Forwarding engines provide the mechanisms for packet switching, forwarding and route lookup. When the packet enters the router, either it will be forwarded (to the next-hop or itself ) or dropped.
In order to perform packet forwarding ( switching ) there are three different modes:
- Process Switching
- Fast Switching
- CEF
Process switching is performed in the software directly to the CPU, something that has an impact to the router’s performance. Process switching is also used for punted packets (see below). It uses information from the routing table and ARP table to forward the packet.
Fast Switching:
The main difference with the process switching is that the first packet of the flow is still sent to the CPU, where the decision is made. After that, the decision is stored in the fast cache and based on this, the rest of the packets from the flow are forwarded [2].
CEF – Cisco Express forwarding
Software CEF
sCEF consist of two elements:
- Forwarding Information Base (FIB): It is populated from the routing table
- Adjacency table: It contains information from L2 protocols such as ARP.
Image 1: CEF [1]
The punted packets are these that need process switching. The punted packets are forwarded to the CPU. Punted packets are the following [3] :
- ARP packets
- These that require responses from the router (ICMP, TTL, MTU etc)
- DHCP
- Routing protocol updates
- CDP packets
- Encrypted packets
- NATed packets
- Legacy multiprotocol packets
- Not found in FIB
- ACL with log option triggered
Hardware CEF
As the packet switching is performed in the hardware, is much faster, having higher throughput. The CEF is downloaded to the ASICs to perform the distributed forwarding. The role of the software CEF is just to update the hardware CEF. In advance, hCEF can be optimized using the following techniques:
- Accelerated CEF: part of FIB is downloaded in the line card, like the caching mechanism. If the information is not there, the packet is sent to the L3 engine
- Distributed CEF: FIB is distributed in the line cards
When the hardware CEF is used, the TCAM table is used.
TCAM – Ternary Content Addressable Memory
Routers and L2/3 switches are using the TCAM to make faster forwarding decisions and it operates in the hardware. TCAM is used to make a decision using more than one field. It is built based on details from FIB, adjacency table, ACLs and QoS. This information is combined in one table in the hardware and makes forwarding decisions much faster.
Centralized Forwarding
When the forwarding engine is located in the Route Processor (RP) then all forwarding decisions are made by the RP. This is the centralized forwarding.
Distributed Forwarding
When the forwarding engine is decoupled from the RP and located in the line cards, then the forwarding decision is made there and is not passed to the route processor.
SOME TROUBLESHOOTING COMMANDS :
* may differ based on platforms/versions!
| show platform tcam utilization | Show free space in memory |
| show sdm prefer | Verify sdm template |
| show ip interface <interface> | Check if CEF is enabled |
| show ip cache | If fast switching is enabled but not CEF, this is populated |
| show process cpu | i “IP Input” | If it is high, may indicate process switching |
| show ip cef | Contains information from FIB |
| show ip cef adjacency <interface> <address> detail | Information about how router to reach the destination |
DISCLAIMER: This article is part of the larger collection of articles regarding the journey towards becoming a CCIE (so it is Cisco based). By no means, this is something official. It is just what I understand from the networking world. I write this in order to be able to explain them better and learn the content. I hope you may find something useful and easy to understand
References:
- BOOK: CCNP and CCIE Enterprise Core ENCOR 350-401 Official Cert Guide
- BOOK: CCNP routing and switching ROUTE 300-101 Official Cert Guide
- BOOK: CCNP routing and switching SWITCH 300-115 Official Cert Guide
- BOOK: CCNP routing and switching TSHOOT 300-135 Official Cert Guide
