Layer 2 vs Layer 3 Switch: Which One Do You Need?

Layers 2 Switches

A switch is a device which sends a data packet in a local network. Layer 2 switch work on layer 2 of OSI model i.e. data link layer and sends a “Frames” to destination port using MAC address table which stores the mac address of a device associated with that port. It allows for the connection of multiple devices on a local area network (LAN) but can only work with MAC addresses.

Here are important functions of Layer 2 switching:

•          MAC addresses are known from all the incoming frames source addresses.
•          Bridges and switches communicate with each other using the STP to remove bridging loops.
•          Frames designed for unknown locations are overflowed out to all ports except the one that received the frame.
•          It performs the same function as a transparent bridge.
•          Frames are forwarded using specialized hardware, which is known as Application-Specific Integrated Circuits (ASIC).
•          Layer-2 switches also perform the switching function to re-arrange the data frames from the source to its destination network.
•          Layer-2 Switch splits a complicated LAN (local area network) into small VLAN networks.

Layers 3 Switches

Layer 3 switch work on layer 3 of OSI model i.e. network layer where it route packet by using IP address. A Layer 3 switch has both MAC address table and IP routing table, therefore it can do all the job that a Layer 2 switch does. Additionally, it can do static routing and dynamic routing.

A Layer 3 switch combines the functionality of a switch and a router. It handles intra-VLAN communication and packets routing between different VLANs as well.

Here are important functions of Layer 3 switching:

•          Define paths based on logical addressing
•          Provide Security
•          Run layer three checksums
•          Process and respond to any option information
•          Allows you to update simple Network Management
•          Information Base (MIB) information

Do all Layer 3 switches do routing and how?

Not exactly.

Just because a device is Layer 3-capable, doesn’t necessarily mean the device is performing routing. As a network administrator, you need to configure the device to route traffic between VLANs if that’s what you want. You can have a Layer 3-capable switch operating in Layer 2-only mode.

So what happens when a Layer 3 switch receives a packet from an end device? When inspecting the packet header, if that packet is destined for another VLAN, the Layer 3 switch “elevates” the packet to the routing layer. A decision is then made at the Layer 3 routing layer on where to send the packet—the switch consults the MAC address forwarding table to decide which port to send the outgoing packet on. And there you have it: a switch that makes routing decisions on traffic and therefore operates at Layer 3.

Efficiency between Layer 2 and Layer 3 networking

Layer 2 networks forward all their traffic, including ARP and DHCP broadcasts, so data transmitted by one device on L2 will be forwarded to all devices on the network. This type of broadcast traffic is very fast, but as the network gains in size it creates congestion and leads to inefficiency over the network.

Layer 3 traffic restricts broadcast traffic. Administrators on L3 can segment networks and restrict broadcast traffic to subnetworks, limiting the congestion of broadcast on large networks.

Difference between Layer 2 and Layer 3 Switch

How to choose?

Typical Applications of Layer 2 Switches

While you may not know it, you are already familiar with a layer 2 switch; your computer’s Ethernet connection acts as a data link layer, connecting your computer with the network via MAC addresses.

Another application of layer 2 switches is with software companies that have centrally located servers where clients who are dispersed across the globe, can access the one central server without latency.

Another real world application is in organizations that rely on internal communications but don’t need the internet – they may use a VLAN network via a layer 2 switch. A final example would be with software testers who want to keep their sharing tools centrally located, but allow another server to access them without being physically connected to the same network.

Typical Applications of Layer 3 Switches

When MAC addresses are simply not enough, layer 3 switches can make use of the Internet Protocol (IP) Addresses to connect devices to different IP networks. You’ve already come into contact with a layer 3 switch via your internet router.

Other applications of layer 3 switches include university campuses or data centers that have vast computer networks set up. If a network has thousands of users or the network infrastructure requires heavy device management for the roll-out of patching or policy updates, or if you need specific control rules activated on certain devices within the network, a layer 3 switch is more appropriate due to its firewall protections.

Layer 2 Switches: Advantages and Disadvantages

PROS

•          Forwards packets on the basis of unique MAC addresses
•          No setup or management is involved
•          Can quickly be deployed at a lower cost
•          Flow accounting capabilities
•          Low latency and improved security

CONS

•          Cannot implement any intelligence while forwarding packets
•          Unable to perform IP address based routing or switching
•          Cannot guarantee required bandwidth to VoIP (voice over IP) users

Layer 3 Switches: Advantages and Disadvantages

PROS

•          Offers guaranteed QoS (Quality of Service)
•          Enhanced safety protocols to prevent unauthorized access
•          Can segment a single LAN into two or more virtual LANs (VLANs)
•          Enables a router of connecting different subnetworks
•          Offers IP address based packet forwarding (routing)
•          Utilize logical addressing to find optimum paths to destination hosts or networks

CONS

•          Costs more than a Layer 2 switches
•          Involves setup and management
•          Additional processing memory and power is required for Layer 3 switching

When should you use Layer 3 switches?

The recommendation on whether to use a switch at Layer 2 or a Layer 3 depends in part on the size and complexity, and the security requirements, of the network you’re managing.

When designing your network topology, consider some of the following points:

•          Is more than one VLAN required for the network? Layer 3 switches are useful when you have more than one VLAN needing to communicate with one another.
•          Does your network consist of dozens, hundreds, or thousands of users? As the size of your network grows, you’ll need more than one switch to physically connect all of the users. In this case, you may find you need a mix of Layer 2 switches and a Layer 3 device (switch, dedicated router, or firewall) to perform the Layer 3 functions.
•          Does your security policy require putting access control rules between devices on different networks, or doing deep packet inspection on traffic between networks? If so, having a firewall perform the Layer 3 function may be better suited.
•          How do you plan on managing your network infrastructure? With the introduction of Layer 3 switches, it may be possible to reduce the number of network devices on your network, which may simplify some of the device management, including things like patching and policy updates.