I will warn you up front that this article is going to be a tad technical, so bear with me. Since this site gets a broad audience with a wide range of technical skill levels, let me take a moment to describe what Layer 2 and Layer 3 mean, for anyone who does not know.
Layer 2 and Layer 3 refer to different parts of IT network communications. The ‘layers’ refer to how you configure an IT network, and the standard for network communications called the OSI model. 16 Port Gigabit Switch
The reason we are having a discussion about layer 2 or layer 3, is that your choice of either layer has advantages and disadvantage in terms of scaling and costs. So let’s dive in and take a deeper look.
The OSI, or Open System Interconnection, is a networking model comprised of seven ‘layers’. It’s a controlled hierarchy where information is passed from one layer to the next creating a blueprint for how information is passed from physical electrical impulses all the way to applications.
This standard is a guide that allows engineers to keep communications organized.
Layer 2 is the data link where data packets are encoded and decoded into bits. The MAC (Media Access Control) sub layer controls how a computer on the network gains access to the data and permission to transmit it and the LLC (Logical Link control) layer controls frame synchronization, flow control and error checking.
Layer 3 provides switching and routing technologies, creating logical paths, known as virtual circuits, for transmitting data from node to node. Routing and forwarding are functions of this layer, as well as addressing, internetworking, error handling, congestion control and packet sequencing.
Layer 2 Data Link: Responsible for physical addressing, error correction, and preparing the information for the media Layer 3 Network: Responsible for logical addressing and routing IP, ICMP, ARP, RIP, IGRP, and routers
Some advantages of Layer 2 include lower costs, only requires switching, no routing gear is necessary and offers very low latency. Layer 2 also has some significant disadvantages such as the lack of router hardware, leaving them susceptible to broadcast storm and the additional administrative overhead of IP allocations due to flat subnet across multiple sites.
Layer 2 networks also forward all traffic, especially ARP and DHCP broadcasts. Anything transmitted by one device is forwarded to all devices. When the network gets too large, the broadcast traffic begins to create congestion and decreases network efficiency.
Layer 3 devices, on the other hand, restrict broadcast traffic such as ARP and DHCP broadcasts to the local network. This reduces overall traffic levels by allowing administrators to divide networks into smaller parts and restrict broadcasts to only that sub-network.
This means there is a limit to the size of a layer 2 network. However, a properly configured layer 3 network with the correct knowledge and hardware can have infinite growth.
A Layer 3 switch is a high-performance device for network routing. A router works with IP addresses at layer 3 of the model. Layer 3 networks are built to run on on layer 2 networks.
In an IP layer 3 network, the IP portion of the datagram has to be read. This requires stripping off the datalink layer frame information. Once the protocol frame information is stripped, the IP datagram has to be reassembled. Once the IP datagram is reassembled, the hop count has to be decremented, the header checksum has to be recalculated, a lookup for routing must be made, and only then can the IP datagram be chopped back up and inserted into frames and transmitted to the next hop. All of this takes extra time.
As you can see, the question is not really “is it better?”. The real question is, “what do I need?”.
What most businesses need is control. Routing controls happen at Layer 3.
But the downsides of Layer 3 are speed because of all of the additional overhead, and that can be deadly in multi-site networks where fast communications among tens or hundreds of computers, servers and routing equipment are necessary for such things as Ip-telephony, or even shared internet access.
Enter Newer Technologies Such as Metro Ethernet Work Using Multiprotocol Label Switching (MPLS)
Multiprotocol Label Switching is a mechanism in high-performance telecommunications networks which directs and carries data from one network node to the next. MPLS makes it easy to create “virtual links” between distant nodes. It can encapsulate packets of various network protocols.
MPLS operates at a layer that is generally considered to lie between traditional definitions of layer 2 (data link layer) and layer 3 (network layer), and thus is often referred to as a “layer 2.5” protocol.
It was designed to provide a unified data-carrying service for both circuit-based clients and packet-switching clients which provide a datagram service model. It can be used to carry many different kinds of traffic, including IP packets, as well as native ATM, SONET, and Ethernet frames.
It also allows you to maintain controls on your end points using Layer 3 switching, so with the best of both worlds Metro Ethernet services can provide the speed between locations and allow network quality of service transparency desired by small businesses all with a smaller financial footprint.
Where you might normally use Layer 3 to manage traffic in ALL locations over internet connections… with the Metro Ethernet you can use Layer 3 only as needed at end points which saves you on equipment costs and IT support costs. And you gain speed.
Scalability is a critical consideration in network design. As your business grows, your network should be able to adapt and expand without major disruptions. Here are key factors to keep in mind:
Yes, many networks use a combination of Layer 2 and Layer 3 devices to optimize performance and scalability. This is known as a hybrid network architecture.
Your choice should be based on your specific network requirements. Consider factors such as network size, complexity, scalability needs, and the types of applications your network will support.
Yes, there are various networking technologies and layers beyond Layer 2 and Layer 3, including Layer 4 (Transport layer), Layer 5 (Session layer), and so on. The choice depends on your network’s specific needs and objectives.
Network security is crucial in both Layer 2 and Layer 3 networks. Implement security measures such as access control lists (ACLs), firewalls, intrusion detection systems (IDS), and encryption to protect your network from threats.
As Groucho Marx said “A child of five would understand this. Send someone to fetch a child of five.”
I’ve read your comment 3 times, and had to laugh each time. Yes, this is challenging stuff to digest. But whenever someone is able to talk about this sort of topic (like Craig!) I am so envious. It’s not anything I could figure out on my own. 🙂
The first time I read this, I did not get it. And then I read it again, I still don’t get it. Then I try it for the third time. And then I thought, this is a matter that I better delegate. I don’t know anything about networking and I cannot even understand it.
This is a tough article to write in 800ish words let me tell you!
The basics I am trying to point out are, whenever you can find a way to alleviate yourself from routing between multiple locations without using your own equipment to do it, it can be very beneficial financially for support and equipment reasons to do so. Those who can handle layer 2 or 2.5 for you to connect locations without your equipment handling the connections can make your life and your IT’s life less complicated.
It was a catchy title! I think I have to print out this article, take out my highlighter and come back to you… 😉
Btw: I love the Grouch Marx quote by Kieran O’Connor. I am totally lost in space now! 😉
This is that I like with Small Business Trends. You will always learn something new, reading this blog! 🙂
I made my career because people don’t get this. Stick with it though. Even a senior manager doesn’t want to be left to the tender mercies of his IT guys. They have none. This stuff is pretty basic. Just keep hammering at it. It’s worth it. Kudos to the author. M.S.- Senior Cloud Architect
I like the idea of an extra layer wherein you can only control upper and lower layers at needed conditions. What are the usual average costs in relative to the traditional layers? Also, there have been arguments regarding MPLS’s encryption as some label it as a privately configured network, do you think it can affect security issues? Thanks for the heads up!
Ava, while I don’t have specifics on avg costs (as that will vary depending on location and provider) I can point you to a couple of articles on security.
First the spec on VLANS http://en.wikipedia.org/wiki/IEEE_802.1Q
How VLANS work in securing traffic path http://www.cisco.com/en/US/docs/ios/ios_xe/mpls/configuration/guide/mp_qnq_tunneling_atom_xe.html#wp998792
Then the debate: http://pciguru.wordpress.com/2009/04/18/the-mpls-is-a-private-network-debate/
The important thing to note here is that security end to end is always a concern, you are really just providing the best possible effort to secure your traffic. The key is understanding the technologies limits and having the conversation about your specific security needs with both your IT team and your provider.
reading your article ends up with a question: should L3 be in the core and L2 at the edge? Very anxious to see your answer.
Hi Craig, I really liked the article, very catchi title. I was looking for information about the tcp/ip suite, trying to find if there is actually error correction implemented at layer 2, or if it is error checking, and whenever an error is detected tha packet is droped ? I found interesting the way you introduce the 2,5 layer concept (MPLS). I heard about MPLS the first time in a congress talk about CLARA, INTERNET2, GEANT2 … Where there where using MPLS in order to increase the performace of the Educactional/research Networks for haigh speed applications. I like the article. Thansk
Great work!! Glad you wrote 🙂 Do you have any figure on the latency in both cases? And can you tell me a bit more about metro ethernet?
This actually made it easy for me to understand layer 2 and 3 and mpls.
Here’s the deal, as I understand it. An address is an address, i.e. a location say where you live, that would be an address. Information that might need to go there, say a letter is addressed to you.
Layer 2 means the mail goes to each occupant in the apartment complex, and if you have mail in the box you take out what belongs to you and send the box of letters to the next door, they do the same thing and eventual all the mail is received by all the addressees, but you would admit that it would be a slow process. Works well until Christmas, when alot of letters are receive, i.e. “media storm” and the sharing of letters to the addressees slows way down, because there is more information to sort through before it can be passed on.
Layer 3 would do the same thing, except now we hire people (routers) to sort the letters (IP packets of information) before hand and only the mail going to the folks (nodes) that live on the first floor would have to go through the box of first floor letters, not letters for the whole building (network) therefore increased cost, but faster distribution of information. And same thing for second floor folks or addressees, and so forth.
Thanks for the clear explanation!
I like your apartment mailbox analogy, I will most certainly use that one.
In the field, I often try to explain topics like this to customers, but it’s tough to elaborate when the customer doesn’t understand the difference between a browser and the Internet, or a monitor and the actual computer/workstation.
Actually is that layer 2 analogy correct? It’s not taking your letter and passing on the box, that implies only one person gets the box and has to hand it over before the other people get their letters. that is not strictly correct. Everyone gets a box, with everyone’s letters in it. They all get the whole box at the same time, find their letter and throw the rest away.
i.e. while the delivery appears faster.. .if you have too many addresses, the box is so large that you are wasting all that time sending everyone a copy of a bunch of letters that are irrelevant to them. Hence you ideally want a layer 2 connection to be 1:1 – as soon as you’re sending traffic to multiple recipients who only want a fraction of it, you’re wasting their time.
I wonder at what point this “efficiency” then becomes less efficient than routing layer 3?
Actually, I find that anyone who understands layer 3 needs to know every little about layer 2. Layer 2 reminds me of the difference between a LAN and a LAN based on a unique subnet (like 255.255.250.0). Layer 3 reminds me of a difference between a LAN, a MAN and a WAN (subnet can be anything). This would be very difficult to obtain without some sort of “ROUTING” device and by the same token would cause significant collisions if incorrectly configured.
You mentioned layer 2 might be faster. That is my priority also price is not a factor. If i have 20 ip based servers with no filtering or routing just defaults on the switch. Can you say which would be faster?
Pretty sure this sums it up using real-world equipment:
– A normal network “switch” is a Layer 2 device. Low cost, incredibly fast. It understands hardware network addresses, ie MAC addresses. Many people know nothing about this… MAC addresses are supposed to be unique worldwide and look like this: xx:xx:xx:xx:xx:xx (where xx is a hex “digit”) Upside: speed and low cost. Packets pass through at full bandwidth in realtime. Downside: it assumes all necessary devices are Directly Connected to the switch!
For packets to go elsewhere (eg to/from a site on the Internet) requires something more… a router. – A router is a Layer 3 device. It understands IP addresses and knows which device port(s) understand which address(es). So your laptop gets its data… a Web server that might have several IP addresses gets its data… and all off-net data goes to the “internet” port… etc. Upside: smart handling of packets, packets can be transformed with a smart router (eg encrypted to/from VPN), etc. Downside: routers are rarely anywhere near as fast as switches. NOwhere near as fast.
Looks like Mr. Pete has the most accurate understanding of L2 vs L3. Keep in mind that your major penalty at L3 processing is coming from the fact that the frame has to be unpacked twice. Once at L2, and then again at L3. L2 only understands HARDWARE addressing. There are no IP addresses at Layer 2. In order to perform routing, you need to work with IP addresses. The router (or L3 switch) has to unpack the L2 frame, extract it’s contents, evaluate them, **Rewrite a new PDU header and repackage the PDU**, reforward it back to L2, and then send it back out on the wire.
What this MPLS stuff does, is to avoid that whole L2 -> L3 -> reprocess -> L3 -> L2 part by putting an intermediary encapsulation layer in there. This allows things to be routed much more quickly, and as an added bonus, you don’t have to pay for $50K routers at each branch location just to make sure your offices are connected (unless you have something fairly complex going on).
Can you purchase a point to point L2 network from a provider and use managed switches on each side to handle the routing, like a router would? Right now we use P2P T1 lines with routers to manage the network. With L2, it’s just an ethernet handoff, so no router is needed. We want more bandwidth at a cheap cost per month, but get almost all the routing capabilities with managed switches on each side.
I know this post is “old” but I am still unsure what we need. Maybe cause I do not understand all the terms properly.
But what we need is that in our office building we have one ISP line in. From this the internet is shared between several offices. But some of these offices don’t want the whole building to see or enter their computers and hardware. They want to be isolated but still use the same internet as all the others. How can this be archived?
Will a L2 switch at this office be enough or wont it do anything? Isn’t the point to just create a subnet that only this office is under? Or is it really needed a L3 switch for this? What about just putting up another ruter in this office and create a new network inside this pros/cons?
Vegard, you should research Private, isolated and community Vlan. make sure your infrastructure supports it. would help your in your scenario
Vegard, Yes, a L3 switch would solve your problems. L3 switches don’t have to be expensive and by the sounds of your network a L3 switch that support Static routing would be plenty. Depending on the model you could get one for a few hundred dollars. You could then create a new Vlan for those office that want segmented, add a basic ACL to block traffic inbound from those other subnets.
I want more explanation about layer 3 .Like what are the major benifits and also the limitation.
Your email address will not be published. Required fields are marked *
Small Business Trends is an award-winning online publication for small business owners, entrepreneurs and the people who interact with them. Our mission is to bring you "Small business success … delivered daily."
Manual Ethernet Switch © Copyright 2003 - 2024, Small Business Trends LLC. All rights reserved. "Small Business Trends" is a registered trademark.