Overview of Layer 3 Switching and Software Features

• Packet switching

• Route processing

• Intelligent network services

Compared to other routers, Layer 3 switch routers process more packets faster by using application-specific integrated circuit (ASIC) hardware instead of microprocessor-based engines. Layer 3 switch routers also improve network performance with two software functions--route processing and intelligent network services.

• Layer 2 transparent bridging

• Layer 2 MAC learning, aging, and switching by hardware

• Spanning-Tree Protocol (IEEE 802.1d and DEC) support per bridge group

• Support for a maximum of 64 active bridge groups

• Integrated routing and bridging (IRB) mode support

Virtual LAN (VLAN) Features

• Inter-Switch Link (ISL)-based VLAN trunking support

• 802.1Q-based VLAN routing support

Layer 3 Routing, Switching, and Forwarding

• IP, IPX, and IP multicast routing and forwarding between Ethernet ports

• AppleTalk 1 and 2 routing

• CMF (constrained multicast flooding)

• Support for up to 128 IP multicast groups

• QoS-based forwarding based on IP precedence based forwarding

• Load balancing among equal cost paths based on source and destination IP and IPX addresses

Supported Routing Protocols

• RIP and RIP II (Routing Information Protocol)

• IGRP (Interior Gateway Routing Protocol)

• EIGRP (Enhanced Interior Gateway Routing Protocol)

• OSPF (Open Shortest Path First)

• IPX (Internet Packet Exchange) RIP and EIGRP

• PIM (Protocol Independent Multicast)--sparse and dense modes

• Secondary addressing

• Static routes

• Classless Interdomain Routing (CIDR)

Fast EtherChannel (FEC) Features

• Bundling of up to four Fast Ethernet ports

• Load sharing based on source and destination IP addresses of unicast packets

• Load sharing for bridge traffic based on MAC address

• Inter-Switch Link (ISL) support on the Fast EtherChannel

• 802.1Q routing support on the Fast EtherChannel

• Support for up to 64 active FEC and GEC port channels in one system

Gigabit EtherChannel (GEC) Features

• Bundling of up to four Gigabit Ethernet ports

• Load sharing based on source and destination IP addresses of unicast packets

• Load sharing for bridge traffic based on MAC address

• Inter-Switch Link (ISL) support on the Gigabit EtherChannel

• 802.1Q routing support on the Gigabit EtherChannel

• Support for up to 64 active FEC and GEC port channels in one system

Additional Protocols and Features

• BOOTP (Bootstrap Protocol)

• CGMP (Cisco Group Management Protocol) server support

• CDP (Cisco Discovery Protocol) support on Ethernet ports

• DHCP (Dynamic Host Configuration Protocol) Relay

• HSRP (Hot Standby Routing Protocol) over 10/100 Ethernet, Gigabit Ethernet, FEC, GEC, and BVI (Bridge-Group Virtual Interface)

• ICMP (Internet Control Message Protocol)

• IGMP (Internet Group Management Protocol)

• IPX SAP (Internet Packet Exchange Service Advertisement Protocol) and SAP filtering

• IRB (integrated routing and bridging) routing mode support

• SNMP (Simple Network Management Protocol)

• UDP (User Datagram Protocol) turbo flooding

STP is a standardized technique for maintaining a network of multiple bridges or switches. When the topology changes, STP transparently reconfigures bridges and switches to avoid the creation of loops by placing ports in a forwarding or blocking state. Each VLAN is treated as a separate bridge and a separate instance of STP is applied to each.

STP parameters are set for each VLAN. For each spanning-tree instance, you configure a set of global options with a set of port parameters. The port parameter list contains only ports that are members of a given VLAN. A maximum of 64 spanning-tree instances are supported, one for each VLAN.

To configure STP, see the IOS Command Reference publication.

Specifically, local or unroutable traffic is bridged among the bridged interfaces in the same bridge group, while routable traffic is routed to other routed interfaces or bridge groups.

Layer 3 switching software supports IRB for IP and IPX only.

• When you want to interconnect a bridged network with a routed network, the IRB feature enables the switch router to act as a true brouter.

For example, when you are migrating a bridged network to a routed network, or when the remote site does not have routing capabilities, you can use the switch router to interconnect the bridged and routed networks.

• When you want to conserve IP or IPX addresses by connecting network segments with bridges and assigning each bridge group one network address.

• When you want to break one big segment into several small segments to improve the performance of the end stations.

ISL and 802.1Q encapsulation use packet tagging to multiplex VLANs across a single physical link, while maintaining strict adherence to the individual VLAN domains.

The frame is a standard Ethernet, encapsulated and tagged with a VLAN ID. Because it is a standard frame, repeater hubs and transparent bridges forward it as they would any other frame. Any 10/100 Mbps Ethernet link can support these encapsulation methods. The link can run at either half duplex or full duplex.

You can bundle up to four gigabit Ethernet connections as one logical link, which can provide up to 8-Gb aggregate capacity on up to 64-Gb EtherChannel logical links. If a failure of any one link is detected, the packets are switched on the remaining active links in the EtherChannel.

No dependencies are placed on which ports to configure in the channel. The ports can exist on the same or on different interface modules in the chassis.

Gigabit EtherChannel uses a source-destination IP address load-balancing scheme for up to four ports in a channel group. Each channel group has its own IP address.When a packet is queued to exit out of the port channel interface, the last two bits of the IP source and destination address determine which interface in the channel the packet takes.

As with all EtherChannel technologies, the traffic load is shared across all links within the bundled ports; convergence occurs within one second of a Gigabit EtherChannel failure.

No dependencies are placed on which ports to configure in the channel. The ports can exist on the same or on different interface modules in the chassis.

• Managing the internal data and control circuits for the packet forwarding and control functions.

• Extracting the other routing and packet forwarding related control information from the Layer 2 and Layer 3 bridging and routing protocols and the configuration data, and then conveying the information to the interface module to control the datapath.

• Collecting the datapath information, such as traffic statistics, from the interface module to the route processor.

• Handling certain data packets sent from the Ethernet interface modules to the route processor.

Frame and packet scheduling and discarding policies are determined by the class to which the frames and packets belong. For example, the overall service given to frames and packets in the premium class will be better than that given to the standard class; the premium class is expected to experience lower loss rate or delay.

The switch router has QoS-based forwarding for IP traffic only. The implementation of QoS forwarding is based on local administrative policy and IP precedence. The mapping between the IP precedence field and the QoS field determines the delay priority of the packet.

In addition to having multiple source ports active, multiple snooping sessions can operate simultaneously. You can specify whether the source ports are mirrored for transmit, receive, or both. Up to ten ports may be monitored, but the combined bandwidth of the source ports must not exceed the bandwidth of the destination port.

When creating access lists, you define criteria to apply to each packet processed by the router; the router decides whether to forward or block the packet based on whether or not the packet matches the criteria in your list. Packets that do not match any criteria in your list will be automatically blocked by the implicit "deny all traffic" criteria statement at the end of every access list.

For more information about ACLs, see Access Control Lists: Overview and Guidelines in the Cisco IOS Security Configuration Guide.

The specific instructions for creating access lists and applying them to interfaces vary from protocol to protocol. Configuration of Layer 3 switching access lists is identical to the configuration methods currently employed on all Cisco routers.

To find complete command information for access lists, see the Network Protocol Command Reference publication in the Cisco IOS documentation.

Layer 3 switching software uses source + destination-based load balancing, an enhanced version of the Cisco IOS software per-destination load balancing. Essentially, this method takes certain bits from the source and destination IP addresses and maps them into a path.

Using this method has the following two benefits:

• The traffic is distributed more effectively.

• There is almost no impact on the datapath performance.

Layer 3 switching software supports load balancing for two equal-cost paths and uses the destination and source address pair to perform load balancing. Per-packet load balancing is not supported.

IP Networks	IPX Networks	AppleTalk Networks
RIP RIP-2 OSPF IGRP EIGRP	IPX RIP EIGRP	RTMP EIGRP AURP

Many of the Cisco IOS routing protocol features, such as route redistribution and load balancing over equal cost paths (for OSPF and EIGRP) are supported. Configuration of these routing protocols is identical to the configuration methods currently employed on all Cisco routers.

Each device configured for CDP sends periodic messages to a multicast address. Each device advertises at least one address at which it can receive Simple Network Management Protocol (SNMP) messages.

Devices that are running the HSRP detect a failure by sending and receiving multicast User Datagram Protocol (UDP) "hello" packets. When HSRP detects that the designated active router has failed, the selected backup router assumes control of the HSRP group's MAC and IP addresses. (You can also select a new standby router at that time.)

Layer 3 switching software supports HSRP over 10/100 Ethernet, Gigabit Ethernet, FEC, GEC, and BVI (Bridge-Group Virtual Interface).

CEF manages route distribution and forwarding by distributing routing information from the route processor (RP) to the individual Ethernet interface modules. This technology, used within the Internet, provides scalability in large campus core networks. CEF provides Layer 3 forwarding based on a topology map of the entire network, resulting in high-speed routing table lookups and forwarding.

One of the key benefits of CEF in the Layer 3 switching is its routing convergence. Since the forwarding information base (FIB) is distributed to all interface modules, whenever a route goes away or is added, the FIB updates that information and provides it to the interface modules. Thus, RP interrupts are minimized. The interface modules receive the new topology very quickly and reconverge around a failed link based on the routing protocol being used.

Caution Cisco strongly recommends that you do not issue any CEF configuration commands. The CEF default settings should not be altered, and doing so may adversely affect the performance of your system.

The UDP turbo flooding feature uses the spanning tree algorithm to forward broadcasts in a controlled manner. When a switch router is configured for UDP broadcast flooding, Ethernet broadcasts are flooded out to all of the Fast Ethernet and Gigabit Ethernet interfaces in a configured bridge group.

Bridging is enabled on each router interface for the sole purpose of building the spanning tree. The spanning tree prevents loops by stopping a broadcast from being forwarded out an interface on which the broadcast was received. The spanning tree also prevents packet duplication by placing certain interfaces in the blocked state (so that no packets are forwarded) and other interfaces in the forwarding state (so that packets that need to be forwarded are forwarded).

To enable UDP turbo flooding, the switch router must be running software that supports transparent bridging, and bridging must be configured on each interface that is to participate in the flooding. If bridging is not configured for an interface, the interface receives broadcasts, but the switch router does not forward those broadcasts and does not use that interface as a destination for sending broadcasts received on a different interface.