Re: Process Switching vs. Fast/CEF Switching?

On Tue, 29 May 2007 16:46:04 +0200, Christophe Fillot <cf@xxxxxx> wrote for the
entire planet to see:

Eric wrote:
On Mon, 28 May 2007 23:30:27 -0400, "Thrill5" <nospam@xxxxxxxxxxxxx> wrote for the
entire planet to see:


I could be wrong but I don't believe that NAT is done in hardware on the
2600 or 1700 platform. What documentation did you find that said that?


It's not an "asic" as referred to in the other thread, but there are separate cpus
for the I/O interfaces vs the "control plane", or main processor.

No, the 2600 and 1700 platforms are based on a MPC860 processor, which
is a single PowerPC core with some embedded controllers (which are not
CPUs).

Controller, CPU, the point is that on an 2600 (and I think a 1700) there exists a
path such that packets can flow in one interface (or sub-interface) and out another
without interrupting the main processor. And still get NAT and access-list
processing accomplished. Even if the forwarding was implemented on the same set of
hardware, the path length is much shorter and maintains the max PPS rate even with
NAT enabled, which was the original question I was trying to answer. NAT on 2600 and
1700s does not require the "processor" path on a per-packet basis. The 2621XM will
be much faster than a 1720; you won't lose the PPS rating just because you enabled
NAT.

Here is a 2620 with VLANs on FA0/0:

2620>sh int stat
FastEthernet0/0
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 286247923 3043810484 9691225 894928878
Route cache 4890497 3019991515 5188979 3081869475
Total 291138420 6063801999 14880204 3976798353

2620>sh ip cef summ
IP CEF with switching (Table Version 525), flags=0x0
72 routes, 0 reresolve, 0 unresolved (0 old, 0 new), peak 2
10 instant recursive resolutions, 0 used background process
72 leaves, 42 nodes, 55576 bytes, 512 inserts, 440 invalidations
17 load sharing elements, 6392 bytes, 17 references
universal per-destination load sharing algorithm, id 495B891C
3(0) CEF resets, 31 revisions of existing leaves
Resolution Timer: Exponential (currently 1s, peak 1s)
23 in-place/0 aborted modifications
refcounts: 11252 leaf, 11008 node

Table epoch: 0 (72 entries at this epoch)

Adjacency Table has 6 adjacencies


- Eric

.

Relevant Pages

  • Re: ipfilter 4.1.6 wont build on FreeBSD5.3 amd64 (fwd)
    ... On my NPE-G1 running just IOS 12.3cpu utilization was something ... like 70-90% but with IOS 12.3T3 it is 20% since this one has NAT ... compare prices of PC hardware and Cisco hardware decent PC hardware with ... For starters, check if You have CEF configured, ...
    (freebsd-net)
  • Re: What is PNE??
    ... Didn't defining INCLUDE_IPFW_HOOKS in config.h help? ... I suppose You need to rebuild the platform after changing ... configuration however I am not very much aware of building platform ... NAT hook to my system, this is OK for NAT functionality. ...
    (comp.os.vxworks)
  • Re: 2611 routing performance
    ... That's a hard question to answer. ... Any traffic that had to be processed outside of CEF would ... I am a bit concern on the maximum bandwidth my router can handle ... include NAT, ...
    (comp.dcom.sys.cisco)
  • Amount of forwarded traffic
    ... taffit with iptables!! ... Planet) wich has NAT and WAN(int's LAN address ...
    (comp.os.linux.networking)