cef or process switched?

Unanswered Question

On a 4506 L3 switch, a predecessor configured 'no ip route-cache cef' on the vlan SVIs. I would like to re-enable cef, but am not sure if it is actually disabled on these interfaces. 'Sh int switching' seems to confirm the configuration by showing all packets process switched for the vlans. On the other hand, 'sh ip cef' has entries for those vlans , and 'sh int vlan stats' shows most all packets being switched in hardware (not processed). So is cef enabled on these interfaces, or not?


Thank you for any help you can provide.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
ariela Wed, 12/03/2008 - 11:51
User Badges:
  • Silver, 250 points or more

Hi,

it's quite simple. To enable cef switching you have to use the command 'ip cef' in global config. You can see 'ip cef' in your running-configuration. Normally if cef is disable you can't see any output with the command 'show ip cef' ...


router#show ip cef

%CEF not running


So, the ip cef in your case is enabled (default behavior).


The 'no ip route-cache cef' is used only to disable cef mechanism for a specific interface, and just for it.


For more infos:

http://www.ciscosystems.com/en/US/products/sw/iosswrel/ps1828/products_tech_note09186a00801e1e46.shtml


HTH

Andrea

Thank you, Andrea. What you say would be fine, except that the interfaces on which cef is disabled are the same ones on which the 'show' commands say cef IS enabled. For example, on interface vlan 21 is configured 'no ip route-cache cef'. But 'sh ip cef' and 'sh int vlan 21 stats' both indicate that cef IS enabled for vlan 21.

ariela Thu, 12/04/2008 - 03:49
User Badges:
  • Silver, 250 points or more

what about 'show cef interfaces'?

IOS version?


Thank you

Andrea

ariela Thu, 12/04/2008 - 04:05
User Badges:
  • Silver, 250 points or more

better, check the specific 'show adj detail'. Will show how many packets/bytes are CEF switched out of each next-hop/adjacency


Regards

Andrea

"Ip cef" does not show in the config -- IOS version 12.2(31). Yet CEF is running.


And it definitely appears to be running on the interfaces configured with 'no ip route-cache cef'. "Show adj detail" has entries. At this point, I'm concluding that CEF is not allowed to be disabled on this switch. An article at http://searchnetworkingchannel.techtarget.com/generic/0,295582,sid100_gci1261924,00.html indicates this, although I would think that the attempt to disable it would have yielded an error message, rather than just allowing the "no ip route-cache cef" to be entered, and then just having cef continue to run.


Even so, I'm curious how the output from 'sh int switching' seems to contradict the output for 'sh int vlan stats'. As you can see from the following, all traffic is switched in hardware per the first output, and process-switched per the second output.


12fl4506#sh int vlan21 stats

Vlan21

Switching path Pkts In Chars In Pkts Out Chars Out

Processor 0 0 0 0

Route cache 0 0 0 0

Hardware 1011470547 1236839140642 488636118 182140106530

Total 1011470547 1236839140642 488636118 182140106530


12fl4506#sh int vlan21 switching

Vlan21 ICN Broadcast Domain

Throttle count 0

Drops RP 0 SP 0

SPD Flushes Fast 0 SSE 0

SPD Aggress Fast 0

SPD Priority Inputs 0 Drops 0


Protocol Path Pkts In Chars In Pkts Out Chars Out

IP Process 344776 39992701 14731 1031170

Cache misses 0

Fast 0 0 0 0

Auton/SSE 0 0 0 0

ARP Process 105336 7258882 127120 7627200

Cache misses 0

Fast 0 0 0 0

Auton/SSE 0 0 0 0



Thanks for your input.

Giuseppe Larosa Fri, 12/05/2008 - 15:19
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Rick, Andrea.


I think these last shows help to understand better what the device is doing with this configuration.

This C4506 is a multilayer switch that is based on CEF.

CEF is used to populate tables used for forwarding.

Multilayer switching is effective:

the first show provides

Switching path Pkts In Chars In Pkts Out Chars Out

Hardware 1011470547 1236839140642 488636118 182140106530


the second one says:


Protocol Path Pkts In Chars In Pkts Out Chars Out

IP Process 344776 39992701 14731 1031170


the process switched packets are very few in comparison to hardware based switched ones.


These should be routing protocol messages, CDP, other L2 protocols, some packets with options.


From the shows we can say that the command

no ip route-cache cef under SVI vlan 21 is not effective: very few packets are actually processed by the SVI interface vlan21 and most of them are already not manageable by CEF = require process switching.


This interpretation is more near what happened/happens to a C6500 in Hybrid Mode: when MLS is effective the SVI vlan interface counters were reflecting the process switched traffic: for example exporting Netflow data from the MSFC SVIs has been meaningless.


In Native Mode you can see correct counters on physical interfaces and also on SVI Vlans interfaces.


Sorry for the long post.


Hope to help

Giuseppe



Thank you, Giuseppe --

These commands have always seemed vague to me. This just confirms it. So not only is the 4506 not turning of CEF on the interfaces as it should be doing, but also the output of 'sh int vlan 21 switching' is not displaying correctly. I concur. The 'Fast' row should be showing the Fast and CEF-switched traffic -- that's how other articles have described it. Overall, another case of Cisco making us spin our wheels trying to figure out what they're doing with our data. Sorry for the frustrated tone --- and thanks for your input.

Actions

This Discussion