Switching identities

Not so long ago, switches were boxes that directed traffic within networks, while routers did the same for traffic travelling between networks. Today's switches are much smarter. David Watson looks at how they're being used to do far more than just push packets of data around your LAN.

Not so long ago, switches were boxes that directed traffic within networks, while routers did the same for traffic travelling between networks. Today's switches are much smarter. We look at how they're being used to do far more than just push packets of data around your LAN.

Scrutinising the contents of packets and prioritising them according to user policy, encrypting and de-encrypting, server load balancing -- not so long ago, such functions weren't the domain of switches. These days there are switches that not only do those things, but last year several switches went on sale that can read incoming XML content and distribute it as required by users.

Among them was Chicago-based Sarvega's XPE2000, a switch that performs XML-related functions and potentially smooths the path for organisations looking at using web services.

The XPE 2000 can read incoming XML-based content, send it according to priorities set by the user and check it for authenticity.

Such application-specific switches operate at layer seven, the highest level of the OSI model that decides such things and thus are a far cry from most switches in use today, which operate solely at level two, the data level.

Switches with functionality above the traditional layer two packet directing function are generally referred to as smart switches and are provided by all major network hardware vendors.

Meeting business need

XML-savvy devices are the cutting edge of switch technology and are described by some as blurring edge, as they defy traditional distinctions between switches and other network hardware such as routers. For example, a key competitor to the XPE200 is DataPower Technology's XA35 appliance, yet DataPower doesn't call its device a switch, even though it performs the same XML content management function.

Mainstream switch makers such as Cisco Systems aren't putting XML capability into their products yet, but if demand increases as web services are more widely deployed, it'll be done, says Cisco New Zealand systems engineer Arron Scott.

"When we find there's enough content and business requirements to switch specific content, we do -- our content switches can handle any port 80 traffic and XML switching is an extension of that feature. It'll be a case of when demand and business need is there."

Scott says more than half the switches Cisco ships have layer three-plus capabilities and that's been the case for the past 18-24 months, whereas for the previous decade, "it was predominantly layer two".

With layer three and above capability in the ASICs (application-specific integrated circuits) of more than half the switches that roll off the production line, "we can see a time when there isn't a price difference between layer two and three switches, but as long as the cost is different, people will still want layer two, because in most cases, they have requirements for a certain amount of layer two switching."

Most Cisco customers in New Zealand have layer two switches, because, generally being small, they have lesser switching requirements.

"We have significantly more layer two-only ports in New Zealand, with small fixed configuration chassis, not modular or rack-based."

However, there are plenty of smart switches -- if you define a smart switch as layer three and above -- in Cisco installations in New Zealand.

"All larger chassis in New Zealand have some layer three capability, including large deployments such as the Ministry of Social Policy and ASB bank."

Switches at those sites are geared for IP telephony and Scott describes them as voice-aware, rather than application-aware, a term reserved for switches with capability at layer seven, the application layer.

"They have in-line power to power the phone, to identify that a device is a phone and to assign calls directly to a VLAN.

"That isn't a layer seven function, but it's specific to the application of voice."

Cisco does have some layer seven, content-aware switches deployed in New Zealand, at Carter Holt Harvey offshoot Oxygen and Otago University.

"Content switching means application-specific, with a broad understanding of applications, not just of layer seven packets, but of the whole application itself."

The Cisco CSS11000 content switches at Oxygen and Otago University are used for server load balancing at large server farms, cache interruption and re-direction, among other functions.

When switch functionality climbs up the OSI model, the difference between them and other network devices blurs, but we won't see the distinctions disappear altogether, Scott says.

"At the moment, WANs have some specific requirements that routers serve well and standard routers continue to sell because they're very well suited to the LAN interface function."

Blurred roles

In the service provider space, things blur quickly and provide a demonstration of the fact that, physically, switches and routers are the same thing. It's the algorithms that they work under that make them one or the other.

"Our flagship ethernet switch, the 6500, becomes that Cisco 7600 router when in a service provider role -- it's as good a router as it is a switch.

"The same box is used for the same role, we just change some of the interfaces."

Content switches go further than blurring the role of switches and routers and take on tasks such as server load balancing and provision of security.

Scott says the aim of moving functions from servers to smart switches is to "help customers scale their servers to do what the do best -- a software-based server isn't that good at encryption, but hardware ASICs do it well, so why not offload it on to the network?"

The 6500 switch can have 2GB encryption installed and a blade can be added to the chassis which provides a 5GB firewall. An intrustion detection blade is also available.

"The 6500 is a smart switch -- it's flexible and application-specific. It's not an application switch, but it's application-specific."

Looking to the future, Scott believes smart switching technology will increasingly be applied to SANs (storage area networks).

"We recently released our first fibre channel switch and we don't see why SANs should be any different to any other IP application.

"Over time, we'll see storage networking collapse into the main switched network."

The other big future development he sees is continuing increases in speeds and feeds.

"10Gbit/s ethernet will be implemented, gigabit copper to the desktop is increasingly popular now and will become the norm over time and the other area of switching that contines to evolve and will develop and change is multimedia. Video and telephony will grow and require better content-aware switches to make the most of it."

He cautions against getting smart switches and turning every available feature on right away.

"It has to be able to do everything the customer needs, but we have to understand how the features come together and the customer must be able to deploy them.

"You can have so many features it becomes difficult to know to turn them all on and to know what their relationship to the other features is."


PwC futureproofs

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags switches

More about CiscoCiscoDataPower TechnologyLANPricewaterhouseCoopersSarvegaScott CorporationTechnology

Show Comments