The traditional router often lacks scalability because the central architecture is used. All packets to the router must be sent to a single processing area. The more the number of interfaces you have, the more the system's load is, resulting in excessive occupation of resources. This limits services that can be run on the network, such as VoIP.
When a router using a central blocking architecture needs to process traffic exceeds its own capacity, it will start discarding the packet. When the network application or computer does not receive a response, they send more packets for the recovery session. This will only make things happen - because it is easy to cause the cross session overload. In this case, the overloaded router will develop its own non-logical thinking, selectively discard the packet according to the application, user's priority or network destination / source. Obviously, there is a need for a new way to process flow growth.
For many years, the speed of traditional routers has achieved great growth, but it is still not enough to keep up with a lot of powerful applications. For example, they can forward nearly 1 million packets per second. Consider a 1,488,000 packet (PPS) per second, but at the same time, the single 1,000 megabynet interface of the packet is received at a speed of 1,488,000 pps, which means that the 2 Gigabit Ethernet port can easily overload the system. In contrast to this, the multilayer switch / router is forwarded by a line speed. Exchange ASIC is present in a distributed manner, allowing the entire system to efficiently deliver traffic. When you add more interface cards, the system's processing capabilities also increase - because the relevant logic and forwarding decisions are distributed over the entire device. Today's some high-end switches / routers can forward 480 million packets per second.
These new switch / routers use a new network design and management mode. Today, the blocking point can be eliminated, the distance between the user is farther, and does not have to worry about performance. The stock traders mentioned in our previous example can now connect to server or network data from several floors or hundreds of miles away, depending on the interface type supported by the switch / router, and the cable or fiber used. Types of. In addition, new IPs and optimized Ethernet routers are easier to manage, and managers need to take a small time to keep the network and new application synchronization. Like Netjie Network Bigiron Chain Series Products, simply transmit traffic from the application, while adding more modules with the increase of capacity and speed.
To determine the type and quantity of network traffic, ASIC has now built new packet sample techniques to provide control platforms for traffic monitoring throughout system traffic. RFC 3176 or Sflow has now become an increasingly popular approach, providing real-time views of traffic in networks in networks, traffic required for traffic, and traffic demand. Sflow allows large companies to better monitor the use of network resources across multiple departments. The university can identify illegal wireless and wired applications in the network, and timely discover and stop attacks on denial of service (DOS) prior to network performance. Now that RFC 3176 is quickly becoming a necessary requirement for important companies that realize security.
The functionality of multi-layer switch / router is not different from traditional routers and switches, which integrate local area network (LAN) and Member Network (WAN) functions in a single device. They can implement local exchange (ie, Layer 2 exchange) between the group users, and implement routes between users of different groups (ie, line 3 exchange or routing), and provide security and special services for applications (ie 4 floors exchange).
It is often necessary to use safe filtering in the router - even the government around the world suggests this. The reason why the router is an ideal security "checkpoint" because they are the entrances and exits of the network. After creating a complex rule called Access Control List (ACL) on the router, the router will check each packet according to this rule. For example, these rules can only allow special authorized users to access the company's data.
For traditional routers, check the packet according to safety rules is a fee-time process. When the router finds the 3rd floors and the 4th level information in each packet, it must compare this information with the rules. Enabling safe filtering has always been a "nightmare", which will make the router slower. When the performance is too much, special equipment needs to be used. Even multi-layer swap routers, they will face challenges when performing this function (while maintaining line speed performance). When security features are enabled, some new switch / router speeds will slow down. However, most new switch / routers have integrated these security policies into the hardware, and thus, even if the ACL is enabled, linear forwarding performance can be provided.
Safety and traffic analysis using multi-layer switches / routers is becoming increasingly popular, mainly because network device vendors are built into multi-storey switches / routers. More and more network devices are integrated into a single device. You no longer need independent hardware to monitor some of the traffic or security, which can bring great benefits for our network users.
Problem location: Core router "bottleneck"
Solution: combine network function with multi-layer swap routers
