Chapter 1: Packet Forwarding Flashcards
How does a switch populate the MAC address table?
Source MAC
A switch receives a packet with a destination MAC that is not in the switch’s MAC table. What does the switch do with the packet?
Forwards the packet out every port except the port it was received on.
_______ create multiple broadcast domains on the same switch.
VLANs
How many bits does the the 802.1Q header add to the frame?
32 bits (4 bytes)
What 4 fields are part of the 802.1Q header?
Tag protocol identifier (TPID)
Priority code point (PCP)
Drop eligible indicator (DEI)
VLAN identifier (VLAN ID)
16-bit field set to 0x8100.
Identifies packet as an 802.1Q packet.
A. VLAN Identifier (VLAN ID)
B. Priority Code Point (PCP)
C. Drop Eligible Indicator (DEI)
D. Tag Protocol Identifier (TPID)
D. Tag Protocol Identifier (TPID)
3-bit field.
Indicates a CoS as part of L2 QoS between switches.
A. VLAN Identifier (VLAN ID)
B. Priority Code Point (PCP)
C. Drop Eligible Indicator (DEI)
D. Tag Protocol Identifier (TPID)
B. Priority Code Point (PCP)
1-bit field that indicates if the packet can be dropped when bandwidth congestion occurs.
A. VLAN Identifier (VLAN ID)
B. Priority Code Point (PCP)
C. Drop Eligible Indicator (DEI)
D. Tag Protocol Identifier (TPID)
C. Drop Eligible Indicator (DEI)
12-bit field. IDs VLAN associated with a network packet.
A. VLAN Identifier (VLAN ID)
B. Priority Code Point (PCP)
C. Drop Eligible Indicator (DEI)
D. Tag Protocol Identifier (TPID)
A. VLAN Identifier (VLAN ID)
The VLAN Identifier has ____ bits.
How many VLANs does this provide?
12 bits 4094 VLANs (2^12)
What are the normal range VLANs?
2-1001
Can be added, deleted, modified.
What is the default VLAN?
VLAN 1
VLAN 0 is reserved for ___ ______?
802.1P traffic
Can VLAN 0 be modified or deleted?
No
What VLANs are reserved and cannot be modified or deleted?
VLAN 1002-1005
What VLANs are in the extended range?
VLAN 1006-4094
Can be added, deleted, modified.
At what point is the VLAN actually created?
When the CLI has been moved back to global config or a different VLAN identifier.
How many VLANs is an access port assigned to?
1
What type of port adds or removes the 802.1Q header to the frame?
Trunk
By default, what kind of port are switch ports?
Access
What kind of port carries multiple VLANs?
Trunk
When are trunk ports used?
When multiple VLANs need connectivity between a switch and another switch/router/firewall.
What happens when a frame is received on a trunk port?
- Headers are examined.
- Traffic is associated to the proper VLAN.
- 802.1Q headers are removed.
- Traffic is forwarded to the next port, based on MAC address for that VLAN.
Traffic sent or received on a trunk port without the VLAN tag is associated to what VLAN?
Native VLAN
What info does ‘show interface trunk’ display?
Trunk ports; Port status; Association to etherchannel; Native vlan; List of vlans allowed on port; Vlans in forwarding state on switch.
What VLAN does switch control plane traffic use?
VLAN 1
Where is the MAC address table stored?
CAM (Content Addressable Memory)
What maps L3 addresses to L2 addresses?
ARP
What does the ARP table contain?
MAC addresses for devices the host has communicated with AND are on the same IP network segment.
MAC address of next-hop interface.
What device responds to an ARP request?
The device with the matching IP address.
What kind of response is the ARP reply?
Unicast
A computer on subnet A is sent to a computer on subnet B. What 2 fields in the packer are rewritten when the packet is sent through the router?
Source MAC and Destination MAC.
What command is used to associate a VLAN with a router subinterface?
encapsulation dot1q
How is a SVI created?
(config)#interface vlan [#]
How is a switch port configured to operate as an L3 port?
no switchport
What is in charge of switching in Process Switching?
CPU
What type of packets are process switched?
Packets that cannot be handled by CEF.
- Packet sourced or destined to router (control traffic or routing protocols).
- Packets too complex for hardware to handle (packets with IP options).
- Packets that require extra info that is unknown (ARP).
What does the RIB contain?
Routes learned from static routes, directly connected routes, and dynamic routing protocols.
What is the default switching mechanism on most Cisco devices?
CEF
What happens to a packet when it arrives on a router with a TTL of 0?
The packet is discarded.
What happens when a packet is punted to the CPU for processing?
- The ip_input process consults the routing table and ARP table to obtain the next-hop
router’s IP address, outgoing interface, and MAC address. - DMAC of the packet is overwritten with next-hop router’s MAC. SMAC is is overwritten with the egress L3 interface MAC.
- TTL decremented.
- IP header checksum recalculated.
- Packet sent to next-hop.
What are the types of CEF adjacencies?
Glean Null Drop Discard Punt
Glean Adjacency
When a router is directly connected to a segment shared by multiple hosts, the FIB table on the router maintains a prefix for the subnet, rather than an individual prefix for each host.
Null Adjacency
Packets destined for a Null0 interface are dropped.
Drop Adjacency
Used to switch packets that cannot be forwarded normally.
Ex. encapsulation error, no valid route, unsupported protocol.
Discard Adjacency
Used when packets must be discarded because of an access-list or other policy decision.
Punt Adjacency
Packets are sent to the L3 forwarding engine for processing.
Define ARP throttling
When FIB entry is in glean state, additional packets to that host are dropped so input queues do not fill.
Examples of packets that get punted to the CPU for processing:
ARP requests and replies. Packets requiring response from router. IP broadcasts that will be relayed as unicast. Routing protocol updates. CDP packets. Packets needing encryption. Packets triggering NAT.
What does TCAM allow for?
Matching and evaluating a packet on more than one field.
Inbound/outbound ACLs, QoS, L2/L3 forwarding decisions occur simultaneously.
A TCAM search provides what results?
0=True
1=False
X=Do not care
How are TCAM entries stored?
VMR format
Value, Mask, Result
Cisco IOS software has 2 components that are part of TCAM operation. What are they and what do they do?
Feature Manager (FM): Merges ACEs into entries in the TCAM.
Switching Database Manager (SDM): Configures TCAM partitions to provide enough space for switching functions.
Value in VMR format
134-bits.
Indicates the fields that should be searched.
Ex. IP address and protocol fields
Mask in VMR format
134-bits.
Indicates the field that is of interest and that should be queried.
Result in VMR format
Indicates the action that should be taken with a match on the value and mask.
What does Hardware CEF use to make forwarding decisions?
TCAM
What does Software CEF use to make forwarding decisions?
FIB
Adjacency table
What is centralized forwarding?
A route processor (RP) engine is equipped with a forwarding engine so that it can make all the packet switching decisions.
Centralized forwarding steps
- Packet received on ingress line card.
- Packet transmitted to the forwarding engine on the RP.
- Forwarding engine exams the packet’s headers and determines the packet will be sent out a port on the egress line card.
- Packet is sent to egress line card.
CEF is distributed across each line card. A central L3 engine generates the FIB, which is then stored on each line card.
Distributed CEF (dCEF)
A type of CEF in which a portion of the FIB is downloaded to each line card, resulting in a FIB cache containing entries likely to be used again.
Accelerated forwarding (aCEF)
What is stateful switchover? (SSO)
A redundancy feature that allows a Cisco router with two RPs to synchronize router configuration and control plane state information.
Define checkpointing
The process of mirroring information between RPs.
