Re: Process Switching vs. Fast/CEF Switching?

On Mon, 28 May 2007 23:30:27 -0400, "Thrill5" <nospam@xxxxxxxxxxxxx> wrote for the
entire planet to see:

I could be wrong but I don't believe that NAT is done in hardware on the
2600 or 1700 platform. What documentation did you find that said that?

It's not an "asic" as referred to in the other thread, but there are separate cpus
for the I/O interfaces vs the "control plane", or main processor. The quoted PPS
rates for both units are based on the packets being switched at the forwarding level
using the dedicated I/O processors. If there is a need to bump all the packets up to
the control plane for processing, the effective PPS is reduced by a factor of 10 or
so.

What I was saying is that the forwarding engines (CEF) are NAT-aware and do apply the
actual NAT translations without resorting to the main processor. Except for the
first packets of a flow which are established at the control plane level.

You can see the effect of this with a SH INT STAT and get something like what is
shown below. This interface is a NAT-enable external interface on a 3640. You can
see that there are many, many more packets processed at the "route cache" level (CEF)
vs the "processor", even though virtually all of the traffic through that interface
is NATed.

FastEthernet1/0
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 2364063 2242319325 1223883 77738393
Route cache 19579136 546755255 13700636 1885228605
Total 21943199 2789074580 14924519 1962966998

Compared to a 1720 which in this configuration has only one interface active, and
nearly all the traffic is directed to a loopback, which must be handled by the main
processor:

FastEthernet0
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 170903742 2582129150 83484624 3366610322
Route cache 61567 5099859 0 0
Total 170965309 2587229009 83484624 3366610322


.

Relevant Pages

  • Terminal Server Setup
    ... description GRE Tunnel Source Interface ... input packets with dribble condition detected ... output buffer failures, ... Serial1/0 is up, line protocol is up ...
    (comp.dcom.sys.cisco)
  • Re: Tuning ADSL lines on Ciscos roputer - LONG -
    ... Last clearing of "show interface" counters never ... minute input rate 0 bits/sec, ... input packets with dribble condition detected ... output buffer failures, ...
    (comp.dcom.sys.cisco)
  • Re: Terminal Server Setup
    ... description GRE Tunnel Source Interface ... input packets with dribble condition detected ... output buffer failures, ...
    (comp.dcom.sys.cisco)
  • Re: Excessive interface resets on Cisco 1841 and FIOS line
    ... huge amount of interface resets on the WAN interface, ... access-list 4 remark HTTP Access-class list ... input packets with dribble condition detected ... output buffer failures, ...
    (comp.dcom.sys.cisco)
  • Dell PowerEdge 850 bge(4) RELENG_6 (WAS: Re: bge(4) problem)
    ... But I have a problem with two dual port Broadcom cards plugged in into ... I cannot connect them to the 1000MBit switch (a Dell Powerswitch, ... the link speed negotation / interface link state change problems you describe on this platform persist. ... This number does not increment on these syn packets. ...
    (freebsd-current)