1. Two-layer forwarding process 1.1. MAC address Description MAC address is 48 bit binary addresses, such as 00-E0-FC-00-00-06. Can be divided into unicast addresses, multicast addresses, and broadcast addresses. Unicast Address: The first one is 0, such as: 00-E0-FC-00-00-06 multicast address: The first byte is 1, such as: 01-E0-FC-00-00 -06 Broadcast Address: 48-bit 1, such as: FF-FF-FF-FF-FF-FF Note: 1) The MAC address of the normal device network card or router device must be a unicast MAC address to ensure that it is Interworking of the equipment. 2) The MAC address is the basis of an Ethernet network device running on the network, and is also a foothold for link layer functions. 1.2. Twilight forwarding introduces the forwarding characteristics of the second layer of the switch, in line with the 802.1D bridge protocol standard. The second layer forwarding of the switch involves two critical threads: address learning threads and packet forwarding threads. The learning thread is as follows: Huawei Authentication Technical Article 21) All data frames on the network segment, use the source MAC address in the received data frame to establish a MAC address table; 2) Port mobile mechanism: Switch If you find a packaged port Unlike the port of the source MAC address in the message, the port movement is generated, re-learning the MAC address to the new port; 3) Address aging mechanism: If the switch does not receive a host in a long time Packets, the MAC address corresponding to the host will be deleted, and then re-learn when the next message is coming. Note: Aging is also aging according to the source MAC address. Packet forwarding thread: 1) The switch finds the destination MAC address in the data frame in the MAC address table. If you find it, send the data frame to the corresponding port. If you can't find it, you send it to all ports; 2) If the source MAC address and the port of the source MAC address and the destination MAC address are the same, the message is discarded; 3) Forward broadcast packets to all ports other than the port. 1.3. VLAN Layer 2 Referring Introduction Packet Forwarding Thread: Introducing the VLAN After the packet forwarding thread of the Layer 2 switch: 1) Switch looks for the destination MAC address in the data frame in the MAC address table, if you find (At the same time, make sure that the packets into the VLAN and the VLAN are consistent), send the data frame to the corresponding port. If it is not found, it is sent to all ports (in the VLAN); 2) If the switch is received The source MAC address and the port of the source MAC address and the destination MAC address are the same, then the message is discarded; 3) For all ports other than the port (VLAN) into all ports. By introducing VLANs on the Ethernet switch, the benefits of the following: 1) Limit local network traffic, to a certain extent, to improve the processing power of the entire network. 2) Virtual Working Group, through flexible VLAN settings, divide different users into work Huawei certification technology articles 3 groups; 3) Security, users within a VLAN and other VLANs cannot visit each other, improve safety. In addition, there is a common two concepts of VLAN, which can understand these two concepts very well from the literal meaning.
The so-called VLAN's transmission is that a VLAN is not only valid on one switch, but also extends on another way to other Ethernet switches, it is effective in other equipment; the end meant and opposite, a VLAN The valid domain cannot extend to another device, or cannot extend through a link to another device. VLAN transparency can use 802.1q technology, VLAN termination can use PVLAN technology. The IEEE802.1Q protocol is the technical standard of VLAN, mainly to modify the standard frame header, which adds a TAG field, which contains VLAN information such as VLAN ID. Specific implementation, if you are interested, you can see related standards and information . Note: When the Trunk port is forwarded, if the VLAN TAG of the message is equal to the default VLAN ID configured on the port, the TAG of the message should be removed, and the peer receives this message without TAG information, from The PVID of the port obtains the VLAN information of the packet, so it must be ensured that the PVID settings between the two switches between the two switches must be guaranteed. Why do you want to go to TAG? This is to ensure that a general user is inserted into the Trunk, still can communicate normally because normal users cannot identify packets with 802.1q VLAN information. Using 802.1q technology can achieve VLAN's transparency, but sometimes you need to end the VLAN, which means where the border of this VLAN is termination, PVLAN technology can achieve this feature, while achieving VLAN purpose. Cisco's PVLAN means Private VLAN, and our PVLAN means Primary VLAN. The VLAN here has two categories: Primary VLAN and Secondary VLAN (Subrid). The isolation of the access user's second layer message is realized, and the packet issued by the upper switch can be received by each user, simplifies the configuration, saving VLAN resources. Specific implementation is not to talk, if you are interested, you can relevant information. Huawei Certified Technical Articles 4 Talk below to talk about three-layer exchange process. Use VLAN segmentation, isolating communication between VLANs, and communication between VLANs can be established with a router (three-layer devices) that supports VLANs. However, the router uses the router to see different VLANs in the network of enterprises. Because we can use three-layer exchange to achieve. Difference 1 (Performance): Traditional routers are based on microprocessor forwarding packets, with software processing, while three-layer switches are forwarded by ASIC hardware, and performance difference is very different; difference 2 (interface type): three-layer switch The interface is basically an Ethernet interface. There is no router interface type; difference 3: three-layer switch, you can also work in two-layer mode, direct exchange of some no route, while the router does not have a two-layer function. Let us first look at the process of interworking: as shown: two VLANs are divided on the switch, configure the routing interface on VLAN1, VLAN 2 to implement interoperability between VLAN1 and VLAN 2.
Interoperability between A and B (initiated PING PIN as A to B): 1) A Check the IP address of the packet, discovery and yourself in the same network segment; 2) a ----> B ARP request Packet, the message broadcasts in VLAN1; 3) B ----> a ARP response message; 4) a ----> b ICMP Request; 5) B ----> a ICMP reply; Interoperability between and C (initiated by a PING request to C): 1) a Check the purpose IP address of the packet, discovery and you are not in the same network segment; 2) a ----> Switch (int VLAN 1) ARP request packet, the message broadcasts in VLAN1; Huawei certified technical article 53) Gateway ----> A ARP response message; 4) a ----> Switch ICMP Request (destination Mac is int VLAN 1 MAC, source Mac is a Mac, destination IP is C, source IP is a); 5) The Switch is determined after the message is judged. Check the purpose IP address of the packet, found that it is in its own direct network segment; 6) Switch (int VLAN 2) ----> C ARP request packet, the message is broadcast in VLAN2; 7) C - -> Switch (int VLAN 2) ARP response message; 8) Switch (int VLAN 2) ----> c icmp Request (destination Mac is C's Mac, source Mac is the Mac of Int VLAN 2, the destination IP is C The source IP is a) a re-encapsulation with the MAC header of the message as compared with the MAC header, and the fields above the IP layer are basically constant; 9) c ----> a icmp reply, after this The process of the previous ICMP Request is basically the same. In the above steps, if there is a corresponding entry in the ARP table, the other party will send the ARP request message. How to distinguish between the second and third floors? 3526 The product is a three-layer Ethernet switch, which includes both two-layer processing function in its processing flow, and includes three processing functions. The basic model of the second or three layers of forwarding: VLAN 1 VLAN 2A C1.1.1.125.255.0.0.02.2.2.2255.0.0.0.01.1.1.3255.25.0.01.1.3255.255.0.0b As shown in the figure: The three-layer switch divides the communication between 2 VLANs, A and B. It is done in a VLAN inner, which is completed, and the switch is two-layer data stream, communication between A and C needs to span the VLAN. It is a three-layer data stream.
The macro method mentioned above, specifically to the microscopic angle, after a message enters, how does the SWTICH device distinguish between two layers, or a three-layer message? From the Packets of A to B Due to the same VLAN, the packet's destination MAC address will be the MAC address of the host B, and from the packets of the A to C, the MAC address of the PTT is devices. The MAC address on the interface VLAN1. Therefore, the criterion of the switch is divided into two or three layers is to see if the packet's destination MAC address is equal to the MAC address on the virtual interface of the switch. Taking Huawei S3526 switch as an example, three larger portions are divided into three large parts throughout the processing process: 1) The key features of the platform software protocol stack section include: Running Routing Protocol, Maintenance Routing Information Table; IP Protocol Stack Features, In the process of processing throughout the system, this part is an important function. This part can replace the three-layer forwarding of the packet instead of the hardware when the hardware cannot complete the packet. In addition, the data stream of Telnet, Ping, FTP, and SNMP is handled in this part. Example: show ip route: Routing Tables: Destination / Mask Proto Pre Metric Nexthop Interface0.0.0.0 / 0 Static 60 0 10.110.255.9 VLAN-Interface210.110.48.0 / 21 Direct 0 0 10.110.48.1 VLAN-Interface110.110.48. 1/32 Direct 0 0 127.0.0.1 InloopBack010.110.255.8 / 30 Direct 0 0 10.110.255.10 VLAN-Interface210.110.255.0.0.1 InloopBack0127.0.0.0 / 8 Direct 0 0 127.0.0.1 InLoopBack0127.0.0.1 / 32 Direct 0 0 127.0.0.1 InLoopBack0 Huawei certified technical articles 7 maintaining the ARP table show arp: IpAddress mac_Address VLAN ID Port Name Type10.110.255.9 00e0.fc00.5518 2 GigabitEthernet2 / 1 Dynamic10.110.51.75 0010.b555.f039 1 ethernet0 / 9 Dynamic10.110.54.30 0800.20aa.f41d 1 Ethernet0 / 10 Dynamic10.110.51.137 0010.a4aa.fce6 1 Ethernet0 / 12 Dynamic10.110.50.90 0010.b555.e04f 1 Ethernet0 / 8 Dynamic2) The main entry of the hardware processing process is: Layer 2 MAC address table, and the three-layer IP FDB table, these two tables are used to save forwarding information, and when the forwarding information is complete, the packet forwarding and Processing all by hardware is completed, no software intervention is required. The functionality of these two tables is independent, there is no mutual relationship, because a message will distinguish this package is two or three floors as soon as a message will enter the switch. It is not this.
For example: show mac all: MAC ADDR VLAN ID STATE PORT INDEX AGING TIME (s) 0000.21cf.73f4 1 Learned Ethernet0 / 19 2660002.557c.5a79 1 Learned Ethernet0 / 12 2250004.7673.0b38 1 Learned Ethernet0 / 9 2620005.5d04.9648 1 Learned Ethernet0 / 16 2320005.5df5.9f64 1 Learned Ethernet0 / 16 300MAC address table is an exact matching IVL mode, where the key parameters are: VLAN ID, PortIndex. For example: SHOW IPFDB All: 0: System 1: Learned 2: USRCFG AGE 3: USRCFG Noage Other: Errorip Address RTIF VTAG VTVALID Port Mac Status10.11.83.77 2 2 Invalid GigabitEthernet2 / 1 00-E0-FC-00-55- 18 110.11.198.28 2 INVALID GIGABITETHERNET2 / 1 00-E0-FC-00-55-18 110.63.32.2 2 2 INVALID GIGABITETHERNET2 / 1 00-E0-FC-00-55-18 110.72.255.100 2 2 Invalid GigabitEthernet2 / 1 00-E0-FC-00-55-18 2 Huawei certified technical article 810.75.35.103 2 2 INVALID GIGABITETHERNET2 / 1 00-E0-FC-00-55-18 210.75.35.106 2 2 INVALID GIGABITETHERNET2 / 1 00-E0-FC -00-55-18 2 Route Interface Index (RTIF): This index is determined which routing interface is below the interface. For 3526 products, the number of supported routing interfaces is 32; VLAN tag: This value is used Indicates the VLANs, the VLAN and the routing interface are corresponding; VLAN TAG Active Bits (VTVALID): Whether to identify whether it needs to be inserted into the VLAN TAG tag in the packet forwarded. Port Index (port): Used to explain the outlet of the transfer form; the next hop MAC: three-story equipment, each completion of a jump forward, will reinage the MAC head in the message, the hardware ASIC chip is generally in this domain. The value is packaged in the newspaper. Two important concepts: parsing, unresolved, each received packets, ASIC will extract out and destination addresses in Mac Table or IP FDB TABLE, if the address can be found in the forwarding table, This address is parsed. If it is not found, it is considered that the address is unresolved. According to this address, the source is, or the purpose, there is also a combination of active resolution, destination, and the like. For the second floor unresolved, the hardware itself can broadcast the message in the VLAN, but the unparalleled packet hardware itself is not restricted to the message, and the CPU interrupt is generated, and the software is generated. deal with. The hardware section can be described by this sentence: After receiving the message, it is determined that the message is two or three-layer packets, and then determines whether the source, the destination address has been parsed, if the hardware is completed The forwarding of the message, if it is unresolved, the CPU interrupt is generated, and the software is generated to learn the unsolded address.
3) The key core of the drive code is: address parsing task: Learn to the unresolved address already reported in this task so that hardware completed the forwarding of subsequent packets without software intervention. Address Management Task: In order to facilitate software management and maintenance, the software section saves one address table COPY with the same hardware. Huawei Authentication Technical Article 9FIB (Forward Information Base) Table: The information of this table is derived from routing information in the IP RouteTable, which puts it in the DRiver section, is the convenience of finding the address parsing task in learning IP addresses in learning IP addresses. Example: show fib: Destination / Mask Nexthop Flag Interface0.0.0.0 / 0 10.110.255.9 I VLAN-Interface210.110.48.0 / 21 10.110.48.1 D VLAN-Interface110.110.48.1 / 32 127.0.0.1 D InLoopBack010.110.255 .8 / 30 10.110.255.10 D Vlan-interface210.110.255.10 / 32 127.0.0.1 D Inloopback0127.0.0.0 / 8 127.0.0.1 D InlinePBack0 three-layer forwarding mainly involves two key threads: address learning threads and reports Wen transfers, this and second-layer threads are similar; 1) The packet forwarding thread is mainly forwarded according to the forwarding table (IPFDB Table) information generated by the address learning thread. If the information inside is enough, this forwarding All the process is all made by hardware. If the information is not enough, the address learning thread will be required to learn, and the message hardware cannot be forwarded, and will be given to the software protocol stack for forwarding. 2) Address learning thread Mainly used to generate hardware transfer table (IPFDB Table) In fact, IPFDB Table and Layer MAC address table are similar, but the meaning of specific entry representing the specific entry is different. There is a problem: In the software forwarding engine such as router, each received a message will check the routing table to check the next hop, then check the ARP table to find the next Mac, but in the three-layer switch (such as S3526), When the packet is forwarded, you don't need to check the routing table and the ARP table. In this way, these two tables have nothing effect? The answer is of course negative. In the three-layer forwarding process of S3526, the process is generally like this. The first packet hardware cannot be forwarded. To make the IP address, in order to ensure that it is not packetified, the message is also Software for forwarding, after learning completion, second, third packets have been completed by hardware after Huawei certification technical article 10, which can also be used as "one routing, multiple exchanges" Summary, in a routing, use routing tables and ARP tables to learn IP addresses, and forward the first packet, during multiple exchange processes, as long as IPFDBTABLE can. Author Blog:
http://blog.9cbs.net/paradise80/
