Chapter 1 - Packet Forwarding - Day 4

 Software switching is significantly slower than switching done in hardware. Packets are hardware switched whenever possible.

ip_input process consults the routing table and ARP table to obtain next-hop's routers IP address, outgoing interface and MAC address. Then it overwrites the destination MAC address with the next-hop router's and the the source with MAC address with the outgoing L3 interface, decrements the IP TTL, recomputes the IP header checksum and delivers the packet to the next-hop router.

RIB - Routing information Base - This is built from the info obtained from dynamic routing protocols, directly connected and static routes.

CEF is Cisco proprietary and was developed to keep up with evolving networks. It has been the default on most Cisco platforms that doing switching using general CPU since 1990's/

CEF is the default switching used by all Cisco platforms that use ACIS and NPU;s for high packet throughput. 

General purpose CPU's on software and hardware based routers are similar and perform all the same functions. The difference is that on software based routers is in charge of all operations including CEF switching, where as on hardware based routers do CEF switching in specialized ASICS, TCAMs and NPUs.

Forwarding engines provide the packet switching, forwarding and route lookup capability to routers.

TCAM - Ternary content addressable memory allows for matching and eval of a packet on more that one field.

TCAM is an extension of the CAM architecture and is enhanced for upper-layer processing. 

TCAM has more flexibility in searching that CAM does which is binary.

TCAM search provides the results 0-False, 1-true and X for do not care

Entries in TCAM are stored in the VMR format(Value, Mask and Result)

Value field - are fields that should be searched ie IP address and Protocol fields.

Mask field - fields of interest that should be searched

Result field - is the action that should be taken on the value and mask fields.

Multiple actions can be taken besides allow or drop. Tasks like redirecting to QOS policer or pointing to a different entry in the routing table.

TCAM operates in hardware providing faster processing and scalability. 

Route processor (RP) engine with a forwarding engine is known as  centralized forwarding architecture. 

Linecards equipped with forwarding engines  without the the intervention of RP is known as distributed forwarding architecture.

Centralized forwarding Arch - packet is received on ingress LC and then transmitted to the forwarding engine on the RP.

Distributed forwarding Arch - packet is received on ingress LC and then transmitted to local forwarding engine.

on the Distributed arch the forwarding engine performs lookup to determine if outbound interface is local, if it is then it forwards it out that interface. If its located on a different LC, then is sent across the switch fabric (backplane) direct to the egress line card bypassing the RP.

Software CEF - Software FIB

This consists of FIB and Adjacency table

FIB- is built from the routing table and contains the next-hop IP address for each destination network. It also keeps a mirror of the forwarding info in the IP routing table. CEF uses the FIB to make ip destination prefix-based switching decisions.

Adjacency Table or AIB contains directly connected next-hop IP addresses and their MAC addresses as well as the egress interface MAC address. This is populated with data from ARP table and other L2 tables

*Packets processed by the CPU are typically subject to a rate limiter when invalid or incomplete adjacency exists to prevent the starving of CPU cycles from other essential processes.

*TTL is L3 loop prevention mechanism that reduces a packet's TTL field by 1 for every L3 hop. If a router receives a packet with a TTL of 0, this packet is dropped.








Comments

Post a Comment

Popular posts from this blog

Building a Wifi mesh with Eeros

Image
I run sound at my church and them knowing that I am a Network Engineer approached me about the Wifi. See the Wifi was outdated and could not handle the amount of traffic it was getting from staff, guest and devices accessing it so it was time for an update. I did some research to find the least expensive option with the least amount of tech savvy needed to continue administration of it should something happen. This research lead me to the eero and its extenders with its ability to have a primary network wand a sub network on it as well using wifi 6 as its base. As you can see below I created 5 different networks that span several buildings and large areas across the the church. This has helped to segment the network for security reasons, but also to break up the amount of traffic that was being sent across a single network.  In each of the networks shown above I have deployed at minimum 2 extenders in each network and each network has its own password and IP pool that does not matc...
Read more

Google CyberSecurity Course so far

Hello Fellow Tech People!  As I discussed in my last post I am currently working through Google's course on cybersecurity. I have to say that I'm fairly impressed with this course and am only half way through so far. This course covers a lot of foundational concepts for security and the cybersecurity field. As you progress through each module it builds on the foundation of the previous module giving you a solid place to continue to learn and build from. Right now I have covered foundation of security, managing risk, networking and network security and am working on tools of Linux and SQL. All of these have been fantastic and as I've stated a great primer for jumping into the field. Coursera has built a terrfic course and is worth the money on spending to obtain the certification from Google. The cost is fairly inexpensive if you can dedicate time everyday to the course in a steady pace. I was fortunate enough to get cousera for a month for $1 so I thought I would try it out...
Read more

Study Aids - Updated Nov. 2021

Updated! Hello Friends! Today I will be talking about the study aids I use when studying for a Cert. I generally like to study by myself because I can go at my own pace and stop to lab out a concept without having the worries of holding up a group. However on occasion I find that I need something to keep me accountable and to feel like somebody else is there. Well this has become my go to for that : Study with Me (  https://www.youtube.com/channel/UCSQkQjPhnZw12Hj-SfsbX8w  ) The woman who does this has many different videos some with music and some without but all of them amazingly useful. MUSIC : When labbing for long periods of time I tend to listen  to fast paced music which helps me think and keeps the pace up. For this I listen to Two Steps From Hell, Audiomachine and videos from this guy's playlist  https://www.youtube.com/channel/UCT5RMcRGa32Th0AZ0Dxxviw . <----This playlist of videos is also good for coding/hacking ;-). BOOKS : I like hard copies...
Read more