Deploying Cisco Express Forwarding – CEF-Based Multilayer Switching
What is Layer 2 switching?

Layer 2 switching forwards frames based on information in the Layer 2 Frame header as shown in the figure. Layer 2 switching occurs in hardware thereby decreasing latency introduced by software switching typically found in original bridge platforms. Switch hardware utilizes specialized chips, called application-specific integrated circuits (ASICs), to handle frame manipulation and forwarding. Because the majority of frame manipulation and forwarding decisions occur in hardware, Layer 2 switching can provide wire-speed performance in ideal circumstances.

A Layer 2 switch builds a forwarding table as it records the source MAC address and the inbound port number of received frames. Because the switch simply moves frames from one port to another, based on the information in the forwarding table, operation is said to be transparent; the sending end station is unaware of the switch path traversed by the frame.

Additionally, the frame can be checked against access control list (ACL) and quality of service (QoS) criteria that originate in Layer 3 software, but are stored in tables in switch hardware, to facilitate wire-speed lookups. This process provides frame forwarding at wire-speed while still qualifying the forwarding based on upper layer criteria.

What are Layer 2 Switching Tables?
Routing, switching, ACL and QoS tables are stored in a high-speed table memory so that forwarding decisions and restrictions can be made in high-speed hardware. Cisco Catalysts have two primary table architectures:

  • CAM Table – content addressable memory table. This is the primary table used to make Layer 2 forwarding decisions. The table is built by recording the source address and inbound port of all frames. When a frame arrives at the switch with a destination MAC address of an entry in the CAM table, the frame is forwarded out only the port associated with that specific MAC address.
  • TCAM Table – tertiary CAM table. This table stores ACL, QoS and other information generally associated with upper layer processing.

Table lookups are done with efficient search algorithms. A "key" is created to compare the frame to the table content. For example, the destination MAC address and VLAN ID (VID) of a frame would constitute the key for Layer 2 table lookup. This key is fed into a hashing algorithm, which produces a pointer into the table. The system uses the pointer to access a smaller specific area of the table without requiring searching the entire table.

In a Layer 2 table, all bits of all information are significant for frame forwarding (for example, VLANs, destination MAC addresses, and destination protocol types). However, in more complicated tables associated with upper layer forwarding criteria, some bits of information may be inconsequential to analyze. For example, an ACL may require a match on the first 24 bits of an IP address but the last 8 bits are insignificant information.

Identifying the Layer 2 Switch Forwarding Process
Layer 2 forwarding in hardware is based on the destination MAC address. The Layer 2 switch learns the address based on the source MAC address. The MAC address table lists MAC and VLAN pairs with associated interfaces.