Internet Protocol (IP) has become the default transport mechanism by which data is transferred between wide area networks (WANs). While its packet-based approach is great for data, it is not necessarily the ideal transport protocol for transmitting voice, video, Flash and large graphics. These applications need to be treated a little differently. For example, they require a switch that can distinguish between different types of traffic and direct it without bits being lost or delivered out of order.
This level of sophistication is referred to as Layer 3 and 4 switching, based on the International Standards Organisation's (ISO) description of networked systems. "Layer 3 looks at the packet and starts routing information; it can see network names and the routes to these networks," explains Jon Bays of Digital Networks, a Sydney-based distributor selling IMC Networks products.
While consumers see the value of Layer 3 and 4 switching for increasing network performance, cost is still a major inhibitor of uptake and confines the bulk of users to Layer 2 technology- Layer 2 being the level that deals primarily with frames and packets (see information box on page 34).
According to Andrew Cook, Nortel's resident Web switching expert, Layer 2 and Layer 3 switching has become heavily commoditised at the high end, and even basic Layer 4 switching will follow the same path as greater functionality is moved into more cost-effective silicon.
"Today it is relatively easy to differentiate Web switches based on features, performance and cost. In future, assuming the various Layer 4 to 7 products start to converge in terms of features and performance, we should expect to see greater price competition in the market," he says. "However, customers recognise the critical nature of the Layer 4 to 7 switching infrastructures and will not compromise their systems on the basis of buying cheap Web switches for the foreseeable future. Layer 4 to 7 is much harder to effectively commoditise due to the product complexity."
Meanwhile, for small-to-medium businesses the Layer 4 to 7 market is still fairly small, according to Tim Davoren, business development manager of Bluechip Infotech (formerly Servex). Although Davoren admits that Layer 4 is becoming more price accessible. "They just don't have the requirement. Its appeal at the moment is really to Web-based organisations, banks, government and large corporations," he says.
The process of Layer 2 is fairly simple and can be accomplished without using a sophisticated general-purpose CPU. Typically, such devices are controlled with a task-specific processor with some firmware running on it, or they may be constructed out of very large scale integrated (VLSI) application-specific integrated circuits (ASICs). The VLSI/ASIC approach generally yields a device with fewer "bells and whistles", but which is much cheaper when mass produced. Paul Buis, associate professor of computer science at Indiana's Ball State University, says that in addition to being cheaper than a functionally similar software-controlled switch, the VLSI/ASIC design is the only practical approach for very high-speed throughput, particularly on devices such as ATM switches.
In a corporate environment, Bays says ASIC "really comes into its own when you get into VPNs (virtual private networks) and encryption". "You need to encrypt and decrypt information packets and this can get intensive for the software and slow down the network as a result," he says. "ASIC, on the other hand, can push through encryption very, very quickly because encryption adheres to a rote formula."
Many network vendors, such as Foundry and Netscreen, have adopted a hybrid approach using ASIC with a pliable operating system laid over the top. The idea is to cast in iron as many of the routing and switching tasks (or silicon as the case may be) as possible, so they can be performed very rapidly with minimal burden on the network. Meanwhile, the operating system is designed to customise the feature set of the appliance so it can be configured (within reason) to the user's needs. Advocates for this approach say it marries the best of both worlds -- flexibility with speed. For example, when Netscreen replaced its version 3.0 OS with version 4.0, the additional features provided what was a security and content delivery device with routing capability that could see network paths.
On the other side of the fence sits the software-intensive system favoured by Cisco and D-Link. This approach puts a lean, 100-250MHz microprocessor on the network with software on it that is designed to do nothing but route or firewall. It is a task-specific device.
While this approach works in the initial stages, Bays says it is rapidly being outgrown as new operating systems with upgraded feature sets are released. "[The vendors] can't help themselves putting out the new features, but with each additional feature comes greater intensity and burden on the network. Every little packet that you inspect in software will slow it down," says Bays. Before you know it, the customer has to increase the memory from 16MB to 32MB or up the capacity of the processor. In many cases, increasing the memory will assist only in buffering the data - it helps with burst speed but not overall throughput.
"The lifespan of the product [using a software-based system] is less," says David White, systems engineer manager for Foundry South Asia, a network vendor that favours ASIC-based switching. Instead of lasting three to five years before being outgrown by the OS features, the customer has to upgrade every time the network configuration alters.
Many accuse Cisco of using its software-heavy systems as a deliberate ploy to sell more routers and switches - not unlike Microsoft's strategy with the Windows OS. However, Domenic Torre, senior business development manager for D-Link, says adopting an ASIC-based switch too early in the Layer 3 game, before the technology has proven itself in a working environment, can lead to complications. "Over time the problems with Layer 3 will be resolved and people will be comfortable using an ASIC-based Layer 3 switch, just as they currently do with Layer 2," he says. Until then, Torre says software-based systems are more appropriate because the manipulation of data at the Layer 3 level is quite sophisticated and requires the flexibility that software offers.
At the same time, Torre admits that the ASIC-based system has a significant cost advantage for the customer "once you know the ASIC is bug-free". On the other hand, the ASIC model comes with its own drawbacks, such as the incongruence of OS feature sets between one version and another, which can cause network glitches. "For VPNs it's better to have the same box on both ends with the same OS version because the different features in the later versions clash with the old [OS] and you start getting into small errors," says Bays.
Vendors like Foundry are hopeful that the performance advantages of ASIC-based appliances will speed the adoption process. But with Cisco holding a 70 per cent share of the market, White says simple education will not upset the status quo with any great haste. "The performance lag [of software systems] is opening the door for other vendors to get a look-in, but part of it [the decision to buy Cisco] is about risk bearing."
Still, Bays says the transition from 128K ISDN to ADSL was one of the primary milestones that brought performance issues to the fore in the first place. Organisations eagerly signed up to a 2M link only to find that they were getting 500K out the other side because the various devices hanging off the network were creating a lag as they struggled to digest the packets, he says. Perhaps the increased focus on security and the desire to simplify network management will provide the next kick along.
The seven layers of the International Standards Organisation’s basic reference model
1. The Physical Layer describes the physical properties of the various communications media, as well as the electrical properties and interpretation of the exchanged signals. For example, this layer defines the size of the Ethernet coaxial cable, the type of BNC connector used and the termination method.
Refers to properties such as copper wire, coaxial cable, wireless radio and satellite.
2. The Data Link Layer describes the logical organisation of data bits transmitted on a particular medium. For example, this layer defines the framing, addressing and check-summing of Ethernet packets.
This is where switching and multiplexing lives.
3. The Network Layer describes how a series of exchanges over various data links can deliver data between any two nodes in a network. For example, this layer defines the addressing and routing structure of the Internet.
This is very much routing.
4. The Transport Layer describes the quality and nature of the data delivery. For example, this layer defines if and how re-transmissions will be used to ensure data delivery.
This is about the network protocol and how it handles the integrity of data.
5. The Session Layer describes the organisation of data sequences larger than the packets handled by lower layers. For example, this layer describes how request and reply packets are paired in a remote procedure call.
This is where the application and the host computer operating system come into play.
6. The Presentation Layer describes the syntax of data being transferred. For example, this layer describes how floating point numbers can be exchanged between hosts with different mathematical formats.
This is very much about host-to-host protocols.
7. The Application Layer describes how real work actually gets done. For example, this layer would implement file system operations.
This is about how the actual application operates.
Frames and packets at work
A "frame" is a group of bits travelling across the physical connection, represented by a series of zeros and ones. A frame may contain information at its beginning, sometimes called a "preamble", which is not relevant to the software controlling the interface. A frame may also contain information at its end called a "trailer", which is likewise not important to the software part of the interface. The purpose of the frame trailer and preamble is to "tag" where it is going and where it has come from, and usually contains a check-sum of the contents of the frame to verify that it was not garbled in transmission.
A "packet" is a frame with the preamble and trailer removed, and is the piece of the frame that is passed to the software element of an interface. Since a packet and a frame contain essentially the same information, the terms are often used interchangeably.