Is per-packet load sharing only by CEF? Is this something that can blow your mind?

Answered Question
Feb 26th, 2012

Hi guys,

Just a bit confusion here. I know from Cisco documentation, per-packet load balancing is only enabled via CEF. But while I am doing labs in GNS3, I think I have enabled per-packet load sharing and at the same time disabled CEF, which means fast switching is ON! Oh well, my screenshot could tell:

857.jpg

Fast swiching is ON right?  And Per-packet load-sharing is on, Right?  Tell me if I am wrong. Please.

This is the config:

858.jpg

Cheers,
Alex

I have this problem too.
0 votes
Correct Answer by Peter Paluch about 2 years 1 month ago

Hi Alex,

It's good to know that your experiments start aligning with the documentation

Just a bit confusing to see the output of show ip cef x.x.x.x still tells me that per-packet load-sharing is ON (actullay not).

Well, consider the fact that in the show ip cef x.x.x.x command, you are asking about a particular destination but you are not saying through which interface did the packets to this destination came into your router - and for CEF, the ingress interface is important. So the output indeed tells you what would happen to the packets if they came via a CEF-enabled interface. After all, if you know that the ingress interface is not CEF-enabled then it doesn't make sense to ask CEF what it would do with those packets

Best regards,

Peter

Correct Answer by Peter Paluch about 2 years 1 month ago

Hi Alex,

I agree with Rick. My understanding is that you have configured per-packet load balancing in CEF for that interface if that interface uses CEF. You may not have CEF activated on the interface but if it was, it would be configured for per-packet load balancing, hence the output of the show cef interface command.

Now, you indicated that the per-packet load balancing is actually happening. How are you generating the flow of packets that are being per-packet load balanced? Locally originated traffic (i.e. packet originated by the sending router) are, to my best knowledge, always process-switched and therefore subject to per-packet load balancing regardlesss of the switching method of intefaces. So if you were sending, say, pings from the same router on which you changed the CEF interface settings, you will still see the packets being load balanced - but not because of CEF but rather because of process switching.

Best regards,

Peter

  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 5 (4 ratings)
Richard Burts Sun, 02/26/2012 - 19:01

Alex

Without seeing some other parts of the config it is difficult to tell you precisely what is going on. From what you have given us I would offer these explanations:

- the interface config specifies ip load-sharing per-packet and that is why the show cef int output includes the indication that per packet load sharing is enabled.

- but you have disabled cef on the interface, and that is indicated in the output of show cef int.

- since the ip load-sharing per-packet is used in the cef context it may be enabled on the interface but it is not affecting how packets are forwarded.

- this leaves the interface using fast switching and process switching.

HTH

Rick

sydflyer2011 Sun, 02/26/2012 - 20:11

Rick, Thanks for your reply. In fact, the per-packet load-sharing is not only configured but already started working! I can tell from the access-list that configured on both interfaces participating in load-sharing.

If you need the full configure, let me know as I don't think the other part of configs will play a big role in this situation.

Correct Answer
Peter Paluch Sun, 02/26/2012 - 23:28

Hi Alex,

I agree with Rick. My understanding is that you have configured per-packet load balancing in CEF for that interface if that interface uses CEF. You may not have CEF activated on the interface but if it was, it would be configured for per-packet load balancing, hence the output of the show cef interface command.

Now, you indicated that the per-packet load balancing is actually happening. How are you generating the flow of packets that are being per-packet load balanced? Locally originated traffic (i.e. packet originated by the sending router) are, to my best knowledge, always process-switched and therefore subject to per-packet load balancing regardlesss of the switching method of intefaces. So if you were sending, say, pings from the same router on which you changed the CEF interface settings, you will still see the packets being load balanced - but not because of CEF but rather because of process switching.

Best regards,

Peter

sydflyer2011 Mon, 02/27/2012 - 01:36

Hi Peter,

Thanks for your input.

FIrst of all, the traffic is generally from a client which is attached to this router. It is this:

And then, from the screenshot below, you can see it is working:

And then look at the output of this command: show int fa0/0 stats:

The two consecutive screenshots indicate that there were packets processed even though there wasn't any traffic from PC. Well, you know they were packets generated from routing protocol (EIGRP and iBGP).  The key point is that by far, no packets were fast switched. OK. Let's look at what the next screenshot when I issued PING command from PC:

See there are obivious packets are fast switched. Pretty clear, isn't it?

Regards,

Alex

Peter Paluch Mon, 02/27/2012 - 02:43

Alex,

One issue to consider here: on what interface exactly have you deactivated the CEF? CEF decisions are done at ingress interface while Fast Switching decisions are performed on the egress interface - so if a packet is not to be CEF-switched (including the load-balancing enabled on egress - yes, egress!) interface, the CEF must be disabled on the ingress interface.

Best regards,

Peter

sydflyer2011 Mon, 02/27/2012 - 06:17

Hi Peter,

I've disabled on both fa0/0 and fa0/1. The other one which is connected to PC, I didn't configure anything more than ip address (I assume it is process switched?), So in this case you reckon fa0/0 and fa0/1 are all egress interfaces and the other is an ingress interface? OK then, I found this table from cisco documentation which tells me that the switching method I got after combination would be Fast Switching in the end. So it is really weird to see per-packet load-sharing is still happening under fast-switching.

Incoming Interface

Outgoing Interface

Switching Method

CEF

Process

CEF

Process

CEF

Fast

Process

Fast Switching (IP route cache)

Fast Switching

CEF

Fast Switching

CEF

Cadet Alain Mon, 02/27/2012 - 06:23

Hi,

if you left ingress interface from router to PC as default then CEF is enabled and if you disabled CEF for the 2 egress interfaces then according to this table the traffic will be CEF switched and as you configured per-packet load balancing for CEF you are observing the normal behaviour imho.

Regards.

Alain

Peter Paluch Mon, 02/27/2012 - 06:23

Alex,

I've disabled on both fa0/0 and fa0/1

But those are egress (outgoing) intefaces, aren't they? I suspect that disabling CEF on egress interface won't make your packets become fast-switched.

The other one which is connected to PC, I didn't configure anything more than ip address (I assume it is process switched?)

Not true. In default settings, it is most probably CEF-switched and that may be the reason why your packets are still load balanced. By default, all recent IOSes have ip cef activated by default and thanks to that command, all interfaces work as CEF-switched until you explicitly deactivate CEF on them.

So it is really weird to see per-packet load-sharing is still happening under fast-switching.

But I believe that because you have not explicitly disabled CEF on your input interface, your packets are still CEF-switched.

Oh, by the way, can you include the link to the document where you found that table?

Best regards,

Peter

Cadet Alain Mon, 02/27/2012 - 06:53

Hi Peter,

There is a  similar table in Routing TCP/IP vol1  from Jeff Doyle.

Regards.

Alain

Peter Paluch Mon, 02/27/2012 - 06:54

Hi Alain,

Yes, that is very probable. However, I know I stumbled across this document on Cisco's website once and I am not sure if I bookmarked it so I wanted to secure myself

Best regards,

Peter

sydflyer2011 Mon, 02/27/2012 - 14:01

I know this topic has finished. But a bit curious to find out what will be the switching method for packets coming from fa0/0 or fa0/1 and going to the PC? We know the traffic from LEFT to RIGHT is load balanced by CEF, what about the traffic from RIGHTto LEFT? Cheers.

Regards,

Alex

Peter Paluch Mon, 02/27/2012 - 14:19

Hi Alex,

As the fa0/0 and fa0/1 have CEF deactivated, the traffic will be fast-switched, assuming the egress interface at the left side is fast-switched. With fast switching, per-destination load balancing will take place.

Best regards,

Peter

sydflyer2011 Tue, 02/28/2012 - 17:09

Hi Peter,

I found new problem: the interface that connects to the PC is a switch port. That means that port is not configurable in terms of switching method. Also means that we need to scrape the previous discussions (that's what I doubt).


Regards,
Alex

sydflyer2011 Mon, 02/27/2012 - 13:48

Thanks all, it is all clear as my input interface is still on CEF mode, overally the two egress interfaces are still load-balanced by CEF.


Best Regards,
Alex

sydflyer2011 Tue, 02/28/2012 - 17:10

Hi guys, this discussion may not be finished yet because the port connecting to the PC is a switchport, so I reckon the switching method on fa0/0 and fa0/1 are just purely fast switching. Any more thoughts are welcome!


Regards,
Alex

Peter Paluch Tue, 02/28/2012 - 17:13

Hi Alex,

Well, if the input port is a switchport then surely, there must be a SVI interface configured in your router - and that one is running with CEF active by default.

Best regards,

Peter

sydflyer2011 Tue, 02/28/2012 - 17:31

Thanks Peter. I indeed has a vlan 1 interface configured (which was by default enabled for CEF). And it looks like it became per-destination load sharing as all traffic from the PC to the other end only went out of fa0/0  after I disabled CEF on that vlan 1 interface --- which is correct according to that switching method rule table.

Just a bit confusing to see the output of show ip cef x.x.x.x still tells me that per-packet load-sharing is ON (actullay not).


Regards,
Alex

Correct Answer
Peter Paluch Tue, 02/28/2012 - 17:43

Hi Alex,

It's good to know that your experiments start aligning with the documentation

Just a bit confusing to see the output of show ip cef x.x.x.x still tells me that per-packet load-sharing is ON (actullay not).

Well, consider the fact that in the show ip cef x.x.x.x command, you are asking about a particular destination but you are not saying through which interface did the packets to this destination came into your router - and for CEF, the ingress interface is important. So the output indeed tells you what would happen to the packets if they came via a CEF-enabled interface. After all, if you know that the ingress interface is not CEF-enabled then it doesn't make sense to ask CEF what it would do with those packets

Best regards,

Peter

Paolo Bevilacqua Wed, 02/29/2012 - 00:03

Have you ever noticed that when working with Cisco CLI, is not needed to take screenshot ? Just copy and paste text.

Actions

Login or Register to take actions

This Discussion

Posted February 26, 2012 at 5:21 PM
Stats:
Replies:23 Avg. Rating:5
Views:1588 Votes:0
Shares:0

Related Content

Discussions Leaderboard