Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

CEF table on 3750 contains inactive next-hops

Hello Everyone,

I have policy based routing setup on our 3750s located at 4 remote sites. I have setup the policy based routing with "set ip next-hop verify-availability" option and also enabled CDP on the 3750 and the next-hop (WAAS engine).

Here comes the weird bit. In case the WAAS engine fails, the 3750 should stop policy routing. This failover works at one of our sites but the other 3 sites loose all their connectivity. This is because the 3750 is still forwarding packets to the inactive WAAS engine.

I checked the CDP neighbor list and the engine is not listed in it when its down. But the engine is still listed at the next hop in the CEF table (show ip cef).

I have tried disabling ip route-cache cef on the interface but that didn't help. I also compared the configs on all 3750s and they look no different.

I need some urgent help here. This issue is like a disaster waiting to happen.

All the 3750s are running : IOS (tm) C3750 Software (C3750-I5-M), Version 12.2(20)SE4, RELEASE SOFTWARE (fc1)



New Member

Re: CEF table on 3750 contains inactive next-hops

Did I ask a very tough question???

I will go somewhere else with my query.



New Member

Re: CEF table on 3750 contains inactive next-hops


What rev of code are you running at the other remote sites?

Are the WAEs all running the same version (might be a cdp problem).

FYI, Cisco recommneds setting all WAAS to switch configurations to 100/Full.


Re: CEF table on 3750 contains inactive next-hops

If you're doing policy-routing as a workaround to the 3750 not supporting WCCP you dont need to anymore.

Starting in 12.2(37)SE, WCCP is natively supported on the 3750. If you upgrade and change your config to this, you can let the WCCP protocol take care of the verify-availability, and it wont be a "disaster waiting to happen".