VLANs
VLANs are associated with individual networks or subnetworks Network devices in different VLANs cannot communicate with one another without a Layer 3 router When an end station in one VLAN needs to communicate with an end station in another VLAN, inter-VLAN communication is required
External router
Cheaper than a Layer 3switch Performance limited
Internal router
Integration between the layer 2 and 3 elements More performance
The router must have a separate logical connection (subinterface) for each VLAN ISL, or 802.1Q trunking must be enabled on the single physical connection between the router and switch
Inter-VLAN routing configuration Inter A router interface must on trunk link must be configured
With a subinterface for each VLAN that will be serviced With the same trunk encapsulation protocol on each subinterface: ISL or 802.1Q
Layer 2 switching
Forwards frames based on information in the L2 frame Occurs in HW latency decreased
Uses Application-Specific Integrated Circuits (ASIC) Wire-speed performance in ideal circumstances
A key
is created to compare the frame to the table content is fed into a hashing algorithm, which produces a pointer into the table to access a smaller specific area of the table
Multilayer Switching
Ability to switch data based on information at multiple layers Class of high-performance routers that provide L3 services and simultaneously forward packets at wire-speed through switching hardware Layer 3 switch
Uses ASIC HW: wire-speed PDU header rewrites and forwarding L3 switching speeds approximate those of L2 switching
Routing:
Via the switch virtual interface
A virtual interface in every VLAN Switch(config)#interface vlan vlan_id Switch(config-if)#ip address ip_add mask Switch(config-if)#no shutdown for VLAN 1
RS(config)#interface vlan 10 RS(config-if)# ip address 10.0.10.2 255.255.255.0 RS(config-if)# no shutdown RS(config)#interface f0/1 RS(config-if)# switchport mode trunk RS(config-if)# switchport trunk native vlan 1
Router(config)#interface f0/0.1 Router(config-subif)#encapsulation dot1q 1 native Router(config-subif)# ip address 10.0.1.1 255.255.255.0 Router(config)#interface f0/0.10 Router(config-subif)#encapsulation dot1q 10 Router(config-subif)# ip address 10.0.10.1 255.255.255.0 Router(config)#interface f0/0.20 Router(config-subif)#encapsulation dot1q 20 Router(config-subif)# ip address 10.0.20.1 255.255.255.0
Distributed architecture in which the control path and data path are relatively independent
Control path code (routing protocols) route processor Data packets forwarded by the switching fabric
L3 switching methods:
Route caching Topology-based using routing table information
Adjacency table
derived from the ARP table contains L2 rewrite (MAC) information for the next hop
CEF IP destination prefixes are stored in the TCAM table from the most specific to the least specific entry When the CEF TCAM table is full, a wildcard entry redirects to the L3 engine When the adjacency table is full, a CEF TCAM table entry points to the L3 engine to redirect the adjacency The FIB lookup is based on the L3 destination address prefix (longest match) FIB table updates
An ARP entry for the destination next hop changes The routing table entry for a prefix changes The routing table entry for the next hop changes
The switch installs wildcard CEF entries, which point to drop adjacencies The L3 engine informs the switch of its interfaces participating in MLS. The switch creates the (MAC, VLAN) L2 CAM entry for the L3 engine The L3 engine informs the switch about features for interfaces participating in MLS The L3 engine informs the switch about all CEF entries related to its interfaces and connected networks. The switch populates the CEF entries and point them to L3 engine redirect adjacencies
TCAM
Specialized piece of memory designed for rapid, HW based table lookups of L3 & L4 information
ARP throttling
Only the first few packets for a connected destination reach the L3 engine so that it can use ARP to locate the host Throttling adjacency is installed so that subsequent packets dont initiate more ARPs until an ARP reply is received Throttling adjacency is removed
When an ARP reply is received If no ARP reply is seen within 2 seconds
(2) A glean adjacency entry indicates that a particular next hop should be directly connected, but there is no MAC header rewrite information available (3) The L3 engine sends an ARP request for host B and installs the drop adjacency for host B. Then, subsequent frames destined for host B from host A are dropped (ARP throttling)
Punt adjacency Special handling in higher layers Discard adjacency packets are discarded Drop adjacency packets are dropped, but the prefix is checked
CEF configuration
CEF is enabled by default in Catalyst 6500 series Supervisor Engine 720 with PFC2, MSFC3, and DFC and cannot be disabled To enable/disable CEF on a 4000:
Router(config)#(no) ip cef
To monitor CEF:
Router#show ip cef Router#show ip cef detail Switch#show adjacency detail Switch#debug ip cef
Troubleshooting CEF is verifying that packets are indeed receiving the full benefit of CEF switching and not being punted to a slower packet switching or processing method punt action of sending a packet down to the next fastest switching level
The End