Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
398
Views
1
Helpful
1
Comments

Understanding Cisco Express Forwarding (CEF) Architecture

Blue_Bird
VIP
VIP

‎03-31-2025 07:13 AM - edited ‎03-31-2025 09:58 AM

                                                                Understanding Cisco Express Forwarding (CEF) Architecture

Cisco Express Forwarding

FIB and Adjacency Tables

CEF Operation

CAM and TCAM Tables

 Cisco Express Forwarding (CEF):

  • The default switching method for many Cisco Routers and Multi-Layer Switch’s is CEF.
  • The Multi-Layer Switches will use the information from tables that are built by Control Plane to build Hardware Tables.
  • MLS use Routing  Table to build FIB (Forwarding Information Base) and use ARP Table to build Adjacency Table.
  • This is the Fastest Switching Method, because we now have all the Layer-2 and Layer-3 information required to forward IP Packets in Hardware.

Forwarding Information Base:

  • FIB is conceptually, similar to Routing table or Information Base.
  • FIB maintains a mirror image of  IP Routing Table.
  • When Routing or Topology changes occurred in the Network, the IP Routing Table is updated and those changes are reflected in FIB.
  • FIB maintains next-hop address information based on IP Routing Table.

Adjacency Table:

  • The Adjacency Table is derived from the ARP Table and stores the Layer-2 Next-hop address and Frame Header.

Cisco Express Forwarding can be enabled in one of these two modes:

Central Cisco Express Forwarding mode: When central Cisco Express Forwarding mode is enabled, the Cisco Express Forwarding FIB and adjacency tables reside on the route processor, and the route processor performs the express forwarding.

                       Blue_Bird_3-1743429069622.png

Distributed Cisco Express Forwarding mode: When distributed Cisco Express Forwarding is enabled, line cards in a chassis-based switch maintain identical copies of the FIB and adjacency tables.

You can use central Cisco Express Forwarding mode when line cards are not available for Cisco Express Forwarding switching or when you need to use features not compatible with distributed Cisco Express Forwarding switching.

                           Blue_Bird_4-1743429137171.png

Cisco Express Forwarding Operations:

                       Blue_Bird_5-1743429179571.png

The process involves these five main steps:

Step-1: An IP datagram is placed into the input buffers on the receiving line card (ingress line card), and the Layer 2/Layer 3 forwarding engine accesses the Layer 2 and Layer 3 information in the packet and sends it to the forwarding processor. The forwarding processor determines that the packet contains routing information. The forwarding processor sends the pointer to the RP virtual output queue (VOQ) and indicates that the packet in buffer memory must be sent to the RP.

Step-2: The line card issues a request to the clock and scheduler card. The scheduler card issues a grant, and the packet is sent across the switching fabric to the RP.

Step-3: The RP processes the routing information. The processor on the RP updates the network routing table. The processor generates the IP packets that carry the link-state information and the internal update for the FIB tables. Additionally, the RP calculates all the recursive routes that occur when support is provided for both an interior protocol and external gateway protocols. The calculated recursive route information is sent to the FIBs on each line card.

Step-4: The RP sends out internal updates to FIB tables on all line cards and includes those located on the RP. The FIB updates to the line cards are monitored and throttled if needed. The RP has a copy of each line card FIB table, so if a new line card is inserted into the chassis, the RP downloads the latest forwarding information to the new card once that card becomes active.

Steps-5: The RP is notified from the line cards whenever a new neighbor router is connected to the router. The processor on the line card sends a packet to the RP that contains the new Layer 2 information. The RP uses this Layer 2 information to update the adjacency table located on the RP and on the line cards. Each line card adds this Layer 2 information to each packet as the packet is sent from the router. A copy of the adjacency table is maintained on the RP for initialization purposes.

Once the line cards have enough forwarding information to determine the path through the switching fabric (for instance, the destination of the next hop), the router is ready to forward packets.

                      Blue_Bird_6-1743429313025.png

The following steps outline the simple and fast forwarding technique used by the router:

  1. An IP datagram is placed into the input buffers on the receiving line card (Rx line card), and the Layer 2/Layer 3 forwarding engine accesses the Layer 2 and Layer 3 information in the packet and sends it to the forwarding processor. The forwarding processor determines that the packet contains data and is not a routing update. Based on the Layer 2 and Layer 3 information in the FIB table, the forwarding processor sends the pointer to the appropriate line card VOQ, indicating that the packet in the buffer memory is to be sent to that line card.
  1. The line card scheduler issues a request to the scheduler. The scheduler issues a grant, and the packet is sent from the buffer memory across the switching fabric to the line card (Tx line card).
  2. The Tx line card buffers the incoming packets.
  3. The Layer 3 processor and associated ASICs on the Tx line card attach the Layer 2 information to each transmitted packet. The packet is duplicated for each port on the line card (if needed).
  4. The Tx line card transmitters send the packet across the fiber interface.

The advantage of this simple forwarding process is that most data transmission tasks can be done in ASICs and allows the router to operate at high rates. Also, data packets are never sent to the RP.

To Verify CEF

MLS# show ip cef

% CEF is not running

To Enable CEF

MLS(config)# ip cef

Blue_Bird_7-1743429421808.png 
Blue_Bird_9-1743429451866.png

To Disable CEF

MLS(config)# no ip cef

Blue_Bird_10-1743429480150.png

To Verify Adjacency Table

Blue_Bird_11-1743429504397.png

For example, If we have multiple paths from source to destination then you will find multiple next-hops in the cef table. If we're doing layer 3 load balancing, that means we could actually have multiple next-hops that we might want to use. And while that may be a little bit slower, this hardware switching would adversely affect layer 3 load balancing.

So we may want to disable cef on interfaces where we are doing layer 3 load balancing. In order to disable cef on an interface, we would have to go into that interface.

Blue_Bird_12-1743429719021.png

Introduction to CAM & TCAM TABLES:

  • One reason that Multi-Layer Switches are able to forward frames and packets at wire-speed is  because of special Hardware called ASIC’s (Application Specific Integrated Circuits) in Data Plane.
  • Information like Mac-addresses, Routing Table or Access Control List’s(ACL’s) are stored into ASIC’s.
  • The Tables are stored in Content Addressable Memory (CAM) and Ternary Content Addressable Memory (TCAM).

Content Addressable Memory (CAM) Table:

  • The CAM Table is used to store Layer-2 information like:
    • The Source MAC Address
    • The Interface where Switch learned the MAC Address on
    • To which VLAN the MAC Address belongs
  • Whenever the Switch receives an Ethernet Frame, it will use a hashing algorithm to create a “key” for the Destination MAC Address + VLAN.
  • Then it will compare this hash to the already hashed information in the CAM table.
  • This is why MLS is able to quickly lookup information in the CAM Table.
  • CAM works with binary operation:
    • Matches based on 0 or 1 values; no bits are ignored.
    • “HIT” returns a result (Output Port)
    • Used for MAC Address lookup
Blue_Bird_13-1743429762817.png

How CAM Works ?

  • A memory unit accessed by content is called CAM. This form of memory includes Hardware for high speed switching.
  • Each row which is used to store an item is called a slot.
  • A  Processor specifies a search key which the CAM hardware compares against each slot.
  • A search key is same as the size of the slot.
  • The CAM Hardware compares the key with each slot.
  • Hence, finds an exact match.
  • All the slots operate in parallel, hence time required to perform the search doesn’t depend on the number of slots.
  • CAM is used when lookup speed is more important than cost.
Blue_Bird_14-1743429802413.png

Ternary Content Addressable Memory (TCAM) Table:

  • The TCAM Table is used to store Layer-3 information like:
    • Access Control List
    • Quality of Service (QoS) Information
    • Routing Table
  • The TCAM Table can match on three different values:
    • 0 = Must be 0
    • 1 = Must be 1
    • X = 0 or 1 both acceptable
  • TCAM Table useful for a lookup where we don’t need an exact match.
  • When we look for a Mac-Address, we always requires an exact match.
  • But, whenever we need to match an IP Packet against Routing Table or Access Control List; don’t always need an exact match.
Blue_Bird_15-1743429843601.png

 

Thank you very much..!

Comments
Martin L
VIP
VIP
‎03-31-2025 07:48 PM

Very informative and Thanks for sharing!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents