PFC Does Not Act as MLS-SE for Catalyst 5500 Switches
The following process is illustrated using a Supervisor 1A with
PFC1 as the packet enters a Catalyst 6500 ingress port, shown in Figure 6-9:
-
Host1 sends traffic to Host2 that resides on a separate
VLAN.
-
The packet arrives at the ingress port. The switch stores the
packet in the Pinnacle ASIC and does a FCS check on the packet. If the FCS check
is bad, it will drop the packet. Assuming the packet is good, the Pinnacle
requests access to the data bus (dBUS) from the Local Arbitrator. The port adds
256-bit dBus header. The header contains sequence number, source port, index,
VLAN, and so on.
-
The Central Arbitrator provides Local Arbitrator on the module
access to the dBus in a round-robin fashion.
-
The packet is forwarded to all other ports. PFC1 has four main
engines: -
- Layer 2 Forwarding engine -
- Layer 3 Forwarding engine -
- Access List engine -
- Multicast Replication engine
These engines also have an interface to the dBus and will
receive the traffic that was generated by the ingress port. The packet lookups
by these engines happen simultaneously.
-
The Layer 2 engine does a lookup in the Layer 2 forwarding
table for the 6-byte destination MAC address. If the destination is the router
MAC, the Layer 2 engine will signal the Layer 3 engine to take over. This is the
first Layer 2 lookup. The Layer 2 engine may require a second lookup depending
on what happens on the other engines.
-
While Layer 2 is examining the packet, Layer 3 also does a
lookup on the packet to see if it has a NetFlow table for the
destination.
-
The ACL engine checks to see if there is an inbound/outbound
access list defined for the port. It will forward this information to the Layer
3 engine.
-
The Layer 3 engine with its interaction with the Layer 2 engine
will have the rewrite information for the flow. If there is no entry in the
NetFlow table, the Layer 2 engine will create a Candidate entry and send the
traffic toward the MSFC.
-
The rewrite information will be sent via the results bus (rBus)
to the destination port for rewrite by the router.
-
The Layer 3 engine forwards Layer 3 rewrite information along
with the ACL information to the Layer 2 engine for future use.
-
Layer 2 does a second lookup for the final destination, Host2.
The Layer 2 engine must know the MAC address of Host2, or otherwise, the Enable
entry will not take place.
-
Any subsequent packets will be hardware
switched.
149 times read
|
|
|
Did you enjoy this article?
(total 0 votes)
|
Sections
Comments (0 posted)
Syndication
