Layer-3 Switch, More than a Router?
Do you think that layer-3 switches perform bridging and routing, while routers do only routing? “I thought IP L3 switching includes switching within subnet based on IP address, routing is between subnets only.” --- Simon Gordon in twitter
Layer-3 switches and routers definitely have to perform some intra-subnet layer-3 functions, but they’re usually not performing any intra-subnet L3 forwarding.
Here we start with the intra-subnet functions the layer-3 forwarding devices do:
- Dynamic neighbor discovery through ARP/ND for packets sent to hosts in directly attached subnets (glean adjacencies in CEF terminology);
- Generation of host routes based on ARP/ND results (cached adjacencies in CEF terminology);
- Forwarding of IP packet to directly attached IP hosts based on ARP/ND-generated host routes.
However, if a layer-3 forwarding device performs MAC-based forwarding in combination with IP-based forwarding, it usually uses the destination MAC address to figure out which forwarding method to use:
- Layer-2 frames sent to router’s own MAC address are passed up the protocol stack into the IP forwarding code (and if the IP packet is sent to router’s IP address, the packet is sent to the control plane for further processing);
- Layer-2 frames sent to other destination MAC addresses are passed to MAC forwarding code, which performs MAC address table (or TCAM) lookup and forwards, floods or drops the packet.
Tips: There’s no difference in intra-subnet (intra-VLAN) forwarding between a router (layer-3 switch) and a simple bridge (layer-2 switch). However, an IP-aware device (even a more sophisticated layer-2 switch) might support IP-based port access lists or DSCP- or ACL-based QoS.
Layer-2 and Layer-3 interfaces
Some switches have physical layer-2 and layer-3 interfaces. Layer-2 interfaces behave as I described above, with the internal router being connected with one of its interfaces (example: VLAN or SVI interface) to the internal bridge:
A layer-3 switch routing between two VLAN/SVI/BVI interfaces
Physical layer-3 interfaces connect directly to the internal router. If a physical layer-3 interface receives an Ethernet frame sent to a third party MAC address, the frame is dropped.
A layer-3 switch with routed (layer-3) physical interface
Notes: Some switches (example: Catalyst 6500) use hidden VLANs to implement layer-3 interfaces. You might think that detail doesn’t matter ... until you run out of VLANs.
Some devices have layer-3 sub interfaces. These interfaces modify the frame forwarding rules on per-VLAN basis: if the parent physical interface receives an Ethernet frame belonging to the sub interface VLAN, the router uses the IP forwarding path (and drops the Ethernet frame on destination MAC mismatch), whereas the destination MAC address selects the forwarding method (L2 or L3) used for frames belonging to other VLANs.
Reference from: http://blog.ipspace.net/2012/08/is-layer-3-switch-more-than-router.html
More Related Layer 3 Switch Topics: