Layer 2 forwarding process
1.1. MAC address introduction
The MAC address is 48 bit binary addresses, such as 00-E0-FC-00-00-06.
Can be divided into unicast addresses, multicast addresses, and broadcast addresses.
Unicast address: The first one is 0, such as: 00-E0-FC-00-00-06
Multicast address: The first one is 1, such as: 01-E0-FC-00-00-06
Broadcast address: 48-bit 1, such as: FF-FF-FF-FF-FF-FF
note:
1) The MAC address of the normal equipment network card or router device is unicasted.
The MAC address can guarantee its interworking with other devices.
2) The MAC address is the basis of an Ethernet network device running on the network and the link layer.
Functional foothold.
1.2. Two-layer forwarding introduction
The forwarding characteristics of the second layer of the switch meet the 802.1D bridge protocol standard.
Two-layer forwarding of switches involves two key threads: address learning thread and packet forwarding
Thread.
The learning thread is as follows:
Huawei certified technical article
2
1) Switch receives all data frames on the network segment, using the source Mac in the received data frame
The address is established in the MAC address table;
2) Port Motion: Switch If you find a packaged port and packets in the message Mac
The location of the address is different, generates port movement, re-learning the MAC address to the new port;
3) Address aging mechanism: If the switch does not receive a master within a long time
The packet made by the machine, the MAC address corresponding to the host will be deleted, and when the next message is coming
Waiting to learn.
Note: Aging is also aging according to the source MAC address.
Packet forwarding thread:
1) The switch finds the destination MAC address in the data frame in the MAC address table, if
When it is, the data frame is sent to the corresponding port. If it is not found, it is sent to all ports;
2) If the source MAC address and the destination MAC address are located
If the mouth is the same, the message is discarded;
3) Forward broadcast packets to all ports outside the switch to enter the port.
1.3. VLAN two-layer forwarding introduction
Packet forwarding thread:
The packet forwarding thread to the Layer 2 switch has been introduced in the introduction of VLANs.
1) The switch finds the destination MAC address in the data frame in the MAC address table, if
To ensure that the VLAN and the VLAN of the message are consistent), the data frame will be
Send to the appropriate port, if you can't find it, send all ports (in the VLAN);
2) If the source MAC address and the destination MAC address are located
If the mouth is the same, the message is discarded;
3) For all ports other than the port other than the port (VLAN).
By introducing VLANs on the Ethernet switch, the following benefits:
1) Limit local network traffic, to a certain extent, improve the processing of the entire network
ability.
2) Virtual Working Group, through flexible VLAN settings, divide different users to work
Huawei certified technical article
3
s;
3) Security, users within a VLAN and users within other VLANs cannot visit each other,
Improve security.
In addition, there are common two concepts of VLANs, which can be transmitted from the literal meaning.
Understand these two concepts well. The so-called VLAN's transmission is that a VLAN is not only valid on one switch, but it also extends to other Ethernet switches through some way.
The equipment is active on the device; the means and relative, the effective domain of a VLAN cannot extend
Other devices, or cannot extend through a link to another device.
VLAN transparency can use 802.1q technology, VLAN termination can use PVLAN technology.
The IEEE802.1Q protocol is VLAN's technical standard, mainly to modify the standard frame header, add
Added a TAG field, which contains VLAN information such as VLAN ID, and the specific implementation is not
Talk, if you are interested, you can see the relevant standards and information.
Note: When the TRUNK port is forwarded, if the VLAN TAG of the message is equal to the end
The default VLAN ID configured on the mouth, the TAG of the message should be removed, the peer is received without this
After the tag information is packet, obtain the VLAN information of the packet from the PVID, so
When you set up the PVID settings at both ends of the Trunk link between the two switches
Set the same.
Why do you want to go to TAG?
This is to ensure that the general user is inserted into the Trunk, still can communicate normally.
Because ordinary users cannot identify messages with 802.1q VLAN information.
Using 802.1q technology can realize the transmission of VLANs, but sometimes you need
VLAN is finally broken, that is, where is the boundary of this VLAN, PVLAN technology
Very good implementation, while achieving the purpose of saving VLANs. Cisco's PVLAN
Thinking is Private VLAN, and our PVLAN means Primary VLAN.
The VLAN here has two categories: Primary VLAN and Secondary VLAN (Subrid).
Implementation of the isolation of the second-layer message of the user, and the packet issued by the upper switch can be
Each user receives, simplifies the configuration, saves VLAN resources. Specifically, it does not talk here.
If you are interested, you can relevant information.
Huawei certified technical article
4
Let's talk about a three-layer exchange process.
Segment with VLAN, isolate communication between VLANs, with routers that support VLANs (three
Layer devices) can create communication between VLANs. But using routers to interconnect different enterprise parks
VLANs are obviously not the trend of the times. Because we can use three-layer exchange to achieve.
Difference 1 (Performance): Traditional routers are based on microprocessor forwarding packets, relying on software processing,
The three-layer switches are forwarded by ASIC hardware, and the performance is very different;
Difference 2 (Interface type): The interface of the three-layer switch is basically an Ethernet interface, no way
The device interface type is rich; difference 3: three-layer switch, you can also work in Layer 2 mode, for some
Some of the bags that do not need routing are directly exchanged, while the router does not have a two-layer function.
First let's take a look at the process of interworking:
As shown in the figure: two VLANs are divided on the switch, configured on VLAN1, VLAN 2
The routing interface is used to implement interoperability between VLAN1 and VLAN 2.
Interoperability between A and B (initiating ping request to b):
1) a Check the IP address of the packet, discovery and yourself in the same network segment;
2) A ----> B ARP request packet, the message broadcasts in VLAN1;
3) B ----> A ARP response message;
4) a ----> b ICMP Request;
5) b ----> a ICMP reply;
Interoperability between A and C (initiated PING request from A to C):
1) a Check the purpose IP address of the packet, discovering and not in the same network segment;
2) a ----> Switch (int VLAN 1) ARP request packet, the message is in VLAN1
broadcast;
Huawei certified technical article
5
3) Gateway ----> a ARP response message;
4) A ----> Switch ICMP Request (destination Mac is the Mac of Int VLAN 1,
The source Mac is a Mac, the destination IP is C, and the source IP is a);
5) The Switch received a message after receiving the message. Check the purpose IP address of the packet,
Found is in its own direct network segment;
6) Switch (int VLAN 2) ----> C ARP request packet, the message is in VLAN2
broadcast;
7) C ---> Switch (int VLAN 2) ARP response message;
8) Switch (int VLAN 2) ----> C ICMP Request (destination Mac is C
Mac, source Mac is the Mac of Int VLAN 2, the purpose IP is C, source IP is a) as step 4)
The re-encapsulation is made compared to the MAC header of the message, and the fields above the IP layer are basically unchanged;
9) C ----> a ICMP Reply, this later process is the process of the previous ICMP Request
basically the same.
In the above steps, if there is a corresponding entry in the ARP table, it will not be given
Square ARP request packet.
How to distinguish between the second and third floors?
3526 The product is a three-layer Ethernet switch, which includes both two layers of processing in its processing.
Function, including three processing functions.
Basic model of the second or third layer forwarding:
VLAN 1 VLAN 2
A c
1.1.1.1
255.255.0.0
1.1.1.2
255.255.0.0
2.2.2.2
255.255.0.0
2.2.2.1
255.255.0.0
1.1.1.3
255.255.0.0
B
as the picture shows:
The three-layer switch divided 2 VLANs, A and B communication in a VLAN.
Huawei certified technical article
6
Completion, the two-layer data stream is two-layer data stream, and communication between A and C needs to span the VLAN.
It is a three-layer data stream.
The above mentioned is a macroscopic method, specific to a microscopic angle, and a message enters from the port.
After the SWTICH device is to distinguish between two layers, or three-layer packets?
From the packets from A to B, due to the interior of the same VLAN, the packet's destination MAC address will
Is the MAC address of the host B, and from the packets of A to C, the purpose of the VLAN, the packet is
The MAC address is the MAC address on the device virtual interface VLAN1.
Therefore, the criterion of the second three-layer packet is to see if the MAC address of the packet is waiting.
The MAC address on the switched virtual interface. Taking Huawei S3526 switch as an example, the three-layer switch is divided into three big processing processes.
part:
1) Platform software protocol stack part
The key features in this section are:
Run the routing protocol, maintain the route information table;
IP protocol stack function, in the processing flow of the entire system, this part is responsible for important functions.
This part can replace the third floor of the message when the hardware cannot complete the packet forwarding.
Forward. In addition, the traffic of Telnet, Ping, FTP, and SNMP is in this section.
deal with.
Example:
Show ip route:
Routing Tables:
Destination / Mask Proto Pre Metric nextop Interface
0.0.0.0/0 Static 60 0 10.110.255.9 VLAN-Interface2
10.110.48.0/21 Direct 0 0 10.110.48.1 VLAN-Interface1
10.110.48.1/32 Direct 0 0 127.0.0.1 Inloopback0
10.110.255.8/30 Direct 0 0 10.110.255.10 VLAN-Interface2
10.110.255.10/32 Direct 0 0 127.0.0.1 Inloopback0
127.0.0.0/8 Direct 0 0 127.0.0.1 InloopBack0
127.0.0.1/32 Direct 0 0 127.0.0.1 Inloopback0
Huawei certified technical article
Seduce
Maintain ARP table
SHOW ARP:
IPaddress Mac_address VLAN ID Port Name Type
10.110.255.9 00E0.FC00.5518 2 GigabitEthernet2 / 1 Dynamic
10.110.51.75 0010.b555.f039 1 Ethernet0 / 9 Dynamic
10.110.54.30 0800.20aa.f41d 1 Ethernet0 / 10 Dynamic
10.110.51.137 0010.a4aa.fce6 1 ethernet0 / 12 Dynamic
10.110.50.90 0010.b555.e04f 1 Ethernet0 / 8 Dynamic
2) Hardware processing flow
The main entry is: Layer 2 MAC address table, and three-story IP FDB table, in these two tables
In the case of the forwarding of forwarding information, the forwarding and processing of the packets is all caused by the complex information.
Hardware to complete the processing, no software intervention. The functions of these two tables are independent, no phases
Mutual relationship, because a message will distinguish this package as long as a message enters the switch.
The layer is still three floors. It is not this.
For example: Show Mac All:
Mac Addr VLAN ID State Port Index Aging Time (S)
0000.21cf.73f4 1 Learned Ethernet0 / 19 266
0002.557c.5a79 1 Learned Ethernet0 / 12 225
0004.7673.0b38 1 Learned Ethernet0 / 9 262
0005.5d04.9648 1 Learned Ethernet0 / 16 232
0005.5df5.9f64 1 Learned Ethernet0 / 16 300
The MAC address table is an exactly matching IVL method, where the key parameters are: VLAN ID, Port
INDEX.
For example: show ipfdb all:
0: System 1: Learned 2: USRCFG AGE 3: USRCFG Noage Other: Errorip Address RTIF VTATUVALID Port Mac status
10.11.83.77 2 2 INVALID GIGABITETHERNET2 / 1 00-E0-FC-00-55-18 1
10.11.198.28 2 2 INVALID GIGABITETHERNET2 / 1 00-E0-FC-00-55-18 1
10.63.32.2 2 2 INVALID GIGABITETHERNET2 / 1 00-E0-FC-00-55-18 1
10.72.255.100 2 2 INVALID GIGABITETHERNET2 / 1 00-E0-FC-00-55-18 2
Huawei certified technical article
8
10.75.35.103 2 2 INVALID GIGABITETHERNET2 / 1 00-E0-FC-00-55-18 2
10.75.35.106 2 2 INVALID GIGABITETHERNET2 / 1 00-E0-FC-00-55-18 2
Routing Interface Index (RTIF): This index is determined which routing interface is located.
Below, for 3526 products, the number of routing interfaces is 32;
VLAN TAG: This value is used to indicate the VLAN of the location, the VLAN and the routing interface correspond to
VLAN TAG Active Bit (VTVALID): Do you need to insert in packets forwarded?
VLAN TAG tag.
Port Index (Port): Used to explain the outlet of the transfer form;
Next Jump Mac: Three-tier equipment, each completion of a forward, will reinage the Mac in the message.
Head, hardware ASIC chips are generally encapsulated in the value in this domain.
Two important concepts:
Analysis, unforeseen, ASIC will extract the extent and destination address each time you receive a message.
Find in Mac Table or IP FDB Table, if the address can be found in the transfer table
When it is, it is considered that the address is parsed. If it is not found, it is considered that the address is unresolved. root
According to this address, it is a combination of active resolution, detention, etc., etc.
For the second floor unresolved, the hardware itself can broadcast the message in the VLAN, but for
The unrestricted message hardware itself does not process any of the packets, and the production
The CPU is interrupted, relying on software.
The processing of the hardware section can be described using this sentence:
After receiving the message, it is determined that the message is two or three-layer packets, and then judges the source,
Whether the address has been parsed, if the resolution is already, the hardware completes the forwarding forwarding, if
If the unsolved case, the CPU interrupt is generated, and the software is generated to learn the unsolded address.
3) Drive code part
The key cores are:
Address parsing task: Learn the unresolved address already reported in this task,
In order to complete the forwarding of subsequent packets without software intervention.
Address Management Task: In order to facilitate software management and maintenance, the software part saves a touch of hard
Parts Transfer Posts the same address table COPY.
Huawei certified technical article
9
Fib (Forward Information Base) Table: The information of this table comes from IP Route
Routing information in Table, the reason why it puts it in the driver part, is for address resolution
The convenience of finding when learning the IP address.
Example: Show FIB:
Destination / Mask Nextop Flag Interface
0.0.0.0/0 10.110.255.9 I VLAN-Interface2
10.110.48.0/21 10.110.48.1 D VLAN-Interface1
10.110.48.1/32 127.0.0.1 D inloopback0
10.110.255.8/30 10.110.255.10 D VLAN-Interface2
10.110.055.10/32 127.0.0.1 D inloopback0
127.0.0.0/8 127.0.0.1 D inLoopBack0
Three-layer forwarding mainly involves two key threads:
Address learning threads and packet forwarding threads, this and second-layer threads are similar;
1) The packet forwarding thread is mainly based on the transfire table of the address learning thread (IPFDB Table)
Information is forwarded, if the information in it is more, this forwarding process is
Hardware is completed, if the information is not enough, the address learning thread will be required to learn,
The packet hardware cannot be forwarded, and will be forwarded to the software protocol stack for forwarding.
2) Address learning thread mainly used to generate hardware transfer tables (IPFDB TABLE)
In fact, IPFDB Table and the second floor MAC address table are similar, but the specific
The meaning of the meaning representing the entry is different.
There is a problem: in the software forwarding engine such as routers, every message will be checked.
Check the next hop by the table, then check the ARP table to find the next Mac, but in the three-layer switch (such as
In S3526), there is no need to check the routing table and the ARP table when the message is forwarded.
The two tables did not have any effect?
The answer is of course negative, in the three-layer forwarding process of S3526, the process is usually like this
, The first packet hardware is unable to forward, to learn the IP address, and do not lose
Package, the message is also forwarded by software, after learning, second, third packets
Huawei certified technical article
10
After the completion of the hardware, this process can also be used "once, multiple times
Switching "to summarize, in one routing, use routing tables and ARP tables to learn
IP address, and forwarding the first message, as long as IPFDB during multiple exchange processes
Table is OK.
