CEF Based Tables
CEF-based tables are initially
populated and used as follows:

- The FIB is derived from the IP routing table and is arranged for maximum
lookup throughput.
- The adjacency table is derived from the Address Resolution Protocol table,
and it contains Layer 2 rewrite (MAC) information for the next hop.
- CEF IP destination prefixes are stored in the TCAM table from the most
specific to the least specific entry.
- When the CEF TCAM table is full, a wildcard entry redirects to the Layer 3
engine.
- When the adjacency table is full, a CEF TCAM table entry points to the
Layer 3 engine to redirect the adjacency.
- The FIB lookup is based on the Layer 3 destination address prefix (longest
match).
FIB Table Updates
The FIB table is updated when the
following occurs:
- An ARP entry for the destination next hop changes, ages out, or is
removed.
- The routing table entry for a prefix changes.
- The routing table entry for the next hop changes.
These are the basic steps that occur to initially populate the
adjacency table:
Step 1 The Layer 3 engine queries the
switch for a physical MAC address.
Step 2 The
switch selects a MAC address from the chassis MAC range and assigns it to the
Layer 3 engine. This MAC address is assigned by the Layer 3 engine as a
burned-in address for all VLANs and is used by the switch to initiate Layer 3
packet lookups.
Step 3 The switch installs
wildcard CEF entries, which point to drop adjacencies (for handling CEF table
lookup misses).
Step 4 The Layer 3 engine
informs the switch of its interfaces participating in MLS (MAC address and
associated VLAN). The switch creates the (MAC, VLAN) Layer 2 CAM entry for the
Layer 3 engine.
Step 5 The Layer 3 engine
informs the switch about features for interfaces participating in
MLS.
Step 6 The Layer 3 engine informs the
switch about all CEF entries related to its interfaces and connected networks.
The switch populates the CEF entries and points them to Layer 3 engine redirect
adjacencies.
Ternary Content Addressable Memory Table -
TCAM
The Ternary Content Addressable Memory (TCAM) is a specialized
piece of memory designed for rapid, hardware based table lookups of Layer 3 and
4 information. In the TCAM a single lookup provides all Layer 2 and Layer 3
forwarding information for frames including CAM and ACL information.
Figure
displays
the ACL information stored in the TCAM table that would result in a packet
being permitted or denied. The following platforms use TCAMs for Layer 3
switching:Catalyst 6500, 4500, 4000 and 3550
TCAM matching is based on
three values: 0, 1, or x (where x is either number), hence the term ternary.
The memory structure is broken into a series of patterns and masks. Masks are
shared among a specific number of patterns and are used to wildcard some
content fields.
These two access control entries (ACEs) are referenced in
the figure as it shows how their values would be stored in the TCAM:
access-list 101 permit ip host 10.1.1.1
any
access-list 101 deny ip 10.1.1.0
0.0.0.255 any
The TCAM table entries in the figure
consist of types of regions:
-
Longest-match region – Each longest-match region consists of groups
of Layer 3 address entries ("buckets") organized in decreasing order
by mask length. All entries within a bucket share the same mask value and key
size. The buckets can change their size dynamically by borrowing address
entries from neighboring buckets. Although the size of the whole protocol
region is fixed, you can reconfigure it. The reconfigured size of the protocol
region is effective only after the next system reboot.
-
First-match region – The first-match region consists of ACL entries.
Lookup stops after first match of the entry.