In general, software-based network devices, such as firewalls, SBCs, or even routers that run on “off the shelf” servers, either virtual or physical, typically don’t have the same capacity/speed/resources as specifically designed appliances such as routers, firewalls, etc…
This is because all of the processing of packets is done by the CPU itself using software rather than specialized independent high-speed hardware. Features such as CEF, and even fast switching are only possible because of the hardware architecture of the routers, an architecture that is not present on generic servers. Thus, CEF by definition cannot run on generic servers.
So as a rule of thumb, network devices running on off-the-shelf servers are almost always slower and more resource-intensive than specialized appliances such as routers, firewalls and others…
In data center server and TOR switch architecture,
do packet out from server reaches TOR switch & comes back again to server…i am talking on south bound traffic.
where does mac plays its role?
i need in packet destination mac & source mac matches along with source & destination mac…
and do mac-learning limit command restricts dhcp behaviour on server for ipv4 or ipv6?
In a Top of Rack (ToR) datacenter architecture, the servers within the rack are typically connected directly to the ToR switch. This means that packets sent out of any server will indeed go to the ToR switch, even if that traffic is destined for another server within the same rack.
Now where does the MAC table come into play here? Well, it depends upon what role the ToR switch plays. Is it an L2 or L3 switch? If it’s L2, then the MAC address table will be used to determine the egress port. If it is L3, then routing will be employed to determine the egress port.
Hmm, I’m not sure what you mean here. Can you clarify your question?
An amazing lesson, however, I have some questions to strenghten my understanding.
The routing table isn’t very suitable for fast forwarding because we have to deal with recursive routing.
Technically, if we configure an IGP or a fully-specified static route, we could prevent recursive routing, correct?
Most of the IP packets can be forwarded by the data plane. However there are some “special” IP packets that can’t be forwarded by the data plane immediately and they are sent to the control plane, here are some examples: IP packets that are destined for one of the IP addresses of the multilayer switch.
If we were to send an SSH packet to our device, shouldn’t this technically also be sent to the Management Plane? I believe that Rene mentioned that the Management plane is actually a sub-set of the Control plane, so are both actually involved?
Back in the days…switching was done at hardware speed while routing was done in software. Nowadays both switching and routing is done at hardware speed. In the remaining of this lesson you’ll learn why.
What specifically does “software switching/forwarding” mean? Even with software switching, isn’t there the CPU which does all the necessary instructions and calculations which is a hardware component? The word “software” is what confuses me a little.
Information like MAC addresses, the routing table or access-lists are stored into these ASICs.The tables are stored in content-addressable memory (CAM) and ternary content addressable memory (TCAM).
I am a little confused. Are all these tables like the RIB and the MAC address table stored in ASICs or in the CAM?
And to confirm one more thing, anything destined to the router or any IGP/EGP-related traffic is sent to the Control Plane and the CPU for processing, correct? Is this also why we implement “Control Plane Policing”? To prevent potential DoS attacks which would cause the CPU to become overwhelmed and drop packets?
Yes that is correct. More about fully specified static routes can be found at this NetworkLessons note.
First of all, the term “management plane” is used in a different context and should not be confused with the idea of the control and data planes. The control and data planes in the context of what is being expressed in the lesson are the only “planes” that operate, and they deal with the processing of packets. The management plane is viewed in the context of network configuration, monitoring, management, updates, and other administrative tasks. If an SSH session with the local switch is to take place, the packets received will be sent to the control plane as described in the lesson. Looking at it from an administrative point of view, yes, this would use the management plane, but this is outside of the context we’re talking about here.
“Software forwarding” means that when a packet is received, it is processed using software that has been loaded into the RAM. The CPU will be involved in the processing, of course, however, such processing is inherently slow.
Hardware processing is all done on small specialized chips with hardwired lines of code that deal with how packets will be processed. These have everything (code, CPU, memory etc) on chip, so there is no delay in the communication between separate entities. Such hardware components are specially designed to do a single task, and cannot be modified or configured.
CAM and TCAM are distinct components of memory that are used within Cisco switches and routers. However, ASICs can be designed with integrated CAM and TCAM. This is done to further speed up the processing time.
Yes, this is correct. CoPP is indeed used to protect the resources made available to the control plane on networking devices.
Really apprecitate that you took your time to answer literally all of my questions, thank you I would just like you to elaborate more on this
First of all, the term “management plane” is used in a different context and should not be confused with the idea of the control and data planes. The control and data planes in the context of what is being expressed in the lesson are the only “planes” that operate, and they deal with the processing of packets. The management plane is viewed in the context of network configuration, monitoring, management, updates, and other administrative tasks. If an SSH session with the local switch is to take place, the packets received will be sent to the control plane as described in the lesson. Looking at it from an administrative point of view, yes, this would use the management plane, but this is outside of the context we’re talking about here.
So if I understand this correctly, only the data plane and the control plane are tasked with handling and processing packets? The management plane is not actually performing any packet-related functions, its just something that we refer to when we talk about configuring, monitoring or managing our devices in general from an administrative perspective?
Yes, that is the case. The actual definitions of the planes involved really depend upon the context as well as who you ask. Others may have slightly different interpretations and approaches to some nuanced meaning of each term.
However, in the context of CEF and strictly speaking, the control and data planes are the only relevant entities concerning the processing and forwarding of packets.
The management plane is only relevant in the context of operations involving the accessing of devices via SSH, Telnet, SNMP, as well as processes involving logging, software updates, and network monitoring systems. The management plane is typically created as part of a network design, ensuring the appropriate management VLANs, management interfaces, CLI connectivity and NMS services are allcorrectly established.
I would just like you to elaborate more on this