Layer 4 Switching

The idea of layer 4 switching has been around for about 12 months. When it was first introduced by a handful of suppliers, many networking analysts were somewhat skeptical of the term. At the time, the industry as a whole was still trying to digest an army of new switching concepts: layer 2 switching, layer 3 switching, layer 2 and layer 3 switching, multilayer switching, and so on. Suddenly, here was another switching layer concept waiting to confuse us all. Many wondered if there really was such a thing as layer 4 switching, or if it was just a clever marketing ploy launched by suppliers trying to differentiate themselves during a period of rapid market change and confusion?

The source of the initial skepticism lay in the very idea of mating the two ideas of "layer 4" and "switching" into one descriptive term. Networking people of all stripes knew the order and sense of the OSI reference model. You could "switch" a packet at layer 2 of the reference model because that's where you found the MAC address, the address burned into the NIC card installed in your desktop machine. Or you could "switch" a packet at layer 3 of the reference model because that's where you found the destination network address, if you were using protocols such as IP. And in fact, by combining these two addressing layers, you could do the remarkable but now everyday event of sending e-mail from your desktop across a LAN through the Internet to another desktop on the other side of the world.

But layer 4 doesn't contain any addressing information. Strictly speaking, it is the transport layer of the OSI reference model, and the place where you find information about the application services or protocols that might be using the IP network. You could find out, for example, that TCP rather than UDP was sending data down to the IP layer, or that it was HTTP traffic instead of FTP traffic that was being sent into the network. The question, therefore, was, "How can this transport information have anything to do with switching packets?"

The answer to the question lay in the idea of looking at networking "flows" rather than just packets moving through the network. In this larger concept of flows, you identify a stream of packets by more than just its MAC and network addresses. You take into account additional information from the Transport Layer as well, thereby creating an extremely precise -- and more expansive -- definition for the packets moving through the network.

In effect, you still identify the packet stream by its MAC and network addresses, but further refine the definition by also identifying the nature of the application generating the packets. With this additional information, users can identify a packet stream flow by more than just the fact that the packets were moving from source A to destination B. They can now identify one flow from source A to destination B as FTP traffic, and another flow from source A to destination B as HTTP traffic. And with this heightened awareness of the identity of the different packet stream "flows," users can apply different rules to the processing of each flow as it moves through the network. Granted, this is not exactly "switching" as understood in strict networking terms, but it is clearly a way to "identify and do things" to the packets while they are being moved from point A to point B.

What kind of things can users do to the flows? One of the most important is to assign Quality of Service (QoS) and/or Class of Service (CoS) categorization to them. Because users now take into account application-level information, they can effectively refine and expand the criteria used to assign prioritization. Without layer 4 switching, user can assign the same high-priority treatment -- regardless of flow -- to all packets moving from source A to destination B. With layer 4 switching, you can give HTTP traffic between source A and destination B an even higher level of priority than what you give to FTP traffic going between the same two points. This is an extremely important feature to have as the industry moves into its early stage of convergence. When convergence occurs, networks will be loaded with packetized voice or video along with traditional types of data. Identifying multimedia packets on a layer 4 basis can enable users to ensure that the packets get higher priority processing in the network. -- Sam Alunni is vice president of networking at Sterling Research (Sterling, Mass.). Contact him at alunni@sterlingresearch.com.