3

Currently studying the switching methods, someone could confirm to me the assumptions as follows ? I also would have some questions.

  • Generally the layer-2 switches have ASIC components with CAM memory to perform the frames forwarding
  • Generally the layer-3 switches have ASIC components with TCAM memory to perform the packets forwarding
  • Regarding CEF, 1) when running in software, the FIB and Adjacency tables are stored in RAM and processed by CPU, and 2) when running in hardware, the FIB and Adjacency tables are stored in TCAM and processed by ASIC
  • Regarding the Fast Switching method, does the fast-switching cache could be like the CEF switching, stored either in RAM or in TCAM if the switch has TCAM capability ?
  • Finally, regarding a practical point of view, do a Cisco Catalyst 3850, and Catalyst 4500 have ASIC and TCAM memory ? Only CAT 6500 and 7600 Series Routers and Switches seems to have TCAM.

Thanks.

Ron Maupin
  • 99,565
  • 26
  • 120
  • 195
bdes31
  • 1,085
  • 8
  • 17
  • Did any answer help you? If so, you should accept the answer so that the question doesn't keep popping up forever, looking for an answer. Alternatively, you could provide and accept your own answer. – Ron Maupin Apr 01 '18 at 21:22

3 Answers3

4

(Probably) most switches today use bulk silicon (Broadcom is very popular), ASICs are much more expensive and often slower.

Simple CAM is used for switching, routing/L3 switching requires TCAM because the prefix length varies.

I don't think CEF is ever done in software as the main point is to speed up the forwarding process and reduce latency.

Using standard RAM for the forwarding table poses the problem that it has to be sequentially searched for a match. CAM provides a match with a single step.

Note that hardware switching/routing always use (T)CAM, regardless of whether the switching engine is an ASIC or bulk silicon.

Zac67
  • 84,333
  • 4
  • 69
  • 133
  • 1
    Thanks ! What are you calling bulk silicon ? Could you develop this point please ? – bdes31 Feb 25 '18 at 19:56
  • Bulk silicon is commodity switching hardware that's being sold on the free market, available to anyone building switches. An ASIC is silicon developed in-house by a switch vendor. (There may be different definitions/terms, these are probably the most common.) – Zac67 Feb 25 '18 at 21:22
  • 4
    From a hardware perspective, what you're calling "bulk silicon" is exactly an ASIC. The only difference is if the chip is developed by the company whose name shows up on the outside of the box. I can't find any references to "bulk silicon" in the context you're using it. – Jonathon Reinhart Feb 26 '18 at 04:06
  • ASIC is this context is used for vendor-specific custom chips while bulk or merchant silicon refers to more generic chips, check e.g. https://blogs.cisco.com/datacenter/cisco-cloud-scale-asic-switches-get-a-2-year-advantage-over-merchant-silicon-switches Technically of course, all are ASICs as in application-specific. – Zac67 Feb 26 '18 at 07:25
4

Since you have used Cisco terminology in your question, I will assume that you are only talking about Cisco equipment. Also I will assume that you are only interested in L2+L3 devices (like the Cisco Catalyst family of switches), not in the pure L3 devices (like the ISR and ASR routers).

As Zac67 points out, there are some models of Cisco switches with just pure Layer 2 capability and zero Layer 3 capability. All switches in the Catalyst series are, however, capable of some layer 3 functionality, although the software may deliberately disable some layer 3 functionality based on the license etc. and I will confine my answer to these L2+L3 devices.

Rather than distinguish the behaviour based on "this is what a layer 2 switch contains" and "this is what a layer 3 switch contains", a more useful discussion would be based on how layer 2 switching (bridging) is done and how layer 3 switching (routing) is achieved. I will use the word "forwarding" to mean both bridging and routing.

At a high level, there are two approaches: software forwarding and hardware forwarding. As the name suggests, in hardware forwarding the ASIC forwards the packet. In software forwarding the packet reaches the CPU where the software code will examine the various fields of the packet and determine which interface(s) the packet will have to be sent out on. Hardware forwarding is much faster, but software forwarding is more flexible because it is just based on code that some programmer writes.

It is important to note that hardware and software forwarding co-exist. In the ideal case all packets will be forwarded in hardware, but there are situations where the packet cannot be forwarded in hardware and must be forwarded in software. There are many examples of this. For example, there is no Cisco ASIC that supports Appletalk routing, but there are IOS versions that still support Appletalk. If the switch receives an Appletalk packet, and Appletalk is configured, the packet is sent to the software where the Appletalk routing code will route the packet to the correct interface. Another example is an IPv4 packet with one or more Header Options fields present. Another example is when there are so many routes that the hardware table (i.e. ASIC TCAM) is unable to accommodate more routes.

Cisco IOS uses multiple techniques for L3 routing a packet in software: (1) process switching (2) fast switching and (3) CEF switching. These are all different software techniques, with different performance in terms of the maximum number of packets that can be routed per second. Fast-switching #2 is somewhat obsolete. CEF switching uses a software data structure called FIB in order to determine the output interface to which a packet must be sent.

L2 bridging in software has no specific named technique. It's just called "L2 bridging in software".

Coming now to hardware forwarding. ASICs are designed by the vendor keeping in view the requirements of the market segment, one of them being performance and the other requirement being cost. So the components that go into an ASIC are basically the cheapest components that can be put in while at the same time meeting the performance criteria. What I am trying to say is that there is no hard and fast rule that says that L2 bridging must always use a CAM. Yes, for L3 routing, because the requirement is to match on variable length CIDR masks, a TCAM is the most efficient component to use going by today's available technology. However, for doing, say, L2 MAC address lookup (which is a full 48-bit lookup), an ASIC designer may be able to get away by using a cheaper RAM-like component (especially if the entries can be hashed or sorted or arranged in such a way that lookup time can satisfy the performance constraint).

The layer 3 route lookup TCAM in Cisco switches is a hardware representation of the FIB. In other words, the same FIB data structure that is used in software L3 routing technique #3 above is programmed in the hardware TCAM to achieve hardware routing of IPv4 and IPv6 packets.

Note that TCAMs are also used in ASICs for other reasons than L3 routing. One example is to implement security ACLs, and to identify packets for QoS treatment. Cisco 4500 and 3850 switches have TCAMs for both L3 routing as well as for security/QoS.

Final note on "merchant silicon". In recent years, there is a school of thought among major equipment vendors (Cisco, Juniper, Arista...) that there is only so much "secret sauce" that can be put into ASICs, i.e. there isn't much competitive advantage to designing their own custom ASICs for doing L2/L3 forwarding. The competition is now in software innovation, and for this reason the thought process is "why not just source the ASIC from vendors like Broadcom, and focus the innovation efforts in software?" Having said that, at least Cisco has invested several billions of dollars over several decades to build in-house ASICs, and there is a reluctance to just throw it all away.

mere3ortal
  • 2,416
  • 1
  • 10
  • 14
3

To add to Zac67's answer.

Don't confuse layer-2 frame switching with layer-3 packet switching (routing). Layer-3 switches are primarily layer-2 switches with a layer-3 (routing) module, and FIB/CEF/fast switching, etc. are for layer-3 packet switching.

The Cisco switches, including the 3850 and 45xx all have some TCAM. They can be run as layer-3 switches, assuming you have the correct license.

Ron Maupin
  • 99,565
  • 26
  • 120
  • 195
  • Yes it was a mistake in my post, I will edit it for specify layer-3 switch. Thanks. So regarding your answer, if FIB/CEF/fast switching is only for layer-3 packets switching, there are no particular technics for pure layer-2 frames switching optimization ? It's only performed with the CAM table with no cache or others technics ? Also you mentioned "They can be run as layer-3 switches", so a layer-3 switch has systematically a TCAM table ? There are no layer-3 switch working with RAM and CPU for packets forwarding ? – bdes31 Feb 25 '18 at 19:53
  • Layer-2 switching has become a commodity, and it is primarily performed in hardware. It does require CAM, and it only uses the layer-2 frame addresses. Layer-2 switches typically have tiny (hardware) buffers. More recently, features (IGMP snooping, packet classification and marking, DHCP snooping, etc.) for layer-3 packets have been added to layer-2 switches, and TCAM can be used for these new features. TCAM allows for a mask on the content to be searched, and that is particularly useful for layer-3 addresses. See https://networkengineering.stackexchange.com/q/43736/8499. – Ron Maupin Feb 25 '18 at 20:01