Mailbag: Layer 3 not for wiring closets

Last month I asked if Layer 3 capabilities belong in your wiring closet, and you responded. The majority said no – and I’ll relay some of those responses today.

Let’s start with one of the more plainly stated responses:

“Layer 3 in the wiring closet is an incredibly bad idea,” writes one reader. “People forget that Layer 3 means you now have routing protocols sending updates, and you now have to manage routing configuration and control and convergence. Every new router makes things that much more complex. If there is only one network in a wiring closet, Layer 3 is irrelevant. If there is more than one network (VLAN) in a closet, that’s why we have [VLAN Trunk Protocol]. Routing should be kept to an absolute minimum.”

Management of all those Layer 3 devices was a primary concern among those who wrote in:

“I’ve heard this sales pitch [for Layer 3] several times, but have yet to see an overwhelming reason to go L3 in the wiring closet. I would cite management concerns as being one of the big reasons; with a small networking staff, having routing functions centralized reduces complexity. In addition, having a reduced number of devices to visit makes solving routing problems easier and quicker.”

Also expressing management concerns was this reader from a large university:

“We have about 40 or 50 intermediate/aggregation closets that have Layer 3 ability, but aren’t being used past Layer 2 due to the administrative headache that would cause. These closets mostly have a mix of [Cisco Catalyst] 3550 switches which aggregate a number of Cat2950 and Gigabit Ethernet-to-desktop connections. This could be considered a big waste of money. I think it was.”

Interestingly, several readers brought up the failover issue, comparing Layer 2’s spanning tree with Layer 3 capabilities. One wrote:

“Layer 2 failover is quicker than Layer 3 (we use [Split Multi-link Trunking] as we are primarily a Nortel shop) and gives us more options for load-balancing the traffic. There may be some instances where L3 would prove beneficial, but we don’t have any. Smaller companies that have a more distributed architecture might benefit by having some L3 between VLANs at the closet, but we move all the traffic to chassis (core) switches for the L3 traffic.”

Another says Cisco is sending the user a different signal on the failover issue than it used to:

“In the past Cisco has recommended Layer 3 because of faster convergence than spanning tree… But much to my colleague’s and my surprise they were pushing Layer 2 as a faster convergence than routing protocols this year. RSTP (Rapid Spanning Tree Protocol) seems to have faster convergence than a routing protocol… Convergence starts at the instance the Layer 2 failure occurs for RSTP. At Layer 3, convergence really starts once the neighbor is recognized as being lost – which will include some sort of timeout value in seconds.”

Lastly, here’s one reader who says the failover at Layer 2 or Layer 3 ultimately doesn’t matter:

“When the proponents [of Layer 3 in the wiring closet] say ‘faster failover’ what they’re actually saying is, ‘Escape the spanning tree nightmare that we talked you into three years ago.’ In large switched networks, spanning tree problems are a major concern that the vendors swept under the carpet when Layer 2 switches were all they had to sell. In our experience the additional burden associated with more routers would be more than offset with reduced Layer 2 management concerns.

“However, we’ve come to like VLANs, and have made very good use of them, and a VLAN unfortunately stops at a router because a VLAN is a Layer 2 concept. In quite a few situations we have delivered excellent functionality to users by making a given VLAN available in many buildings. This wouldn’t be possible if we were using only Layer 3 devices in every closet. Yes, we could maintain a Layer 2 network for that functionality and go to Layer 3 for normal connections, but that’s pretty unpleasant to think about at this point.”

Next time: Those in favor.