Process Switching vs. Fast/CEF Switching?

Process Switching vs. Fast/CEF Switching?
NewsGroups | Search | Tools
User Password
Register Now! Lost Password?
 comp.dcom.sys.cisco  Post an article  get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content  add this group's latest topics to your Google content  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
Process Switching vs. Fast/CEF Switching? asdf 05-27-2007
Posted by asdf on May 27, 2007, 3:53 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
I'm looking at this pdf

http://www.cisco.com/warp/public/765/tools/quickreference/routerperformance.pdf

I'm looking to buy a couple of used routers on eBay but I don't want to
buy more than I need, or mislead myself into thinking one will be
"faster" than another for my specific needs.

I will be using a router to NAT outbound LAN web traffic using ext
access lists. This router will also destination NAT inbound traffic to
various web services based on ext access lists. If a packet doesn't get
NATed by the router, it won't have anywhere to arrive on my network.

Is what I am describing "Process Switching", or "Fast/CEF Switching"?
If it is Process Switching, the pdf would indicate it doesn't really
matter whether I get a 1720 or a 2621XM (other than that I have to deal
with counterfeit WIC-1ENET modules on eBay to give the 1700 two NAT sides).

This is all for a 3.0/512 ADSL internet connection, so the upstream is
trivial but the downstream can get up to around 2.8mbps in the real world.

Pure Networks
Posted by Eric on May 28, 2007, 5:31 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
planet to
see:
<snip>
>I will be using a router to NAT outbound LAN web traffic using ext
>access lists. This router will also destination NAT inbound traffic to
>various web services based on ext access lists. If a packet doesn't get
>NATed by the router, it won't have anywhere to arrive on my network.
>
>Is what I am describing "Process Switching", or "Fast/CEF Switching"?
>If it is Process Switching, the pdf would indicate it doesn't really
>matter whether I get a 1720 or a 2621XM (other than that I have to deal
>with counterfeit WIC-1ENET modules on eBay to give the 1700 two NAT sides).

NAT is handled by CEF on those models. Access lists too. These is some process
overhead to set up NAT and a flow, but only on the initial packets.



Posted by Thrill5 on May 28, 2007, 11:30 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
I could be wrong but I don't believe that NAT is done in hardware on the
2600 or 1700 platform. What documentation did you find that said that?

If I had a choice between a 2621XM and a 1720, I would pick the 2621XM.
More slots and built in Ethernet ports. The WIC-1ENET can't even come
close to doing 10 Mbit even at half duplex. I haven't seen any numbers but
I would suspect that the throughput is only around 1 or 2MB/s. The 2621XM
has two built-in 10/100 Ethernet ports.

Scott
> entire planet to
> see:
> <snip>
>>I will be using a router to NAT outbound LAN web traffic using ext
>>access lists. This router will also destination NAT inbound traffic to
>>various web services based on ext access lists. If a packet doesn't get
>>NATed by the router, it won't have anywhere to arrive on my network.
>>
>>Is what I am describing "Process Switching", or "Fast/CEF Switching"?
>>If it is Process Switching, the pdf would indicate it doesn't really
>>matter whether I get a 1720 or a 2621XM (other than that I have to deal
>>with counterfeit WIC-1ENET modules on eBay to give the 1700 two NAT
>>sides).
>
> NAT is handled by CEF on those models. Access lists too. These is some
> process
> overhead to set up NAT and a flow, but only on the initial packets.
>
>



Posted by Gabriele Beltrame on May 29, 2007, 5:21 am
If you were  Registered and logged in, you could reply and use other advanced thread options

>I could be wrong but I don't believe that NAT is done in hardware on the
>2600 or 1700 platform. What documentation did you find that said that?
>
> If I had a choice between a 2621XM and a 1720, I would pick the 2621XM.
> More slots and built in Ethernet ports. The WIC-1ENET can't even come
> close to doing 10 Mbit even at half duplex. I haven't seen any numbers
> but I would suspect that the throughput is only around 1 or 2MB/s. The
> 2621XM has two built-in 10/100 Ethernet ports.
>
> Scott
>> entire planet to
>> see:
>> <snip>
>>>I will be using a router to NAT outbound LAN web traffic using ext
>>>access lists. This router will also destination NAT inbound traffic to
>>>various web services based on ext access lists. If a packet doesn't get
>>>NATed by the router, it won't have anywhere to arrive on my network.
>>>
>>>Is what I am describing "Process Switching", or "Fast/CEF Switching"?
>>>If it is Process Switching, the pdf would indicate it doesn't really
>>>matter whether I get a 1720 or a 2621XM (other than that I have to deal
>>>with counterfeit WIC-1ENET modules on eBay to give the 1700 two NAT
>>>sides).
>>
>> NAT is handled by CEF on those models. Access lists too. These is some
>> process
>> overhead to set up NAT and a flow, but only on the initial packets.
>>
>>
>
>

Hi,

I don't think too that either 1700 and 2600[XM] series have an ASIC for
hardware assisted NAT.

cisco 1720 has a declared pps rate of 8500 while a 2621XM is at 30000

With a pretty simplistic approach, not counting overhead from router
processes ( NAT, firewall, auditing, etc. ) and encapsulation; using 1500 as
a typical packet length on a a 1720 you could have about 6Mbps (Full Duplex)
while on a 2621XM 22Mbps (Full Duplex)

For an ADSL both are enough. ( if your typical packet size if very
different, also the estimate is very different (e.g. @576 you have a 2,4Mbps
for 1720 and 8,6Mbps for 2621XM )


Regards,
Gabriele



Posted by Eric on May 29, 2007, 10:27 am
If you were  Registered and logged in, you could reply and use other advanced thread options
the
entire planet to see:

>I could be wrong but I don't believe that NAT is done in hardware on the
>2600 or 1700 platform. What documentation did you find that said that?

It's not an "asic" as referred to in the other thread, but there are separate
cpus
for the I/O interfaces vs the "control plane", or main processor. The quoted PPS
rates for both units are based on the packets being switched at the forwarding
level
using the dedicated I/O processors. If there is a need to bump all the packets
up to
the control plane for processing, the effective PPS is reduced by a factor of 10
or
so.

What I was saying is that the forwarding engines (CEF) are NAT-aware and do
apply the
actual NAT translations without resorting to the main processor. Except for the
first packets of a flow which are established at the control plane level.

You can see the effect of this with a SH INT STAT and get something like what is
shown below. This interface is a NAT-enable external interface on a 3640. You
can
see that there are many, many more packets processed at the "route cache" level
(CEF)
vs the "processor", even though virtually all of the traffic through that
interface
is NATed.

FastEthernet1/0
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 2364063 2242319325 1223883 77738393
Route cache 19579136 546755255 13700636 1885228605
Total 21943199 2789074580 14924519 1962966998

Compared to a 1720 which in this configuration has only one interface active, and
nearly all the traffic is directed to a loopback, which must be handled by the
main
processor:

FastEthernet0
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 170903742 2582129150 83484624 3366610322
Route cache 61567 5099859 0 0
Total 170965309 2587229009 83484624 3366610322



Similar ThreadsPosted
Cut-through Switching April 23, 2005, 8:48 pm
Cut-through Switching April 23, 2005, 8:35 pm
Switching over DSL? July 6, 2005, 9:55 am
Switching problem ? September 11, 2005, 12:16 pm
Switching redirection September 28, 2005, 1:26 pm
Switching ISPs February 27, 2006, 11:14 am
Switching ISPs February 27, 2006, 11:15 am
switching a PIX to "no nat control" August 10, 2006, 10:02 pm
Switching fabric November 7, 2006, 1:04 pm
PBR fast switching November 23, 2006, 6:25 am

other useful resources:
The Federal Communications Commission (FCC)
Telecommunications Industry Association
Electronic and Software Security Products and Services
International Telecommunication Union

Custom CGI Perl and PHP programming by 1-Script.com

Contact Us | Privacy Policy
The site map in XML format XML site map