Cisco IOS® Software supports several mechanisms to facilitate the forwarding of traffic with minimal delay and high throughput. This document explains how to determine which Cisco IOS switching or forwarding path your packets take.
Note: This document discusses process switching, fast switching, and Cisco Express Forwarding (CEF) only.
Readers of this document should be knowledgeable of these topics:
This document is not restricted to specific software and hardware versions.
Refer to Cisco Technical Tips Conventions for more information on document conventions.
Cisco IOS switching defines the packet flow through the router. More specifically, it determines how quickly the packet can be forwarded through the router, and also in which physical buffers the packets are stored.
During the history of Cisco IOS, multiple switching methods have been developed. Some methods are supported only on particular platforms. CEF is the latest switching method. When CEF is enabled globally (default behavior), the ip route-cache cef interface specific command is also enabled. This command ensures CEF switching is done for packets that enter this interface. Occasionally, if needed to disable CEF on one interface alone, the no ip route-cache cef command is added. This disables CEF switching for that interface alone. Cisco IOS does not add the no ip route-cache command to the running-config on its own when it is forced to disable CEF. It was introduced on many platforms in Cisco IOS 12.0 mainline, particularly low- and mid-range platforms such as the Cisco 1600, 2500, and 3600 Series.
When a router receives a packet on a routed interface, it first removes the Layer 2 (L2) frame information. It then stores the Layer 3 (L3) packet in Input/Output (I/O) memory. What happens next depends on the switching path that the packet follows.
These steps can be used to confirm that packets follow the CEF switching path:
Confirm that CEF is enabled globally and on a particular interface.
router#show ip cef
%CEF not running
Use the ip cef command in global configuration mode to enable (central) CEF.
Note: On the Cisco 7200 Series, CEF is the default Cisco IOS switching method in an upcoming release of Cisco IOS.
Use the show ip cef prefix command and confirm that prefixes are listed.
router#show ip cef
Prefix Next Hop Interface
192.168.0.0/30 attached Serial2/0/0:1
Confirm that CEF is enabled on a particular interface.
Use the show cef interface x/x command to look for "IP CEF switching enabled," or "IP distributed CEF (dCEF) switching enabled."
router#show cef interface fastEthernet 0/0/0
FastEthernet0/0/0 is up (if_number 2)
Internet address is 192.168.1.253/24
ICMP redirects are always sent
Per packet loadbalancing is disabled
Inbound access list is not set
Hardware idb is FastEthernet0/0/0
Fast switching type 1, interface type 18
IP Distributed CEF switching enabled
Fast flags 0x0. ifindex 1(1)
Slot 0 Slot unit 0 VC -1
Hardware transmit queue ptr 0x48001A00 (0x48001A00)
Transmit limit accumulator 0x48001A02 (0x48001A02)
IP MTU 1500
Use the show ip interface command to display the enabled Cisco IOS switching methods.
router#show ip interface fastethernet 1/0/0.1
FastEthernet1/0/0.1 is up, line protocol is up
IP fast switching is enabled
IP fast switching on the same interface is enabled
IP Flow switching is disabled
IP CEF switching is enabled
IP Distributed switching is enabled
IP Fast switching turbo vector
IP Normal CEF switching turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, Distributed, No CEF
In this output, the "No CEF" flag indicates that CEF has been disabled because of the no ip route-cache cef command on a particular interface. The "CEF" flag indicates that CEF runs. In a steady state, both flags should not appear. Cisco bug ID CSCdr80269 (registered customers only) resolves rare conditions that can lead to both flags appearing. For more information on bug IDs, refer to the Bug Toolkit (registered customers only) .
Confirm that a majority of the packets that flow through the router are CEF-switched.
Use the show interface x/x stat command and determine the number of packets and bytes that the router forwarded through "Processor" instead of "Route cache." Note that "Route cache" includes both fast-switched and CEF-switched packets.
router#show interface stats
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 95084 26211621 33493 3386174
Route cache 24581 1132797 24542 13297583
Distributed cache 0 0 0 0
Total 119665 27344418 58035 16683757
Use the show ip cache command to determine if there is an IP cache entry, which indicates that the packet follows the fast-switching path. Fast switching builds on an on-demand route cache to expedite packet forwarding through a router. The driver code that runs on the interface hardware transfers control temporarily to the fast-switching code, which searches the route cache for a frame and other information constructed from a previously transmitted packet. If the route cache contains an entry, the fast-switching code attempts to send the packet directly to the destination interface.
router#show ip cache
IP routing cache 0 entries, 0 bytes
0 adds, 0 invalidates, 0 refcounts
Minimum invalidation interval 2 seconds, maximum interval 5 seconds,
quiet interval 3 seconds, threshold 0 requests
Invalidation rate 0 in last second, 0 in last 3 seconds
Prefix/Length Age Interface Next Hop
These steps outline a more specific procedure for verifying that packets are being forwarded using CEF.
Enable CEF with the ip cef command.
Issue the clear ip cache command to clear the fast-switched cache entries.
Start your traffic stream.
Issue the show ip cache command. Confirm that no entries are displayed in the fast-switched cache since the packets are CEF-switched.
Issue the show interface stats command and confirm incremental hits for route cache inbound.
Note: The route cache counter includes both fast-switched and CEF-switched packets.
Disable CEF with the no ip route-cache cef command on the inbound interface.
Issue the show interface stats command and confirm incremental hits for route cache.
Issue the show ip cache command and confirm that you see entries since Cisco IOS has fallen back to fast switching.
Issue the no ip route-cache command on the outbound interface to disable fast switching. Packets on the matching inbound interface are process switched.
Note: It is not recommended to configure process switching in a heavy traffic network.
If you have confirmed that CEF is enabled on a router interface and determined that most packets are not CEF-switched, capture these commands when you report a problem to the Cisco Technical Assistance Center (TAC).
Note: Refer to Important Information on Debug Commands before you issue debug commands.
show cef interface x/x—Displays CEF related interface information.
show ip cef prefix —Displays prefix entry in Forwarding Information Base (FIB).
show adjacency interface detail—Displays recursive and direct prefixes resolved through adjacency.
show cef not-cef-switched—Displays which packets are not CEF-switched.
debug ip cef drop—Displays debug information for CEF-dropped packets.
The input interface determines the Cisco IOS switching path that a packet takes. Consider these rules of thumb when you enable or disable switching methods on a particular interface.
| Incoming Interface
|| Outgoing Interface
|| Switching Method
|| Fast Switching (IP route cache)
|| Fast Switching
|| Fast Switching
In other words, you need CEF to be enabled on the incoming interface for packets to be CEF switched. Since CEF makes the forwarding decision on input, use the no ip route-cache cef command on the ingress interface to disable CEF. In contrast, since Cisco IOS builds a fast-switching cache entry after switching a packet, a packet that comes in on a process-switched interface and goes out through a fast-switched interface is fast switched, use the no ip route-cache command on the egress interface to disable fast switching. These traffic types are not CEF switched:
Packets for which there is no entry in the switching cache
Packets destined for the router
IP packets with options
Packets that require protocol translation
The term "punt" is defined by Cisco to describe the action by an interface's device driver of sending a packet "down" to the next fastest switching level. This list defines the order of preferred Cisco IOS switching methods (from fastest to slowest).
A punt occurs under these conditions:
The next lower level did not produce a valid path or, in the case of CEF, a valid adjacency. In other words, if the CEF lookup process failed to find a valid entry in the forwarding information base, the packet is punted to the next available switching path or dropped.
A particular feature or Layer 2 encapsulation is not supported at the lowest level. If CEF supports a particular feature, ownership of a packet is passed through a set of software routines in the CEF "feature path."
A feature requires special handling.
A punt adjacency in CEF is installed when some output feature is not supported in CEF. CEF punts all packets that go to such an adjacency to the next best switching mode, in order to switch all the packets.
center#show ip cef 220.127.116.11
18.104.22.168/8, version 184, 0 packets, 0 bytes
via 22.214.171.124, Tunnel0, 0 dependencies
next hop 126.96.36.199, Tunnel0
valid punt adjacency
CEF Packets passed on to next switching layer
Slot No_adj No_encap Unsupported Redirect Receive Bad_ttl Options
RP 0 0 0 0 5700 0 0
2 0 0 0 0 0 0 0
3 0 0 0 0 0 0 0
4 0 0 0 0 0 0 0
5 0 0 0 0 0 0 0
8 0 0 0 0 0 0 0
9 0 0 0 0 0 0 0
10 0 0 0 0 0 0 0
With an incomplete adjacency, CEF considers that the router as a whole (including all the other switching paths) does not know how to get to the adjacent node. We punt packets to process switching in order to kick off some resolution protocol like Address Resolution Protocol (ARP), which results in the adjacency being completed some time later. In this condition, CEF punts one packet every two seconds to the next switching path to avoid a flood of packets. Thus in this condition, pings to the IP address might fail about 50 percent and you see a "!.!.!.!.!" ping pattern. This condition also occurs when the CEF table is corrupted, as indicated by a difference between the show ip route command information and the show ip cef command information for a particular IP address.
Note: On the Gigabit Switch Router (GSR), the line card (LC) generates Internet Control Message Protocol (ICMP) echo replies from within CEF. If the packet is not destined to one of the GSRs local addresses, then no processes is involved. It is switched straight through either in hardware or under interrupt in dCEF, depending on which LC you use.
On the GSR, fast switching and process switching are not available. If a destination prefix cannot be resolved to a forwarding entry in the inbound LCs tables, the packet is dropped. Only packets that match a glean adjacency are punted to the Gigabit Routing Processor (GRP). In addition, on the GSR, the LC CPU does not punt packets to the GRP for features, and the LC sends an ICMP unreachable (as long as the no ip unreachables command is not configured). On the GSR, the only traffic punted to the GRP are packets destined to an interface on the router or packets sourced from the router.