Cisco's mid-market plunge

With the recent introduction of three new midmarket LAN switches, Cisco is geared to offer enterprise-class features and function to smaller business networks. We took a hands-on first look at these new fixed-port, rack-mountable models - the Cisco Catalyst 3548 XL, 2948G-L3 and 4908G-L3 - and found that overall they perform respectably, are loaded with features, and scale fairly well. However, we found the quality-of-service (QoS) features of the 3548 XL and the 2948G-L3 fell somewhat short.

The 2948G-L3 is similar to the 3548 XL in that it has 48 Fast Ethernet ports and two GBIC ports but is a multilayer switch that provides unicast and multicast Layer 2 and Layer 3 switching functionality. The 4908G-L3, also a multilayer switch, has eight GBIC ports. The 2948G-L3 and 4908G-L3 provide core campus routing functions. The 4908G-L3 can be used to connect multiple 2948G-L3 switches.

Our testing showed that the 3548 XL will work in the wiring closet as long as the traffic through the box does not exceed 8G bit/sec and there is no need for virtual LAN traffic priority queuing. The 2948G-L3 and 4908G-L3 work well in the core of the site network, but the 2948G-L3 suffers from some queuing problems.

Performance

We noticed that immediately after running a Layer 2 throughput test on the 3548 XL, the throughput measurements were below wire speed. With 64-byte packets we could achieve 75% of wire speed. As the packet size increased, so did the loss. With 1,518-byte packets we achieved only about 50% wire speed. The throughput curve dipped a little at 1,02-byte packets, dropping a little more than 60% of the packets. After talking with Cisco support, we learned that the 3548 XL has a backplane bandwidth limitation of 8G bit/sec throughput. This is far less than the 13.6G bit/sec that can be generated by the 48 Fast Ethernet ports and the two Gigabit Ethernet ports configured for full-duplex operation. Cisco also said the decreasing throughput as the packet size increases is caused by the behavior of the internal Application Specific Integrated Circuits in the switch.

Cisco engineers say the backplane limitation is justifiable because this switch is designed to be a host concentration device - not a backbone device. Typically, a concentration device doesn't see large, sustained amounts of bandwidth. We agree with this deployment assessment, but losing 25% of small packets and 50% of large packets still seems a little precarious. What about those voice and video streams? There may not be a problem now, but as your traffic grows, this behavior could cause some interesting troubleshooting situations.

The 3548 XL sees a maximum of about 135 microsec average latency with 1,518-byte packets at full load. We measure latency as the amount of time it takes to get the first bit of a packet out of one of our Netcom Smartbits cards, through the device, and into a second Smartbits card. We think this latency rating is a good one.

Our Layer 2 performance testing on the other two Cisco switches showed that the 2948G-L3 and the 4908G-L3 operate at wire speed, meaning all ports can operate at full bandwidth in full-duplex mode without any packet loss. The average latency measurement for the 2948G-L3 and the 4908G-L3 were 132 and 31 microsec, respectively, with 1,518-byte packets at full load.

Our Layer 3 throughput and latency testing was limited to the Catalyst 2948G-L3 and 4908G-L3 models. Both boxes achieved wire-speed throughput in the Layer 3 tests. There was little noticeable change in the latency tests between Layers 2 and 3.

Rating scalability

The 3548 XL has excellent scalability with the GigaStack GBIC option, but the backplane bandwidth limitation restricts the number of switches that practically can be chained together. The 3548 XL has an 8G bit/sec backplane limitation, which is a little better than half the rate that can be generated by its ports. This device is designed to go between hosts and the core network, so backplane rates most likely will stay below this 8G bit/sec limit - this is something to keep in mind if you decide to deploy this switch in your network. Instantaneous rates may exceed this limit and create problems for such applications as video or voice. Otherwise, upper- layer retransmissions should take care of the problem.

With the GigaStack GBIC option in place and wire-speed performance achieved on both accounts, the 4908G-L3 and the 2948G-L3 earn perfect scores for scalability.

Sizing up the feature set

Because the 3548 XL is a Layer 2-only switch, it doesn't support multicast routing, which is the ability to forward multicast traffic to other ports without having to flood the traffic to all ports. However, it supports the ability to minimize the amount of multicast traffic that it floods to its ports. This feature is implemented using a combination of Internet Group Management Protocol (IGMP) and Cisco Group Management Protocol (CGMP). IGMP is used between hosts and a router, and CGMP is used between a router and the 3548 XL. Hosts join multicast groups by sending a "Join" message to a multicast-enabled router. The router sends CGMP messages to the 3548 XL to advertise which hosts have joined which multicast groups. The 3548 XL can match this information with information in its bridging table. The 3548 XL will then only forward multicast traffic to ports that have group members connected to them. This feature was not tested for this review because of time constraints.

The need for CGMP is questionable, because the switches could be designed to snoop IGMP traffic to find the same information gathered from CGMP. We would prefer that the 3548 XL sniff IGMP instead of having to support an unnecessary proprietary protocol.

The Catalyst 2948G-L3 and the 4908G-L3 support multicast routing. We tested both switches with the Protocol Independent Multicast Dense Mode routing protocol and IGMP Version 2 enabled. Both boxes performed well in routing multicast and unicast traffic up to wire speed.

Multicast forwarding latency on both switches was similar to that of Layer 3 forwarding latency. The latency for the 2948G-L3 was 145 microsec - only a 4% increase over the Layer 3 forward latency measurement. The join latency, which is the measurement of the time it takes for a host to join a multicast group through IGMP and begin receiving multicast traffic, is around 0.5 seconds. The leave latency, which is the amount of time between sending a leave message through IGMP and seeing the multicast traffic disappear, is around 3.5 seconds.

The multicast forwarding latency for the 4908G-L3 came in at about 24 microsec - very similar to its Layer 3 forwarding latency. The 4908G-L3 takes about 0.5 seconds to service a group join and about 3.5 seconds to service a leave.

We think these latency times are very reasonable for most network applications.

To test VLAN features, we set up 12 VLANs on the 3548 XL. The 3548 XL was able to forward packets properly within these VLANs. The 3548 XL properly contained broadcast traffic within each of the 12 VLANs.

Because the 3548 XL is meant to be an access device that is connected to hosts, it's important that the switch discard bad packets so bandwidth in the core of the network isn't wasted on bad packets. The 3548 XL properly discards packets with cyclic redundancy check (CRC) errors, packets with alignment errors, those that are too big and/or too small. CRC is a way of encoding a fingerprint of the data in the packet in a small space.

Because the 2948G-L3 and 4908G-L3 boxes are meant to be used as route aggregation devices and not access devices, the VLAN testing does not fit the function of the boxes.

The 3548 XL switch supports Cisco's proprietary STP enhancement features to improve the convergence time of STP in large networks. The features include the ability to designate what ports are to be involved in the STP calculation, which ports are active and which are used as backup in a redundant link topology. The utilities also provide a way to speed convergence during loss of connection to the root bridge.

STP ensures that bridging loops do not occur in a Layer 2 network. Bridging loops can bring a network to its knees, filling the network links with copies of the same packet. The basic function of STP was not tested, because it's a given with this type of device. It's a very mature protocol that's been around for years. Without it, a switch is basically worthless.

The problem with STP in a large network is the convergence time. STP calculates a logical tree structure through the Layer 2 network and disables ports not participating in the tree. Because trees don't have loops, once the tree is established, loops are guaranteed not to exist. This calculation time, also known as convergence, can take a while to finish - the larger the network, the longer the convergence time. The network is down while the tree is being calculated. The tree gets recalculated when a link becomes active.

The 3548 XL has two proprietary features to reduce convergence time. A feature called portfast removes ports from the STP calculation. This decreases the time it takes for STP to converge. This feature is only to be used on ports that are connected to hosts, not on ports that are connected to other switches. With this feature enabled on the 3548 XL, the convergence time was reduced from 30 seconds to about 3 seconds.

Cisco also includes another feature called uplinkfast. This feature allows redundant links in a Layer 2 topology to be instantly made active in the event of a link failure. To test this feature, uplinkfast needs to be implemented on all switches involved in redundant links. Uplinkfast is only implemented on the 3548 XL, so we were unable to test this feature.

Neither the 2948G-L3 nor the 4908G-L3 support the portfast and uplinkfast features.

Cisco delivers some QoS capability in these new midmarket switches. However, our tests demonstrated that the support does not go all the way.

Cisco advertises that the Catalyst 3548 XL can prioritize traffic based on 802.1Q VLAN priority bits. We were unable to get this to work. The only way we could get the 3548 XL to prioritize traffic was to override the feature that prioritizes traffic based on VLAN tag. We gave individual ports priority to test the QoS scheduling algorithms in the box. We found that this feature works as expected.

We tested the Catalyst 2948G-L3's ability to prioritize traffic based on IP precedence. We tested this feature and found a few interesting behavioral problems. Packets with type-of-service (ToS) values of 0 got a higher priority than ToS values of 1; ToS values of 2 got a higher priority than ToS values of 3; and so on. But ToS values of 0 got about the same priority of 3; 2 the same as 5; and 4 the same as 7. QoS on the 2948G-L3 is a mess.

The Catalyst 4908G-L3's QoS behavior is much better than that of the 2948G-L3. From the results of our testing, it seems that the 4908G-L3 has four queues. ToS values 0 and 1, 2 and 3, 4 and 5 and 6 and 7 were grouped into four separate queues. The two ToS values in the same queue receive the same priority.

Management

The end result is that an administrator can access the Web management interface of the cluster of switches via one IP address. The switches support SNMP, telnet and Trivial File Transfer Protocol for manual management. We recommend using the Web interface, because it is the easiest to use and lets you manage multiple switches.

The 2948G-L3 and 4908G-L3 do not have a scalable Web configuration interface like the 3548 XL. This would be a useful addition.

Installation is a breeze for all these boxes, but documentation is lacking in absolute detail of all features and commands. The Cisco Web site is very helpful in finding the proper information, but we had to rely on Cisco support a few times to find the proper command to configure the switch.

Overall, we recommend these switches for use in small networks because they're inexpensive, perform well and offer some of the advanced features available in Cisco's higher-end boxes. However, be judicious in which enterprise features you choose to deploy, because they don't all work as advertised.