Hi, welcome back everyone. We're now going to start learning about two tables. All right, these tables is what we use in a switch. We know we have a kam table and we have a tr very, very hard to pronounce for me anyway table I T cam table cast which maintains several types of tables to be used in the switching process a content addressable memory and here it is the TR nary content address memory. I was mean cam for t cam. Now the tea count all it is is really an extension and we'll see a visual example of it towards the end.

All right, it just is an extension of the cap table. All right, there are certain depending on the iOS that you have was your packet tracer does not. And the GNS iOS that have does not either, okay. A does not have certain commands that you need to type in To look at certain things So it all depends on the iOS that you have if you have the availability on the switch to be able to look at these particular commands, okay, I will talk about the commands when we get to that point okay, all switch models use a cam table obviously we know cam tables your mac address table. Now as we do show MAC address table NASS your mac address table and we do know how it learns and how about a dual port we've talked about this or repeating it again. All right, they learn closer dresses if it knows where to take we're mapping because it already learned about the destination address so it will take you straight there not in flows all the other ports.

What do I do we must learn is the cap tables can hold cannot hold all MAC addresses in its table so it will be aged out and no discussion I used to have a long time. Can you tell me last doesn't have a job. I always say No it doesn't. It's there for life. But they do they do a job. And you can set it to what you want.

But by default, they there for 300 seconds, 300 seconds. So in 300 seconds, nothing comes from that particular host or node, then that cam table that cap table entry will age out and will be removed. Because if you have a large enterprise, could you imagine, all your switches will always hold the same number of MAC addresses table forever. And then if you add one more noise, like I got no space, so you can't do that. Right. So it's got to get rid of some of the MAC address tables, MAC address entries that are really not being used.

It could be a printer that you took out, it could be a printer that you use anymore could be a computer that's not being used as us every so often. So it gets removed to allow other entries to come in. Alright, so and that's what it's called. stale entries, stale entries because they are They're stale, they're not being used. Again, default 200 seconds reiterate terminology, testing purposes, okay. Now the turn, oh my god the T cam table.

Okay, in MLS switching, meaning multi layer switching, all matching process the ACL is provided in implemented in the T camp. So it will look at the ACL. Alright, again, you're going to see a visual of this, you will see the visual this and you look at the T cam table, how it puts information from an ACL, the source IP the destination, remember, this is a multi layer switch now so now we're talking about three or four. Okay, so as you can put in source addresses, destination addresses, the mask is going to look if it's going to be denied or is going to be a permit, or the port number that's using all these different things and packing be validated against the entire access within a single table logo better than before. So now just does one look up on this table and we already know all the information Remember that they compared the T cam table like Ceph, because it has all the information in it, it already knows where it's coming from where it's going to what port numbers using.

So it's going to switch things very quickly. Most switches have multiple t cam tables, inbound and outbound security and QoS ACLs can be evaluated simultaneously. And we don't really need to say about layer two, we know does layer two at the same time. And layer three forwarding decisions because he has all the information has all the information so it doesn't matter what it is that you're doing your ACLs or you have your QoS you have all these different things are being evaluated all from one table is going to make things a lot quicker for you. Okay, that's why using a layer three switch, but let me stop here. If you are, obviously this is the ccmp route.

You gotta learn about the layer three switches. Okay, you got alarma What do you want the tables and their commands? and so forth, and how the breakdown with the blocks and all that. But again, remember real world, real world, okay? When you're going out there, are you really going to need a layer three switch? Is your network that big to say, hey, I need research.

Now you can get away with getting a layer three switch, right? We do we all do even at the house normally when we buy those lynxes or whatever, routers, they gear and they'll be or whoever, okay, whatever manufacturer, it's a switch. There's a portion, no switch layer two switch as layer three routing capabilities, doesn't it? So it has both in one so it's an MLS, right? It has a firewall that goes in there as well. They can do you can do make sure access list.

You can do policies, you can do filtering. Alright, so think of your wireless router that you have at your home. As a layer three switch, if you can, if you get an actual router for a company enterprise company, then that's a different story. Remember things need to fit the device needs to fit the needs of the business. All right now catalyst software have two components that are part of the T cam. So t cam has two components, okay as the feature manager the FM Okay, and it has the switch database manager, the SDM which is the actual software that configured into this partitioning because it does partition on the T cam table into different partitions if needed.

So tune in to tweak it it will partition it based on the needs of the network. Okay, the feature manager again after the ACL has been configured, the FM compiles or merge mergers, the ACS the access list entries into entries in the T cam table, okay. Now, these two sets of switches the 4500 and the 6500 platforms cannot be made. partitions, they're fixed. I just went there good to know. So in case you're going to purchase one of these features know that you will not be able to read partition isn't as needed.

It's already fixed as partition as it is. You get as we go buy a car, you buy it as is and whatever it has, you're buying it and you're taking it. That's it. Okay, so be careful when buying your switches. Okay? If you're buying a layer three switch, know that these two features are involved.

Okay, they do a lot of tweaking to it, especially the switching database manager, or the SDM, right, which is funny, because the SDM I think, the CCNA dash 129. Even before that one, they had a software called the SDM, the security device manager, which actually was a GUI that allow you to configure switch. Well, now they're talking about the switching database manager switching database manager, okay. That is used to go ahead and come configure partitioning your switch as needed. Okay? Now the structure of it in itself, I told you this right at the beginning of the presentation, the TPM, all it is is an extension of the camp.

It just has more information. That's it has more information. There are two layer three and layer four information so we can get things quickly where it needs to go. Okay? t cam also uses a lookup operation, but it's really it has to allow a more abstract operation. So it looks at three different input values a zero and x 01 or an X on off and a one.

All right. That's why ternary threefold or like tertiary three, okay, feels from the frame or packet headers are fed into T count where they are a match using what's called a VMR. And values are always 134 bit quantity consisting of source and destination addresses are relevant for recall information. So you can see why the T cam Okay in a layer three switch is so valuable because it's looking at a lot of information. It's looking at not only the IP addresses the MAC addresses the port numbers, it's looking at also the protocol okay what securities in there so, it already has all the information any and every information you need will be in a T cap table to make better decision. Okay.

But again it relies if asked relies on three input values 01 and x okay 01 X. Okay and right here It also uses a mask okay. The mask are no say this already. Yes. Okay mass are also 134 billion quantities, Massa, like only the value bits of interest. Okay, I mean, the bits they're on, and it's off, it doesn't care.

It doesn't even look at it. This regards. Mass uses he can stem from the address of the bitmask. In the access list are the access list entries. All right, and the results of the numeric values that represent the action to take out After the T cam logo, obviously, the results after I looked at everything, hey, this is what I'm going to show you. All right, this is what's the value.

All right. And here is an actual t cam. You can see up here that we have a an extended axises. Actually, it's 100 permit TCP holes. One I two wants to say 109 14 to 1041 00 with a wall car math, that equals tell them, Well, here's your source IP 192. Once they say one at 914, that's your source IP.

Here's your destination IP 10 dot 41 00. Okay, and the destination port is telling 23. And what are we doing? We are permitting permit permit. Down here we have the 100. There it is right here we have the five.

And again, we have the 199. But this time, this time we're doing a permit and deny and deny. And I'm showing you the type of protocol that he's using. He's using TCP whereas using IP, there's nothing there. There's nothing there because IP everything's included the whole IP suite. All right, and then here is specific to UDP bills is looking this gt means greater than, greater than, all right?

And range is 1024 through 2047. How does the T cam? When it's taking this information from the access list? What does it use for this particular part right here and you'll see it in a second. But it's using the L u register pairs e greater than, and then the range the start and end, they'll use the L value for that particular oil. information.

What are the although you the logical operations unit register, so as a register, that's going to keep the information if you use if you use the GT have it in here somewhere, I think, maybe not. Here it is the GT greater than, less than or range. So if an access list, you're using that because you're using distribution list or anything like that you may want to use are greater than less than or arrange. All right, they're used for have an access list, it will take that into consideration but use this LRU to keep that information in the table. Okay? So all imagine even that all that information is grabbing it off the access list and putting it in there.

One checks for UDP destination ports greater than 24. The only ones looking for you to be destination ports that are arranged. So you have two different LRU entries. There are looking for two different things. That's all it is. That's all it is.

This is what it looks like the T cap, are you going to see it in there again, depending on the iOS that you have, there is the commands I will speak of, alright, that will allow you to be able to look at the T cam or to look at certain entries, where you can see what is going on. And about third party software like solar, wind and all They're tools, you'll have no issues you'll be able to see everything you want to see. Okay, so you know, for troubleshooting purposes, what is going on? Okay, so there it is there's your two tables, which is your mac address table, and then your T cap table, which is just an extension of your mac address table deals with a lot more information from layer two, all the way up to layer four. See in the next one