ENCOR (350-401): Cisco Express Forwarding (CEF)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey welcome back to the channel everybody this is Kevin and in this week's video we're gonna take a look at a topic from the encore exam blueprint let's examine number 350 - 4 0 1 this topic is saif cisco express forwarding and i'm going to show you a video clip from my live on core master class and in this video you're gonna see how SEF operates how it compares to other switching mechanisms and have a verified by the way when I say switching mechanisms please don't think Cisco Catalyst switching at layer 2 here we're talking about packet switching at layer 3 making forwarding decisions based on destination IP address information and if you enjoyed this video please do me a favor and click the like button down below and also subscribe so you don't miss any of our weekly content now enjoy this clip from my encore master class on Seth and the way that packet switching occurs could be really efficient in terms of processor power or it could be really inefficient in terms of processor power and we want to take a look at the at the two main options that are out there today because we're gonna be using both of them different times we're gonna use do different switching processes we're gonna start by talking about the the original the the ogea and that is process switching that's where and I remember this is what we were using on the router that I first started with this was the old Cisco AGS plush router back in thinking back in 1989 I was using this and back then we would send a packet into the router and that where that packet would be analyzed by the routers processor it would compare it to the routing table Oh looks like you go out of this interface and it would forward it on its way but can you imagine doing that today today some of our routers have gig interfaces some have 10 gig interfaces and our data center we have some interfaces that are running at at 40 gig and we're starting to see a little bit of 100 gig can you imagine just a 10 gig interface though all the traffic it's coming through that and our lowly router try our lonely processor trying to make all those decisions and what hopefully is close to real-time it's it's just not possible so we've got some other options but let's talk about wind process switching is going to be used because sometimes we do need to analyze that packet the routers processor does need to interact with that packet now I'll give you a few examples if I do a secure shell connection into the router for administrative purposes that's the time that's a time where I'm communicating with the routers process and because I'm interacting with the router directly another time I might use this is when I'm doing debugging for troubleshooting and we talk a lot more about troubleshooting by the way in the anar see in the NRC class and when you say debug IP ospf packet or something like that and you see all this information pop up on your screen or go to a syslog server well what's gonna happen is all those all those debugged packets are going to be analyzed to by the processor but this just like I said it's not gonna scale well for today's really high speed networks so let's take a look at some other options really the the other big option out there that we probably do want to be using is called SEF CEF cisco express forwarding and on many of our newer routers SEF is on by default by the way if it's not on you can simply type in in global configuration mode IP space SEF and it's that turns it on so it's pretty easy to turn on but let's talk about some of the characteristics of self like I said it's much preferred over process switching and it's going to be default on most of our devices and the reason we preferred so much is we pretty much leave the rapp processor out of the equation when traffic comes in in almost all cases the router processor is not involved because SEF Cisco Express forwarding it maintains its own tables which it can mathematically interrogate in a very efficient way specifically it contains these two different tables it contains something called and these are some good terms to write down the fib fib the fib is the forwarding information base and the forwarding information base is its it's essentially the routing table in fact that's how it gets populated we've got this fib 14 information base all right I'm scooting we've got the safe forwarding information base and we've got the routing table well when the routing table gets updated those updates are immediately written to the fib so think of that as a very efficient route lookup source that we can go to without bothering the route processor we also have an adjacency table which gives us information about our next hop devices many times in a routing table when we're trying to define how do we get to this destination Network it says here's your next hop well the adjacency table contains lots of information and I'll take you out live in just a few moments and we'll check that out but it contains lots of information about that next hop let's take a look at each of these tables one at a time though shall we the fib the forwarding information base this is our layer three information this is route prefixes as an example here's a here's a destination networks somewhere out there on our network or out on the Internet here is the way to get there we're going to go out of this egress interface here's the next hop IP address we'll get that kind of information and this gets updated every time the routing table has an update the writing table says I just updated I better tell the fib about that and it gets updated pretty much a real-time now back in the early days there there was a concern with the fib slowing there are the Ceph slowing down a little bit because if we hit it with too many requests it was the same concern that we have with the processor is Seth going to slow down and back in the very very early implementations of Ceph the answer was a little bit but today we've got these Asics these application-specific integrated circuits which are which are pretty much a real-time and so we don't have that worry any longer now the adjacency table that's going to give us him from about about who the next hop is who is adjacent to this router and we're gonna be able to see for example and I'll show you this as well but let's say we're going out of an Ethernet interface and I can see right here's this next hop its we're gonna go out of this interface here's my MAC address I'm gonna go out of the interface with this MAC address and I'm gonna go into their interface and their interface has this MAC address so we can see detailed information about about our neighbors about our directly connected adjacent devices and here's the topology really simple topology we're going to be working with and I want to take you out live right now and and let's just play around with some commands let's look at let's look at SEF let's look at process switching oh and I want to show you another one as well we didn't talk about this this is it really in the course but just to to round out our discussion there were sort of an intermediary packet switching mechanism that you might have heard of it's called fast switching fast switching that works like this yeah and in fact sometimes it was called route once switch many because there was this sort of like kind of like the FIB not quite as efficient but there was this table it was called the route cache and it would store routes and next hops kind of like the writing table but when a packet came into the router if the information about how to get to the destination network was not in the route cache then that first packet in a communication flow it would be routed up to the processor so we were doing some process switching but only the first packet in a flow and as soon as the wrap processor said oh yeah if we're going from this source to this destination you're going to go out of this interface and here's your next hop and that information was copied down into this route cache area so that was only the first packet that populated the route cache now every packet that came in that's part of that flow we don't have to bother the the processor we just used the route cache all right I think we're good now so let me try that one again I'm gonna do show IP SEF one more time we've got a prefix column which is showing the routes that might be in a routing table we're seeing what the next hop is if we're going to a next hop IP address and if we are or we're saying okay we're gonna go out we're going to go out of this interface to get there we've only got one network that's not directly connected to r1 so notice we've only got one prefix showing up for a non connected network and that is 192 dot zero dot dot let's see one ninety two dot zero dot 2 times your size 24 and we see that the next hop is two zero three zero dot one 13.2 and if you look at the topology that's router r2 and we're going to be going out of our interface gigabit 0/2 in order to get there what else do we see here well we also see networks that are directly attached to us if they're directly attached to us they have a next top of attached so right under this one that we were looking at notice we've got the one 98.1 150 our excuse me 198 51 dot 100.0 size 24 that's that's just off the top of our one it says it is attached and to get there we're gonna go out of interface gigabit 0/1 we also see the IP address of router r2 as an adjacent router and it says that it's attached isn't that interesting that's this two zero three zero dot one 13.2 yeah it says that it's attached so it's seeing that we're directly attached over a link anyway let's see oh some people are trying to type IP SEF not supported yeah it's not supported on every platform but normally it's it's IP SEF all right what else can we see on here the interfaces this is interesting some of these things are labeled receive why would something be reliable to receive well I'm going to be receiving on certain IP addresses for example 190 8.51 dot 100.1 / 32 that is gigabit 0 / 1 on our one that's a directly attached IP address and it's set to receive also notice we've got 190 8.51 dot 100 0 that's the network address of this attached network and we've got the directed broadcast of the attached network so all three of these are talking about that top link I've got the IP address of the interface I've got the I've got the network address and I've got the directed broadcast address and they are all set to receive now some things some things are saying drop what are we dropping well believe it or not we don't support multicasts we don't support multicast with a SEF so for our multicast address we are dropping that traffic for trying to find it here yeah here's our actually here's our multicast this is Kleiss e IP addresses we're dropping those as well we're dropping any any IP address that starts with a 0 and the first octet we're dropping loopback addresses what happens to those addresses that are getting dropped well SEF is going to send them it's called punting SEF is going to punt them to the next fastest switching mechanism and that's going to be maybe fast switching and maybe it's gonna go all the way back down to process switching so that's a look at the fit that's a look at the layer 3 table that's F Hughes's next up let's take a look at the adjacency table and I'll do a show adjacency detail command and here we've got well we've only got one a J to start with that one adjacency is this gigabit 0/1 interface off of r2 but we see its IP address we have an adjacency here's the IP address of that r2 interface to get there we're going to go out of our gigabit 0/2 interface and we see that we've got this big string of hexadecimal numbers what is that all about this is commonly misunderstood so let me break this down because this just looks like a bunch of gibberish right there but really we've got a couple of a couple of MAC addresses you see this first MAC address that I've just highlighted that first MAC address that is the ingress interface on r2 so when I'm sending my frame over to r2 what I have highlighted on screen right there that's the destination MAC address that I'm sending over at r2 now I'm coming out of my interface gigabit zero size - here's the MAC address that's my source so we've got the source and destination MAC addresses to get to this adjacency would anybody like to guess what 0 800 is go ahead and chat it in the the chat if you would go ahead and put that in the chat if you'd like to venture a guess what do you think the 0 and yeah I'm just killing 15 seconds because I know it that takes a while for you guys to type in a response but zero eight zero zero what is that that is the ether type that's the ether type code that's commonly seen on Ethernet addresses so zero eight zero zero that is our that is our eighth err type alright I wanted to show you a little bit about process switching and and we talked a little bit about switching we've taken a look at the the FIB we've take a look at the adjacency table so now let's let's see if we are using any processor resources to to route traffic here's a community might want to jot down I'll do a show processes CPU now this is going to show us all the processes and it goes on after screen after screen of all the processes running on our CPU right now but I want you to want to direct your attention to this CPU utilization line up top it gives us average processor utilization over a five minute period over a one minute period and over the last five seconds now interestingly over the last five seconds it gives us two percentages this first percentage is the total processor utilization over the last five seconds but you see this zero percent it's the number after the slash that's going to be that's going to be the amount of processor resources that was due to interrupts and that's what that's what process switching does it interrupts the processor to make a forwarding decision so right now it looks like I'm doing little if any process switching because this number is at a zero if I want it yeah let's say it's not a zero if I want to see exactly how much information or how much process switching I'm doing the if you want to jot this down not this is not examiner a little but I just think this is really good to know for the real world when you're doing troubleshooting the process that reflects process switching is called IP input IP space input that's the name of the process so what I'm going to do is I'm going to say show processes CPU but I'm going to pipe it to include IP input and it'll give us just that one line so here I see I see the at the five second to one minute and the the five minute averages and it's all zeroes that's because I'm not doing much why I technically I'm doing a little process switching because I'm telling it into this and that's gonna be using the processor but yeah I don't have any any production traffic flowing through there let's see what other thing if we talked about fast switching just real briefly let me show you this let's do a let's do a show interface gigabit 0/2 let's see is that the one we're using I'll do a gigabits or such one stats and this tells us very clearly for process here's your switching path and for process switching here's how many packets that we've switched with process switching and yeah I would accept I expected it to be some after all I have a conversation going on with the processor right now and we also have route cache now this is if we're using fast switching now I don't have face switching enable on this interface so it's zero if you wanted to turn on fast switching well first of all I piece uh I piece F that's the command I told you that would turn on SEF but not on every platform check your documentation but if I want to turn on fast switching for an interface I would go into let's say interface gigabit 0/1 and I would say IP route let me just show you though since that context-sensitive help to show you but it's route - cache let's find it here yeah it says this enables the fast switching cache remember this is the one where we're at once and we switch many [Music]

Info

Channel: Kevin Wallace Training, LLC

Views: 15,001

Rating: 4.9902439 out of 5

Keywords: cisco express forwarding, cef, cisco cef, 350-401, encor exam, cisco, CCNP, CCNP enterprise, ccna, ccie, Kevin Wallace, 200-301, #kwtrain

Id: dk2YtOoT0w4

Channel Id: undefined

Length: 19min 8sec (1148 seconds)

Published: Thu May 14 2020