Why Content Switching Is Different

Content switching is often referred to as Layer 4 through 7 switching. In short, that is exactly what it is. It has moved up the OSI reference model and is now associated with the Transport layer and above. These switches are sometimes called Layer 4 switches or even session switches.

Without doubt, content switches need to be able to perform the traditional functionality associated with Layer 2 and Layer 3 switches; without this, they would be seen as inadequate. However, we must not forget that these devices are not meant to perform Layer 2 and 3 tasks specifically , but rather look at higher layer information.

Content switching differs from traditional switching in many ways. It is important for network administrators to understand this when troubleshooting a problem, as this will allow them to easily locate the issue.

Packets vs. Sessions

Traditional networking devices typically make decisions based on frames in the case of Layer 2 devices, or packets in the case of Layer 3 devices. Layer 2 switches read the destination MAC address, look up the port associated with the destination address, and forward the packet as quickly as possible. A Layer 3 device needs to inspect a little further in to the packet and will need to see the destination network address, or IP address, in order for a forwarding decision to be made. Typically, no change to the addresses, or any other portion of the packet/frame, is made (obviously, cyclic redundancy checks and destination DMAC excluded). With both Layer 2 and Layer 3 devices, each individual packet is inspected and handled as a unique entity.

This is fundamentally different with content switches. While they obviously understand frames and packets and forward them as any Layer 2 and Layer 3 device would, they base decisions made on sessions. Each session is handled as a unique entity but is usually made up of many different frames/packets. By understanding sessions, content switches can then forward sessions to specific servers or manipulate each frame within a session. The session is the key to content switching, and this technology is often referred to as session switching . TCP sessions are discussed in detail in Chapter 3, Understanding Application Layer Protocols .

Breaking the Rules

One thing that needs to be understood up front is that content switching breaks traditional Layer 2 and Layer 3 rules ”if this is all you remember, then that is a good start. By "breaking the rules," we mean that content switches actually have the ability to manipulate the packets on their way through the device. It is this functionality that allows content switches to be so versatile, and these benefits are discussed in much more detail in later chapters. Let's take a quick look at the basics.

In any content switch, the ability to perform the network address translation between the VIP we have attached to and the backend server address is key. This needs to be seamless and invisible to the user . This is normal in some devices (e.g., firewalls), but the content switch also needs to be able to change the TCP destination port to the required TCP port on the server. Moreover, the content switch also needs to be able to handle application redirection. This is when the switch receives a packet destined for a specific address and instead of forwarding it via the traditional route, it has to be able to redirect the a packet to another device by only changing the destination MAC address.

While all of this seems fairly simple, it is important that we understand that this is often happening at high speed, and the content switch is making intelligent decisions not just for a single service but for many different services and applications. While this may sound straightforward now, it will be of paramount importance when troubleshooting and testing a content switching design that needs to interact with other traditional Layer 2 and Layer 3 devices.