Can tag switching bridge the chasm between ATM and IP networks?
In the drive to improve the performance of enterprise networks, Cisco and other vendors are pushing the benefits of tag switching. We explain what it is, when and how to implement it, and consider its future as standards are debated
Tag switching promises to improve network throughput by reducing overhead for forwarding IP packets, tying the power of switches with the network topologies of routers. But products for tag switching have yet to ship, and other competing proposals have to be weighed before any kind of switching scheme for IP will ensure multivendor interoperability. (2,300 words, including a sidebar)
Over the past two years, both the ATM Forum and the IETF (Internet Engineering Task Force) have been working on various standards proposals to accommodate routed protocols like TCP/IP over ATM-switched networks. No existing protocol yet supports everything on a network manager's wish list, including such features as bandwidth reservation, quality-of-service requests, ease of management, and the handling of multicast traffic. If anything, the proposed protocols, such as the ATM Forum's MPOA (MultiProtocol over ATM) and I-PNNI (Integrated Private Network-to-Network Interface), seem extremely complex and may be difficult to implement and manage.
Last year saw the first independent efforts by vendors to offer a simpler solution to use switching's improved performance for IP networks. Ipsilon was the first to introduce ATM-based devices that used the properties of a flow of related packets to determine if the traffic should be routed on a packet-by-packet basis or switched to a virtual circuit of its own for better performance.
Since then, Cisco proposed a different approach, called tag switching, that adds a tag to each data packet so that switches can forward traffic onto specific virtual circuits by reading the tag rather than depend on routing information buried deeper in each packet. By the end of 1996, IBM and Toshiba had also proposed variants of the tag-switching scheme, further muddying the waters.
Let's take a look at the details of tag switching, when and how it can be used, and what's likely to happen on the tag-switching front this year.
Why bother with switching?
Not only has the Internet seen phenomenal growth in the number of users over the past few years, but the type of traffic on the 'Net has also changed, with increased use of the World Wide Web and multimedia. Instead of the predictable traffic patterns normally found in client/server networks, the Web leads to more random, any-to-any traffic. Internet service providers are continually looking for low-cost ways to improve the performance of their intranets. Network managers and planners for large corporate WANs are facing similar problems.
While routers have been the mainstay of the Internet and corporate WANs, they've posed new challenges as the Internet and WANs get larger. The need to manage IP addresses is critical, and policy-based routing is needed to allocate addresses on an organizational basis. Routing tables can become excessively large on large networks (10 megabytes or more for 10,000 routes, for example), especially for core routers. This leads not only to problems with table storage but also to problems of convergence on the same set of reachable routes after part of the network fails.
Switches have some advantages not offered by routers, such as lower latency for processing packets and connection-oriented network services which can be especially useful for multimedia traffic. But switches alone lead to flat networks that are susceptible to broadcast storms (remember networks built with bridges?) and security headaches (such as a lack of support for firewalls). As a result, the best network designs integrate both switches and routers.
Cisco's tag switching approach
Enter tag switching. With an 80 percent share of routers used for the Internet backbone, Cisco has a vested interested in keeping ISPs happy and improving the performance of its equipment for enterprise networks. To leverage its existing market base and offer a means of integrating IP over ATM, Cisco is promoting what it claims are benefits of tag switching:
Rather than depend on routing protocols to communicate across the switched core, tag switching lets the routers located on the edge of the intranet provide tags that the switches can use to forward packets. This minimizes the processing needed once the packet enters the tag-switched network. A tag-switching network would consist of tag switches and tag-edge routers, generally with tag switches forming the core of an intranet and tag-edge routers placed at the periphery to connect LANs and hosts to the Internet.
In a tag-switching network, tags are assigned based on the destination network or host. Based on Layer 3 routing protocols such as OSPF (Open Shortest Path First) and BGP (Border Gateway Protocol), a router applies a tag to each packet of the traffic flow. For an ATM-switched network, the tag would become part of the link layer header in the VCI (Virtual Circuit Identifier) field of the ATM cell header. Packets are then switched through the network with each switch simply swapping the incoming tag for an appropriate forwarding tag rather than processing each packet's contents to determine the path.
In general, a tag switch will try to populate its Tag Information Base (TIB) with incoming and outgoing tags for all the routes it can access, so that all packets can be forwarded by simple label swapping. Tag table info is exchanged using the lightweight Tag Distribution Protocol (TDP). Tag allocation is thus driven by topology (as defined by routing), not by traffic. It is the existence of an entry in the router's Forwarding Information Base that causes tag allocation, not the arrival of data packets (which is the scheme used in Ipsilon's IP switching). Tags can thus be used to forward short-lived flows (like DNS lookups, for example) as well as longer-lived flows. IP switching, on the other hand, passes along short-lived flows without setting up a dedicated VC (virtual circuit), acting instead as a router because it takes longer to process the flow for switching than it does to just route the flow.
To enhance the flexibility of the system, Cisco chose to support multiple granularities within its definition of a tag. This enables a tag switch to forward data based on a wide variety of routing functions, such as multicast data and destination-based routing. Although a tag can represent a single destination, it can also represent a set of destinations.
How to implement and install tag switching
Cisco plans to release an upgrade to its Internetwork Operating System (IOS) for Cisco 7500 routers in the first quarter of this year, followed by software for the Stratacom BPX switches in the second half of the year. The Stratacom software will let BPX switches communicate with tag-edge routers via Layer 3 routing.
Since tag switching's support of routing protocols is independent of the actual switching of flows, tag switching is not specific to IP and can be used with other Layer 3 protocols. As Cisco rolls tag switching into an upgrade of IOS, tag switching will be able to support not only IP, but also IPX and AppleTalk.
Converting an existing network to tag switching should be relatively straightforward, at least for networks composed of Cisco equipment. Since tag switching will be a software upgrade for IOS, BPX switches, and other Cisco devices, hardware doesn't have to be replaced -- but it may have to be upgraded. For instance, to act as a tag switch, an ATM switch has to implement standard Layer 3 routing protocols as well as the Tag Distribution Protocol. Implementing tag switching on an ATM switch does not preclude the ability to support a traditional ATM control plane on the same switch, but it may require added RAM.
For pure router networks, the Cisco IOS upgrade (for Cisco 7500 routers) will include both tag switching and routing. You can enable the TDP protocol and set the tag switching routers to prefer the normal routing path. After TDP is deployed on the network, it can be progressively cut over to tag switching without disrupting service.
If you have a multiservice network using Stratacom BPX switches as well as Cisco 7500 routers, you can follow a similar approach. First, you'd upgrade the BPXs to allow external tag switching control via a software upgrade. Then you upgrade the Cisco 7500 (as above) and establish the tag-switching network by configuring the switches and routers. Finally, you progressively cut over the traffic to the tag-switched paths.
What's the near-term future for IP switching...
As the Internet and corporate intranets continue to grow, ISPs and network managers alike are looking for ways to provide varying degrees of service and allocate network traffic to different priorities. ATM has its own levels of quality of service (QoS) for controlling classes of network traffic, but IP networks previously did not. With the advent of the Resource Reservation Protocol (RSVP), IP networks can now make QoS requests for network flows. None of the tag-switching proposals currently support any QoS requests. Cisco has submitted some proposals to the IETF for adding RSVP-based QoS requests to its tags, but the placement of the QoS request has not been settled.
The fight to integrate IP and ATM is far from over. Even though Ipsilon's switch is the primary shipping product so far, Cisco (and others) will be introducing their product upgrades throughout the course of this year. (See sidebar, "How switches and routers differ" for a more detailed discussion.)
...when nothing is standardized?
Cisco has submitted many draft documents to the IETF for review, focusing on the Tag Distribution Protocol, supporting multicast traffic with tags, and integrating RSVP support with tags to provide QoS requests. None of the draft documents, however, have been moved to the IETF's standards track.
As another refinement of IP-switching schemes, IBM has submitted its own variant, called Aggregate Route-based IP Switching, or ARIS, to the IETF for comment. Like tag switching, ARIS uses routing tables to set up sessions, and it supports multiple data link types. But ARIS aims to reduce the number of ATM virtual circuits needed to establish switched paths through the network, supposedly making it more scalable than either IP switching or tag switching.
Because of the Internet's strong dependence on IP, it appears that the IETF will become the ultimate arbitrator for designing appropriate protocols for tag-based switching of IP. As a result of the IETF's December meeting in San Jose, CA, a new working group, the Multiprotocol Integrated Switch-Routing (MISR) Working Group, was formed with the expressed goal of sorting out the various proposals for tag switching and addressing related issues like servicing QoS requests using RSVP and improving support for multicasting. Most of this work should take the rest of 1997, so it'll be at least a year before we see interoperable solutions from many of the vendors.
Ipsilon's protocols for flow management (IFMP) and switch management (GSMP) have been published as informational RFCs by the IETF; but the switch-controller software, needed to set up the added VCs for directing traffic, is still proprietary. Ipsilon's products also don't work with other ATM switches.
At the same time, other vendors, such as 3Com with its FastIP architecture, are moving ahead with VLAN (Virtual LAN) technologies to offer the performance of switching, bypassing routers whenever possible. For example, FastIP uses the IEEE 802.1Q standard to help switches make forwarding decisions while the Next Hop Resolution Protocol (NHRP) handles the initial connection between a client workstation and the server it wishes to connect to. FastIP allows the use of other non-ATM media, such as Fast Ethernet and Frame Relay, while segmenting networks to provide separate collision and broadcast domains, letting its intelligent switches provide security and other options that "dumber" switches do not.
If you have technical problems with this magazine, contact firstname.lastname@example.org
The fundamental difference between switches and routers is the level they occupy in the networking layer model. Using the 7-layer OSI Reference Model as a guide, routing processes take place at Layer 3, the Network Layer, while switching occurs at Layer 2, the Data Link Layer.
Routing decisions are based on the IP address in the Layer 3 packet header; a router must examine the IP address of every packet and determine the best path for each individual packet. This connectionless network service is good for interleaving packets from a variety of sources and automatically allocating the available bandwidth to user traffic as needed. But this automatic sharing of bandwidth can become a liability when a few users or applications (such as multimedia) degrade performance for other, higher-priority traffic.
On the other hand, switches examine a lower-level header, establish a path between the endpoints of a connection, and send all the packets belonging to that flow across the selected path. Switches also allow you to dedicate bandwidth for predictable communications such as multimedia apps and videoconferencing. Since switches operate at the lower layers of the OSI Reference Model, they are protocol transparent.
The schemes we've mentioned in this article fall under the category of multilayer routing. That implies that each scheme doesn't depend solely on information from a single layer in the OSI Reference Model and instead uses information from both Layer 2 and Layer 3. Therefore, while ordinary routing is a single-layer approach that may use only Layer 3 info, tag switching couples Layer 2 and Layer 3 info in a simple multilayered model. The ATM protocols, MPOA and I-PNNI, couple data from the two layers in a more complex, multilayered model. Ipsilon's IP switching is also a multilayered approach, since traffic that an IP switch doesn't forward on a virtual circuit is routed on a packet-by-packet basis.
About the author
Dave Kosiur, Ph.D., (email@example.com) is an independent networking consultant and freelance writer. He has published two books on networking, including The Macworld Networking Bible (IDG Books), which won a Computer Press Association award in 1995. His latest book, on business-to-business electronic commerce, will be published by Microsoft Press this April. He's now concentrating on electronic commerce, e-mail, and security issues, as well as the World Wide Web (isn't everyone?). Reach Dave at firstname.lastname@example.org.