close

在深入探討CEF技術前,建議您應具備CCNP程度以上之專業知識與資料結構

首先,我們必須精熟路由器處理封包的標準作業流程,以理解傳統的轉發模式的缺點,並清楚知道為何透過CEF能改善其缺點。請見圖

forwarding.png

圖片來源:Demystifying CEF

這是程序交換(process switching),內容如下:

1.當路由器收到訊框,會先檢查訊框校驗序(FCS),若FCS不匹配,丟棄訊框。

2.若匹配FCS,路由器會辨識乙太網路類型並對IP表頭進行處理。

3.若封包為IPv4,則驗證表頭檢查和;若為IPv6,則略過表頭檢查和,因為IPv6表頭沒有檢查和的欄位。

4.路由器檢查封包的目的IP欄位,並查詢狀態「link up、line protocol up」的介面;若封包匹配本地介面,表示封包已抵達目的地,若不匹配則進行轉發。

5.轉發封包之前,路由器會檢查TTL是否大於1?若大於1則進行繞送,反之則丟棄並回傳ICMP time exceeded訊息到發送者。

6.路由器提取封包目的IP來匹配路由表中最長、最完整的條目。

7.若匹配完成,路由器透過某些機制以建立新訊框並傳送;此機制是L3與L2的對應表,在乙太網路通常使用ARP。

8.路由器轉發封包前,TTL會扣1,這導致表頭內容改變,所以路由器重新計算檢查和。

9.轉發封包。

在程序交換談及路由表亦稱RIB(Routing Information Base)。所以我們理解到路由器處理一個封包做了很多的動作,但是一個流量可能只有一個封包嗎?明顯不是。或許在計算機網路誕生初期,程序交換的機制是可行的,因為當時不需要強大的硬體,網路的使用需求也非常小。但是很快地,網路規模在幾年內快速成長,路由器不可能對大量的每個封包做複雜的SOP。

 

於是高速交換(fast switching)應運而生。

這個機制允許封包遵循「繞送一次、交換多次」原則,某個流量的第一個封包做程序交換,並將結果儲存在快取以提升計算效率。

也就是若封包目的IP與快取是匹配的,則立即轉發。這個快取儲存了匹配的目的IP、下一跳與L2資訊,在高速交換談及的快取儲存機制亦稱FIB(Forwarding Information Base)。FIB是從RIB內容中動態構建的資料庫,不同的是,RIB的功能是儲存網路層可達性資訊,FIB是優化排序方式並提供高速檢索,這個結構稱「tree-like」。如圖

02.png

根亦可是終端節點,表示預設路由。然而改變快取內容是非常頻繁的,這是一個致命缺點。FIB的軟體概念就是tree-like結構,硬體實作使用三元內容可定址記憶體(TCAM,Ternary Content-Addressable Memory),這類型的記憶體具有特殊用途,就是高速檢索。

 

強大的CEF思科快速轉發。

CEF由2個元件組成:adjacency鄰接表、FIB表。也有人認為鄰接表就是CEF,我認為也沒有錯,因為FIB只是對RIB進行排序優化,然而CEF的定義在標準CCIE教材,描述是adjacency+FIB,這是清楚的。

然而我們對鄰接表似乎還有一點抽象,我將透過下方配置向您說明。

拓樸:

01.png

然後我們看R2鄰接表,請注意紅框內容:

02.png

請注意!紅框內容為十六進位值!

005079666800為PC的MAC地址、CA02216C0000為R2的f0/0、8100為dot1Q表頭類型、0002為vlan標籤、0800為ARP回覆(單播);補充,0806為ARP請求(廣播)。藍框內容為FIB檢索值,

我會把鄰接表看作是一個進階型ARP表,因為它包含更豐富的資訊。

Before we go to in-depth exploration for CEF technology, I suggest you should have professional knowledge for above CCNP level, and data structure.
First, we must proficient for router to handle packet, its SOP. Thus, we can understand traditional forwarding mode that disadvantage. And know clearly why CEF can improve its disadvantage. Please see image.

[image]
The image source:Demystifying CEF

It is process switching, its content as follow:
1. When router received frame, it checks Frame Check Sequence(FCS). If FCS has not match, discard it.
2. If FCS has match, router will verify type of ethernet and handle IP header.
3. If packet is IPv4, to check header checksum. If packet is IPv6, to ignore header checksum, because IPv6 header has not field of checksum.
4. router checking destination IP address in packet, and look up state "link up、line protocol up" for interface. If packet has match local interface, it represent packet arrived destination. If it has not match? to forward.
5. Before router forward packet, it has check that is TTL more than 1? If TTL is more than 1, to forward. If not? to discard and return message of ICMP time exceeded to sender.
6. Router has extracting destination IP address in packet, to match the longest, the most complete entry in routing table.
7. If previous step match finished, router will build new frame and transport by some mechanism. The mechanism is map table for L3 and L2. Such as ARP in ethernet.
8. Before router forward packet, is has decreased 1 for TTL. It caused header content had changed, so router has re-comptuing checksum.
9. Forwarding packet.

To talk about routing table also called RIB(Routing Information Base) in process switching. So we know router to handle one packet that is complex behavior.
But one traffic has maybe one packet only? Obviously not. Perhaps at beginning of computer network, mechanism of process switching is feasible.
Because it was not need strong hardware then, and demand of network also very small.
But quickly, scope of computer network was fast grow up. Router has impossible to handle lots of every packet that do complex SOP.

 

Then, fast switching is come into being.
The mechanism of fast switching that permit packet follow principle for "route once, switch many times". In some traffic, first packet was process switching, and its consult was stored in cache.
It can upgrade computing efficiently.

So if destination IP address of packet is matched cache, forward immediately. The cache has stored matched item for destination IP address, next hop and L2 info.
To talk about the mechanism cache store in fast switching called FIB(Forwarding Information Base). The FIB is a dynamic build database from RIB content.
The difference, RIB function is stored network layer reliability info, FIB is optimize sorting method and improve fast search. Its contructure called "tree-like".
[image]

Root can also be end node, it is default route. However, router has changed content of cache that very frequently. It is serious disadvantage.
The software concept of FIB is tree-like structure. The hardware implementation of FIB is used TCAM(Ternary Content-Addressable Memory). This memory of type has special purpose, is fast search.

 

Powerfully, Cisco Express Forwarding.
The CEF is consist of 2 components: adjacency table, FIB table. Some people think adjacency table is CEF, I think it is not error. Because FIB has only sorting optimization for RIB.
But definition of CEF in standard CCIE book, its description is adjacency table + FIB table, Obviously.
However, we seem to have a little abstraction for adjacency table. I will use below configuration and explain for you.
Topology:
[image]
And then, we look adjacency table in R2. Please notice content at red frame.

Notice! The content at red frame that is hexadecimal value!
005079666800 is MAC address of PC, CA02216C0000 is R2' f0/0, 8100 is header type, 0002 is vlan tag, 0800 is ARP reply(unicast); Add, 0806 is ARP request(broadcast). The content at blue frame that is FIB search value.
I had take adjacency table see as an advance ARP table, because it include more richer info than ARP.

arrow
arrow
    全站熱搜

    Chin 發表在 痞客邦 留言(0) 人氣()

    E-mail轉寄