From owner-freebsd-net Sat Mar 27 7:21:26 1999 Delivered-To: freebsd-net@freebsd.org Received: from obie.softweyr.com (unknown [204.68.178.33]) by hub.freebsd.org (Postfix) with ESMTP id 6DEBF14F6B for ; Sat, 27 Mar 1999 07:21:19 -0800 (PST) (envelope-from wes@softweyr.com) Received: from softweyr.com (wes@zaphod.softweyr.com [204.68.178.35]) by obie.softweyr.com (8.8.8/8.8.8) with ESMTP id IAA01548; Sat, 27 Mar 1999 08:20:36 -0700 (MST) (envelope-from wes@softweyr.com) Message-ID: <36FCF743.F6530F5C@softweyr.com> Date: Sat, 27 Mar 1999 08:20:35 -0700 From: Wes Peters Organization: Softweyr llc X-Mailer: Mozilla 4.5 [en] (X11; U; FreeBSD 3.1-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: mm@i.cz Cc: freebsd-net@FreeBSD.ORG Subject: Re: switch vs bridge (fwd) References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Martin Machacek wrote: > > On 26-Mar-99 Mike Jenkins wrote: > > On Fri, 26 Mar 1999 Martin Machacek wrote: > >> Layer 4 switch is a pure marketing bullshit. > > > > If I understand layer 4 switches correctly, they switch > > at the tcp/udp port number layer. I could therefore slip > > a layer 4 switch between my router and my lan, and program > > it to redirect all incoming 25/tcp smtp connections to a > > mail filter host. I find that rather useful. I'm sure > > some folks use them for 80/tcp http redirection for web > > caching. Aren't these useful applicatons? > > Sure, but they can be quite easily achieved with "convetional" router (or a > good layer 3 switch). The router could be also a PC with decent Unix like for > example FreeBSD. What these applications require is capability to do > routing (switching) decisions based on other information than destination IP > address. This feature is usually called policy routing and you can find it in > most routers from major vendors. So, I think that so called layer 4 switches > are just IP routers with policy routing capability. I doubt that layer 4 > switching is being implemented in hardware. Not yet. It soon will be. You're not going to believe the speed. > > I realize routers can be programmed to do this but who wants > > to load down (or misconfigure) the router for this chore. > > Policy routing is not a misconfiguration. For sure it can put significant > load on the router. Who wants to buy another box ... > > > A dual-homed unix box such as FreeBSD can also do this using > > redirection in packet filtering but that usually requires > > splitting the network into 2 IP networks (yes i've heard > > of dummynet/bridge but that is work in progress). I think > > a network appliance like a layer 4 switch would be the right > > tool for the job. The realy problem with a layer 4 switch is that it doesn't have any knowlege of the data stream it's handling, it just doles out packets based on some really simple rules. A load balancer that has some understand of the underlying data is probably a much better way of doing things. In the case of HTTP, a load balancer can keep a client connection on the same server, in case the server is maintaining some connection information, and can make decisions on which server is the least busy when a new connection comes in, based *at least* on which is handling the fewest number of packets at the moment. Layer 4 switches don't do either of these, they just dole out packets in (typically) round-robin fashion. > Why you think you have to split your network and actually what's wrong with > splitting IP networks anyway? Nothing is wrong with splitting IP networks, you just don't need to complicate it with a bunch of goofy routing configurations. If you want to keep the engineering staff from sniffing packets over in HR, stick everyone on switch ports and manage your VLANs carefully. ;^) -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC http://www.softweyr.com/~softweyr wes@softweyr.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message