From owner-freebsd-net Sat Mar 27 4:37:36 1999 Delivered-To: freebsd-net@freebsd.org Received: from kamna.i.cz (kamna.i.cz [193.85.255.30]) by hub.freebsd.org (Postfix) with SMTP id A467D14EA4 for ; Sat, 27 Mar 1999 04:37:33 -0800 (PST) (envelope-from mm@i.cz) Received: (qmail 21487 invoked from network); 27 Mar 1999 12:37:12 -0000 Received: from woody.i.cz (@193.85.255.60) by kamna.i.cz with SMTP; 27 Mar 1999 12:37:12 -0000 Content-Length: 1832 Message-ID: X-Mailer: XFMail 1.3 [p0] on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=iso-8859-2 Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: <199903262137.PAA06872@carp.gbr.epa.gov> Date: Sat, 27 Mar 1999 13:37:12 +0100 (MET) Reply-To: mm@i.cz From: Martin Machacek To: freebsd-net@FreeBSD.ORG Subject: Re: switch vs bridge (fwd) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 26-Mar-99 Mike Jenkins wrote: > On Fri, 26 Mar 1999 Martin Machacek wrote: >> Layer 4 switch is a pure marketing bullshit. > > If I understand layer 4 switches correctly, they switch > at the tcp/udp port number layer. I could therefore slip > a layer 4 switch between my router and my lan, and program > it to redirect all incoming 25/tcp smtp connections to a > mail filter host. I find that rather useful. I'm sure > some folks use them for 80/tcp http redirection for web > caching. Aren't these useful applicatons? Sure, but they can be quite easily achieved with "convetional" router (or a good layer 3 switch). The router could be also a PC with decent Unix like for example FreeBSD. What these applications require is capability to do routing (switching) decisions based on other information than destination IP address. This feature is usually called policy routing and you can find it in most routers from major vendors. So, I think that so called layer 4 switches are just IP routers with policy routing capability. I doubt that layer 4 switching is being implemented in hardware. > I realize routers can be programmed to do this but who wants > to load down (or misconfigure) the router for this chore. Policy routing is not a misconfiguration. For sure it can put significant load on the router. Who wants to buy another box ... > A dual-homed unix box such as FreeBSD can also do this using > redirection in packet filtering but that usually requires > splitting the network into 2 IP networks (yes i've heard > of dummynet/bridge but that is work in progress). I think > a network appliance like a layer 4 switch would be the right > tool for the job. Why you think you have to split your network and actually what's wrong with splitting IP networks anyway? Martin --- [PGP KeyID F3F409C4]] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message