Line cards are classified by their "engine type," referring to the generation of the forwarding engine included on the card. The first line cards, known as Engine 0 and Engine 1, are CPU-based forwarding engines and thus behave like other CPU-based routers. The next generation, Engine 2, included an early version of an ASIC within the line card to offload some of the forwarding functions from the line card CPU. Higher-speed versions with true ASIC support followed in the Engine 4 and Engine 4+ line cards. The newest line cards are the Engine 3 and Engine 5 families. These line cards use the latest generation of dedicated ASICs, which incorporate very high-speed memory known as Ternary Content Addressable Memory (TCAM) that enables all features such as the application of ACLs, QoS, policy routing, and so forth to be performed simultaneously, while maintaining high-performance forwarding. The programmability of the ASIC allows them to support feature enhancements rather easily, as well. The Engine 3 line card, also known as the IP Services Engine, is shown inFigure 1-17to illustrate this type of distributed ASIC-based router architecture.
On the GSR, line cards are responsible for making all packet-forwarding decisions. Because the FIB is predefined and loaded on each line card, each line card has all of the information necessary to forward any packet. If the destination address is not in the FIB, the packet is simply discarded. Distributed CEF (dCEF) is the only switching method available, and fast switching and process switching are not available as fallbacks for unresolved destinations (there are not any). There are, of course, receive packets and the exception packets to consider as well, however. Packets with a "receive" adjacency are punted to the PRP for handling. These are mainly control plane and all management plane packets, which are all handled by the PRP. Other exception packets, such as TTL expires, ICMP echo requests, IP options, and so on, are handled in various ways. Some of these packets are capable of being handled directly by the line card CPU. Technically, although still considered a punt because the line card ASIC does not support processing these packets, they are still capable of being handled locally, thus protecting the RP from unnecessary packet processing. ICMP unreachable generation, for example, is handled directly by the line card CPU. Other exception packets can be handled only by the PRP. Too many or inappropriate packets punting to either the line card CPU or the PRP can be detrimental to the platform. Again, IP traffic plane security mechanisms must be provided to control how various packets affect the platform.
The newest router in the Cisco family, the CRS-1, requires its own discussion here, as it brings both evolutionary and revolutionary changes to previous router technologies. Four key elements define these architectural advances, including: 40-Gbps line cards, advanced Route Processors, a service-intelligent switch fabric, and Cisco IOS XR Software. Some of these elements are illustrated inFigure 1-18和described next.
CRS-1 Router Architecture and 40-Gbps Line Card
笔记 -这并不是对CRS-1的详细评论。这样的任务本身需要一本书。相关的CRS-1和iOS XR文档的其他引用在“Further Reading“本章末尾的部分。
说明的第一个关键功能Figure 1-18is the new 40-Gbps line card design. Each line card is separated by a midplane into two main components: the interface module (IM) and the modular services card (MSC). The IM provides the physical connections to the network, including Layer 1 and 2 functions (POS and Gigabit Ethernet). The MSC is the high-performance Layer 3 forwarding engine and is equipped with two high-performance Cisco Silicon Packet Processor (SPP) 40-Gbps ASIC devices, one for ingress and one for egress packet handling. You may also see the SPP referred to as the Packet Switching Engine (PSE) ASIC in Cisco documentation and in the output of certain router commands. Each Cisco CRS-1 line card maintains a distinct copy of the adjacency table and forwarding information databases, enabling maximum scalability and performance.
第二个关键功能涉及路由处理器(RP)。与以前只有单个活动路由处理器的路由器,即使包括多个设备用于冗余,CRS-1也能够使用多个活动的RPS执行控制平面功能,系统管理和会计功能。允许多个路由处理器还通过控制平面(路由)细分提供服务分离功能,从而为网络收敛提供了简化的迁移路径。
The third key feature, the service-intelligent switch fabric, provides the communications path between line cards. In brief, the switch fabric is designed with separate priority queues for unicast and multicast traffic and control plane messages. Further details are outside the scope of this book.
CRS-1的最后一个关键功能是使用新的Cisco IOS XR软件。传统的思科iOS是一个模块化,合作,多任务操作系统,在共享内存空间中执行过程,并且在系统构建时间定义了特征集。iOS实现了单级转发体系结构,其中仅在入口端口或线路卡上做出转发决策。该体系结构为最广泛的平台和市场提供了适当的性能和资源足迹。思科iOS XR使用基于内存的,基于内核的软件体系结构,旨在利用CRS-1中发现的多CPU架构。这种微核体系结构可提供最大的资源使用,无资源瓶颈和出色的控制平面性能。诸如路由和信号协议之类的过程可以在单个路由处理器上运行,也可以在多个路由处理器上分布。此外,iOS XR实现了两阶段的转发体系结构,在该体系结构中,在入口和出口线卡上都做出了转发决策,从而提供了巨大的性能和扩展优势。(Ingress Line卡FIB仅具有与传出行卡配对的目标地址。此时对第2层地址没有绑定。出口线卡进行第二次查找以确定第2层标题详细信息。)
笔记 -The Cisco 12000 GSR is also able to run Cisco IOS XR Software with appropriate route processor and line card hardware installed.
It is worth noting that the CLI is different for IOS XR as compared with the traditional IOS CLI. In addition, the feature set available within IOS XR, including many of the security mechanisms, is also different than with traditional IOS. To aid in this transition, Appendix C provides a side-by-side comparison of the main security features found in the IOS version 12.0(32)S against the IOS XR equivalent features where applicable.
The CRS-1 must handle receive packets and exception packets, as any IP router is required to do. In a similar manner as the ASIC-based line cards for GSR, CRS-1 line cards are capable of handling certain packets within their SPP ASIC or local line card CPU. Receive packets in the control plane and management plane are punted to the RP for handling. Certain exception packets can be handled locally, while others can be handled only by the RP. Unlike traditional IOS, the IOS XR Software provides automatic mechanisms, such as dynamic control plane protection, for handing these packets to prevent resource abuse. Other unique mechanisms and the more familiar ones can also be used to secure IP traffic planes. Detailed descriptions of some of these mechanisms are covered in later chapters as appropriate.
笔记 -许多出色的参考文献更详细地涵盖了重要的Cisco路由器架构。一个这样的参考Inside Cisco IOS Software Architecture, provides excellent coverage of the Cisco 7500 and Cisco 12000 GSR. A list of suggested references is provided in the "Further Reading“本章末尾的部分。
总而言之,有关本章中描述的所有路由器体系结构可以说明:
数据平面数据包处理取决于启用开关模式和路由器体系结构。尽管采用切换模式,但是:
— IP options are always process switched (or handled in the slow path in the case of the GSR).
— TTL expiry packets are always process switched path (or handled in the slow path in the case of the GSR).
- 多播流的第一个数据包始终被刺穿,以在路由处理器上创建多播路由状态(请参阅第2章)。
Control plane and management plane packets are always handled by the CPU on the route processor within the software slow path.
- ICMP的答复可以在分布式线卡上处理,但始终由CPU处理,并且永远不会由ASIC处理。
Services plane packets impact routers in varying ways. The specific router architecture must be considered to determine their overall impact.
概括
This chapter introduced the concepts of IP traffic planes and their relationship to IP protocol and IP network operations. IP traffic planes were segmented into four logical groups:
数据平面:User and customer traffic
Control plane:Routing protocol and other router state traffic
管理平面:Network operations traffic
Services plane:Customer or application traffic with specialized traffic handling requirements
The basics of IP network forwarding architectures were then reviewed, with specific focus placed on how each of the IP traffic planes interact with these forwarding concepts. Finally, router hardware architecture and packet processing concepts were reviewed to illustrate how IP traffic planes can impact various platforms through resource abuse, and why IP traffic plane security is so vital for network stability and operations.
Review Questions
命名IP协议的三个区别特征。
What are the main challenges when services are converged on a common IP core network?
命名路由器看到的四种不同类型的数据包,并给出一个示例。
Identify the three common switching methods used by Cisco routers when forwarding IP packets.
True or False: Data plane traffic includes all customer traffic that is subject to the standard forwarding process and includes only transit IP packets.
True or False: Control plane traffic typically includes packets generated by network elements themselves.
What are the main functions supported by the management plane?
服务飞机流量的转发与数据平面流量有何不同?
确定四种基本路由器体系结构类型。
Further Reading
Bollapragada, V., C. Murphy, and R. White.Inside Cisco IOS Software Architecture. Cisco Press, 2000. ISBN: 1-57870-181-3.
Stevens, W. Richard.TCP/IP Illustrated, Volume 1. Addison-Wesley Professional, 1993. ISBN: 0-20163-346-9.
"Cisco 12000 Series Internet Router Architecture: Line Card Design." Cisco Tech Note. (Doc. ID: 47242.)http://www.cisco.com/en/US/partner/products/hw/routers/ps167/products_tech_note09186a00801e1dbd.shtml.
“思科12000系列互联网路由器体系结构:数据包切换。”思科技术笔记。(文档ID:47320。)http://www.cisco.com/en/US/partner/products/hw/routers/ps167/products_tech_note09186a00801e1dc1.shtml.
"Cisco Catalyst 6500 Supervisor Engine 32 Architecture." Cisco white paper.http://www.cisco.com/en/us/products/hw/switches/ps708/products_white_white_paper0900aecd803e508c.shtml.
"Cisco CRS-1 Carrier Routing System Security Application Note." Cisco white paper.http://www.cisco.com/en/US/products/ps5763/products_white_paper09186a008022d5ec.shtml.
"IP Services Engine Line Cards." Cisco Documentation.http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s19/ise.htm.
"Parallel Express Forwarding on the Cisco 10000 Series." Cisco white paper.http://www.cisco.com/en/us/partner/products/hw/routers/ps133/products_white_white_paper09186a008008902a.shtml.
“切换路径。”“性能调整基础知识”部分。思科技术笔记。(文档ID:12809。)http://www.cisco.com/warp/public/63/tuning.html.
“从网络入口到出口或'数据包的寿命。(文档ID:13713。)http://www.cisco.com/warp/public/105/42.html.
版权所有©2007 Pearson Education。版权所有。