Deploying Cisco Express Forwarding – CEF-Based Multilayer Switching
Configuring and verifying CEF

Use these commands to configure CEF when possible and verify its operation:

Hardware Layer 3 switching is permanently enabled on Catalyst 6500 series Supervisor Engine 720 with Policy Feature Card 2 (PFC3), Multilayer Switch Feature Card 3 (MSFC3), and Distributed Forwarding Card (DFC). No configuration is required and CEF cannot be disabled.

The no ip cef command can be used to disable CEF on the Catalyst 4000 or the no ip route-cache cef command on a Catalyst 3550 interface.

If CEF is enabled globally, it is automatically enabled on all interfaces as long as IP routing is enabled on the device. It can then be enabled or disabled on an interface basis. Cisco recommends CEF enabled on all Layer 3 interfaces. If CEF is disabled on an interface, you can enable CEF as follows:

  • On the Catalyst 3550 switch, use the ip route-cache cef interface configuration command to enable CEF on an interface.
  • On the Catalyst 4000 switch, use the ip cef interface configuration command to enable CEF on an interface after it has been disabled.

Per-destination load balancing allows the router to use multiple paths to achieve load sharing. Packets for a given source-destination host pair are guaranteed to take the same path, even if multiple paths are available. This ensures packets for a given host pair arrive in order. Per-destination load balancing is enabled by default when you enable CEF, and it is the load- balancing method of choice for most situations.

Because per-destination load balancing depends on the statistical distribution of traffic, load sharing becomes more effective as the number of source-destination pairs increase.

Verifying CEF
Shown in Figure is the command for verifying CEF.

Verifying Layer 3 Switching
The show ip cef detail command indicates if CEF is running globally. Specify an interface to verify CEF operation on the interface.

Display CEF Statistics
Use the show interfaces command with the | include switch argument to show switching statistics at each layer for the interface. Verify that L3 packets are being switched. -

Displaying Detailed Adjacency Information
Each time an adjacency entry is created, a Layer 2 data link-layer header for that adjacent node is pre-computed and stored in the adjacency table. This information is subsequently used for encapsulation during CEF switching of packets.

Output from the command show adjacency detail displays the content of the information to be used during this Layer 2 encapsulation. Verify that the header information displays as would be expected during Layer 2 operations, not using pre-computed encapsulation from the adjacency table. Adjacency statistics are updated approximately every 60 seconds.

Also the show cef drops command will display if packets are being dropped due to adjacencies that are either incomplete or non-existent. There are two known reasons for incomplete or non-existent adjacencies:

  • The router cannot use ARP successfully for the next-hop interface.
  • After a clear ip arp or a clear adjacency command, the router marks the adjacency as incomplete, and then it fails to clear the entry.

The symptoms of an incomplete adjacency include random packet drops during a ping test. Use the debug ip cef command to view CEF drops due to an incomplete adjacency.

Debugging CEF Operations
Use the debug ip cef arguments to limit the debug output, thereby reducing the overhead of the debug command and providing focus on a specific CEF operation:

debug ip cef {drops [access-list] | receive [access-list] | events [access-list] | prefix-ipc [access-list] | table [access-list]}

Adding an argument to the debug command limits the debug output as follows:

  • drops – Records dropped packets
  • access-list (optional) – Controls collection of debugging information from specified lists
  • receive – Records packets that are not switched using information from the FIB table, but that are received and sent to the next switching layer
  • events – Records general CEF events
  • prefix-ipc – Records updates related to IP prefix information, including the following:
    • Debugging of IP routing updates in a line card
    • Reloading of a line card with a new table
    • Adding a route update from the route processor to the line card exceeds the maximum number of routes
    • Control messages related to FIB table prefixes
  • table – Produces a table showing events related to the FIB table. Possible types of events include the following:
    • Routing updates that populate the FIB table
    • Flushing of the FIB table
    • Adding or removing of entries to the FIB table
    • Table reloading process