Once in the Layer 4 processing engine (the second stage), the packet is examined to determine its UDP or TCP port number, and that number is compared with the list of UDP and TCP port numbers for which the switch has rules. If it matches one of the rules, it is passed along for further processing. If not, it may be passed back to the switch engine, or it may remain in the Layer 4 packet processor to be subsequently assigned a low priority.

Once a packet has been identified as needing priority, the switch assigns one of two types of priority to the packet. If the switch is a local-area Ethernet switch, it will assign an 802.1p priority tag to the packet at Layer 2 and then send it on its way (stage 3). If the switch is on the boundary to a WAN interface, or is a non-Ethernet switch, then it may be capable of assigning an IP ToS (Type of Service) priority to the packet. In either case, once the priority is assigned, the packet is directed back down to the switching engine to be sent to its proper destination.

All of this processing must occur in the blink of an eye. Many Layer 3 switches forward at gigabit wire speed. But will the same hold true for complex QoS requirements?

QoS: Bandwidth Management There's yet another class of switches that acts on information at Layer 4 without actually changing the data in the packet. These products generally are lumped into a group known as bandwidth shapers. Typically, these products serve two purposes--to maximize the amount of bandwidth you get from your WAN connection, and to give priority to mission-critical protocols that need to run over that WAN link.

One example of this kind of product is Packeteer's PacketShaper series of bandwidth management products. Rather than modifying the packets that are destined for the WAN port, these products simply allow you to grant higher priority, based on UDP or TCP port number, for packets that need to go out to the WAN first. Thus, when buffers are backed up because of excessive WAN traffic, mission-critical traffic still passes across the WAN first.

This simpler approach offers no guarantees once the packet is on the WAN, but it does ensure that Web traffic won't saturate your WAN link, preventing other applications, such as e-mail, from passing through.

Priority Translation Bridge 802.1p and IP ToS reside at fundamentally different levels of the OSI model. IP ToS fits into the Layer 3 IP portion of the packet, while IEEE 802.1p fits in at the Layer 2 MAC portion. 3Com's Corebuilder 3500 is the only product we are aware of that can map IP ToS to 802.1p Layer 2 priority. However, we expect other vendors soon will follow suit. This will allow you to deploy end-to-end QoS across your enterprise network.

Another important feature of Layer 4 switches is their ability to perform accounting at the transport layer. In essence, this translates to RMON2 on a per-port or per-session basis. In contrast to the other features we discussed, Cabletron Systems and Cisco Systems are two of only a few switch vendors to support full RMON2 statistics on their switches. With Layer 4 accounting, you can manage not only who accesses your network and how, but also track what types of traffic generate the largest load on your network.

For the network manager, Layer 4 functionality adds a new level of understanding when it comes to tracking the source of heavy traffic. When coupled with Layer 2 and Layer 3 management capabilities, this becomes a powerful tool for network accounting applications.

Web Load-Balancing Beyond Layer 3 switching, any other type of traffic prioritizing is a function of how far a switch can look into a packet, and what actions the switch can take based on information it finds. One application-specific example of Layer 4 switching is Web load-balancing, and a new generation of content-aware switches is hitting the market. These content-aware products go beyond Layer 4 and are essentially application-specific switches. (See our Sneak Preview of Top Layer Networks' AppSwitch 2000, on page 32, for an example of an application-aware switch.)

Complement to Load-Balancing ArrowPoint Networks' Content Smart Switch CSS-100 digs into HTTP URLs, and then switches packets in the same session to a specific server (see "ArrowPoint CSS-100 Switch: Layer-by-Layer Load-Balancing" at www.networkcomputing.com/921/921sp2.html for our recent tests of this device). This application-aware switching is the perfect complement to Layer 4 server load-balancing. With this type of solution, servers no longer need to have identical content. Specific content-oriented items can be switched to specific servers. With additional load-balancing features at Layer 3 and Layer 4--supported by the CSS-100--you've got a powerful and intelligent load-balancing system.

Another good example of application-specific switching is in the voice-over-IP environment, where switches must be aware of the application that is generating voice-over-IP traffic, and be able to grant highest priority to those packets on the network. Using an 802.1p-to-IP ToS gateway, this QoS tag can be forwarded onto the WAN. Application-specific switches will have very specialized positions in your network.

Send your comments on this article to Joel Conover at jconover@nwc.com.