Layer 2 WAN link vs Layer 3 WAN

Hi, the company where I work has a combination of layer 2 WAN links and layer 3 WAN links.

Could someone please explain the difference between the two, and in what circumstances you would use each type?

Does layer 2 means the links are switched with MAC addresses and layer 3 is routed via IP addresses?

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Don JohnstonInstructorCommented:
Basically, a layer 2 WAN would be something like Frame-Relay where a layer 2 address is used for destination determination. A layer 3 WAN would be something like the internet where the layer 3 address is used.

But this really isn't official terminology. Probably more like someones opinion or view of a link.
Hi there,

In today's terminology, a layer-2 WAN solution usually refer to Ethernet solutions... Things like EPL (Ethernet Private Line), VPLS, H-VPLS etc...
Conceptually, a layer-2 service mean that the customer can get his site switches interconnected together at a layer-2 level.. so the customer can share the IP address prefix across several sites.
The type of the layer-2 solution depends on what you're planning to do... but I am happy to dive down if you provide more information on what you want to do.

The layer-2 is also used for legacy protocols (other than IP), typically used in old environment..
Also common for data centre connectivities where clustering could be required (if distance/latency allows).
Layer-2 is also required sometimes when the customer wants to manage their own routing domain.

Layer-3 WAN services refer to all products that allow connectivity at layer-3... Things like Internet based VPNs (IPSec/SSL etc...) or MPLS VPN (private layer-3 WAN) where the customer will interconnect at IP level with a private instance of routing at the provider.

Let me know what exactly you're trying to achieve, and I'll point you in the right direction.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Check Out How Miercom Evaluates Wi-Fi Security!

It's not just about Wi-Fi connectivity anymore. A wireless security breach can cost your business large amounts of time, trouble, and expense. Plus, hear first-hand from Miercom on how WatchGuard's Wi-Fi security stacks up against the competition plus a LIVE demo!

Answering your question by the way, yes this is right...
Layer-2 means basically that the frames are being switched based on MAC addresses rather than IP addresses in the packets for layer-3 services.

The infrastructure over which these services run can rely on a broad range of technologies, either layer-2, layer-2.5 (MPLS) or pure layer-3 or sometimes SONET/SDH for unoversubscribed layer-2 services.

Depending on the services you're planning to use over the network, oversubscription and QoS requirements, you might prefer a carrier over the other depending on their backbone and service design.

Be mindful also that layer-3 services comes with more intelligent service portals from the carriers cause they have higher visibility into the network...

paulo999Author Commented:

Thanks very much for the info.

I need to put a plan together for a smaller network for about 250 users and about 3 ESXi hosts, with Avaya VoIP. I was planning on using a Cisco 4500 for the core with Cisco 2960S as the access. To save costs it has been suggested to use 2x3750s for the core switches. Normally I would stack the two 3750s together to effectively make them act as one switch, but it’s been suggested that the two 3750s should have layer 3 link between them, but I don’t really understand why. Would it be because you can then do QoS etc between the two switches? Would that make the two 3750s on different subnets/VLANS?

For my own knowledge; Is the reason for using layer 3 instead of layer 2 between switches in this manner so you have features like QoS? I think I’ve read that you should do layer 3 between core switches, and distribution switches to core switches. So would each level of switch effectively be on its own subnet/VLAN?

Sorry if this is a dumb question :-)
The core should be running layer 3 for many reasons, not only for QOS...

1) To be able to provide redundancy for aggregation and access, with routing protocols on both switches.
2) To be able to do access control between different distribution levels.
3) QOS application.
I have seen 3750 in the core many times, design typically deployed in the small sites cores.
VLANs are normally bridged at the different access layers, with SVI in the collapsed distribution/core.

paulo999Author Commented:
Excellent, thank you.

One last thing I don’t quite understand fully – if you had, say, 2x3750s as your core, why would you put a layer 3 link between them both and not just put them both together in a stack?

Surely the bandwidth between the two switches in a stack is significantly more than just trunking two 1Gb ports together?
paulo999Author Commented:
Thanks for all comments
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Architecture

From novice to tech pro — start learning today.