Software Switching vs Hardware Switching.

Unanswered Question
Mar 18th, 2010
User Badges:

So I'm learning about MLS and how it uses ASICs and Layer 3 engines for route processing and Layer 2 rewrite operations at ridiculous speeds using hardware switching. My question, which may be silly, is what is software switching? I never thought about switching in terms of hardware or software before I started learning about CEF-MLS.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
Reza Sharifi Thu, 03/18/2010 - 09:57
User Badges:
  • Super Bronze, 10000 points or more
  • Cisco Designated VIP,

    2017 LAN

Hi Nelson,

For the majority of packets, the Integrated Switching Engine performs the packet forwarding function in hardware. These packets are hardware-switched at very high rates. Exception packets are forwarded by the CPU subsystem software. Statistic reports should show that the Integrated Switching Engine is forwarding the vast majority of packets in hardware. Software forwarding is significantly slower than hardware forwarding, but packets forwarded by the CPU subsystem do not reduce hardware forwarding speed.

Have a look at this document:



lamav Thu, 03/18/2010 - 10:14
User Badges:
  • Blue, 1500 points or more


There is a lot to be said about this and a lot of resources on the Internet that you can use to educate yourself on this.

In a few words, routing is traditionally done in software, which means that the packet that needs to be forwarded is sent to the routing engine, which includes the CPU, its memory buffers, the route table and the ARP table for L2 rewrite information. All the necessary lookups require CPU interrupts - in other words, CPU attention and resources.

L3 switching is done in hardware, ASICs, to be exact. They can be located centrally on the supervisor's PFC module or also on each line card, as in dCEF. An ASIC is a specially-architected chip that is designed to perform a limited set of lookup instructions in an extremely expeditious manner. The ASICs use complex matrices to achieve this. CEF will 'download' the information from the route table and the ARP table to the ASIC chipsets.

This is an oversimplified explanation, but, as I said, there is plenty you can read online.



afsharki2 Mon, 11/21/2016 - 12:13
User Badges:

after reading so many of these articles, I'm still not able to find a command that shows both the hardware switched packets on an interface and the software based packets.  I know "sh int counter" shows software...but what about hardware?  on a 3850, 3750 or 4510R+E switch.  Does anyone know how to see those counters?

Joseph W. Doherty Mon, 11/21/2016 - 12:47
User Badges:
  • Super Bronze, 10000 points or more

I'm don't recall a single command that shows you both hardware and software switching stats side-by-side.  On some platforms, you might be able to derive the information from looking at different stats.  For instance, on a 3750, showing the ASIC stats should show the hardware switching matches.  Showing switching stats, might show software switching matches.

afsharki2 Mon, 11/21/2016 - 12:50
User Badges:

Thanks for the response, Joseph.  So, was I right?  "Sh int counter" shows Processor switched packets?

Can you tell me one command you type on the 3750 that will show you the hardware switched packets for some interface?

Joseph W. Doherty Tue, 11/22/2016 - 06:22
User Badges:
  • Super Bronze, 10000 points or more

So, was I right?  "Sh int counter" shows Processor switched packets?

I'm unsure.  It might (should?) show all packets.  Remember, you asked about hardware vs. software switched packets.  The interface counters should show overall count of packets that ingress or egress interface, regardless of how switched.  I also recall, 3750s occasionally have cosmetic bugs that vary between versions and some of the show commands vary between versions.

Can you tell me one command you type on the 3750 that will show you the hardware switched packets for some interface?

Sorry, not off the time-of-my-head, as it's been a while since I've looked at such stats on a 3750.  Again, they vary a bit based on active IOS version on the 3750.  I also recall, the commands might be unique to the 3750, vs. other Cisco devices I work with.  (Making it harder for me to recall them.)

Hi Reza,

Hope you are doing good.

we have an QoS drops issue in the default class for output traffic . in the process of troubleshooting we changed the queue limit till 2048 but still no luck . i am attaching you the config and also some command outputs. kindly let us know the issue for further proceedings.

Device type:3925 router with SPE/200.

DLHRT7001#sh int g0/1
GigabitEthernet0/1 is up, line protocol is up
Hardware is iGbE, address is 5897.bdac.a301 (bia 5897.bdac.a301)
Description: Link to Shanghai Consulting - China Unicom - 100M - ID:DC00R60277
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 3/255, rxload 10/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 1., loopback not set
Keepalive set (10 sec)
Full Duplex, 1Gbps, media type is RJ45
output flow-control is XON, input flow-control is XON
ARP type: ARPA, ARP Timeout 00:01:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters 00:00:52
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 142
Queueing strategy: Class-based queueing
Output queue: 0/2048/142 (size/max total/drops)
30 second input rate 39780000 bits/sec, 5139 packets/sec
30 second output rate 12387000 bits/sec, 4662 packets/sec
271719 packets input, 261592075 bytes, 0 no buffer
Received 67 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 46 multicast, 0 pause input
244592 packets output, 81420654 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
3 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped out

DLHRT7001# sh interfaces g0/1 stats
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 1018 115884 2056 443748
Route cache 472714 451538353 432322 150427165
Total 473732 451654237 434378 150870913
DLHRT7001# sh interfaces g0/1 stats
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 1036 117863 2069 445302
Route cache 485437 462699807 444801 155040117
Total 486473 462817670 446870 155485419

Thank you,


nelson.garcia Thu, 03/18/2010 - 11:46
User Badges:

I have a few questions regarding centralized and distributed switching if someone doesn't mind answering them for me.

I know that with centralized switching the Layer 3 engine or route processor receives packets to be routed via a centralized bus, processes the packet, and shoots it back out the bus to the egress interface.

With distributed switching, the centralized forwarding engine downloads it's routing and rewrite tables to each line module so tahat they may route between each other without having to go through the centralized forwarding engine.

1. What is the physical implementation of hardware when using a supervisor engine and line cards and user ports? I haave limited exposure to how higher end switches are setup. How does the supervisor engine connect to a regular, let's say, 48-port switch?

2. In regards to Line Modules, what do these do? Are these the interfaces used to connect the users to the supervisor engine?

I'm sorry if these questions seem noobish, but the book im reading describes MLS using higher end switches like the 4500s or 6500 series switches using supervisor engines and line cards. Not sure what these are or what they do.

I know that with a regular Catalyst 3560 switch with CEF enabled. I'm assuming the ASIC and Layer 3 forwarding engine are built into the switch so it seems pretty transparent to me, and I can understand it easier. But when talking about CEF using supervisor engines and line cards, things begin to get a bit hazy for me.

lamav Thu, 03/18/2010 - 12:46
User Badges:
  • Blue, 1500 points or more


A supervisor engine is a module that occupies a slot in a chassis-based switch, like the 4500 and 6500. It is the brains, if you will, of the switch. It houses the CPU and its chipset, memory chips, control plane information, like the route table....An example is the Supervisor 720.

A linecard is a general term for a card that contains interfaces in which you would plug PCs, servers, wireless APs....your LAN devices, basically. An example is the Cisco 6748 10/100/1000 48-port ethernet module.

Again, there is tons of information on Cisco's website regarding this. In fact, I t dont think that other networking product manufacturers can hold a candle to Cisco when it comes to documentation, white papers, data sheets, etc, including Juniper and Brocade.



lamav Thu, 03/18/2010 - 12:51
User Badges:
  • Blue, 1500 points or more


A linecard is an interface plug devices, circuits, etc into them; its as simple as that. The supervisor, the chassis, and the linecards all make up the switch.

nelson.garcia Thu, 03/18/2010 - 12:54
User Badges:

In the case of distributed switching, where the layer 3 engine forwards all forwarding tables to each individual line card or interface module for packet forwarding between interfaces without having to interrupt the layer 3 engine. Do 3560 switches support centralized switching? What is the Line Card of the 3560 if it does support distributed switching?

nelson.garcia Thu, 03/18/2010 - 12:59
User Badges:

All I am trying to figure out is how CEF-MLS differs in hardware between a 3560 without any modules or supervisor engines and a chassis implementation with a supervisor engine, line cards, and all that fancy stuff. Both types of switches support CEF-MLS, I'm just trying to understand how the hardware differs.


This Discussion