Table of Contents
Cisco Express Forwarding Overview
- Benefits
Restrictions
CEF Components
Supported Media
CEF Operation Modes
Additional Capabilities
Cisco Express Forwarding Overview
Cisco Express Forwarding (CEF) is advanced, Layer 3 IP switching technology. CEF optimizes network performance and scalability for networks with large and dynamic traffic patterns, such as the Internet, on networks characterized by intensive Web-based applications, or interactive sessions.
Procedures for configuring CEF or distributed CEF (dCEF) are provided in the "Configuring Cisco Express Forwarding" chapter later in this publication.
This chapter describes CEF. It contains the following sections:
Benefits
CEF offers the following benefits:
- Improved performance—CEF is less CPU-intensive than fast switching route caching. More CPU processing power can be dedicated to Layer 3 services such as quality of service (QoS) and encryption.
- Scalability—CEF offers full switching capacity at each line card when distributed CEF (dCEF) mode is active.
- Resilience—CEF offers unprecedented level of switching consistency and stability in large dynamic networks. In dynamic networks, fast switching cache entries are frequently invalidated due to routing changes. These changes can cause traffic to be process switched using the routing table, rather than fast switched using the route cache. Because the Forwarding Information Base (FIB) lookup table contains all known routes that exist in the routing table, it eliminates route cache maintenance and the fast switch/process switch forwarding scenario. CEF can switch traffic more efficiently than typical demand caching schemes.
Although you can use CEF in any part of a network, it is designed for high-performance, highly resilient Layer 3 IP backbone switching. For example, Figure 7 shows CEF being run on Cisco 12000 series Gigabit Switch Routers (GSRs) at aggregation points at the core of a network where traffic levels are dense and performance is critical.
Figure 7: Cisco Express Forwarding
In a typical high-capacity internet service provider environment, Cisco 12012 GSRs as aggregation devices at the core of the network support links to Cisco 7500 series routers or other feeder devices. CEF in these platforms at the network core provides the performance and scalability needed to respond to continued growth and steadily increasing network traffic. CEF is a distributed switching mechanism that scales linearly with the number of interface cards and bandwidth installed in the router.
Restrictions
- The Cisco 12000 series Gigabit Switch Routers operate only in distributedCEF mode.
- Distributed CEF switching cannot be configured on the same VIP card as distributed fast switchin.g
- Distributed CEF is not supported on Cisco 7200 series routers.
- If you enable CEF and then create an access list that uses the log keyword, the packets that match the access list are not CEF switched. They are fast switched. Logging disables CEF.
CEF Components
Information conventionally stored in a route cache is stored in several data structures for CEF switching. The data structures provide optimized lookup for efficient packet forwarding. The two main components of CEF operation are the following:
Forwarding Information Base
CEF uses a FIB to make IP destination prefix-based switching decisions. The FIB is conceptually similar to a routing table or information base. It maintains a mirror image of the forwarding information contained in the IP routing table. When routing or topology changes occur in the network, the IP routing table is updated, and those changes are reflected in the FIB. The FIB maintains next-hop address information based on the information in the IP routing table.
Because there is a one-to-one correlation between FIB entries and routing table entries, the FIB contains all known routes and eliminates the need for route cache maintenance that is associated with switching paths such as fast switching and optimum switching.
Adjacency Tables
Nodes in the network are said to be adjacent if they can reach each other with a single hop across a link layer. In addition to the FIB, CEF uses adjacency tables to prepend Layer 2 addressing information. The adjacency table maintains Layer 2 next-hop addresses for all FIB entries.
Adjacency Discovery
The adjacency table is populated as adjacencies are discovered. Each time an adjacency entry is created (such as through the ARP protocol), a link-layer header for that adjacent node is precomputed and stored in the adjacency table. Once a route is determined, it points to a next hop and corresponding adjacency entry. It is subsequently used for encapsulation during CEF switching of packets.
Adjacency Resolution
A route might have several paths to a destination prefix, such as when a router is configured for simultaneous load balancing and redundancy. For each resolved path, a pointer is added for the adjacency corresponding to the next-hop interface for that path. This mechanism is used for load balancing across several paths.
Adjacency Types That Require Special Handling
In addition to adjacencies associated with next-hop interfaces (host-route adjacencies), other types of adjacencies are used to expedite switching when certain exception conditions exist. When the prefix is defined, prefixes requiring exception processing are cached with one of the special adjacencies listed in Table 4.
Table 4: Adjacency Types for Exception Processing
| This adjacency type... | Receives this processing... |
|---|---|
|
Null adjacency |
Packets destined for a Null0 interface are dropped. This can be used as an effective form of access filtering. |
|
Glean adjacency |
When a router is connected directly to several hosts, the FIB table on the router maintains a prefix for the subnet rather than for the individual host prefixes. The subnet prefix points to a glean adjacency. When packets need to be forwarded to a specific host, the adjacency database is gleaned for the specific prefix. |
|
Punt adjacency |
Features that require special handling or features that are not yet supported in conjunction with CEF switching paths are forwarded to the next switching layer for handling. Features that are not supported are forwarded to the next higher switching level. |
|
Discard adjacency |
Packets are discarded. |
|
Drop adjacency |
Packets are dropped, but the prefix is checked. |
Unresolved Adjacency
When a link-layer header is prepended to packets, FIB requires the prepend to point to an adjacency corresponding to the next hop. If an adjacency was created by FIB and not discovered through a mechanism, such as ARP, the Layer 2 addressing information is not known and the adjacency is considered incomplete. Once the Layer 2 information is known, the packet is forwarded to the route processor, and the adjacency is determined through ARP.
Supported Media
CEF currently supports ATM/AAL5snap, ATM/AAL5mux, ATM/AAL5nlpid, Frame Relay, Ethernet, FDDI, PPP, HDLC, and tunnels.
CEF Operation Modes
CEF can be enabled in one of two modes:
Central CEF Mode
When CEF mode is enabled, the CEF FIB and adjacency tables reside on the route processor, and the route processor performs the express forwarding. You can use CEF mode when line cards are not available for CEF switching or when you need to use features not compatible with distributed CEF switching.
Figure 8 shows the relationship between the routing table, FIB, and adjacency table during CEF mode. The Cisco Catalyst switches forward traffic from workgroup LANs to a Cisco 7500 series router on the enterprise backbone running CEF. The route processor performs the express forwarding.
Figure 8: CEF Mode
Distributed CEF Mode
When dCEF is enabled, line cards, such as VIP line cards or GSR line cards, maintain an identical copy of the FIB and adjacency tables. The line cards perform the express forwarding between port adapters, relieving the RSP of involvement in the switching operation.
dCEF uses an Inter Process Communication (IPC) mechanism to ensure synchronization of FIBs and adjacency tables on the route processor and line cards.
Figure 9 shows the relationship between the route processor and line cards when dCEF mode is active.
Figure 9: dCEF Mode
In this Cisco 12000 series router, the line cards perform the switching. In other routers where you can mix various types of cards in the same router, it is possible that not all of the cards you are using support CEF. When a line card that does not support CEF receives a packet, the line card forwards the packet to the next higher switching layer (the route processor) or forwards the packet to the next hop for processing. This structure allows legacy interface processors to exist in the router with newer interface processors.
 |
Note The Cisco 12000 series Gigabit Switch Routers operate only dCEF mode; dCEF switching cannot be configured on the same VIP card as distributed fast switching, and dCEF is not supported on Cisco 7200 series routers. |
Additional Capabilities
In addition to configuring CEF and dCEF, you can also configure the following features:
- Distributed CEF switching using access lists
- Distributed CEF switching of Frame Relay packets
- Distributed CEF switching during packet fragmentation
- Load balancing on a per destination-source host pair or per packet basis
- Network accounting to gather byte and packet statistics
- Distributed CEF switching across IP tunnels
For information on enabling these features, see the next chapter "Configuring Cisco Express Forwarding."
>
CEF(Cisco Express Forwarding) 작동 원리
CEF(Cisco Express Forwarding)는 오늘날의 기업 및 서비스 제공업체 네트워크에서 일반적으로 발생하는 대량의 단기 트래픽 플로우를 처리하도록 포워딩 확장성과 성능을 향상시킨 Layer 3 기술입니다. 대량의 단기 플로우, 웹 기반의 또는 대화형 트래픽을 처리하는 환경의 요구를 충족하기 위해 CEF는 하드웨어 기반에서 모든 패킷을 포워딩하고 스위치를 통해 전달되는 플로우 수에 전혀 상관없이 포워딩 속도를 유지합니다.
Cisco Catalyst 6500 시리즈에서 CEF Layer 3 포워딩 엔진은 수퍼바이저 엔진의 PFC2 또는 PFC3(하드웨어 기반의 Layer 2 및 3 포워딩, ACL 검사, QoS 폴리스 처리 및 표시, NetFlow 통계 수집을 수행하는 장치와 동일한 장치) 중앙에 위치합니다.
CEF 아키텍처는 Cisco IOS 소프트웨어가 구성된 인터페이스와 라우팅 프로토콜을 정의하기 위해 작성하는 라우팅 테이블을 사용하여 CEF 테이블을 만든 후 이 테이블을 사용자 트래픽이 스위치를 통해 전송되기 전 하드웨어 포워딩 엔진으로 다운로드합니다. CEF 아키텍처는 Layer 3 포워딩 결정을 내리는 데 필요한 유일한 정보인 CEF 테이블에만 라우팅 접두어를 위치시켜 라우팅 프로토콜에 의존하여 경로를 선택합니다. 스위치는 CEF 테이블을 단순 검색하여 스위치를 통과하는 플로우 수에 상관없이 유선 속도로 패킷을 포워딩합니다.
CEF 기반 포워딩 요구 사항: Cisco Catalyst Supervisor Engine 2 또는 Catalyst Supervisor Engine 720이 필요합니다.
aCEF(accelerated Cisco Express Forwarding) 작동 원리
aCEF 기술은 기본-보조 관계로 함께 작동하는 2개의 포워딩 엔진을 사용하여 스위치를 통과하는 고속의 트래픽 플로우를 가속화합니다. 이 때 중앙 CEF 엔진은 Supervisor Engine 720의 PFC3에 있으며, 이보다 규모가 작은 분산 aCEF 엔진은 인터페이스 모듈에 있습니다. 중앙 PFC3은 초기의 포워딩 여부를 결정하며, aCEF 엔진은 결과를 저장하고 후속 패킷 포워딩을 로컬에서 결정합니다. aCEF 포워딩은 다음과 같이 작동합니다.
표준 CEF 포워딩에서와 마찬가지로 중앙 PFC3은 모든 사용자 트래픽이 스위치로 전달되기 전에 필요한 CEF 정보로 로드됩니다. 트래픽이 aCEF720 인터페이스 모듈에 도착하면 aCEF 엔진이 패킷을 검사하고, 특정 패킷 포워딩 정보가 있는지 여부를 확인하기 위해 중앙 PFC3에 질문을 보냅니다.
PFC3은 Layer 2, Layer 3, ACL, QoS를 비롯하여 이 패킷에 대해 하드웨어 기반의 포워딩 결정을 내립니다. aCEF 엔진은 포워딩 결정 결과를 저장하고 패킷 플로우의 내역에 따라 후속 패킷에 대해 포워딩 여부를 로컬에서 결정합니다. aCEF 엔진은 하드웨어 기반의 Layer 2 및 Layer 3 포워딩, ACL, QoS 표시 및 NetFlow를 처리합니다. 중앙 PFC3는 인터페이스 모듈의 aCEF 엔진에서 처리할 수 없는 모든 포워딩 여부를 결정합니다.
aCEF 기반 포워딩 요구 사항: Cisco Catalyst Supervisor Engine 720이 필요합니다.
dCEF(distributed Cisco Express Forwarding) 작동 원리
인터페이스 모듈에 위치한 포워딩 엔진은 dCEF를 사용하여 로컬 및 병렬로 포워딩 결정을 내려 Cisco Catalyst 6500 시리즈가 업계 최고의 포워딩 속도에 도달할 수 있도록 합니다. dCEF를 사용하면 포워딩은 인터페이스 모듈에서 병렬로 발생하며, 시스템 성능은 함께 작동하는 모든 포워딩 엔진을 통합하여 최대 400Mpps까지 증가합니다.
인터페이스 모듈에 위치한 DFC는 중앙 PFCx와 동일한 ASIC 엔진 설계를 사용하여 2개의 포트 간에 직접 또는 스위치 패브릭을 통해 수퍼바이저 엔진과 상관없이 패킷을 포워딩합니다(그림 5). 각 인터페이스 모듈에는 DFC와 함께 전체 포워딩 테이블 및 다음과 같은 dCEF 포워딩 작업이 포함된 전용 포워딩 엔진이 있습니다. 표준 CEF 포워딩에서와 마찬가지로 수퍼바이저 엔진에 위치한 중앙 PFC3과 인터페이스 모듈에 위치한 DFC 엔진은 사용자 트래픽이 스위치에 도착하기 전에 포워딩 테이블에서 파생된 것과 동일한 CEF 정보로 로드됩니다. 패킷이 인터페이스 모듈에 도착하면 DFC 엔진이 패킷을 검사하고 Layer 2, Layer 3, ACL, QoS를 비롯한 CEF 테이블의 정보를 사용하여 해당 패킷에 대해 완전히 하드웨어 기반의 포워딩 결정을 내립니다.
dCEF 엔진은 해당 모듈에서 트래픽에 대해 Layer 2 및 Layer 3 포워딩, ACL, QoS 폴리시 처리 및 표시, NetFlow 등 하드웨어 기반의 포워딩을 모두 처리합니다. DFC가 스위칭을 모두 로컬로 결정하기 때문에 수퍼바이저 엔진은 포워딩을 수행하지 않아도 되므로 라우팅, 관리, 네트워크 서비스 등 기타 소프트웨어 기반 기능을 수행할 수 있습니다.
출처 - 네트워크전문가따라잡기
