Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1011
Views
5
Helpful
5
Replies

PBR & CEF

rajivrajan1
Level 3
Level 3

‎02-28-2009 12:22 AM - edited ‎03-04-2019 03:45 AM

hi friends,

CEF entries are made based on routing table and packet is forwardrd accordingly,then routing table is not processed for the same destination again - this is what i understood- correct me if i am wrong .

now the Q

What will happen to to a PBR packet which is cef switched in a 6500?

will the acl and policy get checked every time a packet enters the respective interface or based on the cef it will be forwarded ?

if the PBR is not checked -

if i edit the acl with out removing the Policy from interface what will be the impact ? will there be changes in cef table ? if so how ?

and

how can we see the cef entry for a PBR packet ( ip cef entry & ip mls cef entry are showing routing table next hop only)

please clarify .

Labels:
0 Helpful
5 Replies 5

Edison Ortiz
Hall of Fame
Hall of Fame

‎02-28-2009 08:34 AM

will the acl and policy get checked every time a packet enters the respective interface

Yes.

how can we see the cef entry for a PBR packet

Well, PBR in the 6500 is done mainly in hardware when using the following match|set commands within the route-map:

match ip address, set ip next-hop, and set ip default next-hop

Any other match|set commands will be done in software.

As you know, anything processed in hardware in the 6500 can't be logged or viewed via commands. Best way to check if the PBR is working is to traceroute from a device sitting behind the interface on which the PBR is applied.

HTH,

__

Edison.

rajivrajan1
Level 3
Level 3
In response to Edison Ortiz

‎03-02-2009 10:25 PM

hi ediortiz,

Thanx for ur reply - was helpful ( rated as well)

I have two STM-1s and servers transferring more than 50 GB data/day.but i could see only

(16633 matches) in the acl where the acl is called in route-map for the servers.

this acl matches are not cleared aleast for 1 week.

how this can happen ? can u please explain ?

0 Helpful

Edison Ortiz
Hall of Fame
Hall of Fame
In response to rajivrajan1

‎03-03-2009 06:18 AM

In some cases, the PBR will be software switched hence causing matches in the log to appear.

Cases such as; switching module reset, first packet on the flow, among others.

If you see the matches increase as the PBR is working, it's not a good thing as PBR performance will be degraded.

If the matches you've illustrated remain static, then that amount was accrued when the PBR was being configured and some of the flows were software switched.

HTH,

__

Edison.

0 Helpful

rajivrajan1
Level 3
Level 3
In response to Edison Ortiz

‎03-05-2009 12:10 AM

Thanx again.

Do u have any links/docs i can use to further read abt the same?

0 Helpful

Edison Ortiz
Hall of Fame
Hall of Fame
In response to rajivrajan1

‎03-05-2009 06:10 AM

The 12.2(SXF) Release Notes have some mentioning of PBR. This is one of the features that is not well documented.

This article published by TAC reinforces my previous post:

http://supportwiki.cisco.com/ViewWiki/index.php/The_output_of_the_debug_command_does_not_show_any_traffic_when_configured_for_PBR_in_the_Cisco_Catalyst_6500_switch

HTH,

__

Edison.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card