Layer3 switch recognition

Hi,

I'm writing a network inventarisation application and was wondering if
someone could tell me how to find out if a switch is a layer-2/layer-3
switch (preferable via snmp). I'm having trouble distinguishing(?) a router
from a layer-3 switch both support bridge-mib and have ipForwading enabled.
Although there is not much functional difference between both, I would like
to present the devices differently.

Erik

 

:I'm writing a network inventarisation application and was wondering if
:someone could tell me how to find out if a switch is a layer-2/layer-3
:switch (preferable via snmp). I'm having trouble distinguishing(?) a router
:from a layer-3 switch both support bridge-mib and have ipForwading enabled.
:Although there is not much functional difference between both, I would like
:to present the devices differently.

Layer-3 switches *are* routers -- just routers with a set of features
that is relatively restricted compared to most modern professional
router builds.

The Layer 3 switch we have deployed at the moment is more flexible
and has more functionality than the Netgear "Gateway router" I
have at home connecting my home LAN to my residential ADSL ... with
the one exception that the Layer 3 switch predates widespread PPPoE.

If you want us to provide an automated mechanism to distinguish
between a Layer 3 switch and what you would call a router, then you
are going to have to provide us with some hard specs on what the
difference between them is as far as you are concerned. Keep in mind
that some devices marked as "Layer 3 switches" these days support BGP.

 

Hi Walter,

I know of all the theoretical stuff.
My question: four devices in a enterprise network, ex a Cisco2600, a (day 1,
no routing) Cisco 3550-SMI, (always have been full routing) Cisco3550-EMI
and a Cisco6509-Sub720. Of all these devices I call the last two multilayer
switches because they (can), and this is my definition of a multi-layer
switch, do switching based on destination IP addresses instead of
destination mac-addresses only. Excluding speciality features like
filtering, ... .
Now, without looking at the product labels on the outside of the device and
without full knowledge of cisco product numbers: which are the multi-layer
switches? Can this be determined by using snmp, telnet, ...

Erik

 

["Erik Tamminga"]

| My question: four devices in a enterprise network, ex a Cisco2600, a (day 1,
| no routing) Cisco 3550-SMI, (always have been full routing) Cisco3550-EMI
| and a Cisco6509-Sub720. Of all these devices I call the last two multilayer
| switches because they (can), and this is my definition of a multi-layer
| switch, do switching based on destination IP addresses instead of
| destination mac-addresses only. Excluding speciality features like
| filtering, ... .

A 3550-SMI can do IP routing just fine - it just needs to be turned on
("ip routing"), though it can't do OSPF, BGP & other advanced stuff.
Only the software is different - the hardware for SMI and EMI is the
same and can do full IP routing (longest prefix match on destination
address) just fine.

"switching based on destination IP address" is IP routing. It doesn't
make any sense (on a technical basis) to differentiate between them.

| Now, without looking at the product labels on the outside of the device and
| without full knowledge of cisco product numbers: which are the multi-layer
| switches? Can this be determined by using snmp, telnet, ...

You can certainly find out if a 3550 is doing IP routing (check if the
"ip routing" command is enabled). You can find out if the switch is
running SMI or EMI software ("show hardware"), and I believe the same
command will also show you if the switch is originally an SMI or EMI.

Steinar Haug, Nethelp consulting,

 

Hi Steinar,

Day 1 the 3550-SMI was released, it didn't support ip routing. Later IOS'es
enabled this feature in the SMI version, that's why I prepended, for the
example (which makes it a bad example), the "day 1, no routing".

But anyhow, your way of finding out if the device is, what I call a layer-3
switch, is using extensive "cisco productlist knowledge". I was wondering if
there was a more general way of doing this. For example: all cisco layer-3
switches should have table-X via SNMP or present "layer-3" when issuing cli
command ..... .

Anyway thanks for replying.

Erik

 

Does using the SNMP variablem sysServices address your need

A layer 3 switch should have a sysService = 3 and a layer 2 switch should have a
value = 2



OID description:


sysServices OBJECT-TYPE
SYNTAX INTEGER (0..127)
ACCESS read-only
STATUS mandatory
DESCRIPTION
"A value which indicates the set of services that
this entity primarily offers.

The value is a sum. This sum initially takes the
value zero, Then, for each layer, L, in the range
1 through 7, that this node performs transactions
for, 2 raised to (L - 1) is added to the sum. For
example, a node which performs primarily routing
functions would have a value of 4 (2^(3-1)). In
contrast, a node which is a host offering
application services would have a value of 72
(2^(4-1) + 2^(7-1)). Note that in the context of
the Internet suite of protocols, values should be
calculated accordingly:

layer functionality
1 physical (e.g., repeaters)
2 datalink/subnetwork (e.g., bridges)
3 internet (e.g., IP gateways)
4 end-to-end (e.g., IP hosts)
7 applications (e.g., mail relays)

For systems including OSI protocols, layers 5 and
6 may also be counted."
::= { system 7 }

 

:But anyhow, your way of finding out if the device is, what I call a layer-3
:switch, is using extensive "cisco productlist knowledge". I was wondering if
:there was a more general way of doing this. For example: all cisco layer-3
:switches should have table-X via SNMP or present "layer-3" when issuing cli
:command ..... .

But your question before was on how to distinguish a "layer 3 switch"
from a "router". Do you now wish to classify "layer 3 switches" as routers
in your icon display, or do you wish to classify them with the
same icon as the layer 2 switches?

Your discussion has talked about "Layer 2 switches", "Layer 3 switches",
"routers", and "multilayer switches", and I am still uncertain which
technical features you wish to distinguish upon in the general case.

I know this is cross-posted between Cisco and SNMP newsgroups, so I hope
those in the SNMP newsgroups will be patient with me while I use several
Cisco specific examples of what different devices are -marketted- as:

Layer 2 switch: Cisco Catalyst 5500 without the optional RSM;
Cisco Catalyst 2950;
Nortel BayStack 350/410/450

Layer 3 switch: Cisco C2948G-L3
Nortel Passport (Accelar) 1100/1150/1200

Multilayer Switch: Cisco Catalyst 3550 / 3750

Router: Cisco 17xx, 26xx, 4000 series, 720xVXR
Nortel Passport 8600

Firewall: Cisco PIX


The difference between the "Layer 3 switches" and the "Multilayer switches"
is mostly in the -flexibility- that one has in working with Layer 4 and
higher level information. The boundaries between "Multilayer switch"
and "router" get quite blurred, especially with the 3750 able to handle
ACLs, QoS and extensive policy-based routing. There are arguments that
the PIX should be considered a router (it just won't route back to the
-same- logical interface), and it has strong ACL support and has multilayer
inspection -- but the PIX has relatively primitive SNMP support, so
any attempt to distinguish a "router" or "multilayer switch" as
being one that possesses a certain SNMP table or presents a certain
string in the CLI is doomed to failure.

Then we get into equipment from other manufacturers, some of which might
properly be (say) a "layer 3 switch" or even a router comparable in function
to some of the older Cisco IOS releases [e.g., before they called it IOS],
and yet might not even *be* 'managed'.


So what we have at the moment would appear to be a situation in which
the OP wishes to distinguish devices based upon how they are -marketted-,
without using any manufacturer-specific knowledge, even though
different manufacturers market the same functionality in different ways
and even though even with the same manufacturer there are multiple valid
viewpoints as to where specific devices "should" fit.