L2 Switching Review
L2 switches learn mac addresses via incoming frames, and stores the MAC address, switchport, and VLAN on which the frame arrives in the CAM table. Frames are forwarded by destination MAC address, and frames with errors are not sent out of the switch. Frames are received, inspected, and regenerated-this is store-and-forward switching.CAM Tables
All Catalyst switches use a content-addressable memory (CAM) table for L2 switching. MAC addresses are stored as keys, which the switch uses to consult then to determine egress port and VLAN ID. If the MAC is not present, the flooding process begins to learn the MAC address. If the mac address learned on one port presents itself on another port, the MAC address and time-stamp are saved for the new port and the prior entry deleted.MAC addresses are learned dynamically by default but may be set statically. The default aging period for the CAM table is 300 seconds. If a MAC address keeps alternating between learned switch ports, a syslog error for MAC address flapping between interfaces is generated.
Change mac address table aging:
switch(config)# mac address-table aging-time [seconds]
Clear CAM table entries manually:
switch#clear mac address-table dynamic address [mac] | interface [type] | vlan [id]
Set static CAM entries
switch(config)#mac address-table static [mac] vlan [id] interface [type]
Show CAM table size:
switch#show mac address-table dynamic address [mac] | interface [type] | vland [id]
TCAM Tables
Switches capable of processing QoS and security ACLs use a Ternary Content-Addressable Memory Table (TCAM). This processing is implemented in hardware. Multi-layer switches and some L2 switches are equipped with TCAM table(s). TCAM evaluates inbound packets against an entire access list using one table lookup. Most switches have multiple TCAM tables for both in/out QoS and Security ACLs, allowing these lookups to be performed simultaneously or in parallel with L2 and L3 forwarding decisions.The structure of the TCAM table is essentially an extension of the CAM table. Like the CAM table, a lookup operation is performed, but TCAM entries consist of three input values for keys-Value, Mask, and Result (VMR) combinations. Values and Masks are 134 bits. The Value consists of source and destination addresses and protocol information. The Masks choose value bits of interest. Results are numeric values which show what action to take after the TCAM table lookup operation. Frame or packet headers are compared against the value and mask pairs to yield a desired result. Compared to a traditional permit/deny/log response, TCAM results can translate into QoS policing, pointing to a next hop routing table, etc.
The TCAM table consists of two primary parts, the Feature Manager (FM) and Switching Database Manager (SDM).
FM-This compiles ACE entries into the TCAM table, allowing TCAM to be consulted at full frame forwarding speed.
SDM-This can partition the TCAM on some switches (excluding 4500 and 6500) to tune the TCAM partitions.
TCAM Value Patterns
Ethernet-Source MAC 48, Destination MAC 48, Ethertype 16
ICMP- Source IP 32, Destination IP 32, Protocol 16, ICMP code 8, ICMP type 4, ToS 8
Extended IP TCP/UDP- Source IP 32, Dest IP 32, Protocol 16, IP ToS 8, src port 16, src operator 4, dest port 16, dest operator 4
Other IP- source IP 32, dest IP 32, protocol 16, ToS 8
IGMP- Source IP 32, Dest IP 32, protocol 16, ToS 8, IGMP message type 8
IPX- Source IPX network 32, Dest IPX network 32, dest node 48, IPX packet type 16
Port Operators
If an ACE uses a port operator such as range, neq, gt, or lt, when the FM software compiles the TCAM entry it uses a logical operation unit (LOU) register. LOU's are limited and only so many can be used.
