In last blog we discussed on how a frame is processed at layer 2 from ingress switch port to egress switch port. In this blog let us look at layer 3 i.e a packet being processed by a L3 or multi layer switch. Look at the number of steps a layer 3 switch should go through to process a frame and them imaging the speed of the box :)
The path a layer 3 packet follows through a multi layer switch is similar to that of a layer 2 switch. Each packet is pulled off from an ingress queue and inspected for both layer 2 and layer 3 destination address. Decision to forward the packet is based on two address tables.
Layer 2 forwarding table(CAM) :
The frame destination MAC address is used as an index or key into the CAM table(content addressable memory). If the frame contains a layer 3 packet to be forwarded , the destination MAC address is that of layer 3 port of the switch. In this case, the CAM table results are used only to decide that frame should be processes at layer 3.
L3 forwarding table (FIB):
The FIB also known as forwarding information base is consulted using the destination IP address as an index. The longest match in the table is found and the resulting next hop layer 3 address is obtained.FIB also contains each next hop entry's layer 2 MAC address and the egress switch port(VLAN ID) so that further lockups are not necessary.
Always remember irrespective of the routing protocol , administrative distance or metric the longest match is preferred in routing. Example if a switch is learning 10.1.1.0/25 from EIGRP and 10.1.1.0/24 from static, EIGRP is preferred over static as it has most exact match/longest match i.e /27.
Ternary Content addressable memory (TCAM) :
*Securing ACL - ACL can be used to identify frames according to their MAC address , protocol,IP address and layer 4 port numbers. TCAM's carry ACL's in compiled form so that a decision can be made on whether to forward a frame in a single table lookup.
*QOS ACL - Other ACL's which are used to classify incoming frames according to quality of service parameters, to control the rate of traffic flows and to mark QOS parameters in outbound frames.
As with layer 2 switching the packet finally must be placed in appropriate egress queue on the appropriate egress switch port.Layer 3 address identified the next hop and found its layer 2 address. The next hop layer 2 address must be put into the frame in place of the original destination MAC address. Frames's layer 2 source address also must be changes to the one of the multi layer switch
(L3 packet rewrite). Because the contents of packet and frame are changes, checksum is recalculated.
No comments:
Post a Comment