Tosibox – When to use Layer 2 or Layer 3

A common question from customers when first using a Tosibox Lock and Key is whether they should leave the key as a Layer 3 connection or to switch it to the Layer 2 connection.

First you will need to know how you are going to connect your end device and the difference between Layers 2 and 3 of the 7-Layer OSI model. 

Imagine a room with people inside.  You have the choice to be inside or you can be outside, with the help of a friend to relay messages to the people inside. Layer 2 can be likened to being inside the room talking and listening to everyone. While Layer 3 is likened to being outside a room, with a friend to help relay messages inside but only if you tell him who the message is for.

In this analogy, the room is a local network and the friend is an outside connection to the local network. Basically, you need to determine whether you should be inside the local network or whether outside is okay.

The simplest way to determine this is to look at how you connect, and how you will connect to the end device. This can be done in 2 ways. The first is that the IP address of the end device is known, and you can enter that into your program that finds and connects to the end device. This connection method would work for both a Layer 2 or a Layer 3 connection.

The second method is where the program scans or searches for the end device meaning that you do not need to know the IP address of the end device. This method however uses features that are only available to a Layer 2 connection. It would be the same as asking everyone in a room if their name is Jack which is something you could not do if you weren’t in the room.

Now you may be thinking that because both connection methods work with a Layer 2 connection that you should always make the key Layer 2. But this has its draw-backs such as increased traffic being sent to the key due to it being inside the local network and using an IP address on the local network. For small sites with only a couple of users this would likely have a negligible effect but as the local network and number of users grow this can become a big issue.

To sum up, if you connect your device by entering its IP address in a program you are fine to use a layer 3 connection but if you connect to your device by clicking a scan, search or connect button in a program where you don’t have the IP address entered you will need to change the key to a layer 2 connection.

Contributors: