Monday, 19 October 2015

Cisco IOS Switching Paths Overview

Table Of Contents



Cisco IOS Switching Paths Overview



This chapter describes switching paths that can be configured on Cisco IOS devices. It contains the following sections:




Basic Router Platform Architecture and Processes


To understand how switching works, it helps to first understand the basic router architecture and where various processes occur in the router.

Fast switching is enabled by default on all interfaces that support fast switching. If you have a situation where you need to disable fast switching and fall back to the process-switching path, understanding how various processes affect the router and where they occur will help you determine your alternatives. This understanding is especially helpful when you are troubleshooting traffic problems or need to process packets that require special handling. Some diagnostic or control resources are not compatible with fast switching or come at the expense of processing and switching efficiency. Understanding the effects of those resources can help you minimize their effect on network performance.

Figure 2 illustrates a possible internal configuration of a Cisco 7500 series router. In this configuration, the Cisco 7500 series router has an integrated Route Switch Processor (RSP) and uses route caching to forward packets. The Cisco 7500 series router also uses Versatile Interface Processors (VIPs), a RISC-based interface processor that receives and caches routing information from the RSP. The VIP card uses the route cache to make switching decisions locally, which relieves the RSP of involvement and speeds overall throughput. This type of switching is called distributed switching. Multiple VIP cards can be installed in one router.

Figure 2 Basic Router Architecture


Cisco Routing and Switching Processes


The routing, or forwarding, function comprises two interrelated processes to move information in the network:

Making a routing decision by routing

Moving packets to the next hop destination by switching

Cisco IOS platforms perform both routing and switching, and there are several types of each.

Routing Processes


The routing process assesses the source and destination of traffic based on knowledge of network conditions. Routing functions identify the best path to use for moving the traffic to the destination out one or more of the router interfaces. The routing decision is based on various criteria such as link speed, topological distance, and protocol. Each protocol maintains its own routing information.

Routing is more processing intensive and has higher latency than switching as it determines path and next hop considerations. The first packet routed requires a lookup in the routing table to determine the route. The route cache is populated after the first packet is routed by the route-table lookup. Subsequent traffic for the same destination is switched using the routing information stored in the route cache.

Figure 3 illustrates the basic routing process.

Figure 3 The Routing Process


A router sends routing updates out each of its interfaces that are configured for a particular protocol. It also receives routing updates from other attached routers. From these received updates and its knowledge of attached networks, it builds a map of the network topology.

Switching Processes


Through the switching process, the router determines the next hop toward the destination address. Switching moves traffic from an input interface to one or more output interfaces. Switching is optimized and has lower latency than routing because it can move packets, frames, or cells from buffer to buffer with simpler determination of the source and destination of the traffic. It saves resources because it does not involve extra lookups. Figure 4 illustrates the basic switching process.

Figure 4 The Switching Process


In Figure 4, packets are received on the Fast Ethernet interface and destined for the FDDI interface. Based on information in the packet header and destination information stored in the routing table, the router determines the destination interface. It looks in the routing table of the protocol to discover the destination interface that services the destination address of the packet.

The destination address is stored in tables such as ARP tables for IP or AARP tables for AppleTalk. If there is no entry for the destination, the router will either drop the packet (and inform the user if the protocol provides that feature) or discover the destination address by some other address resolution process, such as through ARP. Layer 3 IP addressing information is mapped to the Layer 2 MAC address for the next hop. Figure 5 illustrates the mapping that occurs to determine the next hop.

Figure 5 Layer 3-to-Layer 2 Mapping


Basic Switching Paths


Basic switching paths are described in the following sections:





Process Switching


In process switching the first packet is copied to the system buffer. The router looks up the Layer 3 network address in the routing table and initializes the fast-switch cache. The frame is rewritten with the destination address and sent to the outgoing interface that services that destination. Subsequent packets for that destination are sent by the same switching path. The route processor computes the cyclical redundancy check (CRC).

Fast Switching


When packets are fast switched, the first packet is copied to packet memory and the destination network or host is found in the fast-switching cache. The frame is rewritten and sent to the outgoing interface that services the destination. Subsequent packets for the same destination use the same switching path. The interface processor computes the CRC. Fast switching is described in the "Configuring Fast Switching" chapter later in this publication.

CEF Switching


When CEF mode is enabled, the CEF FIB and adjacency tables reside on the RP, and the RP performs the express forwarding. You can use CEF mode when line cards are not available for CEF switching or when you need to use features not compatible with dCEF switching. For information on configuring CEF, see the "Cisco Express Forwarding Overview" chapter later in this publication.


Note Beginning with Cisco IOS Release 12.0, CEF is the preferred and default switching path. NetFlow switching has been integrated into CEF switching. For information on NetFlow switching, see the "Cisco Express Forwarding Overview" chapter and the "Configuring Cisco Express Forwarding" chapter later in this publication.


dCEF Switching


In distributed switching, the switching process occurs on VIP and other interface cards that support switching. When dCEF is enabled, line cards, such as VIP line cards or GSR line cards, maintain an identical copy of the FIB and adjacency tables. The line cards perform the express forwarding between port adapters, relieving the RSP of involvement in the switching operation. dCEF uses an Inter Process Communication (IPC) mechanism to ensure synchronization of FIBs and adjacency tables on the RP and line cards.

For model numbers and hardware compatibility information, refer to the Cisco Product Catalog. For information on configuring dCEF, see the "Configuring Cisco Express Forwarding" chapter later in this publication.

For information on configuring Multicast Distributed Switching (MDS), see the "Configuring Multicast Distributed Switching" chapter later in this publication.

Figure 6 illustrates the distributed switching process on the Cisco 7500 series.

Figure 6 Distributed Switching on Cisco 7500 Series Routers


The VIP card installed in this router maintains a copy of the routing cache information needed to forward packets. Because the VIP card has the routing information it needs, it performs the switching locally, making the packet forwarding much faster. Router throughput is increased linearly based on the number of VIP cards installed in the router.

Platform and Switching Path Correlation


Depending on the routing platform you are using, availability and default implementations of switching paths varies. Table 3 shows the correlation between Cisco IOS switching paths and routing platforms.

Table 3 Switching Paths on Cisco 7200 and Cisco 7500 Series Routers

Switching Path

Cisco 7200 Series

Cisco 7500 Series

Comments

Configuration Command

Process switching

Yes

Yes

Initializes switching caches

no protocol route-cache

Fast switching

Yes

Yes

Default (except for IP)

protocol route-cache

CEF switching

Yes

Yes

Default for IP

protocol route-cache cef

dCEF switching

No

Yes

Using second-generation VIP line cards

protocol route-cache cef distributed


Features That Affect Performance


Performance is derived from the switching mechanism you are using. Some Cisco IOS features require special handling and cannot be switched until the additional processing they require has been performed. This special handling is not processing that the interface processors can do. Because these features require additional processing, they affect switching performance. These features include the following:




Filtering (using access lists)



For information on Quality of Service (QoS) performance, refer to the Cisco IOS Quality of Service Solutions Configuration Guide.

1.1a (i) Control Plane and Forwarding Plane

Control plane and Forwarding plane

Control Plane-
A collection of processes that run at the process level on the route-processor (RP). These processes collectively provide high-level controls for most IOS functions.
The control plane in general is anything that’s needed in order to get routing working on that device; in other words, it is the “signalling” of the network. Control plane packets are destined to or locally originated by the router itself.

Examples of control plane protocols are CDP, BPDUs, Routing Protocols (OSPF, RIP, EIGRP, BGP,IS-IS)

There are methods to police traffic meant to the control plane(i.e. CoPP Control Plane Policing)
Forwarding Plane/Data Plane -

Moves packets from input to output, defines the part of the router architecture that decides what to do with packets arriving on an inbound interface. Most commonly, it refers to a table in which the router looks up the destination address of the incoming packet and retrieves the information necessary to determine the path from the receiving element, through the internal forwarding fabric of the router, and to the proper outgoing interface.



  

Diagram to show interaction between control plane and data plane.
Control vs Data Plane 

Most of the time all incoming and outgoing IP packets will be processed and forwarded by the data plane but there are some exceptions, first let me show you this picture:
Data plane forwarding packets
Most of the IP packets can be forwarded by the data plane. However there are some “special” IP packets that can’t be forwarded by the data plane immediately and they are sent to the control plane, here are some examples:
  • IP packets that are destined for one of the IP addresses of the multilayer switch.
  • Routing protocol traffic like OSPF, EIGRP or BGP.
  • IP packets that have some of the options set in the IP header.
  • IP packets with an expired TTL.
The control plane can forward outgoing IP packets to the data plane or use its own forwarding mechanism to determine the outgoing interface and the next hop IP address. An example of this is local policy based routing. 

Our multilayer switch has many more steps to take than the layer 2 switches so theoretically it should be slower right?
One reason that multilayer switches are able to forward frames and packets at wirespeed is because of special hardware called ASICs in the dataplane.
Information like MAC addresses, the routing table or access-lists are stored into these ASICs. The tables are stored in content-addressable memory (CAM) and ternary content addressable memory (TCAM).
  • The CAM table is used to store layer 2 information like:
    • The source MAC address.
    • The interface where we learned the MAC address on.
    • To which VLAN the MAC address belongs.
Table lookups are fast! Whenever the switch receives an Ethernet frame it will use a hashing algorithm to create a “key” for the destination MAC address + VLAN and it will compare this hash to the already hashed information in the CAM table. This way it is able to quickly lookup information in the CAM table.
  • The TCAM table is used to store “higher layer” information like:
    • Access-lists.
    • Quality of service information.
    • Routing table.
  • The TCAM table can match on 3 different values:
    • 0 = Don’t look.
    • 1 = Compare.
    • X = Any value acceptable.
  • Longest match will return a hit.
  • Useful for a lookup where we don’t need an exact match. (routing table or ACLs for example).
Because there are 3 values we call it ternary.
So why are there 2 types of tables?
When we look for a MAC address we always require an exact match. We require the exact MAC address if we want to forward an Ethernet frame. The MAC address table is stored in a CAM table.
Whenever we need to match an IP packet against the routing table or an access-list we don’t always need an exact match. For example an IP packet with destination address 192.168.20.44 will match:
  • 168.20.44 /32
  • 168.20.0 /24
  • 168.0.0 /16
Information like the routing table are stored in a TCAM table for this reason. We can decide whether all or some bits have to match.
Here’s an example of a TCAM table:
TCAM Table
If we want to match IP address 192.168.10.22 the multilayer switch will first see if there’s a “most specific match”. There is nothing that matches 192.168.10.22 /32 so we’ll continue if there is anything else that matches. In this case there is an entry that matches 192.168.10.0 /24. The example above applies to routing table lookups, access-lists but also quality of service, VLAN access-lists and more.
Now you know all the steps a multilayer switch has to take when it has to forward ip packets, the control/data plane and that we use different tables stored in special hardware called ASICs. Let’s take a closer look at the actual ‘forwarding’ of IP packets.
There are different switching methods to forward IP packets. Here are the different switching options:
  • Process switching:
    • All packets are examined by the CPU and all forwarding decisions are made in software…very slow!
  • Fast switching (also known as route caching):
    • The first packet in a flow is examined by the CPU; the forwarding decision is cached in hardware for the next packets in the same flow. This is a faster method.
  • (CEF) Cisco Express Forwarding (also known as topology based switching):
    • Forwarding table created in hardware beforehand. All packets will be switched using hardware. This is the fastest method but there are some limitations. Multilayer switches and routers use CEF.
When using process switching the router will remove the header for each Ethernet frame, look for the destination IP address in the routing table for each IP packet and then forward the Ethernet frame with the rewritten MAC addresses and CRC to the outgoing interface. Everything is done in software so this is very CPU-intensive.