Layer 2 Switching
-
Switching Decision
Factors in a switching decision:
Layer 2 forwarding table – Content Addressable Memory (CAM) table
Security ACLs – Access lists are stored in compiled form in the Ternary CAM (TCAM) QoS ACLs – Used to police traffic flow, also stored in the TCAM
Multilayer Switching
-
Route Caching
Route caching is the first generation multilayer switching. Requires a route processor (RP) and switching engine (SE).
The RP routes the first packet in a flow, and creates a record for the destination in the MLS cache.
The SE forwards all subsequent packets for that destination based on the MLS cache entry.
Route caching is used by NetFlow to generate traffic statistics.
-
Topology-based
Second generation multilayer switching, known as Cisco Express Forwarding (CEF).
Layer 3 routing information builds a database containing the entire network topology, contained in hardware Forwarding Information Base (FIB).
The hardware database can be updated dynamically with no performance penalty.
-
Switching Decision
Layer 2 forwarding table – The destination MAC is checked against the CAM table to determine if the frame contains a layer 3 packet (if the MAC address belongs to a layer 3 interface on the switch)
Layer 3 forwarding table – The destination IP is checked against the FIB; the next-hop IP, next-hop MAC, and egress port (and VLAN) are returned
Security ACLs – Same as in L2
QoS ACLs – Same as in L2
Multilayer Switching Exceptions
Packets which require processing cannot be forwarded by CEF:
ARP
IP packets requiring a response from the router
IP broadcasts relayed as unicasts (via IP helpers)
Routing protocol updates
CDP
IPX routing protocoland service advertisements
Packets needing encryption
Packets requiring Network Address Translation (NAT)
Other non-IP and non-IPX packets
Switching Tables
-
Content Addressable Memory (CAM)
The CAM table stores MAC-to-port/VLAN bindings on all Catalyst switches.
CAM is updated with each frame received.
The CAM table can be inspected with show mac address-table.
-
Ternary Content Addressable Memory (TCAM)
TCAMs facilitate the processing of inbound and outbound security and QoS ACLs in hardware.
Physically separate memory allows ACLs checks to be done in parallel with forwarding decisions.
The Feature Manager (FM) compiles ACLs into machine code and inserts them into the TCAM.
The Switching Database Manager (SDM) allows for configuration and repartitioning of the TCAM.
TCAMs operate with values, masks, and results:
Value – 134-bit value composed of source and destination addresses and other protocol information; format is dependent on ACL type
Mask -134-bit mask in the same format as its complement value; used to mark bits which must be matched in the value
Result -A numerical value which represents which action should be taken next
Layer 4 port ranges are stored in Logical Operation Unit (LOU) registers.
