issue with cef ?

Unanswered Question
Mar 10th, 2009


we notice that for some reason we ignore ,there is a difference between the arp table and the adjacency table in our catalyst C3750.


Alternatively , the adjacency table for a host is empty but not the arp table, so the host is unreachable for a period;

sh ip cef switching statistics show:

RP LES No adjacency [ a lot of drop]

show process cpu show some peaks ( 60 %)

Is there a limitation ,because we use vrf-lite with bgp for route leaking

Do we need to modify SDM ???

thanx for your help.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jorge.calvo Tue, 03/10/2009 - 16:25


Your symptoms, CPU peaks and CEF unable to create adjacency entries points to an exhausted TCAM. Check the number of routes you have and the memory they are consuming. Specially when you redistribute BGP routes. Also check summarization is ok.

An easy way to check if a a CEF problem for a host exists is making an extended ping using the 'record' option. This way you overcome the CEF and the routing decision is made using fast switching with the routing table entries.

fd_case17 Wed, 03/11/2009 - 03:45


a sh platform tcam utilization shows that

IPv4 qos aces and IPv4 security aces are full .

Can we clear or reset these entries ?

jorge.calvo Wed, 03/11/2009 - 04:06


I am not sure if that entries can be cleared. I switch reload will clear them. But it is not always an option.

What you check is the SDM template used by typing 'show sdm prefer'.

Different patterns change the maximum ace values in the TCAM. If the template is changed a reload is needed for the changes to take effect.

However the best solution is to optimize the summarization, QoS values, extended ACL's and the number of BGP prefixes.


This Discussion