Layer 3 Essentials help improve network security and performance

With Cisco Meraki MS switches, large network deployments can create scalable architectures and manage routing between VLANs.

Our newly-announced Cisco Meraki MS320 switches come with out-of-the-box “Layer 3 Essentials” functionality, specifically static routing and DHCP relay. These two features are critical for organizations that want a flexible, performance-driven switching fabric to help them isolate client traffic for reasons of security, speed improvement, and cost.

For example, to enhance security you may wish to isolate your HR department’s traffic from that of your  guest network. Or, perhaps you want to separate data and voice traffic, so you can apply quality of service (QoS) tags to — and improve the performance of — that voice traffic. Or maybe you’d like to avoid purchasing additional Layer 3 devices to attach to your Layer 2 switches (to allow isolated network segments to communicate with each other).

The examples above are made possible with Virtual LANs (VLANs), support for which is present in every Meraki MS switch. VLANs segment a wired network into separate logical networks, preventing clients in different VLANs from communicating without a Layer 3 device installed to route packets appropriately. Another way to think of this is that VLANs define broadcast domains, ensuring clients are only seeing and processing traffic relevant to their respective VLAN.

 

Static routing

The static routing functionality of Cisco Meraki MS320 series switches lets you route traffic between VLANs without needing extra Layer 3 devices attached to your switches; routing is done inside the switch itself.  So if your HR and Finance departments were isolated in separate VLANs, but you’d like certain traffic to pass between the two, you can easily enable this with an MS320 switch. To do this, you would specify which IP subnets are assigned to which VLAN, and next hop routes, from within the Meraki dashboard:


Setting up Layer 3 routes in the MS320 series switches.

 

 

DHCP relay

To enable multiple VLANs within a single physical network, DHCP relay ensures that isolated network segments can receive IP addresses for their respective clients — even if a DHCP server is not installed directly on that segment.


An MS320 switch in VLAN 10 knows to relay DHCP requests to a server in a separate VLAN.

 

We’re excited to offer our customers the additional flexibility, security, and cost reduction that static routing and DHCP relay facilitate.  We’re continuing our Layer 3 development, and expect to release OSPFv2 support for the MS320 family in Q2 CY2014. If you’d like to test drive Meraki switches in your own environment, please check out our free evaluation program.