TCAM utilization and mac-address table count differs on 3750E

Answered Question
Jul 15th, 2011

Hello experts,

When looking about mac address table on a 3750E I'm getting a different output between the following commands

1/ sh platform tcam utilization :

The unicast mac addresses row shows me more than 3K unicast mac addresses used on the 6K available with the default sdm.

2/ sh mac-address table count :

Outps shows me 5K free on the 6K available (sh mac address-table shows me 1K known addresses)

Maybe I misunderstand the tcam output but do you see any reason why the tcam output (3K used) differs from the mac address table count (1K used) ?

Thanks for helping, I would like to switch to the sdm desktop routing in order to provide  PBR and WCCP support but I could not do that in a such state.

Here the outputs :

#sh sdm prefer           
The current template is "desktop default" template.
The selected template optimizes the resources in
the switch to support this level of features for
8 routed interfaces and 1024 VLANs.

  number of unicast mac addresses:                  6K
  number of IPv4 IGMP groups + multicast routes:    1K
  number of IPv4 unicast routes:                    8K
    number of directly-connected IPv4 hosts:        6K
    number of indirect IPv4 routes:                 2K
  number of IPv4 policy based routing aces:         0
  number of IPv4/MAC qos aces:                      0.5K
  number of IPv4/MAC security aces:                 1K

#sh platform tcam utilization

CAM Utilization for ASIC# 0                      Max            Used
                                             Masks/Values    Masks/values

Unicast mac addresses:                       6364/6364       3655/3655
IPv4 IGMP groups + multicast routes:         1120/1120         51/51   
IPv4 unicast directly-connected routes:      6144/6144        880/880  
IPv4 unicast indirectly-connected routes:    2048/2048        411/411  
IPv4 policy based routing aces:               452/452          12/12   
IPv4 qos aces:                                512/512          21/21   
IPv4 security aces:                           964/964          73/73   

Note: Allocation of TCAM entries per feature uses
a complex algorithm. The above information is meant
to provide an abstract view of the current TCAM utilization

#sh mac address-table count

[...]

Total Mac Address Space Available: 5090

#sh mac address-table

[...]

Total Mac Addresses for this criterion: 1027

#sh ver

[...]

Cisco IOS Software, C3750E Software (C3750E-UNIVERSALK9-M), Version 12.2(55)SE1, RELEASE SOFTWARE (fc1)

Image text-base: 0x00003000, data-base: 0x02800000Cisco IOS Software, C3750E Software (C3750E-UNIVERSALK9-M), Version 12.2(55)SE1, 

[...]

License Level: ipservices

License Type: Permanent

Next reload license Level: ipservicesLicense Level: ipservices
License Type: Permanent
Next reload license Level: ipservices

Regards,

I have this problem too.
0 votes
Correct Answer by Yogesh Ramdoss about 2 years 9 months ago

SK,

TCAM is organized into specific number of pages, where each page has specific number of rows. In TCAM space used for L2 forwarding, each row contains {vlan, mac} (and info pointing to an egress interface).

When the switch need to do a lookup (to get forwarding decision), it gets {vlan, mac} pair from the frame. This is called as "lookup key". This key is provided to a  "hashing algorithm" to generate a result which identifies a particular row in the TCAM, and then the lookup key is compared to the entries on that row on EVERY page in parallel.

If we get a hit (which means the mac-addr already exists), aging timer will be updated. If not, mac-address will be stored in one of the pages in the same row (as identified by the hash result). When the switch stores the mac-addresses, TCAM marks masks/values in specific row as used, in which atleast one mac-address is stored.

In other words - efficiency (total mac-address Vs. total masks/values) gets better (close to 1:1) as more and more mac-addresses are learnt.

Currently, it is 1027 vs. 3655.  As we learn more mac-addresses, these ratio may get to something like:

3000 vs. 4500

4000 vs. 5700

5000 vs. 6000

6200 vs. 6300

Again, the above numbers are just examples and need not to be exact match.

In summary, there is no need to worry about TCAM reporting higher usage compared to CAM table.

Hope this helps.

Regards,

Yogesh

  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 5 (1 ratings)
Correct Answer
Yogesh Ramdoss Tue, 07/19/2011 - 07:40

SK,

TCAM is organized into specific number of pages, where each page has specific number of rows. In TCAM space used for L2 forwarding, each row contains {vlan, mac} (and info pointing to an egress interface).

When the switch need to do a lookup (to get forwarding decision), it gets {vlan, mac} pair from the frame. This is called as "lookup key". This key is provided to a  "hashing algorithm" to generate a result which identifies a particular row in the TCAM, and then the lookup key is compared to the entries on that row on EVERY page in parallel.

If we get a hit (which means the mac-addr already exists), aging timer will be updated. If not, mac-address will be stored in one of the pages in the same row (as identified by the hash result). When the switch stores the mac-addresses, TCAM marks masks/values in specific row as used, in which atleast one mac-address is stored.

In other words - efficiency (total mac-address Vs. total masks/values) gets better (close to 1:1) as more and more mac-addresses are learnt.

Currently, it is 1027 vs. 3655.  As we learn more mac-addresses, these ratio may get to something like:

3000 vs. 4500

4000 vs. 5700

5000 vs. 6000

6200 vs. 6300

Again, the above numbers are just examples and need not to be exact match.

In summary, there is no need to worry about TCAM reporting higher usage compared to CAM table.

Hope this helps.

Regards,

Yogesh

sk@ciscocom Tue, 08/23/2011 - 08:18

Hi Yogesh,

Thanks a lot for the answer. The difference between outputs become more clear for me now.

And so do you know if in a such case, the desktop template can be switched to the routing one ?

Regards,

SK

Yogesh Ramdoss Tue, 08/23/2011 - 13:33

SK,

The SDM template can be switched anytime you want - even under this condition.

To change, it needs a reload.

Configuring SDM Templates:

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750e_3560e/software/release/12.2_58_se/configuration/guide/swsdm.html

The default/desktop template supports 6K MAC-Addresses (max) while Routing does 3K. As long as you do not have more than 3K mac-addresses, then it should not be a problem.

Remember, whatever mismatching counters value you see may still be applicable for "Routing" template.

Yogesh

sk@ciscocom Tue, 08/23/2011 - 22:43

Thank you very much for your help Yogesh, TCAM and SDM appear more precise to me now.

And it's a good news that I can switch the template without reaching the limit of 3K in these operating conditions (1,5 K known mac-adresses)

Regards,

Actions

Login or Register to take actions

This Discussion

Posted July 15, 2011 at 8:28 AM
Stats:
Replies:4 Avg. Rating:5
Views:2993 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard

Rank Username Points
1 15,007
2 8,150
3 7,725
4 7,083
5 6,742
Rank Username Points
165
82
69
65
55