Cisco 10008 Router Performance Routing Engine 3 Installation Guide
TCAM Commands
Download this chapter
TCAM CommandsTCAM Commands
give_us_feedback

Table Of Contents

TCAM Commands

hw-module tcam

show pxf cpu access-lists

show pxf cpu pbr action

show pxf cpu qos

show pxf dma

show pxf tcam


TCAM Commands

This appendix describes the following commands for ACL lookup using the Ternary Content Addressable Memory (TCAM) on the PRE3:

hw-module tcam

show pxf cpu access-lists

show pxf cpu pbr action

show pxf cpu qos

show pxf dma

show pxf tcam

hw-module tcam

To configure the router to merge (or not merge) access control list entries (ACEs) when compiling and storing ACEs in Ternary Content Addressable Memory (TCAM), use the hw-module tcam command in global configuration mode. To not merge ACEs, use the no form of the command.

hw-module tcam compile {no-merge | with-pt-tree}

no hw-module tcam compile with-pt-tree

Syntax Description

no-merge

Programs the TCAM using the original ACE instead of merging ACEs. This option enables you to display per-ACE statistics for security access control lists (ACLs).

with-pt-tree

Uses a TCAM merge algorithm to collapse ACEs, which improves the utilization and scalability of TCAM. However, this option aggregates statistical information at the ACL level, disabling the router's ability to provide per-ACE statistics for security ACLS.


Command Default

The router uses the original ACE to program TCAM (no-merge option).

Command Modes

Global configuration

Command History

Release
Modification

12.2(31)SB2

This command was introduced on the PRE3 for the Cisco 10000 series router.


Usage Guidelines

Ternary Content Addressable Memory (TCAM) is a hardware device on the PRE3 that enables QoS ACLs to be collapsed and stored densely. Instead of using the TurboACL algorithm of the PRE2, the PRE3 uses the TCAM to implement ACL lookup for quick retrieval.

The PRE3 does not support the following features for IPv4 security ACLs:

IPv4 mini-ACLs (less than 8 ACEs)

Incremental compilation

IPv4 template ACLs have the same functionality on the PRE2 as the PRE2 implementation.

The router supports the collection of per-ACE statistical information using the hw-module tcam compile no-merge command.

When configured, the hw-module tcam command applies to all newly added or modified ACLs and QoS-related TCAM entries. When you reload the router or microcode, the command applies to all ACL and QoS-related TCAM entries.

Examples

The following example merges ACEs in TCAM, conserving TCAM space. Per-ACE statistical information is not available when this command is configured. 

Router(config)# hw-module tcam compile with-pt-tree

Router(config)#

Related Commands

Command
Description

hw-module

Resets a line card.


show pxf cpu access-lists

To display Parallel eXpress Forwarding (PXF) memory information for access control lists (ACLs), use the show pxf cpu access-lists command in privileged EXEC mode.

show pxf cpu access-lists [security | qos | pbr | compiled]

Cisco 10000 Series Router

show pxf cpu access-lists [security [ [tcam acl-name [detail] ] | flex-sum | children] | qos | pbr | compiled]

Syntax Description

security

(Optional) Displays information about the security ACLs defined in Cisco IOS and compiled to the PXF. Also displays information about split ACLs, such as how much memory has been used.

tcam acl-name

(Optional) Displays information about the specified security ACL stored in ternary content addressable memory (TCAM).

This option is only available on the PRE3 for the Cisco 10000 series router.

detail

(Optional) Displays decoded information about the packet fields used for matching in the TCAM.

flex-sum

(Optional) Displays summary information describing the amount of memory allocated in the parallel express forwarding (PXF) engine for use by the flexible key construction microcode. This information is useful for design teams.

This option is only available on the PRE3 for the Cisco 10000 series router.

children

(Optional) Displays information for child policies. If an ACL is a template child, the output typically does not display the child information. Specifying the children keyword displays data for child policies, too, and shows the children and the parent policy of each child.

Use caution when using the children keyword as there might be thousands of child policies configured, which could have negative effects on the command output.

qos

(Optional) Displays information about the QoS ACLs defined in Cisco IOS and compiled to the PXF.

pbr

(Optional) Displays information about ACLs for policy-based routing (PBR).

compiled

(Optional)  Displays information for all compiled Turbo-ACLs.

The PRE2 supports Turbo-ACLs and the compiled option. The PRE3 accepts the PRE2 compiled option, but does not implement Turbo-ACLs.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.2S

This command was introduced.

12.3(7)XI1

This command was introduced on the PRE2 for the Cisco 10000 series router.

12.2(31)SB22

This command was introduced on the PRE3 for the Cisco 10000 series router.


Usage Guidelines

Cisco 10000 Series Router (PRE2)

Because memory is shared between TurboACLs and MiniACLs, they can interfere with each other's capacities. The Mini-ACL is automatically set up with space for 8191 Mini-ACLs at router start. If more than 8191 Mini-ACLs are created, another block of MiniACLs (4096) is allocated. This process is repeated as necessary until the router is out of External Column Memory (XCM) in any one bank that the Mini-ACLs need.

Cisco 10000 Series router (PRE3)

The PRE3 implements only TCAM ACLs. Turbo-ACLs and Mini-ACLs are not supported.

Examples

The sample output from the show pxf cpu access-lists security command (see Sample Output) is based on the configuration of the access control list (ACL) called test_list (see ACL Configuration). The sample output is divided into several sections with a description of the type of information displayed in each.

ACL Configuration 

Router# show pxf cpu access-lists test_list


Extended IP access list test_list (Compiled)

    10 permit ip any host 10.1.1.1

    20 permit ip any host 10.1.1.2

    30 permit ip any host 10.1.1.3

    40 permit ip any host 10.1.1.4

    50 permit ip any host 10.1.1.5

    60 permit ip any host 10.1.1.6

    70 permit ip any host 10.1.1.7

    80 permit ip any host 10.1.1.8

    90 permit ip any host 10.1.1.9

    100 permit ip any host 10.1.1.11

    110 permit ip any host 10.1.1.12

Sample Output

The following sample output describes the information displayed in the first section of the command output from the show pxf cpu access-lists security command: 

Router# show pxf cpu access-lists security


PXF Security ACL statistics:

ACL            State      Tables  Entries  Config  Fragment  Redundant  Memory ACL_index

 1            Operational   1        -       -        -        -         0Kb     1

sl_def_acl    Operational   2        -       -        -        -         0Kb     2

test          Operational   3        -       -        -        -         0Kb     3

test_list     Operational   1        12      11       0        0         7Kb     1

Table 1, Part 1 describes the significant fields shown in the display.

Table 1, Part 1 show pxf cpu access-lists security Field Descriptions 

Field
Description

ACL

Identifies the ACL by name or number.

State

Displays the current state of the ACL:

Copying—ACL is in the process of being created or compiled.

Operational—ACL is active and filtering packets.

Out of acl private mem—ACL has run out of the private memory that was allocated exclusively to it.

Out of shared mem—ACL has run out of the memory that it shares with other ACLs.

Unknown Failure—ACL has failed because of an uncategorized reason.

Unneeded—ACL was allocated but is not currently in use.

Tables

An indicator of whether the ACL has been split into more than one PXF pass. The first three ACLs in the output are MiniACLs, and have the ACL_index duplicated in the Tables column.

Entries

The count of ACL rules as seen by the Turbo compiler. This is the sum of the Config, Fragment, and Redundant columns plus 1.

Config

The count of rules for this ACL.

Fragment

The count of extra rules added to handle fragment handling, where Layer 4 information is needed but not available in a packet fragment.

Redundant

The count of rules that are not needed because they are covered by earlier rules.

Memory

The amount of PXF XCM in use for the ACL.

ACL_index

The index of the ACL in XCM.


The following sample output describes the information displayed in the next section of the command output from the show pxf cpu access-lists security command: 

First level lookup tables:

Block      Use              Rows       Columns   Memory used

  0   TOS/Protocol            1/128     1/32      16384

  1   IP Source (MS)          1/128     1/32      16384

  2   IP Source (LS)          1/128     1/32      16384

  3   IP Dest (MS)            2/128     1/32      16384

  4   IP Dest (LS)           12/128     1/32      16384

  5   TCP/UDP Src Port        1/128     1/32      16384

  6   TCP/UDP Dest Port       1/128     1/32      16384

  7   TCP Flags/Fragment      1/128     1/32      16384

Table 1, Part 2 describes the significant fields shown in the display.

Table 1, Part 2 show pxf cpu access-lists security Field Descriptions

Field
Description

Block

Indicates the block number.

Use

Describes the IP packet field that is being matched.

Rows

An indication of where the largest variety of values are in use in the ACLs that are being applied. In the output, 12/128 means that there are 12 different values of significance in the field. If there are other rules added and the value exceeds 128, more memory will be needed to accommodate the new rules.

Columns

An indication of the number of TurboACLs in PXF memory. In the output, 1/32 means there is only one TurboACL in PXF memory. If there are more than 31 added, another chunk of memory is needed to accommodate the new ACLs.

Memory used

Displays the total amount of memory used for this particular lookup table.


The following sample output describes the information displayed in the next section of the command output from the show pxf cpu access-lists security command. There are 16 banks of XCM in each PXF column. This output section shows the usage level of each bank. 


Banknum   Heapsize   Freesize  %Free

   0       4718592    4702208    99

   1       8126464    6012928    73

   2       8388608    6290432    74

   3       8388608    6290432    74

   4       5898240    5881856    99

   5       8126464    6012928    73

   6       8388608    6290432    74

   7       8126464    6012928    73

   8       4456448    4440064    99

   9       8126464    6012928    73

Table 1, Part 3 describes the significant fields shown in the display.

Table 1, Part 3 show pxf cpu access-lists security Field Descriptions 

Field
Description

Banknum

The block of memory used for this particular lookup table.

Heapsize

The total amount of memory, in bytes, allocated for this block.

Freesize

The amount of memory, in bytes, that is currently available for use by this block of memory.

%Free

The percentage of memory that is free and available for use for this block of memory. When the %Free drops to 0, the router cannot hold any more ACLs in PXF memory, and any new ACL will not pass traffic.


This section of the sample command output indicates the memory usage of the MiniACLs in the router. All of the rows state about the same thing. To determine the actual number of MiniACLs in play, divide the memory used in any of blocks 1 to 10 by 256, or blocks 11 to 14 by 16. 


MiniACL XCM Tables:

Block   Use               Memory Used   %Free

  0   IP Src 1                 768        99

  1   IP Src 2                 768        99

  2   IP Src 3                 768        99

  3   IP Src 4                 768        99

  4   IP Dest 1                768        99

  5   IP Dest 2                768        99

  6   IP Dest 3                768        99

  7   IP Dest 4                768        99

  8   ToS                      768        99

  9   Protocol                 768        99

  10  TCP Flags/Fragment       768        99

  11  Source Port 1             48        99

  12  Source Port 2             48        99

  13  Destination Port 2        48        99

  14  Destination Port 2        48        99

The following describes the information displayed in the last section of the sample output from the show pxf cpu access-lists security command: 

Available MiniACL count = 8191

Usable ranges(inclusive):

1->8191

Table 1, Part 4 describes the significant fields shown in the display.

Table 1, Part 4 show pxf cpu access-lists security Field Descriptions

Field
Description

Available MiniACL

The number of ACLs currently available for allocation in XCM.

Usable ranges

The ACL indexes that will be assigned to MiniACLs.


PRE2 and PRE3 Security ACLs Examples (Cisco 10000 Series Router)

This section compares the output from the show pxf cpu access-lists security command when issued on the PRE2 and PRE3.

For the PRE2, the following sample output displays VMR (value, plus a mask and result) data for the ACL named ICMP_IGMP_MATCH: 

Router# show pxf cpu access-lists security tcam ICMP_IGMP_MATCH detail 


-------------------------------------------------------------

VMR Format - handle: 524607B4

Format has 5 fields, refcount = 1

Field: Format, FIXED, start_bit = 69, end_bit = 71

Field: ACL index, FIXED, start_bit = 54, end_bit = 68

Field: Flags, FIXED, start_bit = 43, end_bit = 53

Field: L4 proto, FIXED CNV, start_bit = 16, end_bit = 23

Field: L4 source port, FIXED CNV, start_bit = 0, end_bit = 15 Total bits = 53, format = 72 
GMR used: 5 Col 2 LKBP Vector: 544

-------------------------------------------------------------

VMRs

------ VMR 0 ------

V: 001B0000 0000010B 00

M: FFFFC000 0000FFFF FF

R: 00010001

Format: 00000000/00000007

ACL index: 0000006C/00007FFF

L4 source port: 00000B00/0000FFFF

L4 proto: 00000001/000000FF

Flags: 00000000/00000000

------ VMR 1 ------

V: 001B0000 00000103 01

M: FFFFC000 0000FFFF FF

R: 00010002

Format: 00000000/00000007

ACL index: 0000006C/00007FFF

L4 source port: 00000301/0000FFFF

L4 proto: 00000001/000000FF

Flags: 00000000/00000000

------ VMR 2 ------

V: 001B0000 00000213 00

M: FFFFC000 0000FFFF 00

R: 00010003

Format: 00000000/00000007

ACL index: 0000006C/00007FFF

L4 source port: 00001300/0000FF00

L4 proto: 00000002/000000FF

Flags: 00000000/00000000

------ VMR 3 ------

V: 001B0000 00000214 00

M: FFFFC000 0000FFFF 00

R: 00010004

Format: 00000000/00000007

ACL index: 0000006C/00007FFF

L4 source port: 00001400/0000FF00

L4 proto: 00000002/000000FF

Flags: 00000000/00000000

For the PRE3, the following sample output displays for the show pxf cpu access-lists security command. Notice that the output does not include the columns shown above that are relevant to only the PRE2 and the output no longer displays first-level lookup tables. 

Router# show pxf cpu access-lists security 


PXF Security ACL statistics:

 ACL                                     State           ACL_index

STANDARD_MATCH_PERMIT                    Operational           116

SRC_IP_MATCH144                          Operational           102

DST_IP_MATCH                             Operational           113

DST_IP_MATCH144                          Operational           112

PROTOCOL_MATCH                           Operational           104

PROTOCOL_MATCH144                        Operational           103

FRAG_MATCH                               Operational           109

PRECEDENCE_TOS_MATCH                     Operational           106

PRECEDENCE_TOS_MATCH144                  Operational           105

Related Commands

Command
Description

show pxf cpu statistics

Displays PXF CPU statistics.

show pxf statistics

Displays a chassis-wide summary of PXF statistics.


show pxf cpu pbr action

To display policy-based routing (PBR) actions configured in the Parallel eXpress Forwarding (PXF), use the show pxf cpu pbr action command in privileged EXEC mode.

show pxf cpu pbr action map-name

Cisco 10000 Series Router (PRE3)

show pxf cpu pbr [action map-name | tcam map-name | flex-sum]

Syntax Description

action map-name

(Optional) Displays PBR action information and redirects the command output to the route map you specify.

tcam map-name

(Optional) Displays VMR (value, plus a mask and result) information stored in ternary content addressable memory (TCAM) and redirects the command output to the route map you specify.

Note This option is only available on the PRE3 for the Cisco 10000 series router.

flex-sum

(Optional) Displays summary information describing the amount of memory allocated in the PXF engine for use by the flexible key construction microcode. This information is useful for design teams.

Note This option is only available on the PRE3 for the Cisco 10000 series router.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.2S

This command was introduced.

12.3(7)XI1

This command was introduced on the Cisco 10000 series router for the PRE2.

12.2(31)SB2

This command was introduced on the Cisco 10000 series router for the PRE3.


Usage Guidelines

This command is useful to determine if an adjacency has been found for a set ip next-hop ip-address route map configuration command.

Examples

The following example shows the PBR route maps configured in the PXF: 

Router# show pxf cpu pbr action foo


Show PBR Action:

----------------------------------------------------------------------

Policy number: 1           

route-map foo, permit, sequence 10

  map number    = 0           

  action index  = 0           

    primary action   : SET_ROUTE

    secondary action : - none -

    mac-rewr index = 0x0000 0015

    vcci = 0x09D4, qos group = 0, tos prec = 0

    tt_pkt_count = 0            tt_byte_count = 0           

 Adjacency data 0x20D29968

 XCM adjacency from 0x70000120(RP) 

   0xA0000120(FP) index 0x24:

Cisco 10000 Series Router (PRE3)

The following configuration example shows a PBR configuration in which traffic classification is based on the IP access list named pbr_length. The route map permits traffic based on the specified matching criteria and sets the next hop address of each packet. 

ip access-list extended pbr_length

    permit tcp any any

!

route-map pbr_length permit 10

    match ip address pbr_length

    match length 100 200

    set ip next-hop 2.0.95.5                    !

route-map pbr_length permit 20

    match ip address pbr_length

    match length 200 300

    set ip next-hop 2.0.95.5                    !

route-map pbr_length permit 30

    match length 300 400

    set ip next-hop 2.0.95.5                    !

The following sample output from the show pxf cpu pbr command shows the type of information that displays based on the above PBR configuration: 

Router# show pxf cpu pbr action pbr_length


Show PBR Action:


----------------------------------------------------------------------

Policy number: 3           


route-map pbr_length, permit, sequence 10

  map number    = 0           

  action index  = 64          

  map vcci out  = 0x0

  tt_pkt_count  = 0            tt_byte_count = 0           


    primary action   : NULL_ACTION

    secondary action : - none -

    mac-rewr index = 0x0000 0000

    vcci = 0x0000, qos group = 0, tos prec = 0


......................................................................


route-map pbr_length, permit, sequence 20

  map number    = 1           

  action index  = 65          

  map vcci out  = 0x0

  tt_pkt_count  = 0            tt_byte_count = 0           

    primary action   : NULL_ACTION

    secondary action : - none -

    mac-rewr index = 0x0000 0000

    vcci = 0x0000, qos group = 0, tos prec = 0


......................................................................


route-map pbr_length, permit, sequence 30

  map number    = 2           

  action index  = 66          

  map vcci out  = 0x0

  tt_pkt_count  = 0            tt_byte_count = 0           


    primary action   : NULL_ACTION

    secondary action : - none -

    mac-rewr index = 0x0000 0000

    vcci = 0x0000, qos group = 0, tos prec = 0

The following sample output from the show pxf cpu pbr tcam command shows the type of detailed VMR (value, plus a mask and result) information that displays: 

Router# show pxf cpu pbr tcam pbr_length detail 


VMR data for Route-map pbr_length


-------------------------------------------------------------

VMR Format - handle: 5050BC90

Format has 5 fields, refcount = 1

Field: Format, FIXED, start_bit = 69, end_bit = 71

Field: ACL index, FIXED, start_bit = 54, end_bit = 68

Field: Flags, FIXED, start_bit = 43, end_bit = 53

Field: L4 proto, FIXED CNV, start_bit = 16, end_bit = 23

Field: Unknown, FLEX, start_bit = 0, end_bit = 15 Total bits = 53, format = 72 GMR used: 0 
Col 3 LKBP Vector: 96C

Status: Running


-------------------------------------------------------------

VMRs

------ VMR 0 ------

V: 7000C000 00000600 70

M: FFFFD800 0000FFFF F0

R: 80000104

Format: 00000003/00000007

ACL index: 00004003/00007FFF

L4 proto: 00000006/000000FF

Flags: 00000000/00000300

Packet Length: 00000070/0000FFF0

------ VMR 1 ------

V: 7000C000 00000600 68

M: FFFFD800 0000FFFF F8

R: 80000104

Format: 00000003/00000007

ACL index: 00004003/00007FFF

L4 proto: 00000006/000000FF

Flags: 00000000/00000300

Packet Length: 00000068/0000FFF8

------ VMR 2 ------

V: 7000C000 00000600 64

M: FFFFD800 0000FFFF FC

R: 80000104

Format: 00000003/00000007

ACL index: 00004003/00007FFF

L4 proto: 00000006/000000FF

Flags: 00000000/00000300

Packet Length: 00000064/0000FFFC

.

.

.

------ VMR 18 ------

V: 7000C000 00000000 00

M: FFFFC000 00000000 00

R: 80000110

Format: 00000003/00000007

ACL index: 00004003/00007FFF

L4 proto: 00000000/00000000

Flags: 00000000/00000000

Packet Length: 00000000/00000000

Related Commands

Command
Description

show pxf cpu policy-data

Displays QoS policy data index usage statistics.

show pxf cpu vcci

Displays VCCI to interface mapping information.


show pxf cpu qos

To display Parallel eXpress Forwarding (PXF) External Column Memory (XCM) contents related to a particular policy, use the show pxf cpu qos command in privileged EXEC mode.

show pxf cpu qos [policy-map policy-name | vcci]

Cisco 10000 Series Router

show pxf cpu qos [0-65535 | classifiers | flex-sum | policy-map policy-name | vcci-maps]

Syntax Description

0-65535

(Optional) Displays information for the Virtual Channel Circuit Identifier (VCCI) you specify.

classifiers

(Optional) Displays information about the criteria used to classify traffic.

flex-sum

(Optional) Displays summary information describing the amount of memory allocated in the PXF engine for use by the flexible key construction microcode.

Note This option is only available on the Cisco 10000 series router for the PRE3.

policy-map policy-name

(Optional) Displays per-policy map information.

vcci-maps

(Optional) Displays VCCI map values.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.2S

This command was introduced.

12.3(7)XI1

This command was introduced on the Cisco 10000 series router for the PRE2.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB.

12.2(31)SB2

This command was introduced on the PRE3 for the Cisco 10000 series router.


Usage Guidelines

This command is useful in verifying the presence of a policy on interfaces and indexes programmed in the PXF.

Examples

The following example shows XCM contents related to a policy called police_test, which is defined as follows: 

policy-map police_test

 class high-priority

 priority

 class low-priority

  set atm-clp

 class class-default

    queue-limit 512


Router# show pxf cpu qos police_test


Output Policymap: police_test

 Vcci: A05  Flags: 4  Policymap_index: 6  Policymap_data_index: 12

 OUT AT1/0/0.111 (0x71764660) ref_count 1

Output Action Table Contents for vcci 0xA05 - Policymap index: 6

 class-name: high-priority  class_index: 0  action_flags: 0x00

  srp_class_id: 0x01  prec/dscp: 0x00  cos: 0

  discard_class: 0x00  exp_value: 0

class-name: low-priority  class_index: 1  action_flags: 0x10

  srp_class_id: 0x00  prec/dscp: 0x00  cos: 0

  discard_class: 0x00  exp_value: 0

class-name: class-default  class_index: 2  action_flags: 0x00

  srp_class_id: 0x00  prec/dscp: 0x00  cos: 0

  discard_class: 0x00  exp_value: 0

Related Commands

Command
Description

show pxf cpu statistics qos

Displays match statistics for a service policy on an interface.


show pxf dma

To display the current state of direct memory access (DMA) buffers, error counters, and registers on the Parallel eXpress Forwarding (PXF) engine, use the show pxf dma command in privileged EXEC mode.

show pxf dma [buffers | counters | reassembly | registers]

Cisco 10000 Series Router (PRE3 only)

show pxf dma [buffers | counters | reassembly | registers] [brief | config | errors | status]

Syntax Description

buffers

(Optional) Displays PXF DMA buffers information.

counters

(Optional) Displays packet and error counters for the PXF DMA engine.

reassembly

(Optional) Displays PXF reassembly table usage information.

registers

(Optional) Displays PXF DMA registers information.

brief

(Optional) Displays PXF DMA information, including the initialization state of each block in the PXF API and any errors that occurred.

Note This option is available on the PRE3 only.

config

(Optional) Displays a configuration summary of the registers in each of the PXF DMA blocks.

Note This option is available on the PRE3 only.

errors

(Optional) Displays the errors that occurred in each of the PXF DMA blocks.

Note This option is available on the PRE3 only.

status

(Optional) Displays the initialization state of each PXF DMA block. In normal operation, all blocks display the enabled state.

Note This option is available on the PRE3 only.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.2S

This command was introduced.

12.3(7)XI

This command was integrated into Cisco IOS Release 12.3(7)XI and implemented on the Cisco 10000 series router for the PRE2.

12.2(31)SB2

This command was integrated into Cisco IOS Release 12.2(31)SB2 and implemented on the Cisco 10000 series router for the PRE3.


Examples

The following example shows PXF DMA buffers information: 

Router# show pxf dma buffers


PXF To-RP DMA Ring Descriptors & Buffers:


     Descriptor       Buffer        Buffer      Descriptor

     Address          Address       Length(b)   Flags

0    0x0CA06340       0x0AC097C0      512       0x0002

1    0x0CA06350       0x0AC088C0      512       0x0002

2    0x0CA06360       0x0AC07C40      512       0x0002

3    0x0CA06370       0x0AC0B5C0      512       0x0002

4    0x0CA06380       0x0AC0CC40      512       0x0002

5    0x0CA06390       0x0AC08640      512       0x0002

6    0x0CA063A0       0x0AC0C240      512       0x0002

7    0x0CA063B0       0x0AC08B40      512       0x0002

8    0x0CA063C0       0x0AC0AE40      512       0x0002

9    0x0CA063D0       0x0AC0BAC0      512       0x0002

10   0x0CA063E0       0x0AC0C9C0      512       0x0002

11   0x0CA063F0       0x0AC09CC0      512       0x0002

12   0x0CA06400       0x0AC0C740      512       0x0002

13   0x0CA06410       0x0AC0A6C0      512       0x0002

14   0x0CA06420       0x0AC0B0C0      512       0x0002

15   0x0CA06430       0x0AC09040      512       0x0002

16   0x0CA06440       0x0AC0A440      512       0x0002

17   0x0CA06450       0x0AC065C0      512       0x0002

18   0x0CA06460       0x0AC06FC0      512       0x0002

19   0x0CA06470       0x0AC06340      512       0x0002

20   0x0CA06480       0x0AC07240      512       0x0002

21   0x0CA06490       0x0AC092C0      512       0x0002

22   0x0CA064A0       0x0AC0D140      512       0x0002

23   0x0CA064B0       0x0AC0C4C0      512       0x0002

24   0x0CA064C0       0x0AC07740      512       0x0002

25   0x0CA064D0       0x0AC09540      512       0x0002

26   0x0CA064E0       0x0AC0A940      512       0x0002

27   0x0CA064F0       0x0AC06840      512       0x0002

28   0x0CA06500       0x0AC08140      512       0x0002

29   0x0CA06510       0x0AC06D40      512       0x0002

30   0x0CA06520       0x0AC07EC0      512       0x0002

31   0x0CA06530       0x0AC0ABC0      512       0x0003


PXF From-RP DMA Ring Descriptors & Buffers:


     Descriptor       Buffer        Buffer      Descriptor    Context

     Address          Address       Length(b)   Flags         Bit

0    0x0CA06580       0x00000000        0       0x0000        Not set

1    0x0CA06590       0x00000000        0       0x0000        Not set

2    0x0CA065A0       0x00000000        0       0x0000        Not set

3    0x0CA065B0       0x00000000        0       0x0000        Not set

4    0x0CA065C0       0x00000000        0       0x0000        Not set

5    0x0CA065D0       0x00000000        0       0x0000        Not set

6    0x0CA065E0       0x00000000        0       0x0000        Not set

7    0x0CA065F0       0x00000000        0       0x0000        Not set

8    0x0CA06600       0x00000000        0       0x0000        Not set

9    0x0CA06610       0x00000000        0       0x0000        Not set

10   0x0CA06620       0x00000000        0       0x0000        Not set

11   0x0CA06630       0x00000000        0       0x0000        Not set

12   0x0CA06640       0x00000000        0       0x0000        Not set

13   0x0CA06650       0x00000000        0       0x0000        Not set

14   0x0CA06660       0x00000000        0       0x0000        Not set

15   0x0CA06670       0x00000000        0       0x0001        Not set

Table 1, Part 1 describes the fields shown in the display.

Table 2 show pxf dma Command Field Descriptions 

Field
Description

Descriptor Address

Memory address pointing to the descriptor for this buffer.

Buffer Address

Address of this buffer in memory.

Buffer Length

Length, in bytes, of this particular buffer.

Descriptor Flags

Internal flags identifying this buffer's use and status.

Context Bit

State of the context bit which is set when the buffer is currently in use by a context (the basic unit of packet processing).


Related Commands

Command
Description

clear pxf

Clears PXF counters and statistics.

show pxf cpu

Displays PXF CPU statistics.

show pxf microcode

Displays the microcode version running on the PXF.


show pxf tcam

To display version information about Ternary Content Access Memory (TCAM) devices, register values, and cell usage by application regions, use the show pxf tcam command in privileged EXEC mode.

show pxf tcam

Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(31)SB2

This command was introduced on the PRE3 for the Cisco 10000 series router.


Usage Guidelines

The TCAM can only match binary ranges. Therefore, the router creates multiple entries, which together have binary ranges to cover a non-binary range. This is referred to as port expansion. Another example of entry expansion is matching the established keyword. The router implements this as two entries: one to check for the ACK bit and the other to check if the RST bit is set.

If per access control entry (ACE) accounting is required, the router limits you to 64K ACEs for each access control list (ACL). Otherwise, the available TCAM space defines the ACE limitation. If no TCAM space is available, the ACE is not placed into TCAM and the router uses an ACE equivalent to deny ip any any. When sufficient space becomes available in TCAM, you must first remove the ACL from the interface and then reapply it to activate it.

Examples

The following sample output shows the types of information that displays when you enter the show pxf tcam command: 

Router# show pxf tcam


TCAM register info

Toaster Tcam config 0xFE39870F

Toaster Tcam status 0x00000000

Toaster Tcam Xtype/Mask 0x00000000/0x00000100 Toaster Tcam Instr_reg 0x00000004 Toaster 
Tcam clk cfg 0x000000A0 NETCAM3, dev 0 ver RC

NETCAM3 version value = 0x00000000:00000000:4E4C0201

NETCAM3 device id = 0x00000000:00000000:00000100

NETCAM3 CCR value = 0x00000000:08000059:C000101A

NETCAM3 STAT value = 0x00000000:00000000:00060100

NETCAM3 PER value = 0x00000000:00000000:00000000

NETCAM3 IAERR value = 0x00000000:00000000:00000000

NETCAM3 RPID1 = 0x00000000:00000000:00000000

NETCAM3 RPID2 = 0x00000000:00000000:00000000

NETCAM3 RPID3 = 0x00000000:00000000:00000000

NETCAM3 RPID4 = 0x00000000:00000000:00000000

NETCAM3 BCS value = 0x00000000:00002492:49000000

NETCAM3 HRR0 value = 0x00000000:00000000:C000FFFD NETCAM3, dev 1 ver RC

NETCAM3 version value = 0x00000000:00000000:4E4C0201

NETCAM3 device id = 0x00000000:00000000:00000104

NETCAM3 CCR value = 0x00000000:08000059:F000103A

NETCAM3 STAT value = 0x00000000:00000000:00020100

NETCAM3 PER value = 0x00000000:00000000:00000000

NETCAM3 IAERR value = 0x00000000:00000000:00000000

NETCAM3 RPID1 = 0x00000000:01010101:01010101

NETCAM3 RPID2 = 0x00000000:01010101:01010101

NETCAM3 RPID3 = 0x00000000:01010101:01010101

NETCAM3 RPID4 = 0x00000000:01010101:01010101

NETCAM3 BCS value = 0x00000000:00004924:92249249

NETCAM3 HRR0 value = 0x00000000:00000000:40000000



TCAM Info:

   total regions 133, used cells 7, free cells 524281,

                 used masks 7, free masks 524281


Region breakdown info (max=0 means no limit):

id   name                lk_size max_entry used_entry free_cells

----------------------------------------------------------------

0    72-bit ACL/QOS/PBR/i72        0         5          131067

1    144-bit ACL/QOS/PBR/144       0         0          99313

2    288-bit ACL/QOS/PBR/288       0         0          65536

3    IPv6 /128 Address Ma144       0         0          33778

4    IPv6 /127 Address Ma144       0         0          1010

5    IPv6 /126 Address Ma144       0         0          1010

6    IPv6 /125 Address Ma144       0         0          1010

7    IPv6 /124 Address Ma144       0         0          1010

8    IPv6 /123 Address Ma144       0         0          1010

9    IPv6 /122 Address Ma144       0         0          1010

10   IPv6 /121 Address Ma144       0         0          1010

11   IPv6 /120 Address Ma144       0         0          1010

12   IPv6 /119 Address Ma144       0         0          1010

13   IPv6 /118 Address Ma144       0         0          1010

14   IPv6 /117 Address Ma144       0         0          1010

15   IPv6 /116 Address Ma144       0         0          1010

16   IPv6 /115 Address Ma144       0         0          1010

17   IPv6 /114 Address Ma144       0         0          1010

18   IPv6 /113 Address Ma144       0         0          1009

19   IPv6 /112 Address Ma144       0         0          1008

20   IPv6 /111 Address Ma144       0         0          1008

21   IPv6 /110 Address Ma144       0         0          1008

22   IPv6 /109 Address Ma144       0         0          1008

23   IPv6 /108 Address Ma144       0         0          1008

24   IPv6 /107 Address Ma144       0         0          1008

25   IPv6 /106 Address Ma144       0         0          1008

26   IPv6 /105 Address Ma144       0         0          1008

27   IPv6 /104 Address Ma144       0         0          1008

28   IPv6 /103 Address Ma144       0         0          1008

29   IPv6 /102 Address Ma144       0         0          1008

30   IPv6 /101 Address Ma144       0         0          1008

31   IPv6 /100 Address Ma144       0         0          1008

32   IPv6 /99 Address Map144       0         0          1008

33   IPv6 /98 Address Map144       0         0          1008

34   IPv6 /97 Address Map144       0         0          1008

35   IPv6 /96 Address Map144       0         0          1008

36   IPv6 /95 Address Map144       0         0          1008

37   IPv6 /94 Address Map144       0         0          1008

38   IPv6 /93 Address Map144       0         0          1008

39   IPv6 /92 Address Map144       0         0          1008

40   IPv6 /91 Address Map144       0         0          1008

41   IPv6 /90 Address Map144       0         0          1008

42   IPv6 /89 Address Map144       0         0          1008

.

.

.

130  IPv6 /1 Address Mapp144       0         0          1007

131  IPv6 /0 Address Mapp144       0         1          1007

132  MCE V6 MCAST1       288       0         0          65536

Table 1, Part 1 describes the fields shown in the display.

Table 3 show pxf tcam Command Field Descriptions 

Field
Description

Cells

Basic unit of allocation in the TCAM. A cell is 72 bits in length. Each cell has an associated value, plus a mask, and result—referred to as VMR. Cells are grouped in one of three sizes:

1—72 bits

2—144 bits

4—288 bits

Entry

Group of cells that together make a single lookup entry. For example, a standard ACL uses a 72-bit entry because the number of bits from a packet that compose a lookup fits within 72 bits. An extended ACE usually fits within 144 bits (a two-cell grouping). Exceptions to this are ACEs that use a match on a port range and ACEs that match on multiple TCP flag states.

Regions

Pool of cells that are set aside for a specific application. All entries in a region have the same grouping size of cells (1, 2, or 4 cells. All regions are dynamically sized with no minimum—one region can use free entries from another region if they have the same size.


Related Commands

Command
Description

show pxf cpu access-lists

Displays Parallel eXpress Forwarding (PXF) memory information for access control lists (ACLs).

show pxf cpu pbr action

Display policy-based routing (PBR) actions configured in the Parallel eXpress Forwarding (PXF).


CCVP, the Cisco Logo, and the Cisco Square Bridge logo are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn is a service mark of Cisco Systems, Inc.; and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, Follow Me Browsing, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, iQuick Study, LightStream, Linksys, MeetingPlace, MGX, Networking Academy, Network Registrar, Packet, PIX, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StackWise, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.

All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0609R)

Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.

© 2006 Cisco Systems, Inc. All rights reserved.