I have run into this problem again and again and have never found a sufficient answer to this question. I want to understand the fundamental, theoretical difference between a layer 2 network and a layer 3 network beyond "a LAN is meant for just one building" or "a LAN uses MAC addresses instead of IP addresses".
Both layers are concerned with connecting individual machines so that they can communicate with each other. Layer 2 switches use protocols based primarily upon broadcasting and spanning trees whereas layer 3 routers use more generalized algorithms suited for large networks with complex topologies.
-
Suppose you have an office with computers connected on a LAN. Why can't all the computers act as their own routers and have the office be a layer 3 topology? Why is layer 2 necessary at all?
-
What prevents us from implementing, say, a firewall as a node in an arbitrary layer 3 topology instead of being at the interface of the network layer and the link layer?
-
Why do we use different protocols (spanning trees vs. routing) to solve essentially the same problem?
Best Answer
At layer-2, the frames are delivered directly from host to host, meaning that each source host is on the same network as the destination host. In order to get from one network to another network (internet), we have layer-3 protocols, e.g. IP (Internet Protocol).
Hosts at layer-2 find each other by broadcasting, and switches flood frames where they do not know the destination, so that doesn't scale, and you have separate networks and protocols to connect the separate networks.
In some ways, each host is a router and has layer-3 built into it., but each host probably only has one connection to the network. Routers route packets between networks, and they will have multiple interfaces. Routers are hosts on the network that know how to reach other networks. For traffic on the network, the layer-2 frame is addressed directly to the destination host, but to get to a different network, the frame is addresses with that of a router. If the router does not have a path to the destiantion network, it drops the packet.
A firewall is a node at the physical and data-link layer, and it probably has a network address for management and (in most cases) each interface, too. A network address is a layer-3 address, so the topology is layer-3.
Spanning tree and routing are very different protocols with different purposes. Spanning tree is designed to prevent layer-2 loops by setting up a single loop-free path on a single network to a root bridge. Routing is designed to send packets from one network to another network. Both layer-2 and layer-3 can have loops (very bad). Spanning tree is a protocol to prevent loops at layer-2 because layer-2 frames would just propagate and amplify until the network crashes (happens very quickly). IP (a layer-3 protocol) has a TTL that decrements when the packet is processed by a device, so a packet will not circulate forever the way a layer-2 frame does, but routing protocols generally try to prevent routing loops, but routers can still be configured to loop.
Remember that routing protocols do not route packets, they let routers exchange routing information. Routers route packets based on what is in their routing tables, which can be populated by routing protocols (also directly connected networks and statically configured routes can populate a routing table with more preference than the routes learned from a routing protocol). A better analogy is comparing a switch MAC address table to a routing table. Routers can use routing protocols to learn where destinations are from other routers. Switches learn destination interfaces directly from the frames passing through each switch, but do not communicate that to other switches.
Remember, too, that the different protocols were defined by different people for different purposes at different times, and they are maintained by different groups and standards bodies. What we use today (primarily ethernet, although being supplemented and replaced by Wi-Fi, and IPv4) is what the market chose. Bob Metcalfe (ethernet) and Vint Cerf (IP) really did not know each other or what the other was working on. Each developed a protocol for his own purposes.