In a network system in an organization such as a company or the like, a routing is performed for recognizing data of the network layer (third layer) or more of the OSI reference model and controlling a destination of a packet on the basis of the data. A switch existing on the foregoing network system is finely categorized for each layer of the OSI reference model supporting. As main categories, there are the L3 switch (layer 3 switch) for reading data of the network layer (third layer), the L4 switch (layer 4 switch) for reading data of the transport layer (fourth layer) and the L7 switch (layer 7 switch) for reading data of the application layer (seventh layer). The L7 switch may be referred to as the application switch.
The L3 switch is a network device in which, as a core device in a LAN (Local Area Network), a transfer function of a packet possessed by a router is made into hardware and its speed is made much higher. The L3 switch evolved from the L2 switch (layer 2 switch) of the conventional switch. The L2 switch is a device for relaying a LAN frame based on a MAC address (Media Access Control Address). On the contrary, the L3 switch concurrently includes a router function for determining a relay destination based on an IP address (Internet Protocol Address). In short, the L3 switch is a device in which the L2 switch and the router are integrated into a single unit.
The L4 switch recognizes a protocol of the transport layer (fourth layer) level such as the TCP (Transmission Control Protocol), the UDP (User Datagram Protocol) and the like, performs an arrangement, an error correction and a retransmission request of data transmitted through the network layer (third layer), and then secures reliability of the data transfer.
The L7 switch can recognize a protocol of the application layer level of the HTTP (HyperText Transfer Protocol), the FTP (File Transfer Protocol) and the like and control a destination based on a specific communication content of a packet.
Also, in the same application layer (seventh layer) as the L7 switch, a bandwidth control device can be used to perform a bandwidth control on a packet. Moreover, at the application layer level, it is possible to limit passage of a packet by using a firewall (FW), perform load balancing by using a load balancer (LB: load balancing device), and perform redundancy processing.
However, in the conventional network configuration in the organization of the company or the like, dedicated appliances are required as the bandwidth control device, the firewall (FW) and the load balancer (LB). Also, in a period between a time when a router received a packet from the Internet and a time when the packet arrived at a terminal, these dedicated appliances perform a bandwidth control for securing the QoS (Quality of Service), an intrusion protection through the firewall (FW) and load balancing, in a step-by-step manner.
For example, as shown in FIG. 1, in the conventional network configuration, the router receives a packet from the Internet (L3), transfers the packet to the bandwidth control device (L7) and transfers the packet to the first L3 switch (L3) in accordance with the bandwidth control executed by the bandwidth control device; the first L3 switch transfers the packet to the firewall (FW) (L7) and transfers the packet to the second L3 switch (L3) if the firewall (FW) allows the intrusion; the second L3 switch transfers the packet to the load balancer (LB) (L7) and transfers the packet to the L2 switch (L2) in accordance with the load balancing executed by the load balancer (LB), and the L2 switch transfers the packet to a terminal under its management.
For this reason, even in the case of the packet received by the L3 switch, since the bandwidth control, the intrusion protection and the load balancing are executed, it is required to refer to the L7 data and to access the L7 switch each time. Consequently, the protocol overhead caused by data copy or the like occurs frequently.
Incidentally, a prior art with regard to the firewall (FW) is disclosed in a non-patent literature 1. Also, a prior art with regard to the load balancer (LB) is disclosed in a non-patent literature 2.