run routing protocols so completely replace the need for router in that environment. Difference between L2/L3 switch and pure L3 router usually in perfromance as L2/L3 switch usually have less L3 performance and support less L3 features than special L3 router - however all now is based on particular platform.

However L3/L2 capable router would be more expensive then pure L2 (with similar L2 features/capabilities of course). So if you have pure L2 domain - you can simply go for L2 switch. If you need to do inter VLAN routing - go for L2/L3 one.

Basically netwrok design consist of these parts:

Access layer - where end hosts are connected - usually pure L2 - and L2 switch can work fine there

Distribution layer - aggregating multiple access switches and doing inter-vlan routing - L2/L3 switch is here

Core - aggregating distribution layer devices and further routing to ISP/WAN - L3 needed here

So L2 is considered only for access layer, others should be L3 capable. There are situation when you may need L3 switch in access so again - all based on your NW.

Hope this helps,

Nik

HTH,
Niko
0 Helpful

Go to solution
Safar Safarov
Level 1
Level 1
In response to nkarpysh

‎11-06-2011 01:33 AM

Hi Nik,

Now I guess I begin to understand what's on. However, I would like to describe you my network a little just for me to make sure that it's worth to get a L3 switch 'cause it costs a lot.

Organization is consists of 10 depts, by 15-20 employees per department.

Each department has own office with a 24 port L2 switch Catalyst 2950T and all PCs and printers in every dept are connected to that switch.

All 10 switches are connected to L2 switch Catalyst 2970G-24TS-24.

Depts use virtual servers which are hosted on a server connected to L2 switch Catalyst 2970G-24TS-24.

L2 switch Catalyst 2970G-24TS-24 is connected to Cisco 2921 ISR.

Cisco 2921 ISR configures InterVLan routing, Internet access, NAT, etc.

In terms of L2 switch Catalyst 2970G-24TS-24 upgrade what pros would I get by replacing it with L3 switch Catalyst 3750G-24TS-24?

Thanks.

0 Helpful

Go to solution
Kishore Chennupati
Level 7
Level 7
In response to Safar Safarov

‎11-06-2011 01:53 AM

Hi Safar,

If I am allowed to jump in here.  In yuor above setup the trunk between your Catalyst 2970G-24TS-24 becomes the bottleneck in case of inter dept routing. Allow me to explain.  Your scenario is typically called "Router on a stick" which means for the 10 departmetns(10 different vlans) to comunicate with each other all the traffic must go into the router and come out of it as well. So, your not only in a way choking the BW on the port but also making the Router do all the hard work.

The router can only cef switch 245.76Mbps. That't it switching throughput. If you want more then the router will not be able to handle it and might crash or just stop processing the packet causing latency , packet loss etc

so , If your traffic requirements can go more than that then i would recommend you to upgrade to a L3 switch and create SVI( L3 vlans) and do the inter vlan routing between them. Only traffic to the internet should go to the router All other LAN traffic will be HW switched on the L3 device. Since all the switching is done in HW you get line rate speeds as well.

HTH

Kishore

0 Helpful

Go to solution
Safar Safarov
Level 1
Level 1
In response to Kishore Chennupati

‎11-06-2011 02:27 AM

Hi Kishore,

many thanks for your reply.

I just wonder, if you could recommend me a non-stackable and non-so-expensive L3 switch for replacement of Catalyst 2970G-24TS-24.

0 Helpful

Go to solution
Kishore Chennupati
Level 7
Level 7
In response to Safar Safarov

‎11-06-2011 02:39 AM

Hi Safar,

Sure thing.  You can go for a 2960 which do L3 routing with 12.2(55)SE. You need to enable the routing feature by using the sdm prefer lanbase-routing.

Please check this link and it should give you a good practical scenario.

http://blog.alwaysthenetwork.com/tutorials/2960s-can-route/

and also a cisco link to back it up

http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_55_se/configuration/guide/swipstatrout.html

I just saw your other post about the 1841 and I have answered your question there.

Hope this helps

Kishore

Edit: Just want to let you know that by having just one L3 switch or even your single L2 switch you are creating a SPF(single point of failure). Just thought I wil put this in your mind

0 Helpful

Go to solution
Safar Safarov
Level 1
Level 1
In response to Kishore Chennupati

‎11-06-2011 02:47 AM

Thanks a lot, will check it out.

0 Helpful

Go to solution
Safar Safarov
Level 1
Level 1
In response to Kishore Chennupati

‎11-06-2011 03:31 AM

RE bottleneck again.

In case if InterVLan routing is disabled.

And all of Depts access only dedicated to them servers within their vlan (via vlan trunk to VMWare ESX server).

Will it cause any bottleneck?

0 Helpful

Go to solution
Kishore Chennupati
Level 7
Level 7
In response to Safar Safarov

‎11-06-2011 03:49 AM

There are 2 things here.

1. Do you want these Depts to route to the internet? If that is the case then they still need the router.

2. You don't want intervlan routing then you need a L2 switched domain which means the traffic doesnt need to go to the router. this is possible just create vlans on the L2 switch and dont need to create a sub-interface on the router for that vlan. In this way you get a L2 switched domain.

HTH

Kishore

0 Helpful

Go to solution
Safar Safarov
Level 1
Level 1
In response to Kishore Chennupati

‎11-06-2011 04:11 AM

Alright,

so, depts will access internet, and will access data only within their VLans, like

Dept 1 have access only to VLan 10

Dept 2 have access only to VLan 11

-----

Dept 10 have access only to Vlan 19

I guess I may expect at least 100 Mbps speed rate and not affected by router's CEF switching in the following path:

Computer A - > Catalyst 2950T -> Catalyst 2970G-24TS-24 -> virtualised server on VMware ESX

and vice versa.

Let me know your thoughts.

Cheers.

0 Helpful

Go to solution
Kishore Chennupati
Level 7
Level 7
In response to Safar Safarov

‎11-06-2011 04:21 AM 

so, depts will access internet, and will access data only within their VLans, like
Dept 1 have access only to VLan 10
Dept 2 have access only to VLan 11
-----
Dept 10 have access only to Vlan 19

Yep, but you can't stop the departments from talkin to each other unless you put an ACL on the router.

I guess I may expect at least 100 Mbps speed rate and not affected by router's CEF switching in the following path:
Computer A - > Catalyst 2950T -> Catalyst 2970G-24TS-24 -> virtualised server on VMware ESX

Yep, since this follows the switching path you should be able to get line rates. Just make sure that the computer and the VMware are on the same vlan and same subnet ,also the vlans are allowed on the trunks . You should be good

HTH

Kishore

0 Helpful

Go to solution
Safar Safarov
Level 1
Level 1
In response to Kishore Chennupati

‎11-06-2011 04:35 AM

You helped me a lot Kishore,

I think in that case I will not need replacement of L2 with L3 switch.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card