Cool Spy Gadgets » An overview of Cisco Express Forwarding

An overview of Cisco Express Forwarding

31.05.2009 | Author: Richard Hijinx | Posted in Computer

by Richard Hijinx

This article is intended for those new to CEF and its impact on the way MLS is done in Cisco hardware. This article can also serve as a review for those familiar with the concepts but are looking for a refresher. In this first article we are going to go over the components that make up this switching architecture followed by some fundamental examples to illustrate these components and concepts at work. Before we get started be sure to download the topology we are going to be using in the lab examples for clarity.

Modern Catalyst Multilayer switches utilize Cisco Express Forwarding-based Multilayer Switching. This terminology and architecture of this switching model can be tough to understand at first, but trust me, it really isn’t that difficult to grasp after you start working with it.

There are a couple different functions provided by a CEF-based MLS. The first function is building routing information. This routing information is built by the Layer 3 engine within the control plane and includes both static and dynamic routes. This information can be seen in the routing table. The second function provided by Cisco Express Forwarding is hardware switching of packets. Hardware switching of packets is done in the Layer 3 Forwarding Engine within the data plane. The data plane is where Cisco Express Forwarding works its magic. The control plane is where layer 3 decisions are made, when those layer 3 packets can NOT be switched in hardware.

Since Cisco Explress Forwarding’s provides it’s magic in the data plane, we will start with it. It is the most fun anyway. The Layer 3 Forwarding Engine within the data plane has two distinct components of its own.

CEF FIB is the first component, and the second is the CEF Adjacency table. The Cisco Express Forwarding Forwarding Information Base is basically just a reformatted routing table ordered such that the most specific routes are found first. The Forwarding Information Base contains next hop information for each prefix. The routing and next-hop information is built in software in the control plane, and then passed to the Layer 3 forwarding engine and placed in the FIB. It is really important to understand that this is basically a reordered routing table with some additional entries in it. When a packet enters the switch, the switch consults the FIB and finds the longest match prefix and obtains the next hop address. I know this doesn’t sound like magic yet, but stay with me, there is more and this stuff pretty neat.

The second component, the adjacency table, contains and maintains layer 2 addresses for every entry in the FIB. This table is built the same way the Forwarding Information Base is built. It is built from the ARP table that is built with the Layer 3 engine in the control plane and then passed to the Layer 3 Forwarding Engine and placed in the CEF Adjacency table. If you know how packets are encapsulated and rewritten as they make their way across a layer 3 network, you are probably beginning to develop an idea of what is going to happen with the adjacency table.

Having the Forwarding Information Base and Adjacency tables both handled in hardware, we’re able to see how Cisco Express Forwarding can dramatically improve the performance of layer 3 forwarding operations. It copies the work the Layer 3 Engine does in software, and the Layer 3 Forwarding Engine uses it to make multilayer switching decisions in hardware. Between the Forwarding Information Base having next hop layer 3 information, and the adjacency table having both the layer 3 and layer 2 information, CEF has at its disposal everything it needs to forward packets without consulting a routing table running in software, and without the need to do an ARP for layer 2 header rewrite. These operations are all in hardware and it all happens at line speed. Don’t you love it when tidbits of information are all pulled together.

Now, let’s take a look at two scenarios to see the paths packets take through a Cisco Express Forwarding-enabled MLS. In scenario 1, we have a valid FIB entry and associated adjacency table entry. A packet comes in the ingress interface, the Forwarding Information Base is consulted and an entry is found. The Forwarding Information Base is matched on the longest prefix. The layer 2 information is retrieved from the adjacency table and the packet is then forwarded through the packet rewrite engine, which rewrites the appropriate packet and frame header information at line speed and sends the packet out the egress interface. Notice that no ARP requests are made, no software based processing is performed, and frame information is written in hardware.

In scenario two, as a packet comes ingress on an interface, the Forwarding Information Base is consulted and is unable to be CEF switched because of one of several different reasons. At this point the packet is sent to the Layer 3 engine for further processing, which is known as a Cisco Express Forwarding punt. We aren’t going to cover all the scenarios in which a CEF Punt occurs here. We’ll save those more in depth scenarios for Part 2.

It should be obvious, but it is worth mentioning here for clarity. As changes happen in the routing and ARP tables that are maintained by the Layer 3 Engine, those changes are automatically sent to the Layer 3 Forwarding Engine. This updates the CEF Forwarding Information Base and the Adjacency tables instantaneously.

Now that we have all of the basics out of the way, it is time to start looking at the relationship between the routing table, ARP table, the Cisco Express Forwarding FIB table, and the CEF adjacency table. Let’s start by looking at the IP addresses of the connected interfaces of the 2 devices used in these demonstrations.

MPLS1#show ip interface brief

InterfaceIP-AddressOK?MethodStatusProtocol

FastEthernet0/0 unassigned YES NVRAM administratively down down

FastEthernet1/0 172.16.13.1 YES NVRAM up up

FastEthernet1/1172.16.12.1YESNVRAMupup

FastEthernet2/0172.16.15.1YESNVRAMupup

FastEthernet2/1 unassigned YES NVRAM administratively down down

FastEthernet3/0 unassigned YES NVRAM administratively down down

FastEthernet3/1 unassigned YES NVRAM administratively down down

Loopback0 10.0.0.1 YES NVRAM up up

Tunnel710.0.0.1YESTFTPupdown

Tunnel702 10.0.0.1 YES TFTP up down

Tunnel703 10.0.0.1 YES TFTP up down

MPLS2#show ip interface brief

InterfaceIP-AddressOK?MethodStatusProtocol

FastEthernet0/0 unassigned YES NVRAM administratively down down

FastEthernet1/0 172.16.12.2 YES NVRAM up up

FastEthernet1/1 172.16.23.2 YES NVRAM up up

FastEthernet2/0 172.16.24.2 YES NVRAM up up

FastEthernet2/1 172.16.25.2 YES NVRAM up up

FastEthernet3/0unassignedYESNVRAMadministrativelydowndown

FastEthernet3/1 unassigned YES NVRAM administratively down down

Loopback0 10.0.0.2 YES NVRAM up up

Let’s look at the routing table on MPLS1:

MPLS1#showiproute

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1-OSPFNSSAexternaltype1,N2-OSPFNSSAexternaltype2

E1-OSPFexternaltype1,E2-OSPFexternaltype2

i-IS-IS,su-IS-ISsummary,L1-IS-ISlevel-1,L2-IS-ISlevel-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o-ODR,P-periodicdownloadedstaticroute

Gateway of last resort is not set

172.16.0.0/28 is subnetted, 6 subnets

O 172.16.24.0 [110/2] via 172.16.12.2, 01:12:32, FastEthernet1/1

O 172.16.25.0 [110/2] via 172.16.12.2, 01:12:32, FastEthernet1/1

O 172.16.23.0 [110/2] via 172.16.12.2, 01:12:32, FastEthernet1/1

C 172.16.12.0 is directly connected, FastEthernet1/1

C 172.16.13.0 is directly connected, FastEthernet1/0

C 172.16.15.0 is directly connected, FastEthernet2/0

10.0.0.0/32 is subnetted, 2 subnets

O 10.0.0.2 [110/2] via 172.16.12.2, 01:12:32, FastEthernet1/1

C10.0.0.1isdirectlyconnected,Loopback0

…And now the FIB on MPLS1. Take note of the similarities and in particular the next hop addresses.

MPLS1#showipcef

Prefix Next Hop Interface

0.0.0.0/0dropNull0(defaultroutehandlerentry)

0.0.0.0/8drop

0.0.0.0/32 receive

10.0.0.1/32 receive

10.0.0.2/32 172.16.12.2 FastEthernet1/1

127.0.0.0/8 drop

172.16.12.0/28 attached FastEthernet1/1

172.16.12.0/32 receive

172.16.12.1/32 receive

172.16.12.2/32 172.16.12.2 FastEthernet1/1

172.16.12.15/32receive

172.16.13.0/28 attached FastEthernet1/0

172.16.13.0/32 receive

172.16.13.1/32receive

172.16.13.15/32 receive

172.16.15.0/28 attached FastEthernet2/0

172.16.15.0/32 receive

172.16.15.1/32receive

172.16.15.15/32receive

172.16.23.0/28 172.16.12.2 FastEthernet1/1

172.16.24.0/28172.16.12.2FastEthernet1/1

172.16.25.0/28 172.16.12.2 FastEthernet1/1

224.0.0.0/4 drop

224.0.0.0/24 receive

240.0.0.0/4drop

255.255.255.255/32 receive

Now we are going to look at the ARP table on MPLS1..followed by the CEF Adjacency table.

MPLS1#show ip arp

Protocol Address Age (min) Hardware Addr Type Interface

Internet 172.16.13.1 - ca00.0bd0.001c ARPA FastEthernet1/0

Internet 172.16.12.1 - ca00.0bd0.001d ARPA FastEthernet1/1

Internet 172.16.12.2 73 ca01.0bd0.001c ARPA FastEthernet1/1

Internet 172.16.15.1 - ca00.0bd0.0038 ARPA FastEthernet2/0

MPLS1#show adjacency detail

Protocol Interface Address

TAGFastEthernet1/1172.16.12.2(7)

0packets,0bytes

CA010BD0001C

CA000BD0001D8847

TFIB02:48:53

Epoch: 0

IP FastEthernet1/1 172.16.12.2(17)

0 packets, 0 bytes

CA010BD0001C

CA000BD0001D0800

ARP 02:48:53

Epoch:0

The correlations between all these tables show now be pretty obvious. Notice the last 4 digits on the line under the bolded MAC addresses. These are ethertype codes. 8847 is MPLS-IP. 0800 is Ethernet.

This brings Cisco Express Forwarding Part I to a conclusion. Hopefully I have provided you with a foundational knowledge of what CEF does and how it works. There are quite a few more details to be covered in later articles. Right now I just to get this introduction out there because we need to understand Cisco Express Forwarding and the FIB for MPLS Part 3.

About the Author:

Joe Doran is a Cisco certified engineer working toward the prestigious Cisco CCIE Certification. His blog details the journey and provides free tips and insight into this highly sought after certification track. Joe has a new article on Multiprotocol Label Switching

Share and Enjoy: