Layer-3 switching refers to high-performance routers optimized for the campus LAN or the Internet that provide wire-speed Ethernet routing and switching services. A Layer-3 switch has these three functions:
- Packet Switching
- Route Processing
- Intelligent network services
When comparing Layer-3 switches to other routers, Layer-3 switches process more packets faster by using ASIC hardware instead of CPU(s) (microprocessor-based). Layer-3 switch routers also improve network performance with added functionality like route processing and intelligent network services.
Layer-3 Switching can occur in two different locations on the switch:
- Centralized Switching: Switching decisions are mde on the route processor by a central forwarding table.
- Distributed Switching: Swithcing decisions are made on a port or line-card level.
Layer-3 Switching takes places using one of these two methods:
- Route Caching: A layer-3 route cache is built in hardware as the switch sees traffic flow into the switch.
- Topology-based switching: Information from the routing table is used to populate the route cahce (called the Forward Information Base or FIB), regardless of traffic.
Layer-3 devices can move packets from one port to another in a many different ways. The most basic method is process switching. Process Switching moves packets between interfaces based on the routing table and address resolution protocol (ARP) cahce on a scheduled basis. As packets arrive they will be moved into a queue to wait for further processing. When the scheduler runs, the outbound interfaces will be determined and the packet will be switched. (the queue and scheduler intoduces latency)
CEF uses strategies to speed packet switching on demand as they arrive on an interface and to cache information. CEF cahces information in the FIB and caches layer-2 next-hop addresses for all FIB entries in an adjacency table. because parallel paths can exist this enables CEF to load balance per packet.
CEF operates in two modes:
- Central CEF mode: CEF FIB and adjacency tables reside on the route processor, and the route processor performs the express forwarding. This CEF mode is use when line-card and not available for CEF switching or when features are not compatible with distributed switching.
- Distributed Cisco Express Forwarding (dCEF) mode: dCEF is supported only on the Catalyst 6500 switches. When dCEF is enabled, line cards maintain identical copies of the FIB and adjacency tables. The line cards can performs the express forwarding by themselves. dCEF uses an inter-process communications (IPC) mechanism to ensure synchronization of the FIBs and adjacency tables on the route processor and line card.
Configuration:
CEF is enabled by default on switches that are CEF capable to turn CEF back should it have been disabled for Cisco Catalyst 4000 switches (3560 also) (add no in front to disable) also optionally enable this inside an interface for per port use:
switch(config)#ip cef
For Cisco Catalyst 3550 Series (add no in front to disable) optionally also enable this inside an interface for per port use:
switch(config)#ip route-cace cef
To verify operation (also try adding gigabitethernet 0/1-28 for port based info):
switch#show cef
To verify operation on an interface:
switch#show interface gigabitethernet 0/1-28 | begin l3
To verify operation showing switched packets at layer-2 and layer-3:
switch#show interface gigabitethernet 0/1-28 | include switched
To show the adjacency information:
switch#show adjacency gigabitethernet 0/1 detail / internal / summary
Debug:
To debug CEF use the following commands:
switch#debug ip cef drops / access-list / receive / events / prefix-ipc / table
switch#debug ip cef ipc / interface-ipc
switch#ping ip
Notes and Notices:
This is a part of my personal BCMSN notes and research to assist myself in learning and understanding the concepts and theory for the BCMSN exam. I learn by making notes reading and writing things down and wish to file them where I can’t lose them. These notes are not to be seen, judged or mistaken for replacements to Cisco recognized and authorized training which I personally support and attend and suggest you undertake if you are going for the BCMSN Certification.
Certguard and a Blog
Since late last week there has been some waves in the online networking community about a post by Robert Williams from CertGuard. Since that post many things have happened, I am however not going to talk about the specific situation, how it is probably affecting the mentioned CCIE etc. Some notable comment can be read from members of the networking community like Colin McNamara, Arden Packeer and Greg Ferro
I have been following the situation and reading responses and trying to figure this out for myself. I am however finding myself with more questions than answers as I try and get information to make an educated decision as to the this whole story. My main questions are around Certguard.
To kick off why this whole thing is upsetting me and probably many other people. I practice what I do on my good name, If it calls for it I spend extra non-billing hours (working days without sleep) keeping my good name in tact with clients who are not happy with a product or service either I or a competitor placed because my good name and the good name of my vendor of choice is important to me. This extends into daily life where dressing appropriately for functions, being on time for meetings (early ussually) and being affable and amiable in company goes to preserving my good name. I have spent time, been careful and made sure my name is not sullied and not dragged through any mud or tarnished by schoolboy playground antics because people buy products and services from people. Basic marketing theory says that word of mouth is the best and worst marketing where one good experience brings maybe one extra customer; one bad experience sends 10 customers away forever. In the end of the day my good name is very important to me because it is my brand and my image. This situation is upsetting because it has to do directly with this concept and the sullying of someone’s good name in a disgraceful very underhanded way.
CertGuard seems to be a self appointed Information Technology (IT) Watchdog where it concerns test taking and certifications. How this is done around the back-end isn’t so clear to me at this point. I have read that they have no affiliation with Cisco or Pearson Vue (I only care about their links with Cisco I don’t much care whether Microsoft or another vendor uses their products/services). Their website isn’t exactly transparent as to all their specifics but I will outline my thoughts and findings below.
I want to know WHAT they do, they say they keep the industry clean by focusing on braindumps websites. For those who don’t know what braindumps are these are basically compiled documents of test questions that may or may not appear in the exams. A braindump is not certified study material according to the agreement you sign every time you take a Cisco exam. The fact remains to me that they aren’t affiliated with Cisco and they make a leap somewhere from “braindumps websites” to “decertifying individuals” that is a bit far fetched and I don’t know how that happens. This leap is more than just bothering me, its annoying me, I have looked through the CertGuard website, done Google Searches and tried asking others but no one knows WHAT they do other than selling a product type service.
Personally I learnt in grade school that cheating was wrong, I received a degree without trying to write crib notes on various body parts to get them into exams (a girl wrote half the theory on her breasts in one exam thinking it was the only place the invigilator wouldn’t look) and I certainly know that unless I know something outright I am not going to pass any exam (sometime down the line I am going to look stupid if I don’t know how to do something I have written an exam on). The company doesn’t seem to be closing down braindump websites but monitoring them, they dont seem affiliated with Cisco to take away a certifications from individuals and they seem to be selling information based products to end-users and not vendors. This whole thing leaves me with more questions than answers.
What CertGuard is doing is great in theory (noble and almost altruistic) protecting the intrinsic value of something like a certification (which is not like a conferred degree) is in everyones interest that is working towards getting that certification. What is rubbing me raw though is what do they actually do? Are they working for a Vendor at a higher level or are they trying to create a new economy for validating online 3rd party course content information? Are they trying to become the de facto “trusted authority” for who you can use for content and who you cant? Or are they none of the above and I’m just to stupid to see what they really do and don’t do.
One of the links in the pecking order that’s also bothering me is how CertGuard can share/give/pass information as a “trusted authority” to Cisco/Vue (other) and as a trusted authority Cisco/Vue acts on the information by tripping someone of a certification (if at all). My concern here is that I have paid a small fortune to get learning material, certifications, hardware and training from Cisco and/or Cisco Partners, I have spent countless hours in front of books, PEC, and at training losing sleep, weekends and time I could have spent focusing on other activities. If a company who is not affiliated with Cisco, recognized by Cisco and was not given a mandate by Cisco starts to act “as-if” they are working on behalf of Cisco I am going to be a very unhappy camper and would hope Cisco Systems and the community at large cuts them down to size instead of siding with them because you may be next.
I am unsure of CertGuards place in the macro network environment and how they interact with the ecosystem at this point. Is this a fear based marketing and advertising ploy in very bad taste to drum up traffic and in the end sales for their products. Network World seems to rubber stamp them and if not endorse them fully by allowing them a place from which to gather an audience. Their website doesn’t clearly state anything substantial about them, I want specifics, facts and concrete information if they are so important to the industry. I want to know that my future as a small fish in a big pond in the network industry isn’t going to be jepordized by some unknown CEO from a company who you know but also dont know what they do (I don’t trust them nor know anything about nor care about them*) turns my world upside down one sunny day.
The modus operandi of using a highly visible public platform in the network industry to blackball a blogger without prior consultation or attempted mediation is uncouth to say the least. This is something that I don’t think I can agree was/is the correct method(s) or acceptable in the least. As a person who is active online, who writes (in my case notes from various sources) and posts them to a blog, my concern is am I going to be the next lamb to slaughter (probably not but the fear is there). As rational or irrational as that is who will be the next target for Mr Williams? If you note their services they offer Blog & Forum Monitoring (feels like big brother is watching).
I certainly don’t get paid for blogging I also don’t know anyone who does, I am certainly not going to jeopardize my future so that someone can take me out at the knees for something because they feel a need to scratch something that itches.
*An online business without a complete website explaining at least Who they are, What they do, How they do it, Where they come from, How they relate to me, Why I should care, Why they should be there and have a Telephone number and Physical address FOR THE REASON I VISITED THE SITE in plain view without the need to search for it or do a whois on the domain in my experience is trying to scam me in some way.
In this case Who is Certguard to me as a Cisco Networker? What does CertGaurd have to do with Cisco? How does Certguard do what they do with relation to Cisco and Cisco Certification and the mechanics of it? Where is their value proposition with relation to Cisco and Cisco Certification? How this relates to my studies and certification process with Cisco? Why this will and will not affect me and my life? Why CertGaurd should be there and exist at all and affect my life? and where can I call someone if they make my life hell and/or buy a plane ticket to come make someones life hell if need be?
Finally I have probably edited this thing a 100 times to get it to say what I want I am adding links to the Disclaimer and if you want to know about me and finally should anyone try and muck me around thus far all posts fall under the following notice:
This is a part of my personal BCMSN notes and research to assist myself in learning and understanding the concepts and theory for the BCMSN exam. I learn by making notes reading and writing things down and wish to file them where I can’t lose them. These notes are not to be seen, judged or mistaken for replacements to Cisco recognized and authorized training which I personally support and attend and suggest you undertake if you are going for the BCMSN Certification.
Followup: Ethan Banks is back in action, his blog post can be found here.
Followup: Robert Williams public apology to Ethan Banks and the Network Community.