$30 off During Our Annual Pro Sale. View Details »

Routing basics, CEF and static routing

Routing basics, CEF and static routing

This presentation covers how packet forwarding is done on the networking devices, how Cisco Express Forwarding (CEF) works and different ways to do static routing.

Dmitry Figol

May 25, 2016
Tweet

More Decks by Dmitry Figol

Other Decks in Technology

Transcript

  1. Routing basics/CEF
    and static routing
    Dmitry Figol
    CCIE R&S #53592
    dmfigol.me
    May, 2016

    View Slide

  2. Routing basics
    2

    View Slide

  3. About me
    @dmfigol
    dmfigol
    dmfigol.me
    dmfigol
    dmfigol
    3

    View Slide

  4. 4
    • Routing
    • Finding the optimal way towards destination
    • Switching
    • Moving packet between interfaces
    Intro to routing and switching

    View Slide

  5. 5
    • When the packet comes in, the router does the following:
    • Checks and removes L2 header, gets destination IP
    • Routing process
    • Switching process
    • L2 encapsulation
    Packet forwarding

    View Slide

  6. 6
    • Find the longest match based on destination IP in routing table (RIB)
    • The goal is to select outgoing interface and Next Hop IP address (if
    applicable)
    Routing process

    View Slide

  7. 7
    Routing table - example

    View Slide

  8. 8
    • Recursive Lookup
    • Contains useless information for forwarding:
    • For example, Administrative Distance and Metric
    • Single lookup has linear complexity O(n)
    • Stored in RAM
    • Verification: show ip route [ip-address [mask]]
    Routing table (cont.)

    View Slide

  9. 9
    • Metric (maximum is 232-1 = 4294967295):
    • Used to choose the best route within a single routing protocol (there are
    exceptions)
    • Administrative distance (0..255):
    • Used to choose the best route between routing protocols
    Routing table (cont.)

    View Slide

  10. 10
    Routing table (cont.) - AD
    Route Source Value
    Connected 0
    Static 1
    EIGRP summary 5
    eBGP 20
    EIGRP internal 90
    IGRP 100
    OSPF 110
    IS-IS 115
    Route Source Value
    RIP 120
    EGP 140
    ODR 160
    EIGRP external 170
    iBGP 200
    NHRP 250
    DHCP learned 254
    Unknown* (not installed) 255

    View Slide

  11. 11
    • Static
    • Dynamic:
    • IGP:
    • Distance-vector (RIP, EIGRP)
    • Link-state (OSPF, IS-IS)
    • EGP:
    • Path-vector (BGP)
    Routing protocols

    View Slide

  12. 12
    • Process-switching
    • Fast-switching
    • Cisco Express Forwarding (CEF)
    Switching process

    View Slide

  13. 13
    • Knowing outgoing interface and Next Hop address is not always enough
    for packet rewrite
    • Point-to-point links (PPP, HDLC) – no additional information required
    • Point-to-multipoint links (Ethernet, Frame-relay, ATM) – L2 Destination
    Address is required (from ARP cache, Frame-Relay/ATM mappings)
    L2 Encapsulation

    View Slide

  14. 14
    • Data plane – traffic through the device
    • Control plane – traffic to the device:
    • Routing protocols hello/updates
    • BPDU
    • FHRP and others
    • Management plane – part of control plane:
    • SSH/Telnet
    • SNMP
    Traffic types

    View Slide

  15. 15
    • Central processing unit (CPU) is the brains of the network device
    • Handles control plane
    • Can do anything
    • Can’t do packet forwarding with high throughput
    *Note: DPDK project enables x86 multi-core processors to forward 200+ Gbps
    Processors: CPU and ASIC

    View Slide

  16. 16
    • Application specific integrated circuit (ASIC) is circuit with transistors
    • Very fast, but dumb
    • Designed specifically to move packets
    • Expensive
    • Not possible to program new features
    • Responsible for data plane
    Processors: CPU and ASIC

    View Slide

  17. 17
    • Random Access Memory (RAM) is the most common type of memory
    • Value is accessed by pointer (memory address)
    • Cheap
    Memory: RAM, CAM and TCAM

    View Slide

  18. 18
    • Content-addressable memory (CAM)
    • Value is accessed by a key, not a pointer
    • Very fast
    • Expensive
    • High power consumption
    • O(1) constant time lookup
    • Used in switches for MAC address table
    Memory: RAM, CAM and TCAM

    View Slide

  19. 19
    • Ternary Content-addressable memory (TCAM)
    • Value is accessed by a key, which consists of not only 0 and 1, but also
    don’t care bits.
    • Very expensive
    • High power consumption
    • O(1) constant time lookup!
    • Used for next-hop lookup (CEF table), ACL (security and QoS)
    Memory: RAM, CAM and TCAM

    View Slide

  20. 20
    • Recursive lookup is performed by CPU in RIB
    • There is special process responsible for process-switching – IP Input
    • The following traffic is process-switched:
    • Control plane
    • Locally generated (not all)
    • No L2 adjacency information
    • ACL logging
    Process-switching

    View Slide

  21. 21
    • First packet for source-destination IP pair is process-switched
    • IP pair and corresponding encapsulation information is added to the
    cache
    • Following packets are forwarding based on the entry in cache
    • Deprecated
    Fast-switching

    View Slide

  22. Cisco Express
    Forwarding

    View Slide

  23. 23
    • The idea is to precompute and optimize information in RIB:
    • Resolve recursive lookup and get rid of useless information
    • Add pointer to pre-built L2 header in Adjacency table
    • The new table is called Forwarding Information Base (FIB) or CEF table:
    • Contains prefix, NH, outgoing interface, pointer to L2 header
    • Stored in DRAM [O(1) using 256-way mtrie data structure] and TCAM [if exists,
    also O(1), but much faster]
    • The lookup is done during the interrupt (process scheduling is not
    required)
    Cisco Express Forwarding (CEF)

    View Slide

  24. 24
    • Verification:
    show ip cef [ip-address [mask]] [detail] [internal]
    • Shows NH, outgoing interface, MPLS labels (if applicable)
    • Internal keyword shows pointer to Adjacency entry and hash buckets
    • Disable CEF:
    (config)# no ip cef
    CEF (cont.)

    View Slide

  25. 25
    • CEF process takes information from all L3-to-L2 mappings and builds L2
    header
    • Adjacency table contains NH, interface, associated L2 Header
    • Stored in RAM
    • Pitfall: CEF process does not allow adjacency to age out
    • clear arp won’t delete ARP entry if it can be revalidated
    • Verification:
    show adjacency [detail]
    CEF – Adjacency table

    View Slide

  26. 26
    • Cache
    • Glean
    • Receive
    • Punt
    • Null
    • Discard
    • Drop
    CEF – Adjacency types

    View Slide

  27. 27
    • CEF basically allows to forward traffic without CPU
    • Depending on platform there can be zero, one or more ASICs.
    • The same applies for TCAM
    • All L3 switches have TCAM, only some routers have it
    • TCAM stores not only FIB, but ACL and QoS rules, however the
    allocation is predefined
    • On some platforms you can change allocation profile
    CEF on hardware-based platforms

    View Slide

  28. 28
    CEF on hardware-based platforms (cont.)
    RIB
    ARP Cache
    Other L2
    information
    FIB
    (CEF Table)
    Adjacency
    table
    TCAM
    RAM
    ASIC

    View Slide

  29. 29
    • Routing protocols can install several routes for the same prefix
    • How will CEF decide where to send packet?
    • CEF is doing load-balancing per-flow
    • By default, it takes source-destination IP pair, feeds it to the hashing
    algorithm, returns the number of the bucket
    • Buckets are allocated automatically per next-hop, depending on the
    traffic share count in RIB
    CEF – Load balancing

    View Slide

  30. 30
    • Verification:
    • show ip cef [ip [mask]] internal – shows NH-to-bucket distribution
    • show ip cef exact-route – shows NH and interface
    for source/destination IP pair
    • Change load balancing method (not recommended):
    (config-if)# ip load-sharing per-packet
    CEF – Load balancing (cont.)

    View Slide

  31. 31
    • Hash algorithm is deterministic, meaning that for the same
    source/destination IP pair the bucket (outgoing link) is the same.
    • Result is that some links can be underutilized (especially if we have
    chain of routers with ECMP).
    • One possible solution is to include L4 ports in hashing (if supported):
    (config)# ip cef load-sharing algorithm include-ports
    [source [destination]]
    CEF polarization

    View Slide

  32. Static routing

    View Slide

  33. 33
    • The way to install an entry in RIB manually
    • Usually overrides entries installed via dynamic routing protocols
    • Advantage: gives full control over path selection in your network
    • Main disadvantage: huge administrative burden
    • Syntax:
    (config)# ip route prefix mask [NH-IP | interface [NH-IP]]
    [distance] [track track]
    • Verification:
    # show ip route [static]
    Static Routing

    View Slide

  34. 34
    • There are three different ways to configure where the traffic should go
    for specific prefix:
    • By specifying next-hop IP address
    • By specifying outgoing interface
    • By specifying both
    Static Routing (cont.)

    View Slide

  35. 35
    • Recursive lookup is required to find outgoing interface
    • On multipoint interfaces resolution of next-hop IP address is required
    (ARP cache, Frame Relay/ATM mapping)
    • Static route is installed into RIB only if recursive lookup is successful
    (outgoing interface was found)
    • It will stay in RIB even if next-hop is covered only by valid default route
    Static Routing to next-hop

    View Slide

  36. 36
    • Recursive lookup is not required because we know outgoing interface
    • On point-to-point interface we can send the packet right away
    • On multipoint interface first we need to find L2 address for the
    destination IP
    • For every new destination IP address in the packet we will install entry in ARP
    cache
    • It can still work if Proxy Arp is enabled (which is enabled by default in IOS)
    • Static route is installed into RIB only if line protocol of the outgoing
    interface is up
    • Use only for point-to-point interfaces!
    Static Routing to outgoing interface

    View Slide

  37. 37
    • Recursive lookup is not required because we know outgoing interface
    • On point-to-point interface we can send the packet right away
    • On multipoint interface first we need to find L2 address for next-hop IP
    address
    • Static route is installed into RIB only if line protocol of the outgoing
    interface is up
    Static Routing to outgoing interface and NH

    View Slide

  38. 38
    • Floating static route is a route that has AD higher than default and is
    not installed into RIB under normal operation, because there is another
    preferred path
    • Once primary path fails floating static route can be installed
    • For example:
    • Primary static default route has AD 1 and tracking (based on IP SLA) or BFD
    • Secondary static default route has AD 2 or higher
    • Once tracking object/BFD goes down, primary route is deleted from RIB and
    secondary route is installed
    Floating static routes

    View Slide

  39. R1 has one interface up/up with IP in subnet 188.1.12.0/24. You
    configure the following:
    Question: Which static routes will be installed in RIB?
    39
    Recursive lookup for static routes - exercise

    View Slide

  40. Answer:
    Rule:
    If the best route for the next hop also covers the entire address space of
    the static route under the question, it will NOT be installed.
    40
    Recursive lookup for static routes - rule

    View Slide

  41. 41
    • Inside Cisco IOS Software Architecture book by Russ White
    • IP Routing FAQ
    • Switching Paths
    • Load Balancing with CEF
    • Troubleshooting load balancing with CEF
    • CAM vs TCAM
    • CEF polarization
    Additional Resources

    View Slide

  42. Thank you

    View Slide