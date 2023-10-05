Editor's Picks
Craig Sutton is the owner of Sutton Brand Management. Using his background in tech, including 5 years managing the servers and networking team for a major regional Internet provider and also owner of an IT and Web software development firm, he harnesses the power of digital and traditional marketing to help small to medium sized businesses excel.
Leave a Reply Cancel reply
As Groucho Marx said “A child of five would understand this. Send someone to fetch a child of five.”
Anita Campbell
Hi Kieran,
I’ve read your comment 3 times, and had to laugh each time. Yes, this is challenging stuff to digest. But whenever someone is able to talk about this sort of topic (like Craig!) I am so envious. It’s not anything I could figure out on my own. 🙂
– Anita
Craig Sutton
LOL, yes…indeed 🙂
Aira Bongco
The first time I read this, I did not get it. And then I read it again, I still don’t get it. Then I try it for the third time. And then I thought, this is a matter that I better delegate. I don’t know anything about networking and I cannot even understand it.
Craig Sutton
This is a tough article to write in 800ish words let me tell you!
The basics I am trying to point out are, whenever you can find a way to alleviate yourself from routing between multiple locations without using your own equipment to do it, it can be very beneficial financially for support and equipment reasons to do so. Those who can handle layer 2 or 2.5 for you to connect locations without your equipment handling the connections can make your life and your IT’s life less complicated.
Hope that helps!
Craig
Martin Lindeskog
Craig:
It was a catchy title! I think I have to print out this article, take out my highlighter and come back to you… 😉
Btw: I love the Grouch Marx quote by Kieran O’Connor. I am totally lost in space now! 😉
This is that I like with Small Business Trends. You will always learn something new, reading this blog! 🙂
Marcus
I made my career because people don’t get this. Stick with it though. Even a senior manager doesn’t want to be left to the tender mercies of his IT guys. They have none. This stuff is pretty basic. Just keep hammering at it. It’s worth it. Kudos to the author. M.S.- Senior Cloud Architect
I like the idea of an extra layer wherein you can only control upper and lower layers at needed conditions. What are the usual average costs in relative to the traditional layers? Also, there have been arguments regarding MPLS’s encryption as some label it as a privately configured network, do you think it can affect security issues? Thanks for the heads up!
Craig Sutton
Ava, while I don’t have specifics on avg costs (as that will vary depending on location and provider) I can point you to a couple of articles on security.
First the spec on VLANS http://en.wikipedia.org/wiki/IEEE_802.1Q
How VLANS work in securing traffic path http://www.cisco.com/en/US/docs/ios/ios_xe/mpls/configuration/guide/mp_qnq_tunneling_atom_xe.html#wp998792
Then the debate: http://pciguru.wordpress.com/2009/04/18/the-mpls-is-a-private-network-debate/
The important thing to note here is that security end to end is always a concern, you are really just providing the best possible effort to secure your traffic. The key is understanding the technologies limits and having the conversation about your specific security needs with both your IT team and your provider.
Wola
Hi Craig,
reading your article ends up with a question: should L3 be in the core and L2 at the edge? Very anxious to see your answer.
Regards,
Wola
Enrique
Hi Craig, I really liked the article, very catchi title. I was looking for information about the tcp/ip suite, trying to find if there is actually error correction implemented at layer 2, or if it is error checking, and whenever an error is detected tha packet is droped ?
I found interesting the way you introduce the 2,5 layer concept (MPLS).
I heard about MPLS the first time in a congress talk about CLARA, INTERNET2, GEANT2 …
Where there where using MPLS in order to increase the performace of the Educactional/research Networks for haigh speed applications.
I like the article.
Thansk
Priyansh Tiwari
Hii
Great work!! Glad you wrote 🙂
Do you have any figure on the latency in both cases?
And can you tell me a bit more about metro ethernet?
Thanks
Glen
This actually made it easy for me to understand layer 2 and 3 and mpls.
Here’s the deal, as I understand it. An address is an address, i.e. a location say where you live, that would be an address. Information that might need to go there, say a letter is addressed to you.
Layer 2 means the mail goes to each occupant in the apartment complex, and if you have mail in the box you take out what belongs to you and send the box of letters to the next door, they do the same thing and eventual all the mail is received by all the addressees, but you would admit that it would be a slow process. Works well until Christmas, when alot of letters are receive, i.e. “media storm” and the sharing of letters to the addressees slows way down, because there is more information to sort through before it can be passed on.
Layer 3 would do the same thing, except now we hire people (routers) to sort the letters (IP packets of information) before hand and only the mail going to the folks (nodes) that live on the first floor would have to go through the box of first floor letters, not letters for the whole building (network) therefore increased cost, but faster distribution of information. And same thing for second floor folks or addressees, and so forth.
Jesse
Thanks for the clear explanation!
Mike D
I like your apartment mailbox analogy, I will most certainly use that one.
In the field, I often try to explain topics like this to customers, but it’s tough to elaborate when the customer doesn’t understand the difference between a browser and the Internet, or a monitor and the actual computer/workstation.
DisasterArea
Actually is that layer 2 analogy correct? It’s not taking your letter and passing on the box, that implies only one person gets the box and has to hand it over before the other people get their letters. that is not strictly correct.
Everyone gets a box, with everyone’s letters in it. They all get the whole box at the same time, find their letter and throw the rest away.
i.e. while the delivery appears faster.. .if you have too many addresses, the box is so large that you are wasting all that time sending everyone a copy of a bunch of letters that are irrelevant to them. Hence you ideally want a layer 2 connection to be 1:1 – as soon as you’re sending traffic to multiple recipients who only want a fraction of it, you’re wasting their time.
I wonder at what point this “efficiency” then becomes less efficient than routing layer 3?
Actually, I find that anyone who understands layer 3 needs to know every little about layer 2. Layer 2 reminds me of the difference between a LAN and a LAN based on a unique subnet (like 255.255.250.0). Layer 3 reminds me of a difference between a LAN, a MAN and a WAN (subnet can be anything). This would be very difficult to obtain without some sort of “ROUTING” device and by the same token would cause significant collisions if incorrectly configured.
You mentioned layer 2 might be faster. That is my priority also price is not a factor. If i have 20 ip based servers with no filtering or routing just defaults on the switch. Can you say which would be faster?
MrPete
Pretty sure this sums it up using real-world equipment:
– A normal network “switch” is a Layer 2 device. Low cost, incredibly fast. It understands hardware network addresses, ie MAC addresses. Many people know nothing about this… MAC addresses are supposed to be unique worldwide and look like this: xx:xx:xx:xx:xx:xx (where xx is a hex “digit”)
Upside: speed and low cost. Packets pass through at full bandwidth in realtime.
Downside: it assumes all necessary devices are Directly Connected to the switch!
For packets to go elsewhere (eg to/from a site on the Internet) requires something more… a router.
– A router is a Layer 3 device. It understands IP addresses and knows which device port(s) understand which address(es). So your laptop gets its data… a Web server that might have several IP addresses gets its data… and all off-net data goes to the “internet” port… etc.
Upside: smart handling of packets, packets can be transformed with a smart router (eg encrypted to/from VPN), etc.
Downside: routers are rarely anywhere near as fast as switches. NOwhere near as fast.
Kermit Short
Looks like Mr. Pete has the most accurate understanding of L2 vs L3. Keep in mind that your major penalty at L3 processing is coming from the fact that the frame has to be unpacked twice. Once at L2, and then again at L3. L2 only understands HARDWARE addressing. There are no IP addresses at Layer 2. In order to perform routing, you need to work with IP addresses. The router (or L3 switch) has to unpack the L2 frame, extract it’s contents, evaluate them, **Rewrite a new PDU header and repackage the PDU**, reforward it back to L2, and then send it back out on the wire.
What this MPLS stuff does, is to avoid that whole L2 -> L3 -> reprocess -> L3 -> L2 part by putting an intermediary encapsulation layer in there. This allows things to be routed much more quickly, and as an added bonus, you don’t have to pay for $50K routers at each branch location just to make sure your offices are connected (unless you have something fairly complex going on).
Mako
Can you purchase a point to point L2 network from a provider and use managed switches on each side to handle the routing, like a router would? Right now we use P2P T1 lines with routers to manage the network. With L2, it’s just an ethernet handoff, so no router is needed. We want more bandwidth at a cheap cost per month, but get almost all the routing capabilities with managed switches on each side.
Thanks in advance!
Vegard
I know this post is “old” but I am still unsure what we need. Maybe cause I do not understand all the terms properly.
But what we need is that in our office building we have one ISP line in. From this the internet is shared between several offices. But some of these offices don’t want the whole building to see or enter their computers and hardware. They want to be isolated but still use the same internet as all the others.
How can this be archived?
Will a L2 switch at this office be enough or wont it do anything? Isn’t the point to just create a subnet that only this office is under? Or is it really needed a L3 switch for this?
What about just putting up another ruter in this office and create a new network inside this pros/cons?
Nathan
Vegard, you should research Private, isolated and community Vlan. make sure your infrastructure supports it. would help your in your scenario
RouteSwitch
Vegard, Yes, a L3 switch would solve your problems. L3 switches don’t have to be expensive and by the sounds of your network a L3 switch that support Static routing would be plenty. Depending on the model you could get one for a few hundred dollars. You could then create a new Vlan for those office that want segmented, add a basic ACL to block traffic inbound from those other subnets.
komalpreet
I want more explanation about layer 3 .Like what are the major benifits and also the limitation.