Layer 3 Switch vs Router

[rnavarro]

Hey Guys,

I have a seemingly basic question. What's the difference between using a layer 3 switch and a router? (Assuming I have a copper handoff at the colo)

I'm considering replacing a pfsense box with a layer 3 switch (I need the switch, so I figure if it does all the same things why not combine the two?)

 

[capn_pineapple]

Straight from wiki...

Layer 3 Switching

The major difference between the packet switching operation of a router and that of a Layer 3 switch is the physical implementation. In general-purpose routers, packet switching takes place using software that runs on a microprocessor, whereas a Layer 3 switch performs this using dedicated application-specific integrated circuit (ASIC) hardware.

So there's going to be far less overhead in terms of the switching side but any other plugins that you may have with PFSense (squid etc) will not be available.

 

[rnavarro]

That makes sense that any additional services wouldn't be provided.

However, in general, can L3 switches to any kind of NAT-ing? Or do they strictly perform the function of routing between subnets?

Can they still provide basic network services, like DHCP and a basic firewall?

Sorry, i'm pretty new to all of this trying to read up what I can.

 

[capn_pineapple]

LAN switching - Wikipedia, the free encyclopedia
Network switch - Wikipedia, the free encyclopedia
Take a look at that real quick, (not that wiki is 100% perfect) it says that NAT is done at the Layer 4 boundary

I suppose that if they can handle various subnets then they should have the routing ability to do NAT between them. I've been reading a little on this recently myself but, without any hands on time I'm not exactly sure.

 

[mrkrad]

nat and vpn are typically on firewall appliances.

dhcp is not uncommon on L3 switches - more typical is dhcp relay.

You want a next-gen firewall to do L4-L7 policy routing