CCNP study notes: multilayer exchange

NBAR can distinguish data by application layer features, such as being able to identify BT traffic, identify file extensions, and so on. Therefore, we call the multi-layer switch, which means that the three-layer switch only emphasizes its three-layer function.
The three-layer switch includes a control platform and a data platform. The routing protocol runs on the control platform, and the data platform is used for forwarding data packets.

Stream-based forwarding: one route, multiple exchanges

Topology-based forwarding: Generate forwarding table FIB and adjacency list in advance, which is CEF (Cisco express forwarding)
CEF-based multilayer switch:

The control platform generates the FIB table and the adjacency list of the data platform through software, and the data platform forwards the IP unicast traffic through the hardware.

The FIB table is derived from the routing table, and the cached information is the routing information. The adjacency list is derived from the ARP table (CAM table), and the buffer is the Layer 2 next hop address of the FIB entry.

Centralized CEF: The FIB table and the adjacency list exist in the route processor, and are quickly forwarded by the route processor;

Distributed CEF: A copy of the FIB table and the adjacency table is stored in the circuit board. It can be quickly forwarded independently. The IPC (interprocess communications) mechanism ensures the synchronization of the FIB table and the adjacency list of the board and the routing processor.
Forwarding process:

1. layer 3 packets initiate TCAM(FIB) lookup;

2. the longest match returns adjacency with rewrite information;

3. the packet is rewritten per adjacency information and forwarded.

Comparison of three lookup routing table processes:

1. Process switching:

From the beginning to the end, find the most accurate match, if the corresponding next hop address, but also through a process of recursive lookup until the escape interface is found

2. Fast switching:

A route is exchanged multiple times, and a cache table based on flow control is established. An ip address in the table corresponds to an escape interface, and the cache table is directly queried when the table is looked up.

3. CEF (Cisco express forwarding) switching:

The routing information is cached in the FIB (Forawding information base) table. This table is based on the topology change and saved in the form of TCAM. The table is directly queried for the FIB table.
Fast switching improvement:

1. The entries in the cache table are 32-bit. When the data packet is forwarded, the cache is directly checked. If the match is found, the packet can be forwarded without having to check from the beginning.

2. Since the cache table is a destination address corresponding to an interface, there is no need to go through a recursive lookup process.

Shortcomings of Fast switching:

1. Because it is based on flow control, it cannot respond to changes in network topology or routing table in time. When the network topology changes, the cache table is completely refreshed, and then the cache table is re-established based on traffic forwarding. This way cannot reflect the network topology immediately. Variety.

2. Due to flow control, each destination will be recorded in the cache table, such as: 1.1.1.1 and 1.1.1.2 The final routing table will overflow!

CEF switching improvement:

1. The FIB table is in the form of TCAM, so the most detailed data is at the top of the table. The TCAM table results in 0, 1, and X. It is possible to match important positions. In addition, the ARP cache no longer participates in forwarding, but only assists in generating ADJ tables.

2. The FIB table is based on topology changes, so it can react to network topology changes from time to time.

Load balancing of three forwarding technologies:

1 Process switching, which can load balance based on source address, destination address, source port, and destination port.

2 Fast switching: Since the establishment of the cache table is stream-based, load balancing can only be based on the destination address.

3 CEF: The CEF can perform load balancing based on the source address, destination address, source port, and destination port. The FIB table is generated according to the routing table mapping. If there is a destination network corresponding to multiple escape interfaces, an entry is generated in the FIB table corresponding to multiple escape interfaces, and each escape interface has a pointer.
Corresponds to each interface in the adjacency list. When forwarding a data packet, the multi-layer switch matches the destination address of each data packet with the entry on the FIB table by the AND operation, and then calculates a string of unique codes by the hash algorithm to match the unique code of the ADJ table hash. If the destination address of the arrival has multiple escape interfaces, the data frame is repackaged according to the MAC address corresponding to the interface in the ADJ table, and the entire load balancing is performed in a round robin manner according to the information of the port corresponding to the pointer. The encapsulation of the address.


If you want to passed the exam successfully. you can review with ccie security 400 251dumps from evedumps.com  that will help passed exam at first attempt.
 I will also recommend the ccnp security 300 206 exam dumps too.