Mar 27

IP CEF

Posted by Marius Bunget

CEF load balancing is based on a combination of source and destination packet information. It allows you to optimize resources by distributing traffic over multiple paths for transferring data to a destination. You can configure load balancing on a per-destination or per-packet basis. Load balancing decisions are made on the outbound interface. When you configure load balancing, configure it on outbound interfaces.

Per-destination load balancing allows the router to use multiple paths to achieve load sharing. Packets for a given source-destination host pair are guaranteed to take the same path, even if multiple paths are available. Traffic destined for different pairs tend to take different paths. Per-destination load balancing is enabled by default when you enable CEF.

To determine if CEF is enabled globally on a router, use the commands show ip cef and show ipv6 cef. If it is not enabled by default, you can turn it on globally using the command ip cef for IPv4. To enable CEF for IPv6, first enable CEF for IPv4, then use the command ipv6 cef. You can verify that CEF is enabled on an interface using the commands show cef interface {interface} and show ipv6 cef {interface} detail.

Topology

ip cef

The routing table of router R2 is similar to R1:

R1#show ip route

[...]

C    192.168.12.0/24 is directly connected, FastEthernet0/0
1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, Loopback1
2.0.0.0/24 is subnetted, 1 subnets
S       2.2.2.0 [1/0] via 192.168.21.2
[1/0] via 192.168.12.2
C    192.168.21.0/24 is directly connected, FastEthernet1/0

Check if CEF is enabled and show the forwarding information base (FIB) with information obtained from the routing table.

R1#show ip cef
Prefix                    Next Hop                    Interface
0.0.0.0/0           drop                              Null0 (default route handler entry)
0.0.0.0/32         receive
1.1.1.0/24           attached                      Loopback1
1.1.1.0/32           receive
1.1.1.1/32            receive
1.1.1.255/32       receive
2.2.2.0/24           192.168.21.2            FastEthernet1/0
192.168.12.2            FastEthernet0/0

[...]

Routers with default configuration perform Load Sharing per destination, also known as Fast Switching. Fast switching is the default IOS switching mode in some routers. The debug ip packet command displays process packets.

R1#debug ip packet
IP packet debugging is on
R1#ping 2.2.2.2 repeat 1

Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
!
Success rate is 100 percent (1/1), round-trip min/avg/max = 56/56/56 ms
R1#
*Mar  1 00:39:40.379: IP: tableid=0, s=192.168.12.1 (local), d=2.2.2.2 (FastEthernet1/0), routed via FIB
*Mar  1 00:39:40.379: IP: s=192.168.12.1 (local), d=2.2.2.2 (FastEthernet1/0), len 100, sending
*Mar  1 00:39:40.431: IP: tableid=0, s=2.2.2.2 (FastEthernet0/0), d=192.168.12.1 (FastEthernet0/0), routed via RIB
*Mar  1 00:39:40.431: IP: s=2.2.2.2 (FastEthernet0/0), d=192.168.12.1 (FastEthernet0/0), len 100, rcvd 3
R1#ping 2.2.2.2 repeat 1 so
R1#ping 2.2.2.2 repeat 1 source loo 1

Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!
Success rate is 100 percent (1/1), round-trip min/avg/max = 56/56/56 ms
R1#
*Mar  1 00:39:48.411: IP: tableid=0, s=1.1.1.1 (local), d=2.2.2.2 (FastEthernet0/0), routed via FIB
*Mar  1 00:39:48.411: IP: s=1.1.1.1 (local), d=2.2.2.2 (FastEthernet0/0), len 100, sending
*Mar  1 00:39:48.467: IP: tableid=0, s=2.2.2.2 (FastEthernet1/0), d=1.1.1.1 (Loopback1), routed via RIB
*Mar  1 00:39:48.467: IP: s=2.2.2.2 (FastEthernet1/0), d=1.1.1.1, len 100, rcvd 4

Note that for different source-destination pairs the outbound interface changes.

Per packet Load Sharing configuration.

R1(config)#int f 0/0
R1(config-if)#no ip route-cache    //enable process switching
R1(config-if)#ip load-sharing per-packet
R1(config-if)#exit
R1(config)#int f 1/0
R1(config-if)#no ip route-cache
R1(config-if)#ip load-sharing per-packet
R1(config-if)#exit

R1#sh cef interface fastEthernet 0/0
[...]
Per packet load-sharing is enabled
[...]
Fast switching type 1, interface type 18
IP CEF switching disabled

Verify per packet Load Sharing:

R1#ping 2.2.2.2 source loopback 1 repeat 3

Type escape sequence to abort.
Sending 3, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!
Success rate is 100 percent (3/3), round-trip min/avg/max = 16/37/52 ms
R1#
*Mar  1 01:00:35.419: IP: tableid=0, s=1.1.1.1 (local), d=2.2.2.2 (FastEthernet1/0), routed via FIB
*Mar  1 01:00:35.419: IP: s=1.1.1.1 (local), d=2.2.2.2 (FastEthernet1/0), len 100, sending
!
*Mar  1 01:00:35.467: IP: tableid=0, s=1.1.1.1 (local), d=2.2.2.2 (FastEthernet0/0), routed via FIB
*Mar  1 01:00:35.467: IP: s=1.1.1.1 (local), d=2.2.2.2 (FastEthernet0/0), len 100, sending
!
*Mar  1 01:00:35.523: IP: tableid=0, s=1.1.1.1 (local), d=2.2.2.2 (FastEthernet1/0), routed via FIB
*Mar  1 01:00:35.523: IP: s=1.1.1.1 (local), d=2.2.2.2 (FastEthernet1/0), len 100, sending

When CEF is disabled all the packets are processed by the Routing Information Base (RIB) as shown below:

R1(config)#no ip cef
R1(config)#exit
R1#clear ip cef * prefix-statistics
R1#clear ip cef 2.2.2.2 prefix-statistics
R1#ping 2.2.2.2 source loopback 1 repeat 2
Type escape sequence to abort.
Sending 2, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!
Success rate is 100 percent (2/2), round-trip min/avg/max = 28/56/84 ms
*Mar  1 01:07:07.475: IP: tableid=0, s=1.1.1.1 (local), d=2.2.2.2 (FastEthernet0/0), routed via RIB
*Mar  1 01:07:07.475: IP: s=1.1.1.1 (local), d=2.2.2.2 (FastEthernet0/0), len 100, sending
!
*Mar  1 01:07:07.507: IP: tableid=0, s=1.1.1.1 (local), d=2.2.2.2 (FastEthernet1/0), routed via RIB
*Mar  1 01:07:07.507: IP: s=1.1.1.1 (local), d=2.2.2.2 (FastEthernet1/0), len 100, sending

Leave a Reply