03-25-2011 05:04 AM - edited 03-04-2019 02:33 AM
CAM (Content Addressable Memory) VS TCAM (Ternary Content Addressable Memory)
Multilayer switches forward frames and packets at wire speed by using ASIC hardware. Specific Layer 2 and Layer 3 components, such as routing tables or Access Control Lists (ACLs), are cached into hardware. Routing, switching, ACL and QoS tables are stored in a high-speed table memory so that forwarding decisions and restrictions can be made in high-speed hardware. Switches perform lookups in these tables for result information, such as to determine whether a packet with a specific destination IP address is supposed to be dropped according to an ACL.
Cisco Catalyst switches deploys these memory tables using specialized memory architectures, referred to as CAM and TCAM.
CAM stands for Content Addressable Memory which is a special type of memory used by Cisco switches. In the case of ordinary RAM the IOS uses a memory address to get the data stored at this memory location, while with CAM the IOS does the inverse. It uses the data and the CAM returns the address where the data is stored. Also the CAM is considered to be faster than the RAM since the CAM searches the entire memory in one operation.
CAM tables provide only two results: 0 (true) or 1 (false). CAM is most useful for building tables that search on exact matches such as MAC address tables. The CAM table is the primary table used to make Layer 2 forwarding decisions. In the case of Layer 2 switching tables, the switch must find an exact match to a destination MAC address or the switch floods the packet out all ports in the VLAN.
The table is built by recording the source address and inbound port of all frames. As frames arrive on switch ports, the source MAC addresses are learned and recorded in the CAM table. The port of arrival and the VLAN are both recorded in the table, along with a timestamp. If a MAC address learned on one switch port has moved to a different port, the MAC address and timestamp are recorded for the most recent arrival port. Then, the previous entry is deleted. If a MAC address is found already present in the table for the correct arrival port, only its timestamp is updated.
When a frame arrives at the switch with a destination MAC address of an entry in the CAM table, the frame is forwarded out through only the port that is associated with that specific MAC address. The information a switch uses to perform a lookup in a CAM table is called a key. For example, a Layer 2 lookup would use a destination MAC address and a VLAN ID as a key.
To view the contents of the CAM table, you can use the following EXEC command:
Switch# show mac address-table dynamic [address mac-address | interface type mod/num | vlan vlan-id]The entries that have been dynamically learned will be shown. You can add the address keyword to specify a single MAC address, or the interface or vlan keywords to see addresses that have been learned on a specific interface or VLAN. To see the CAM table's size, use the show mac address-table count command.
The problem with CAM is that it can only do exact matches on ones and zeros (binary CAMs), and here comes TCAM.
TCAM stands for Ternary Content Addressable Memory which can match a third state, which is any value. This makes TCAM a very important component of Cisco Layer 3 switches and modern routers, since they can store their routing table in the TCAMs, allowing for very fast lookups, which is considerably better than routing tables stored in ordinary RAM. TCAM is a specialized CAM designed for rapid table lookups.
TCAM provides three results: 0, 1, and "don't care." TCAM is most useful for building tables for searching on longest matches such as IP routing tables organized by IP prefixes. The TCAM table stores ACL, QoS and other information generally associated with upper-layer processing. As a result of using TCAM, applying ACLs does not affect the performance of the switch.
Most switches have multiple TCAMs so that both inbound and outbound security, as well as QoS ACLs, can be evaluated simultaneously or entirely in parallel with a Layer 2 or Layer 3 forwarding decision.
The term VMR (Value, Mask and Result) refers to the format of entries in TCAM. The "value" in VMR refers to the pattern that is to be matched; examples include IP addresses, protocol ports, DSCP values, and so on. The "mask" refers to the mask bits associated with the pattern and determines the prefix. The "result" refers to the result or action that occurs in the case where a lookup returns a hit for the pattern and mask.
This result might be a "permit" or "deny" in the case of a TCAM for ACLs, values for QoS policies in case of QoS or a pointer to an entry in the hardware adjacency table that contains the next-hop MAC rewrite information in the case of a TCAM used for IP routing.
To see the current TCAM resource usage, use the show tcam counts EXEC command. To see the current TCAM partitioning, you can use the show sdm prefer EXEC command.
Most of the traditional Layer 2 Cisco switches has only CAM for Layer 2 switching, while some Layer 2 Cisco switches has TCAM for QoS and not for routing, while layer 3 switches has the routing TCAM. CAM and TCAM are the most important parts of the so called ASICs that Cisco switches leverage for line-speed fast switching.
Catalyst switch architecture supports the ability to perform multiple lookups into multiple distinct CAM and TCAM regions in parallel. As a result of this ability to perform multiple lookups simultaneously, Catalyst switches do not suffer any performance degradation by enabling additional hardware-switching features such as QoS and IP ACL processing.
Thank you very much for this information. I would like to be extended explaining the relation between TCAM and CEF: FIB and Adjacency tables.
Thats an amazing explanation, please can you provide source of this information for more detail.
Really nice explanation and Most of the content is from the CCNP Switch official certification guide ( Pg54- Pg 62)
Awesome bro, I was missing this pertinent and accurate information.
Very useful :-)
Nice write up.
I have a question though. Most switches have their sdm template set to 'desktop default' which kind of defines the features that the switch's resources are optimized to support.
If you change this to say 'desktop routing' so that you can use the switch for more process-intensive routing :
i. Will this affect the switch's performance?
ii. Does it have any impact on lookup speed in the TCAM in the case of routing for example?
Hope the question is clear
For both your questions, the answer is, "it may".
For those switches that support SDM templates, changing the SDM template generally changes the amount of hardware resources set aside for a specific purpose. For example, changing the template from the default to routing, provides the capability to store more routes in TCAM, but to the detriment of other storage resources.
Whether this impacts performance depends on whether certain resources have overflowed the allocated hardware resources. For example, when you have more routers than can be stored in TCAM, the (excess) is stored in ordinary RAM and L3 forwarding performance may be very much degraded.
BTW, providing a larger TCAM allocation, then needed, does not increase performance. It's avoiding an insufficient TCAM allocation that's critical.
thanks, is a great explanation
Awesome explanation on how the CAM and TCAM works.
One of my teammates recently created a walk-through video on Nexus 9000 TCAM carving. I would encourage anyone to watch it to see if it helps fill any knowledge gaps regarding TCAM carving. It does a great job explaining how the default allocation works and carving. You can find the link here: https://www.youtube.com/watch?v=ISJ4C8ISKCw
Thank you very much. very informative
Thank you very much for this information.
I am researching LISP and it seems TCAM blows up when I am scaling multi-sites without new feature SD-Access Options: Extranet (Provider/Subscriber mechanism)
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: