Friday, November 13, 2009

Multilayer Switching

This next section walks through the switching process and focuses on order of operations. The order things happen is extremely important for two reasons. First, order of events is good test material. Second, understanding the processing order allows you to evaluate how the various filtering and forwarding mechanisms interact (examples include error checking, access-lists, VLAN access-lists, routing, and QoS).


Understanding the Switching Process

Steps involved in layer 2 forwarding are as follows:
  • Input
1. Receive frame.
2. Verify frame integrity.
3. Apply inbound VLAN ACL (Virtual Local Area Network
Access List).
4. Look up destination MAC (Media Address Code).

  • Output
1. Apply outbound VLAN ACL.
2. Apply outbound QoS ACL.
3. Select output port.
4. Queue on port.


Steps involved in layer 3 forwarding are as follows:

  • Input
1. Receive frame.
2. Verify frame integrity.
3. Apply inbound VLAN ACL.
4. Look up destination MAC.

  • Routing
1. Input ACL.
2. Switch if entry cached.
3. Identify exit interface and next-hop address using routing table.
4. Output ACL.

  • Output
1. Apply outbound VLAN ACL.
2. Apply outbound QoS ACL.
3. Select output port.
4. Queue on port.
5. Rewrite source and destination MAC, IP checksum and frame check sequence, and decrement TTL (Time to Live field in the IP header).
6. Forward.


Understanding the Switching Table

Content Addressable Memory (CAM) is used for MAC tables for layer two switching.

  • Used for Catalyst 4500 layer 2 forwarding tables
  • Used for Catalyst 6500 layer 2 and Netflow forwarding tables
  • Contains binary values (0 or 1)
  • Match must be exact

In comparison, MLS uses Ternary Content Addressable Memory (TCAM).

  • Used for Catalyst 3500/3700, 4500, and 6500 layer 3 switching
  • Ternary (3) values (0, 1, or wildcard)
  • Entries are in VMR form
—Value—Pattern to be matched.
—Mask—Masking bits associated with pattern.
—Result—Consequences of a match (permit/deny or more complex information).


Understanding Switch Forwarding Architectures

In a Centralized Forwarding model, the CPU controls forwarding decisions:
  • Decision made by single table
  • Used by 4500 and 6500

With Distributed Forwarding, the forwarding decisions are spread throughout the interface ASICs:
  • Decision made at port or module
  • Used by 3500/3700 and 6500 with distributed forwarding card
  • NetFlow switching
  • Decision made cooperatively by Route Processor and MLS
  • First packet switched in software, result cached
  • Subsequent packets switched in hardware

Cisco Express Forwarding (CEF) uses a different kind of memory to facilitate forwarding:
  • Uses TCAM
  • Topology-based switching (via Forwarding Information Base [FIB])
  • Can be centralized or distributed
Posted by at No comments:
Labels:

Thursday, November 5, 2009

InterVLAN Routing

VLANs divide the network into smaller broadcast domains, but also prohibit communication between domains To enable communication between those groups—without also passing broadcasts—routing is used.


InterVLAN Routing Using Multilayer Switches

Port roles
  • Virtual LAN (VLAN) Port—Acts as layer 2 switching port with a VLAN.
  • Static VLAN—Use the switchport command to identify VLAN.
  • Dynamic VLAN—Use VLAN Membership Policy Server (VMPS).
  • Trunk Port—Passes multiple VLANs and differentiates by tagging.

Use the switchport command to set parameters:
  • ISL(Interswitch Link) or 802.1Q
  • Switched Virtual Interface (SVI)—Virtual routed port in a VLAN
—Use to route or fallback bridge between VLANs
—Default SVI for VLAN 1 automatically created
—Associate with VLAN using interface vlan#

  • Routed port—Acts as layer 3 routed port
—Place in layer 3 mode with no switchport
—Not associated with VLAN
—Turn on routing using ip routing
—Assign address and enable routing protocols as needed


InterVLAN Routing

Multilayer switches do the following:
  • Enable IP routing using ip routing
  • Create SVI using interface vlan#
  • Assign an IP address to each interface
A router on a stick attaches the router to the switch using a trunk line (ISL or 802.1Q). Following are features of these:
  • Easy to implement
  • Use existing equipment
  • Much more latency than Multi-layer switching (MLS) solution
  • Configure by creating subinterface with interface fastethernet 1/0.7
  • Associate the VLAN to the interface with command encapsulation isl 7 or encapsulation dot1q 7
  • ISL—No address on main interface
  • 802.1Q—Address on main interface for native (untagged) VLAN
Posted by at No comments:
Subscribe to: Posts (Atom)