Scribd
Upload
44 views

Swdatabase 3750ss 44921

The document provides an overview of the Switching Database Manager (SDM) on Catalyst 3750 series switches and discusses SDM templates, resource exhaustion, and troubleshooting. SDM manages Layer 2 and 3 switching information in TCAM. There are predefined SDM templates that allocate TCAM resources for routing, VLANs, or a default mix. Exceeding template boundaries impacts performance.

Uploaded by

fqtsys
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
44 views

Swdatabase 3750ss 44921

The document provides an overview of the Switching Database Manager (SDM) on Catalyst 3750 series switches and discusses SDM templates, resource exhaustion, and troubleshooting. SDM manages Layer 2 and 3 switching information in TCAM. There are predefined SDM templates that allocate TCAM resources for routing, VLANs, or a default mix. Exceeding template boundaries impacts performance.

Uploaded by

fqtsys
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

Understanding and Configuring Switching

Database Manager on Catalyst 3750 Series


Switches
Document ID: 44921

Contents
Introduction
Prerequisites
Requirements
Components Used
Conventions
Overview of the SDM
Architecture
SDM Templates
SDM Templates and Switch Stacks
Resource Exhaustion
Merge Algorithm
Example of SDM Configurations
Troubleshooting

%STACKMGR−6−SWITCH_ADDED_SDM:Switch 2 has been ADDED to the stack (SDM_MISMATCH)


I Cannot Configure the Desktop Template on My 3750 Switch
I Cannot Change the SDM Template on My 3750−12S to the Aggregate Template
Related Information
Introduction
This document provides an overview of the Switching Database Manager (SDM) on the Catalyst 3750 series
Layer 3 (L3) switches, and provides some SDM configuration examples and troubleshooting tips based on
common deployments. The SDM is implemented in all versions of Cisco IOS® Software for the Catalyst
3750.

Prerequisites
Requirements
There are no specific requirements for this document.

Components Used
The information in this document is based on this software version:

• Cisco IOS Software Release 12.1(14)EA1

The information in this document was created from the devices in a specific lab environment. All of the
devices used in this document started with a cleared (default) configuration. If your network is live, make sure
that you understand the potential impact of any command.
Conventions
Refer to Cisco Technical Tips Conventions for more information on document conventions.

Overview of the SDM


The SDM on the Catalyst 3750 series L3 switches manages the Layer 2 (L2) and L3 switching information
that is maintained in the Ternary Content Addressable Memory (TCAM). The TCAM is used for forwarding
lookups.

The TCAM is a specialized piece of memory designed for rapid table lookups by the access control list (ACL)
engine on the Catalyst 3750 switches. The ACL engine performs ACL lookups based on packets passing
through the switch. The result of the ACL engine lookup into the TCAM determines how the switch handles a
packet. For example, the packet may be permitted or denied. The TCAM has a limited number of entries that
are populated with mask values and pattern values. There is one mask for eight entries in the TCAM. For
more information about TCAM, refer to this document:

• Understanding ACL on Catalyst 6500 Series Switches

The main issue users face when configuring ACLs on Catalyst 3750 family switches are resource contention
and exhaustion. Since the Catalyst 3750 switches enforce several types of ACLs in hardware rather than in
software, the switch programs hardware lookup tables and various hardware registers in the TCAM
subsystem. When a packet arrives, the switch can perform a hardware table lookup and perform the
appropriate action.

Architecture
The Catalyst 3750 uses a TCAM subsystem that is shared between L2 and L3 forwarding entries, router
access control lists (RACLs), VLAN access control lists (VACLs), and Quality of Service (QoS) ACLs.
Unlike some types of Catalyst 3550 switches, the Catalyst 3750 has one TCAM subsystem.

TCAM Table Structure

• Layer 2 LearningThis part holds the information about the port learning policies. For example, the
regular access, secure, or dynamic VLAN port has a different learning policy.
• Layer 2 ForwardingThis part holds the information about learned unicast and multicast addresses.
• Layer 3 RoutingThis part is used for unicast and multicast route lookups.
• ACL and QoS TableThis part holds the information on how to identify the traffic according to
security and QoS ACLs.

SDM Templates
Since the Catalyst 3750 can be used in numerous different applications, flexibility in TCAM subsystems
resource allocation is vital. To this end, there are three predefined SDM templates that can be used to divide
the TCAM to suit the use of the Catalyst 3750. The first one is the routing template which maximizes the
system resources for unicast routing. The routing template would typically be used when the box is used as as
a router or route aggregator in the center of the network. The VLAN template is the second one and with this
template, unicast routing is disabled, allowing the maximum number of supported MAC addresses. The
VLAN template would be used when the switch is being used as a purely L2 device. Finally there is the
default template which is a mix between the routing and VLAN templates. This template gives a good balance
between L2 and L3 capabilities. The sdm prefer route template or sdm prefer routing−pbr template
commands have to be used if policy−based routing (PBR) is used on the switch. If not, then the commands
used for PBR will disappear.

For each template, there are two different versions: the Desktop Template and the Aggregator template. Only
Catalyst switch model 3750−12S currently supports the Aggregator template. All Catalyst 3750 switches
(including the 3750−12S) support the Desktop template.

Catalyst 3750 SDM Desktop Template


Resource
Default Routing VLAN
Unicast MAC address
6K 3K 12K
IGMP groups and Multicast routes
1K 1K 1K
Unicast routes
8K 11K 0

• Directly connected hosts


6K 3K 0

• Indirect routes
2K 8K 0
PBR ACEs
0 512 0
QoS ACEs
512 512 512
Security ACEs
1K 1K 1K
VLANs
1K 1K 1K

Catalyst 3750 SDM Aggregator Template table (currently


only supported by the 3750−12S)
Resource
Default Routing VLAN
Unicast MAC address
6K 6K 12K
IGMP groups and Multicast routes
1K 1K 1K
Unicast routes
12K 20K 0

• Directly connected hosts


6K 6K 0

• Indirect routes
6K 14K 0
PBR ACEs
0 512 0
QoS ACEs
896 512 896
Security ACEs
1K 1K 1K
VLANs
1K 1K 1K

Notes:

• All templates are predefined. There is no way to edit template category individual values.
• The switch reload is required to use a new SDM template.
• The ACL merge algorithm, as opposed to the original access control entries (ACEs) configured by the
user, generate the number of TCAM entries listed for security and QoS ACEs. Refer to the Merge
Algorithm section for more details.
• The first eight lines (up to Security ACEs) represent approximate hardware boundaries set when a
template is used. If the boundary is exceeded, all processing overflow is sent to the CPU which can
have a major impact on the performance of the switch.
• Choosing the VLAN template will actually disable routing (number of entry for unicast or multicast
route is zero) in hardware.

SDM Templates and Switch Stacks


When the 3750 switches are being part of a stack, there are several points that one should keep in mind in
regards to the SDM templates that can be used.

• When a switch is added to a stack, the SDM template on the master will override the SDM template
on the new switch.
• If a 3750−12S running an Aggregate Template is being added as a member of the stack with a master
running a Desktop template, the 3750−12S will move to the same Desktop template which is running
on the master. When doing this, there is a risk that the newly added switch will loose a part of the
configuration if the number of existing TCAM entries exceeds those available on the Desktop
template running on the master.
• If the stack master is a 3750−12S running an Aggregate Template and the member switches are not
3750−12S switches, they will not be able to support the Aggregate Template and the member
switches will move into SDM mismatch mode. To verify whether there are any switches in SDM
mismatch mode, you can issue the show switch command.

Resource Exhaustion
The different resources within the TCAM subsystem are limited. Depending on the configuration of the
network and the Catalyst 3750, these resources may be exhausted. If these resources are exhausted, one or
more of the following may occur:

• For Layer 2 Forwarding and Learning, a new learned address will be flooded to all ports within the
ingress VLAN. This is consistent with the operation of a bridge when the forwarding table is full. The
Catalyst 3750 does not have the option of a network drain port to disable learning on specific
interfaces.
• For Layer 3 Routing, any L3 unicast and multicast routes will be learned only in software and not
programmed into the TCAM. This results in slower software−based forwarding (routing) of packets
between VLANs. The Catalyst 3750 can store a considerable amount more of L3 routes in software
compared to the SDM template, however it is not recommended since performance will decrease and
CPU utilization will raise.
Since the Catalyst 3750 allows only one ACL lookup per ingress or egress traffic direction, security ACLs,
VACLs, and RACLs need to be merged into one compiled ACL in the TCAM. The following sequence will
occur:

• If the RACL and a VACL is merged and compiled into the TCAM, the compiler will attempt to fit
either one into the TCAM.
• If the merge fails, the Catalyst 3750 attempts to fit the VACL and a simplified RACL in the TCAM
which essentially sends all routed packets to the CPU for filtering there.
• If the RACL fits into the TCAM, but the VACL does not, only the RACL is processed in hardware.
The VACL is processed through the CPU.
• If either the RACL or a VACL is being compiled into the TCAM and does not fit, the entire RACL or
VACL is unloaded from hardware. All processing is done through software. If neither the RACL or
VACL can individually fit into the TCAM, both are software processed.

Merge Algorithm
The Cisco IOS Software on the Catalyst 3750 uses the Order Dependent Merge (ODM) algorithm. This
algorithm is enabled by default and is not configurable.

Example of SDM Configurations


To check the current SDM template, issue the show sdm prefer command.

C3750G−24T#show sdm prefer


The current template is "desktop default" template.
The selected template optimizes the resources in
the switch to support this level of features for
8 routed interfaces and 1024 VLANs.

number of unicast mac addresses: 6K


number of igmp groups + multicast routes: 1K
number of unicast routes: 8K
number of directly connected hosts: 6K
number of indirect routes: 2K
number of policy based routing aces: 0
number of qos aces: 512
number of security aces: 1K

C3750G−24T#
C3750G−24T#show sdm prefer vlan
"desktop vlan" template:
The selected template optimizes the resources in
the switch to support this level of features for
8 routed interfaces and 1024 VLANs.

number of unicast mac addresses: 12K


number of igmp groups: 1K
number of multicast routes: 0
number of unicast routes: 0
number of policy based routing aces: 0
number of qos aces: 512
number of security aces: 1K

C3750G−24T#

Note: There is no space reserved for the unicast or multicast entries.

To change the SDM template to the VLAN template:


C3750G−24T#conf t
Enter configuration commands, one per line. End with CNTL/Z.
C3750G−24T(config)#sdm prefer vlan
Changes to the running SDM preferences have been stored, but cannot take effect
until the next reload.
Use 'show sdm prefer' to see what SDM preference is currently active.
C3750G−24T(config)#^Z
C3750G−24T#show sdm prefer
The current template is "desktop default" template.
The selected template optimizes the resources in
the switch to support this level of features for
8 routed interfaces and 1024 VLANs.

number of unicast mac addresses: 6K


number of igmp groups + multicast routes: 1K
number of unicast routes: 8K
number of directly connected hosts: 6K
number of indirect routes: 2K
number of policy based routing aces: 0
number of qos aces: 512
number of security aces: 1K

On next reload, template will be "desktop vlan" template.

C3750G−24T#

Troubleshooting
The following information can help you troubleshoot your configuration.

%STACKMGR−6−SWITCH_ADDED_SDM:Switch 2 has been ADDED to


the stack (SDM_MISMATCH)
If the stack master is a Catalyst 3750−12S running an Aggregate Template and a new member switch which is
not a 3750−12S is added to the stack, the following is seen on the master:

2d23h:%STACKMGR−6−SWITCH_ADDED_SDM:Switch 2 has been ADDED to the stack (SDM_MISMATCH)

2d23h:%SDM−6−MISMATCH_ADVISE:
2d23h:%SDM−6−MISMATCH_ADVISE:
2d23h:%SDM−6−MISMATCH_ADVISE:System (#2) is incompatible with the SDM
2d23h:%SDM−6−MISMATCH_ADVISE:template currently running on the stack and
2d23h:%SDM−6−MISMATCH_ADVISE:will not function unless the stack is
2d23h:%SDM−6−MISMATCH_ADVISE:downgraded. Issuing the following commands
2d23h:%SDM−6−MISMATCH_ADVISE:will downgrade the stack to use a smaller
2d23h:%SDM−6−MISMATCH_ADVISE:compatible desktop SDM template:
2d23h:%SDM−6−MISMATCH_ADVISE:
2d23h:%SDM−6−MISMATCH_ADVISE: "sdm prefer vlan desktop"
2d23h:%SDM−6−MISMATCH_ADVISE: "reload"

To check if there are any members of the stack running in SDM mismatch mode, you can issue the following
command:

C3750−12S# show switch


Current
C3750−12S# Role Mac Address Priority State
−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
*1 Master 000a.fdfd.0100 5 Ready

2 Slave 0003.fd63.9c00 5 SDM Mismatch


If you are seeing this type of error on your master, make sure that you set the SDM Template on the Catalyst
3750−12S to Desktop.

I Cannot Configure the Desktop Template on My 3750 Switch


Only the Catalyst 3750−12S supports both the Desktop and Aggregate templates. All other Catalyst 3750
series switches support the Desktop template only, which is configured by default and cannot be changed. On
the other models of 3750 series switches, no option is available in the CLI for desktop and aggregate
templates as in the example below.

C3750G−24T(config)#sdm prefer routing ?


<cr>

On the Catalyst 3750−12S, the option to choose between the Desktop and Aggregate template is not available.
Aggregate is the default and to change to Desktop issue the following commands (this example changes to
Routing Desktop):

C3750−12S(config)# sdm prefer routing desktop


C3750−12S(config)# end
C3750−12S# reload
Proceed with reload? [confirm]

I Cannot Change the SDM Template on My 3750−12S to the Aggregate


Template
The Aggregate keyword in the sdm prefer command on is not shown on the Catalyst 3750−12S switch
because it runs the Aggregate template by default. If the template has been changed (for example, to the
Routing Desktop template), the following commands can change it back to Routing Aggregate:

C3750−12S(config)# no sdm prefer

!−−− This brings the switch back to its default SDM template which is Aggregate.

C3750−12S(config)# sdm prefer routing

!−−− This brings the switch to the Routing Aggregate template.

Related Information
• Understand and Configure the Switching Database Manager on Catalyst 3550 Series Switches
• Configuring the SDM on the Catalyst 2948G−L3 and 4908G−L3
• LAN Product Support Pages
• LAN Switching Support Page
• Technical Support & Documentation − Cisco Systems

Contacts & Feedback | Help | Site Map


© 2012 − 2013 Cisco Systems, Inc. All rights reserved. Terms & Conditions | Privacy Statement | Cookie Policy | Trademarks of
Cisco Systems, Inc.

Updated: Nov 16, 2007 Document ID: 44921

You might also like