Active Elements
The following is a very brief description of the active network elements to which the further described functions relate.
Switch
An active element with a number of ports for interconnecting network devices. The frame that comes in through one port is forwarded to another based on the destination MAC address. It searches the CAM table, and if there is no record, it is sent to all ports except the incoming one. It creates a CAM table from the source MAC addresses. It does not modify the frame in any way.
MultiLayer Switch (MLS)
This is an extended switch that, in addition to classic Layer 2 switching, offers some additional functions at higher OSI layers. For example, it supports routing, such a switch is often referred to as an L3 switch. Compared to classic routers, the L3 switch differs in that it uses special hardware ASIC (Application-Specific Integrated Circuit) for packet switching instead of a processor. Other extended features may include support for DiffServ QoS.
Router
An active element for interconnecting individual networks (subnets). For incoming frames, the header is removed and a new one is added upon sending (the frame header always contains information about the current hop). The packet is routed based on the network layer address (Layer 3 OSI), most often the IP address. The routing table (RIB) is used, which can be dynamically created using a routing protocol.
Operations of Active Elements
Switch performs frame switching (looks at MAC addresses up to Layer 2, so we can say it works with frames). Sometimes the term bridging is also used. In general, when describing the function, it is said that the switch forwards frames and uses some forwarding method for that (Store and forward, Cut through, Fragment-Free).
Router performs packet routing (looks at IP addresses up to Layer 3, so it works with packets, although it reassembles the frame upon sending). In general, the term forwarding is used again for routers. However, sometimes (often with MLS) the term packet switching or router switching is used.
Tables in Switches and Routers
Content Addressable Memory (CAM) table
Essentially a table of MAC addresses. This table contains the MAC address, port, VLAN, and timestamp. The record is created upon arrival of a frame and the source MAC address is taken (if it already exists, only the timestamp is refreshed, if there is a MAC for another port, the original one is deleted). It is used for L2 switching. The default timeout for records in the table is 5 minutes.
Ternary CAM (TCAM) table
A regular CAM table uses binary values (i.e., states 0 and 1), with which addresses are compared very quickly. TCAM uses a third state (0, 1, and X), so that only parts of the strings can be compared. This is used for fast hardware evaluation of ACLs in MLS (Multilayer Switch).
Forward Information Base (FIB)
Conceptually similar to the routing table (Routing Information Base). It contains an image of the routing table and maintains next-hop addresses. It is used for IP switching decisions based on the destination prefix. It is optimized for fast lookup based on the destination IP address.
Address Resolution Protocol (ARP) table
A table of IP address and MAC address assignments with a timestamp (when the record was last valid). It is used for communication within a subnet (L2 broadcast domain). The default timeout is 4 hours.
Router Switching Methods
Here we discuss the methods by which a Router or L3 switch forwards packets. The speed at which the device operates depends on the given method.
Basic Principle
A frame arrives at the interface, the frame header (consisting mainly of MAC addresses) and the trailer (which is the checksum) are removed. Based on the network layer (OSI Layer 3) information and the routing table, it is determined where to send it. It is verified that the destination is reachable and the next hop and interface through which it will be sent are determined. A new frame is created (a new header is created and the checksum is calculated) and it is sent through a different interface to the next hop or destination.
In routing, each received frame must be placed in a queue, from which it is then dequeued and sent. The detailed processing of the frame depends on the so-called Router Switching Path. The individual methods are described below.
Process Switching
The most common, but also the worst method, which is included in every IOS version on every platform. The routing table (Routing Information Base - RIB) and ARP cache are used for forwarding decisions. The packet is processed (switched) by the normal process within the IOS, which is scheduled, i.e., at the same level as other processes (such as the routing protocol). Other processes are not interrupted when a packet is switched. The process that checks if there are any packets waiting to be sent is regularly scheduled (the packet is not sent at the moment it arrives). The packet is placed in a buffer, then it waits for a CPU interrupt, which checks if there is anything in the queue. So the CPU processes each packet.
Fast Switching
When the first packet arrives, a cache record (a binary tree with fast lookup) is created, which contains the forwarding information and the MAC header. Subsequent packets are then compared to this cache and if they are from the same stream, they are quickly sent (no need to look at the routing table). Today, this is the default method for low-end routers/switches. Switching is performed on demand (no scheduled task is waited for).
Cisco Express Forwarding - CEF
An advanced L3 switching technology. It uses the FIB (Forward Information Base) and the adjacency table (contains L2 or switching information mapped to records in the FIB). It increases the speed of frame switching (much faster than other routing techniques). Distributed CEF (FIB tables are distributed to each line card) is even better. A number of features (such as NBAR and QoS Policing) require enabled CEF. New models have CEF enabled by default.
CEF is similar to Fast Switching, but does not store data (outgoing interface, MAC header) in a single tree cache. Instead, it uses FIB for lookup and the actual data is stored in the adjacency table, to which FIB refers. The adjacency table can be created independently (does not have to be during packet forwarding) and can be modified. So there is no need for cache invalidation (and aging) and the table can be pre-populated from the values in the routing table and ARP cache.
Router Switching Path
In terms of speed, the methods can be ordered (from fastest to slowest):
- distributed Cisco Express Forwarding - dCEF
- Cisco Express Forwarding - CEF
- Fast Switching
- Process Switching
Configuration in Cisco IOS
Here are some Cisco IOS commands for configuring the features described above. Although usually there is no need to configure anything.
SWITCH(config-if)#ip route-cache // enable Fast Switching for the interface SWITCH(config-if)#ip route-cache cef // enable CEF for the interface SWITCH(config)#ip cef distributed // enable dCEF SWITCH#show ip cef // display FIB records SWITCH#show ip cef detail // display FIB records in detail SWITCH#show adjacency // display the adjacency table SWITCH#show cef interface // detailed CEF information for interfaces SWITCH(config)#mac address-table aging-time 300 // set CAM record lifetime, default 5 min, 0 to disable aging SWITCH(config-if)#arp timeout 14400 // set ARP record lifetime, default 4 hours SWITCH#show mac address-table aging-time // display the set time SWITCH#show mac address-table aging-time // display the set time SWITCH#show mac address-table // CAM table records SWITCH#show ip arp // ARP table records
Výstižné stručné zhrnutie, veľmi mi pomohlo. Vďaka :-)
Ivica
Z provozních důvodů máme nastaveno:
SWITCH(config)#mac address-table aging-time 14400
Pak se občas hodí příkaz na okamžité smazání nějakého arp záznamu:
SWITCH#clear ip arp 192.168.1.10