Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

SUP720: GRE traffic which is not processed in CEF


we have some problem with GRE traffic which is processed by CPU and not by CEF.

In sniffed packets I can see a lot of "TCP window update" packets.

I found that some kind of GRE traffic are forwarded to CPU, like packets with IP options or TTL=0 but non of those are seen in the sniffed packets.


Re: SUP720: GRE traffic which is not processed in CEF


I think I found it.

we use the PBR for forwarding ome traffic (with private IP addresses) via GRE tunnel and what I found:


The Policy Feature Card (PFC) and any Distributed Feature Cards (DFCs) provide hardware support for policy-based routing (PBR) for route-map sequences that use the match ip address, set ip next-hop, and ip default next-hop PBR keywords.

When configuring PBR, follow these guidelines and restrictions:

-The PFC provides hardware support for PBR configured on a tunnel interface.

-The PFC does not provide hardware support for PBR configured with the set ip next-hop keywords if the next hop is a tunnel interface.


it seems that the CPU load was not caused by GRE traffic itself, but it was caused by PBR process which forward the traffic to the GRE tunnel.

I'd be appreciate if somebody could confirm this or explain in more details.

New Member

SUP720: GRE traffic which is not processed in CEF