router vs layer-3 switch

Unanswered Question
Jul 31st, 2008

What is the decision criteria for selecting a layer-3 switch vs a Router? Is there any document that gives comparison.

OK.. I will be more specific. I am planning to upgrade a 3825 router to a 7206 VXR NPE-G1 or to a 3845 ISR OR even a layer-3 switch. Reason being this router would support additional VOIP traffic as well as some critical applications (Citrix etc.).

Then the idea popped why not install 3750G Enterprise or any other layer 3 switch which would also give additional gig ethernet interfaces as well as take care of layer-2 connectivity.

Now the question is what could be the performance criteria to prefer one device over the other keeping in mind the VOIP traffic requirements? There are currently 120 remote call centre agents and the maximum interface utilization is 18Meg. This can go up to 250 agents in near future.

Any thoughts!!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Edison Ortiz Thu, 07/31/2008 - 09:22

The typical router provides more services such as: extensive QoS, NBAR, IPSec, Security features etc.

The switch, while it provides greater speeds and port density, has its limitation as an edge device.

You need to examine what services this edge device will be responsible for, and make the decision based on that. Not solely on speed.




fawad.alam Thu, 07/31/2008 - 09:49

hi Edison,

Can you give an idea what QoS features will not be available on layer-3 switch? On this edge device I am doing classification and marking only. It connects to the service provider router. Also there is no special for requirement for VPN, tunneling or security.

My main concern is performance. Is there any concern for performance if I install a 3750G switch vs a 7206 VXR NPE-G1 or a 3845 ISR? Any cisco document would be helpful as well!


Edison Ortiz Thu, 07/31/2008 - 10:27


Classification and Marking is fully supported in the 3750

I was referring to traffic-shaping, for instance (not supported).

As for performance, please see this URL:

select the 'Router Performance' and 'Switch Performance' PDFs and compare.




fawad.alam Thu, 07/31/2008 - 14:02

Hi Ediosn,

Thanks for providing these useful links!

I browsed through the comparison charts and also looked at the data I am little bit confused about performance.

* The Cisco 3800 Series delivers multiple concurrent services at wire-speed performance of up to T3/E3 speeds.

* Cisco 3750-E has 68-Gbps, wire rate backplane.

If I am not mistaken, this is a big difference in packet processing speed (45mbps vs 68gbps)??

Can you please comment on this!

Joseph W. Doherty Thu, 07/31/2008 - 15:51

You're not mistaken. There's often a huge raw performance difference between L3 switches and "software" based routers. The former usually has dedicated hardware (e.g. ASICs) to achieve high performance, the latter often relies on the router's CPU speed.

Joseph W. Doherty Fri, 08/01/2008 - 02:09

Perhaps you meant the NME- EtherSwitch Service Modules? I believe both the NM- and NMD- EtherSwitch Modules only do L2 within their hardware, L3 is still done on the router.

fawad.alam Fri, 08/01/2008 - 05:42

But the NM-16E module would still use the same router backplane, wouldn' it? The router (3845) would still be giving max performance of T3(45mbps) at wire speed??

Joseph W. Doherty Fri, 08/01/2008 - 08:41

It might be a little more complex than just the "backplane" of a 3845. I haven't seen much documentation of the internal physical bandwidth capacity of most software routers. The limiting factor is usually the PPS of the router, which for a 3845 is 500 Kpps unlike the multiple Mpps rating of most L3 switches. I do recall reading, somewhere, the bandwidth of certain module slots. What I recall wasn't real high, something like 800 Mbps or 1 Gbps. The EtherSwitch Service Modules might be a special case for L3 traffic flowing between ports on the module, but not between the module and other router ports.

For low end devices doing L3, as a general rule, use "routers" for WANs and "L3 switches" for LANs.

fawad.alam Fri, 08/01/2008 - 11:55

I agree with the comment that as a general rule, routers are for WAN and L3 switches are for LAN.

But when you cmpare the performance it clearly indicates that switch perform much fatser than compared to router due to Hardware ASIC.

Now that we have Ethernet Gigabit MAN core isn't it a better idea to use Layer3 switch vs a router?

Routers can be limited to certain scenarios/requirements. For example, if you need VPN encryption, some additional security feature and tunneling not availabel in switch IOS, requirment for Optical WAN modules etc. For all your ethernet needs L3 switch is the best option??

Any expert thoughts!!

Edison Ortiz Fri, 08/01/2008 - 13:03

Now that we have Ethernet Gigabit MAN core isn't it a better idea to use Layer3 switch vs a router?

Yes, Large Enterprises terminate these connections on 6500s.

The type of switch you purchase relies on the level of redundancy you want to have - in other words, single point of failure.

But to address your concern, a L3 switch is better suited as an edge device in a MAN connection when speed is the number 1 concern.




fawad.alam Fri, 08/01/2008 - 15:16

This is very true! I have seen large enterprises using 6509s as the edge devices at the data centres. But at the same time for non-data centre MAN locations sometime they make wrong choice (in my opinion) and go for 7206 VXR or 3825/3845. A 3750-E switch would do a better job at much comparative cost!

Edison Ortiz Fri, 08/01/2008 - 18:22

It's all about making a 'safe' choice. When you visit the cisco website and you are purchasing a switch, the 3750-E is categorized as a closet switch, not a WAN switch.

Yes, you have the 3750 Metro but this switch provides more WAN services than the regular 3750-E.




This Discussion