Cisco TCAM

From Teknologisk videncenter
Jump to: navigation, search

Platforms

Cisco 3560

Core2#<input>show platform tcam usage</input>

=============================================================================
                                  TCAM Table
 TCAM / SSRAM Table            TCAM            SSRAM
                                Start   Size X    Start   Size Y
=============================================================================
 Local Forwarding Table:            0   1100 1        0   1100   4
 Local Learning Table:              0   1100 1     4400   1100   2
 Secondary Forwarding Table:      C80   3500 1     6600   3500   8
 QoS Table:                      4180   1000 1    20E00   1000   4
 ACL Table:                      5180   2000 1    24E00   2000   4
 IPV6 Secondary Forwarding Tabl  7E40     C0 2    2CE00     60   8
 IPV6 Classification Table:      7F00     80 2    2D100     40   4
 IPV6 ACL Table:                 7F80     70 2    2D200     38   4
 Station Table:                     0      0 0    2D300   1100   4
 MAC Address Table:                 0      0 0    31700    C00   8
 Multicast Expansion Table:         0      0 0    37700    420  40
 VLAN List Table:                   0      0 0    49F00    400  10
 Equal Cost Route Table:            0      0 0    47F00    100  20

 X - Number of 144-bit TCAM entries per descriptor
 Y - Number of bytes per descriptor
=============================================================================

Policy-Based Routing or PBR with Cisco IOS.

Introduction

Route-maps are often used with Routing Protocols such as BGP and use Prefix-lists

Enabling PBR on 3560 Switch platform

On the 3560 Switch platform you get the message %PLATFORM_PBR-4-SDM_MISMATCH: PBR requires sdm template routing when you apply a route-map to a Interface.

  • Remember: Use terminal monitor if you are not on the console to receive messages from the console.

This is because the SDM (Switch Database Management) template. The SDM manages the layer 2 and layer 3 switching information that is maintained in the Ternary Content Addressable Memory (TCAM). The TCAM is used for forwarding lookups. See [1]. There are some unsupported commands on IOS 12.2-25[2]

CEF uses default Source/Destination load sharing, ensuring same path for the packetstreams.[3]


Looking at the default configuration the switch had the following SDM configuration. 

Core2#<input>sh sdm prefer</input>
 The current template is "desktop default" template.
 The selected template optimizes the resources in
 the switch to support this level of features for
 8 routed interfaces and 1024 VLANs.

  number of unicast mac addresses:                  6K
  number of IPv4 IGMP groups + multicast routes:    1K
  number of IPv4 unicast routes:                    8K
    number of directly-connected IPv4 hosts:        6K
    number of indirect IPv4 routes:                 2K
  number of IPv4 policy based routing aces:         <notice>0</notice>
  number of IPv4/MAC qos aces:                      512
  number of IPv4/MAC security aces:                 1K

Changing SDM Bias

Core2(config)#<input>sdm prefer routing</input>
Changes to the running SDM preferences have been stored, but cannot take effect
until the next reload.
Use 'show sdm prefer' to see what SDM preference is currently active.
Core2(config)#<input>^Z</input>
Core2#
1d00h: %SYS-5-CONFIG_I: Configured from console by vty0 (10.0.0.30)
Core2#<input>reload</input>

After reboot

Core2#<input>sh sdm prefer</input>
 The current template is "desktop routing" template.
 The selected template optimizes the resources in
 the switch to support this level of features for
 8 routed interfaces and 1024 VLANs.

  number of unicast mac addresses:                  3K
  number of IPv4 IGMP groups + multicast routes:    1K
  number of IPv4 unicast routes:                    11K
    number of directly-connected IPv4 hosts:        3K
    number of indirect IPv4 routes:                 8K
  number of IPv4 policy based routing aces:         <notice>512</notice>
  number of IPv4/MAC qos aces:                      512
  number of IPv4/MAC security aces:                 1K

Example

Lots of limitations on 3560 platform. Default route to 192.168.1.0/24 to 10.0.0.30 gateway all other to 10.0.0.34 gateway 

ip access-list extended ISP-CON1
 remark Internally used nets denied. They should be routed by the FIB
 deny   ip 192.168.1.0 0.0.0.255 10.0.0.0 0.255.255.255
 deny   ip 192.168.1.0 0.0.0.255 192.168.0.0 0.127.255.255
 permit ip 192.168.1.0 0.0.0.255 any
!
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
!
route-map HETH permit 5
 match ip address ISP-CON1
 set ip next-hop 10.0.0.30
!
route-map HETH permit 10
 match ip address prefix-list DEFAULT
 set ip next-hop 10.0.0.34

Example 2

interface Vlan28
 description TKUVLAN_308
 ip address 192.168.146.1 255.255.255.0
 ip helper-address 172.16.4.77
 ip helper-address 172.16.4.66
 ip pim sparse-mode
 ip policy route-map EX308
 ip igmp query-interval 125
!
ip access-list extended R308
 permit ip 192.168.146.0 0.0.0.255 any
!
route-map EX308 permit 10
 match ip address R308
 set ip next-hop 172.16.4.16

Links

References

  1. *3560 Configuring SDM Templates
  2. http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_25_see/configuration/guide/swuncli.html
  3. http://www.cisco.com/en/US/docs/ios/12_2/switch/configuration/guide/xcfcefc.html
Retrieved from "http://mars.merhot.dk/w/index.php?title=Cisco_TCAM&oldid=16971"