Layer 2 and Layer 3 Switches Explained
For decades there were switches, and then there were routers. It was obvious that switches performed switching, and routers did the routing. But in the past few years, there has been the emergence of “Layer 3 switches,” which has raised questions for some about the difference between Layer 2 and Layer 3. i.e., the differences between switching and routing, and which type of switch should be deployed in which situations.
What does “Layer” mean, anyway?
The term “Layer” comes from the Open System Interconnect (OSI) model, a conceptual model for describing networks. There are seven layers in the OSI model, and the key point to remember is that each layer in the OSI model serves the layer above it. Layers 1-4 relate to communications technology, while Layers 5-7 relate to user applications. This article will only discuss Layers 2 and 3.
How Layer 2 works
Layer 2, called the “Data Link Layer” transfers data based on physical MAC (media access control) addresses. Every device that has a network interface controller (NIC) has a unique MAC address, assigned by the manufacturer of the device. You may wonder how every network-enabled device can have a unique MAC address, when there are at least billions of such devices in the world. Well, MAC addresses use this format:
D4-BE-D9-8D-46-9AAllowing for over 281 trillion possible addresses.
So a Layer 2 switch transfers data based on known MAC addresses. But how does it know the MAC addresses of the devices connected to it? Whenever the switch receives a data frame, it examines the frame contents for the source and destination MAC addresses. If the source address is new to the switch, it adds the address to a “MAC Address Table”. This table is usually very simple, only containing port numbers, MAC addresses, VLAN, and sometimes whether the address was learned dynamically or statically.
If the destination MAC address of the data frame is in the switch’s MAC address table, it forwards the packet to the corresponding port in the table. If the destination address is unknown to the switch, it sends the frame out all ports except the one on which it was received.
Requiring no routing algorithm, and not needing IP addresses to forward data, Layer 2 switches are very fast, and cost less than routers. However, broadcast traffic, that is traffic that is sent to every device on the network, is not controlled by Layer 2 switches. This can lead to network congestion on large networks. Lastly, Layer 2 switches cannot pass data between different VLANs.
Layer 3 – Bringing IP address-based routing into the mix
Routing, forwarding data based on Layer 3 information, is traditionally performed by routers that use IP addresses instead of MAC addresses. However, recent years have seen the introduction of Layer 3 switches that are faster and cheaper than routers, and are extremely suitable for local networks. Layer 3 switches can connect different VLANs, and offer more security features than Layer 2 switches. Other functions, such as Quality of Service (QoS), allow for the prioritizing of network traffic for maximum efficiency. With higher port density (number of ports per device), and the ability to connect subnets, Layer 3 switches are becoming increasingly popular for offices, data centers, and campuses.
Instead of a MAC address table, Layer 3 switches use an “ARP table,” which shows both MAC and IP addresses. Examining both addresses, the Layer 3 switch will either forward the packet like a Layer 2 switch, or route it according to a routing protocol such as RIP, OSPF, or static routes.
Sample MAC Address Table
ARP tables are not just for switches – your PC has one too! At the command prompt, type “arp -a” to see what your computer knows about the network it’s connected to.
Comparison Table for Layer 2 and Layer 3 Switches
|Layer 2 Switch||Layer 3 Switch|
|Sends data “frames” to destination MAC address||Routes data “packets” based on MAC or IP address|
|OSI Layer 2 (Data Link Layer)||OSI Layer 3 (Network Layer)|
|Cannot connect different VLANs||Able to connect different VLANs|
|One broadcast domain||Multiple broadcast domains|
|Communicates with local network||Can connect to outside (multiple) networks|
When to choose a Layer 2 or a Layer 3 switch
For small networks where the volume of data transmitted is not too great and there is no need to connect multiple VLANs, Layer 2 switches are ideal. For larger networks, networks needing VLAN connectivity, or in situations where enhanced security is required, a Layer 3 switch is the way to go. Most networks use a combination of Layer 2 and Layer 3 switches to optimize cost and performance.
Understanding these differences between Layer 2 and Layer 3 switches should allow you to select the right type of switch for your organization. While Layer 2 switches have been the mainstay of small networks for ages, increasing requirements for reliability, speed, and features are bringing Layer 3 switches into the mainstream. EtherWAN offers a wide range of hardened Layer 3 switches to meet the needs of modern networks.