Cisco specifics

 Please be advised that this article is work-in-progress. The information here may be vague, incomplete, misleading or plainly wrong.  -> FORWARDING ARCHITECTURES -> Considerations -> layer 2 switching -> layer 2 forwarding decisions invlove fining an exact match in the MAC address table -> frames are forwarded as they are received, without changing anything -> layer 2 forwarding is simple and it can be easily implementend in hardware -> performed using ASICs and CAM memory -> no need to consult the general purpose CPU for these kind of forwarding decisions -> hardware forwarding is much faster that software forwarding -> software forwarding means forwarding using the general-purpose CPU -> layer 3 forwarding -> involve finding the most specific match in the routing table -> many fields at layer 2 and 3 have to be changed or recalculated -> much more complex than layer 2 switching -> traditionally, layer 3 forwarding is done by the general-purpose CPU -> ASICs and TCAM memory allow some layer 3 forwarding to be done in hardware -> software/hardware based routers -> software -> make forwarding decisions in software using the CPU -> Control and Data planes are shared (not performed by separate hardware components) -> General Purpose CPU is responsible for all operations -> way slower than ASICs -> however, it is easily programmable -> hardware -> make forwarding decisions in purpose-made hardware components -> control and data planes are separate -> the CPU -> handles the Control plane (ARP, building the routing table, etc.) -> forwards packets that can't be handled by the ASICs -> ASICs are used for forwarding packets (Data plane) -> hybrid -> middle-ground solution -> control and data planes are separate -> CPU -> handles the Control Plane -> forwards packets that the NP can't handle -> the Data plane is handled by NP -> network processor -> specialized processor for network related functions (forwarding packets) -> it is programmable and faster than CPU yet slower than ASICs -> forwarding methods -> process switching -> slowest and oldest -> also called "software switching" or "slow path" -> the router uses the CPU to perform a routing table lookup and ARP table lookup for every single packet -> ip_input process on the CPU is responsible with forwarding packets (lookups and forwarding decision) -> very slow, should never be used as the primary forwarding method -> still used as fallback for packets that CEF can't handle -> example: CONTROL PLANE ROUTING TABLE			 ARP TABLE ^	                ^			    					       					    \	                /			    					       					     \	  DATA PLANE   / lookup             lookup \ ip_input  / ^     |			    					       		                                   |      |			    					       		-packet-> INGRESS packet---+      +---packet-EGRESS -packet-> IFACE							 IFACE this process is repeated for EVERY packet -> fast switching -> ip_input still responsible for necessary lookups and forwarding decision -> a fast switching cache is built in memory -> the first packet towards a destination is process switched (lookups and everything) -> the forwarding information is stored in this cache -> for each subsequent packet to the same destionation, the cache is used. -> generally not used today, it was replaced by CEF -> example: CONTROL PLANE ROUTING TABLE			 ARP TABLE ^	                ^			    					       					    \	                /			    					       					     \	  DATA PLANE   / lookup             lookup \ ip_input  / ^ |   |			    					       		                                   |  |   |			    					       		-packet-> INGRESS packet---+  |   +---packet>EGRESS -packet-> V			   					       		-packet-> IFACE --packet---> FAST-SWITCHING--packet->IFACE  -packet-> CACHE -> CEF -> Cisco Express Forwarding -> the default packet switching mechanism for both software and hardware-based routers -> uses two pre-build caches in the Data Plane for packet processing -> FIB -> Forwarding Information Base -> it is built using information from the RIB -> Routing information base -> routing table -> a Control Plane construct -> built by routing protocols, static routes -> handled by the CPU -> it is a Data Plane construct -> its purpose is to quickly lookup the next hop address and egress interface of packets -> takes information from the RIB and organizes it in simple forwarding instructions -> conains -> destination network -> next-hop -> no route -> only for default route entry -> only if the default route is not configured -> drop -> packets to a destination network with 'drop' are discarded -> for example, reserved IP ranges have 'drop' -> receive -> packets for these destination networks, must be received by the router, and not forwarded -> for example, packets toward addreses configured on the router, broadcast, control traffic -> attached -> networks directly connected to the router. -> a next-hop does not exist. -> IP address -> egress interface -> displayed with (hostname)# show ip cef command  -> detailed version also displays -> epoch -> load-balancing method -> per-destination sharing -> packets with same src/dst IP pair will always take the same path -> per-packet sharing -> can be configured at iface level using (hostname)(config-if)# ip load-sharing per-packet -> load-balancing is done on a per-packet fashion -> can cause packets to arrive out of order which can have negative impact (UDP) -> cleared with (hostname)# clear cef table ipv4 -> when topology changes update the RIB, the FIB is also updated to mirror it			   			  	 								      -> ADJACENCY TABLE -> built using information from the ARP table -> contains the direclty connected next-hop IP addresses and their corresponding MAC addresses (layer 2 next-hop information) -> prebuilds the Ethernet header needed to sent packets to next hop -> displayed with (hostname)# show adjacency -> packets are forwarded entirely in the Data Plane. No lookups to Control Plane are needed -> Packets which CEF can't handle -> are sent to the CPU ip_input to be process-switched -> examples -> packets sourced from or sent to the router itself (ping, ssh, control) -> ACL logging (uses Syslog when a packet matches an ACL entry. Needs extra processing) -> packets taht require extra info not currently known (e.g. without a Layer 2 adjacency, ARP process needs to be involved) -> packets too complex to be handled in hardware (packets with IP options) -> CEF is capable of handling a lot of features such as QoS, ACLs, NAT, IPsec, GRE, etc.			   			  	 -> Software CEF -> performed on software-based routers -> the FIB and Adjacency Table are stored in RAM and are processed by CPU -> basically, the general-purpose CPU is in charge of the whole CEF operation -> still slower than hardware-based routers but way faster than process-switching -> Hardware CEF -> performed on hardware-based and hybrid routers -> FIB is stored in TCAM -> Adjacency table is stored in standalone memory -> both are processed by ASICs or NPUs -> provides the best performance -> example: +-+			   					       			    |			CONTROL PLANE                 | | +-+	                +-+   |			    					       			    |  |ROUTING TABLE|			|ARP TABLE|   | | +-+                  +-+   |			    					       			    +---||+			    					       			    +---||+			    					       			    |       |     	  DATA PLANE         |        | |	   |     	                     |        |			    					       			    |	+---||---+|			    					       	                    |	|   |	  CISCO EXPRESS FORWARDING   |       || +---+  |	|   V	     	                     V       ||     +--+ -packet-> |INGRESS|---|-->| ++        +-+ ||>|EGRESS| -packet->	| IFACE |---|-->| |    FIB    |         | ADJACENCY TABLE | ||>| IFACE| +---+  |	| ++         +-+ ||     +--+		                                                                            |   ++| 											    +-+

-> FORWARDING engines -> are constructs that provide packet switching, forwarding and route lookup capabilities to routers. -> for hardware-based routers, the forwarding engines are implemented in ASICs, TCAM, NPUs -> TCAM -> ternary content addressable memory -> compared to CAM, TCAM ca do matches on ones, zeroes and 'don't care' -> it is most useful for building tables on longest matcehs -> usually used for storing ACLs, QoS and other info associated with upped-layer processing -> TCAM entries are stored in VMR -> Value indicates the pattern that should be matched -> Mask indicates mask bits associated with Value that determines that actual data matching the pattern -> Result is the action that occurs when the llokup returns a positive match. For ACL,s this result is permit or deny. Other actions are possible such as QoS policer. -> operates 'in hardware' -> CAM -> type of memory where a query containing actual data is sent to the memory and the memory location (address) where that data is stored is returned -> used for exact matches -> used, for example for building mac address to port tables -> the problems is that it can do matches for queries on ones and zeroes only -> RP -> route processor -> learns the topology and builds the routing table -> this is usually a (the ?) general purpose CPU -> Centralized forwarding architecture -> the Route Processor engine is equipped with a forwarding engine -> RP can make all the packet switching decisions -> although not sure, it is safe to assume that this model is used by Software-based routers -> when a packet is received -> it is sent to the forwarding engine on the RP	   	           					  			       -> its headers examined and a forwarding decision is taken -> sent by the forwarding engine to the egress port -> example: +--+					 				    	           					  +---+    +--+    |Route Processor Engine| -packet-> |-ingress line card-| -> |  	  | -> |++| +---+	  |switch|    || Forwarding Engine  || +---+	  |fabric|    ||   ++   || <-packet- |-egress line card--|	<- |     | <- ||   |    CEF     |   || +---+   +--+    ||   ++   ||				    	           					  				       |++|				    	           					  				       +--+	    	           -> Distributed forwarding architecture -> each line card has a local forwarding engine -> uses is dCEF where CEF data structures are downloaded to ASIC's and NPUs on each linecard and they can do switching -> although not sure, it is safe to assume that this model is used by hardware-based routers -> when a packet is received -> it reaches the local forwarding engine -> the forwarding packet performs packet lookup -> if the egress port is local to the linecard, it is forwarded -> if the egress port is on another line card, the packet is sent to that line card across the BACKPLANE -> also known as "switch fabric" -> the Route Processor is not involved in this process -> example: +--+					 				    	           					  |  Ingress Line Card   | |++|				   	           					  || Forwarding Engine  ||     ++ ||  ++   ||     |        |				    	           				-packet-> ||   |    CEF     |   || ->  |        | ||  ++   ||     |   |    |				    	           					  |++|     |   V    |   +-+ +--+    |        |   |   Route     | |       |   |   Processor | +--+    | switch	|   |   Engine	  | |  Egress Line Card   |     | fabric |   +-+ |++|    |        |				    	           					  || Forwarding Engine  ||     |    |   | ||  ++   ||     |    V   | <-packet- ||  |    CEF     |   || <-  |        | ||  ++   ||     |        |				    	           					  |++|     |        |				    	           					  +--+     ++	    	           -> Remarks -> if software-based routers perform software-CEF and Centralized Frd Arc routers perform CEF in the Route Processor Engine, does that mean that CFA routers can only be software-based?