Disadvantages of using Layer 3 switch as a router
- Doesn’t support MPLS and VPN services
- Doesn’t support NAT, firewalling, tunnel, IPSec
- Size of routing table is small
- Forwarding is performed by ASIC
- No QOS support
Advantages of using routers
- Non-Ethernet connections (which still do exist)
- Large routing tables
- Many routing VRFs — campus and datacenter switches don’t need ‘em, at least for common uses NAT, especially with protocol fixups (address in payload situations)
- Large ACLs without loss of efficiency
- QoS not tied to 4 or 8 hardware queues (i.e., QoS that can support more than 4, 6, or 8 classes of traffic complexity)
- QoS policing (switches may do this, with limitations)
- QoS shaping (complex/not in chipsets)
- QoS: Layer 7 traffic recognition (Cisco “AVC”)
- MPLS labels (OK, Nexus 7K M-series line cards are basically routers on a card)
- Segment routing
- LISP
- IPsec or SSL VPN
Buffer
Switches usually have lots of ports of the same or similar speeds. As such they don’t need deep buffers and the buffers are usually shared among all ports or groups of ports.
Routers usually have dedicated buffers per interface or interface module. This is to do with rate shaping when the ingress interface for a traffic flow is much faster than the egress interface. Think GigE LAN port and ADSL WAN port. Switches CAN do rate shaping but that process is hard on the buffers and routers are designed to connect lots of different connectivity types of different speeds together Switches tend to operate on just the one (nominally Ethernet). so if you have traffic entering a 10G uplink at any kind of rate, and the egress port is running at 10M then you will see a lot of output drops on that interface as the TX Buffer gets filled. If you send bursty traffic into a router it will generally cause you to see increased latency as it queues traffic, but loss rates are much lower.
Feature sets
Switches tend not to have as many higher layer inspection features as routers. Stuffs like NAT, NBAR, IPSec, Tunneling, PBR, IPSLA etc. Lots of those features require process switching, which needs a lot of RAM and CPU resource. Switches tend not to have that as they’re designed to do basic routing functions but very fast using specialized hardware, line rate in most cases. Routers are designed to do more complex and fiddly things, not necessarily as quickly. Which is why a £5000 L3 switch will have a much higher routing throughput than a £5000 router. But the Router will be more flexible in the things it can do. Most modern routers will fast switch L3 stuff in hardware as well, but that performance isn’t usually quoted in the data sheet because if you ask it to do something like process an ACL or NAT then it has to process switch those packets instead. (I.E they go to the main CPU not processed by an ASIC on the interface module)
Route capacity.
As I said before Switches are designed to do basic routing very fast based on hardware chipsets built for that purpose. They don’t tend to have as much memory or CPU power as a router of equivalent value, so aren’t capable of holding as large a routing table as a router. A router is designed to run and interconnect multiple different routing protocols, all of which need memory to store their own topology tables as well as the main RIB. Thus is better equipped to do that. An ASR1001X is a ~£10k router, a Catalyst 4500X is a ~£10k layer 3 switch. The ASR will take 750,000 routes, the 4500X will take only 32,000. Again this is because they are designed for different jobs. L3 switches are designed to work in the middle of a network usually running just the one protocol and routing local traffic. Routers are designed to work at the edge of the network and route internal and external traffic as well as manipulate and filter that traffic.