Guest

Cisco IOS Software Releases 12.0 S

Cisco Express Forwarding

  • Viewing Options

  • PDF (482.8 KB)
  • Feedback
Cisco Express Forwarding

Table Of Contents

Cisco Express Forwarding

Feature Overview

Benefits

Restrictions

CEF Components

Forwarding Information Base

Adjacency Tables

Adjacency Discovery

Adjacency Resolution

Adjacency Types That Require Special Handling

Unresolved Adjacency

Supported Media

CEF Operation Modes

Central CEF Mode

Distributed CEF Mode

Hardware CEF Resiliency on Cisco 12000 Series E2, ISE, and E5 Line Cards

Configuration Tasks

Enabling CEF or dCEF

Enabling CEF Consistency Checkers

Displaying CEF Table Inconsistencies

Clearing CEF Table Inconsistencies

Configuring Default Packet Handling for E2 or ISE Memory Failure

Configuring the E2 or ISE Out-of-Resource Threshold For Alarms

Verifying CEF

Verifying Hardware CEF Resiliency

Additional References

Related Documents

Standards

MIBs

RFCs

Technical Assistance

Command Reference

clear ip cef event-log

clear ip cef inconsistency

debug ip cef fragmentation

debug ip cef table

ip cef table consistency-check

ip cef table event-log

ip cef table hardware resource-failure action

ip cef table hardware resource-failure alarm threshold yellow

show ip cef events

show ip cef inconsistency

show ip cef resource

show ip cef summary


Cisco Express Forwarding


First Published: October 15, 2003
Last Updated: June 26, 2006

Cisco Express Forwarding (CEF) is advanced, Layer 3 IP switching technology. CEF optimizes network performance and scalability for networks with large and dynamic traffic patterns, such as the Internet, on networks characterized by intensive Web-based applications, or interactive sessions.

Feature History for Cisco Express Forwarding

Release
Modification

12.0(15)S

This feature was introduced.

12.0(28)S

The Hardware CEF Resiliency feature was introduced on Cisco 12000 Series Engine 2 (E2) and IP Services Engine (ISE) line cards.

12.0(32)SY

The Hardware CEF Resiliency feature was introduced on Cisco 12000 Series Engine 5 (E5) line cards.


Finding Support Information for Platforms and Cisco IOS Software Images

Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.

Feature Overview

This feature module describes CEF. It contains the following sections:

Benefits

Restrictions

CEF Components

Supported Media

CEF Operation Modes

Hardware CEF Resiliency on Cisco 12000 Series E2, ISE, and E5 Line Cards

Configuration Tasks

Additional References

Benefits

CEF offers the following benefits:

Improved performance—CEF is less CPU-intensive than fast switching route caching. More CPU processing power can be dedicated to Layer 3 services such as quality of service (QoS) and encryption.

Scalability—CEF offers full switching capacity at each line card when dCEF mode is active.

Resilience—CEF offers an unprecedented level of switching consistency and stability in large dynamic networks. In dynamic networks, fast-switched cache entries are frequently invalidated due to routing changes. These changes can cause traffic to be process switched using the routing table, rather than fast switched using the route cache. Because the Forwarding Information Base (FIB) lookup table contains all known routes that exist in the routing table, it eliminates route cache maintenance and the fast-switch or process-switch forwarding scenario. CEF can switch traffic more efficiently than typical demand caching schemes.

Although you can use CEF in any part of a network, it is designed for high-performance, highly resilient Layer 3 IP backbone switching. For example, Figure 1 shows CEF being run on Cisco 12000 Series Internet Routers at aggregation points at the core of a network where traffic levels are dense and performance is critical.

Figure 1 Cisco Express Forwarding

In a typical high-capacity Internet service provider (ISP) environment, Cisco 12000 Internet Routers as aggregation devices at the core of the network support links to Cisco 7500 series routers or other feeder devices. CEF in these platforms at the network core provides the performance and scalability needed to respond to continued growth and steadily increasing network traffic. CEF is a distributed switching mechanism that scales linearly with the number of interface cards and the bandwidth installed in the router.

Restrictions

The Cisco 12000 series Gigabit Switch Routers operate only in distributed CEF mode.

Distributed CEF switching cannot be configured on the same VIP card as distributed fast switchin.g

Distributed CEF is not supported on Cisco 7200 series routers.

If you enable CEF and then create an access list that uses the log keyword, the packets that match the access list are not CEF switched. They are fast switched. Logging disables CEF.

CEF Components

Information conventionally stored in a route cache is stored in several data structures for CEF switching. The data structures provide optimized lookup for efficient packet forwarding. The two main components of CEF operation are described in the following sections:

Forwarding Information Base

Adjacency Tables

Forwarding Information Base

CEF uses a FIB to make IP destination prefix-based switching decisions. The FIB is conceptually similar to a routing table or information base. It maintains a mirror image of the forwarding information contained in the IP routing table. When routing or topology changes occur in the network, the IP routing table is updated, and those changes are reflected in the FIB. The FIB maintains next hop address information based on the information in the IP routing table.

Because there is a one-to-one correlation between FIB entries and routing table entries, the FIB contains all known routes and eliminates the need for route cache maintenance that is associated with switching paths such as fast switching and optimum switching.

Adjacency Tables

Nodes in the network are said to be adjacent if they can reach each other with a single hop across a link layer. In addition to the FIB, CEF uses adjacency tables to prepend Layer 2 addressing information. The adjacency table maintains Layer 2 next-hop addresses for all FIB entries.

Adjacency Discovery

The adjacency table is populated as adjacencies are discovered. Each time an adjacency entry is created (such as through ARP), a link-layer header for that adjacent node is precomputed and stored in the adjacency table. Once a route is determined, it points to a next hop and corresponding adjacency entry. It is subsequently used for encapsulation during CEF switching of packets.

Adjacency Resolution

A route might have several paths to a destination prefix, such as when a router is configured for simultaneous load balancing and redundancy. For each resolved path, a pointer is added for the adjacency corresponding to the next hop interface for that path. This mechanism is used for load balancing across several paths.

Adjacency Types That Require Special Handling

In addition to adjacencies associated with next hop interfaces (host-route adjacencies), other types of adjacencies are used to expedite switching when certain exception conditions exist. When the prefix is defined, prefixes requiring exception processing are cached with one of the special adjacencies listed in Table 1.

Table 1 Adjacency Types for Exception Processing

This adjacency type...
Receives this processing...

Null adjacency

Packets destined for a Null0 interface are dropped. This can be used as an effective form of access filtering.

Glean adjacency

When a router is connected directly to several hosts, the FIB table on the router maintains a prefix for the subnet rather than for the individual host prefixes. The subnet prefix points to a glean adjacency. When packets need to be forwarded to a specific host, the adjacency database is gleaned for the specific prefix.

Punt adjacency

Features that require special handling or features that are not yet supported in conjunction with CEF switching paths are forwarded to the next switching layer for handling. Features that are not supported are forwarded to the next higher switching level.

Discard adjacency

Packets are discarded.

Drop adjacency

Packets are dropped, but the prefix is checked.


Unresolved Adjacency

When a link-layer header is prepended to packets, the FIB requires the prepend to point to an adjacency corresponding to the next hop. If an adjacency was created by the FIB and not discovered through a mechanism, such as ARP, the Layer 2 addressing information is not known and the adjacency is considered incomplete. Once the Layer 2 information is known, the packet is forwarded to the Route Processor (RP), and the adjacency is determined through ARP.

Supported Media

CEF currently supports ATM/AAL5snap, ATM/AAL5mux, ATM/AAL5nlpid, Frame Relay, Ethernet, FDDI, PPP, HDLC, and tunnels.

CEF Operation Modes

CEF can be enabled in one of two modes described in the following sections:

Central CEF Mode

Distributed CEF Mode

Central CEF Mode

When CEF mode is enabled, the CEF FIB and adjacency tables reside on the RP, and the RP performs the express forwarding. You can use CEF mode when line cards are not available for CEF switching or when you need to use features not compatible with dCEF switching.

Figure 2 shows the relationship between the routing table, FIB, and adjacency table during CEF mode. The Catalyst switches forward traffic from workgroup LANs to a Cisco 7500 series router on the enterprise backbone running CEF. The RP performs the express forwarding.

Figure 2 CEF Mode

Distributed CEF Mode

When dCEF is enabled, line cards, such as VIP line cards or Cisco 12000 Series line cards, maintain an identical copy of the FIB and adjacency tables. The line cards perform the express forwarding between port adapters, relieving the RSP of involvement in the switching operation.

dCEF uses an Inter Process Communication (IPC) mechanism to ensure synchronization of FIB tables and adjacency tables on the RP and line cards.

Figure 3 shows the relationship between the RP and line cards when dCEF mode is active.

Figure 3 dCEF Mode

In this Cisco 12000 Series Internet Router, the line cards perform the switching. In other routers where you can mix various types of cards in the same router, all of the cards you are using may not support CEF. When a line card that does not support CEF receives a packet, the line card forwards the packet to the next higher switching layer (the RP) or forwards the packet to the next hop for processing. This structure allows legacy interface processors to exist in the router with newer interface processors.


Note Cisco 12000 Series Internet Routers operate only in dCEF mode; dCEF switching cannot be configured on the same VIP card as distributed fast switching, and dCEF is not supported on Cisco 7200 series routers.


Hardware CEF Resiliency on Cisco 12000 Series E2, ISE, and E5 Line Cards

Starting in IOS Release 12.0(28)S, the Hardware CEF Resiliency feature is supported on Cisco 12000 Series Engine 2 (E2) and IP Services Engine (ISE) line cards. Hardware CEF resiliency is a protection mechanism for CEF hardware memory and ASIC-forwarding resources.

Starting in IOS Release 12.0(32)SY, the Hardware CEF Resiliency feature is supported on Cisco 12000 Series Engine 5 (E5) line cards.

Hardware CEF resiliency prevents CEF from being disabled and packet forwarding from being impacted in case of resource exhaustion or an error condition, such as such as low memory or IPC failure. The line card device driver handles resource failures internally without involving upper layers.

In the event of resource exhaustion, Hardware CEF resiliency provides early warnings and graceful degradation of CEF services. CEF behavior is consistent across all Cisco 12000 Series E2 and ISE line cards. Enhanced failure detection provides a simple, proactive monitoring and notification system for reporting critical events across the entire network. A caution or warning alarm is printed on the system console and logged to alert operators of the situation. Additional information about possible corrective actions to take is also logged. These messages allow sufficient time for network operators to resolve the resource problem.

Hardware CEF resiliency builds on the CEF Self-healing feature that provides an automatic restart capability. As soon as an error condition is corrected, an E2 or ISE line card automatically recovers from resource exhaustion provided that the network steady-state operation does not exceed line card capacities.

Without the Hardware CEF Resiliency feature, CEF is not automatically re-activated on Cisco 12000 Series E2 and ISE line cards after an error condition has been corrected. Instead, manual intervention is necessary to re-enable dCEF using the ip cef distributed command. While this behavior was implemented to prevent CEF instability and ensure network stability, the lack of resilience can result in prolonged network outages following network events, such as default route flaps, prolonged routing protocol instability, and errant redistribution events that disable forwarding.

For information about how to configure the resource monitoring functions in the Hardware CEF Resiliency feature, see Configuring Default Packet Handling for E2 or ISE Memory Failure and Configuring the E2 or ISE Out-of-Resource Threshold For Alarms.

Configuration Tasks

To configure CEF, perform the tasks described in the following sections. The task in the first section is required; the tasks in the remaining sections are optional.

Enabling CEF or dCEF (Required)

Enabling CEF Consistency Checkers (Optional)

Configuring Default Packet Handling for E2 or ISE Memory Failure (Optional)

Configuring the E2 or ISE Out-of-Resource Threshold For Alarms (Optional)

Verifying CEF (Optional)

Verifying Hardware CEF Resiliency (Optional)

Enabling CEF or dCEF

Enable CEF when your router has interface processors that do not support dCEF.

To enable CEF, use the following command in global configuration mode:

Command
Purpose

Router(config)# ip cef

Enables standard CEF operation.


Enable dCEF when you want your line cards to perform express forwarding so that the route processor (RP) can handle routing protocols or switch packets from legacy interface processors.


Note On the Cisco 12000 series Internet router, dCEF is enabled by default. The command to enable dCEF is not available. Also, the configuration file does not indicate that dCEF is enabled on the router.


To enable or disable dCEF operation, use one of the following commands in global configuration mode as needed:

Command
Purpose

Router(config)# ip cef distributed

Enables dCEF operation.

Router(config)# no ip cef distributed

Disables dCEF operation.


When you enable CEF or dCEF globally, all interfaces that support CEF are enabled by default. If you want to turn off CEF or dCEF on a particular interface, you can do so.

To disable CEF or dCEF on an interface, use the following command in interface configuration mode:

Command
Purpose

Router(config-if)# no ip route-cache cef

Disables CEF operation on the interface.


When you disable CEF or dCEF, Cisco IOS software switches packets received on the interface using the next fastest switching path. In the case of dCEF, the next fastest switching path is CEF on the RP.

If you have disabled CEF or dCEF operation on an interface and want to re-enable it, you can do so by using the ip route-cache cef command in interface configuration mode.


Note On the Cisco 12000 series, you must not disable dCEF on an interface.


Enabling CEF Consistency Checkers

CEF uses routing information that is retrieved from the Routing Information Base (RIB), Route Processor (RP), and the line card (LC) databases to perform express forwarding. As updates occur to these databases, inconsistencies may result due to the asynchronous nature of the distribution mechanism for these databases.

If you find a database inconsistency, such as an IP prefix missing from a line card or an RP; you can investigate and resolve these instances by referencing the CEF system error messages that occur and by issuing CEF debug and show commands.

To enable CEF consistency checkers, use the following command in global configuration mode:

Command
Purpose
Router(config)# ip cef table 
consistency-check

Enables CEF table consistency checker types and parameters.


You can enable the following CEF consistency checker types:

Lc-detect — Active line card checker to detect missing prefixes.

Scan-lc — Passive scan checker of tables on a line card.

Scan-rib — Passive scan checker of tables on an RP against the RIB.

Scan-rp — Passive scan checker of tables on an RP.

Displaying CEF Table Inconsistencies

To display CEF table inconsistency records found by the lc-detect, scan-rp, scan-rib, and scan-lc detection mechanisms, use the following command in privileged EXEC mode:

Command
Purpose
Router# show ip cef inconsistency

Displays CEF IP prefix inconsistencies.


Clearing CEF Table Inconsistencies

To clear CEF table inconsistencies, use the following commands in privileged EXEC mode:

Command
Purpose
Router# clear ip cef inconsistency

Clears CEF inconsistency statistics and records found by the CEF consistency checkers.

Router# clear cef linecard

Clears CEF information from linecards.


Configuring Default Packet Handling for E2 or ISE Memory Failure

In the event that hardware-forwarding memory (pointer look-up (PLU) or table look-up (TLU)) runs low or fails on a Cisco 12000 Series E2 or ISE line card, a pre-defined default behavior determines whether incoming packets are dropped or punted to an adjacent memory cache for future fast-path switching.

The driver software on an E2 or ISE line card handles the resource failure without involving higher switching levels, such as CEF and IP Routing protocols. No error is returned to CEF. Instead, when a memory allocation request fails, a caution or warning alarm is sent to the system console and logged in the syslog file for troubleshooting.

During the memory failure, the E2 or ISE device driver assigns a drop or punt adjacency to service memory allocation requests. (For more information on adjacency types, see Adjacency Types That Require Special Handling.) You specify the default action for handling packets during a memory failure by using the ip cef table hardware resource-failure action command.

When a memory allocation failure re-starts, a timer-based resource monitoring process is activated in the background. When the timer expires, the process checks to see if sufficient adjacency memory is available to resume normal CEF switching on the line card. If enough memory is available, an automatic recovery takes place.

To configure the default behavior for handling packets during a memory failure on an Cisco 12000 Series E2 or ISE line card, use the following command in global configuration mode:

Command
Purpose
Router(config)# ip cef table hardware 
resource-failure action {drop | punt}

Sets the default behavior for handling packets during a failure in hardware-forwarding memory on an E2 or ISE line card.


Configuring the E2 or ISE Out-of-Resource Threshold For Alarms

When hardware-forwarding memory (PLU or TLU) runs low or fails on a Cisco 12000 Series E2 or ISE line card, the resource monitoring function prints an alarm (error message or warning) on the system console and logs the alarm (with suggested troubleshooting actions) in the syslog file for operator intervention.

Table 2 describes the thresholds (percentage of PLU or TLU hardware-forwarding memory used) that determine when a warning or error message is issued.

Table 2 Thresholds Used to Generate Alarms for E2 and ISE Memory Failure

Threshold
Meaning

Red

The resource is 95% or more exhausted. An error message is sent to the system console and syslog file. This threshold is not configurable.

Yellow

The resource is 80% to 95% exhausted. A warning is sent to the system console and syslog file. You configure this threshold using the ip cef table hardware resource-failure alarm threshold yellow command. The default yellow threshold is 90%.

Green

Less than the yellow threshold percentage of the resource is used, which indicates normal operation. No alarm is printed.


When a memory allocation failure starts, a timer-based resource monitoring process is activated in the background. The process checks the percentage of PLU and TLU hardware-forwarding memory used at one-minute intervals. When the percentages of hardware memory exhaustion described in Table 2 are exceeded, an alarm is generated.

A sample warning (issued when the yellow threshold is exceeded) and error message (issued when the red threshold is exceeded) are shown below. Note that, in each sample alarm, resource refers to one of the following E2 or ISE resources:

E2_Rx_PLU

E2_Rx_TLU

E3_Rx_PLU

E3_Rx_TLU

Sample Out-of-Resource Warning

SLOT 2 is running low on resource. CEF will begin resource constrained forwarding 
operation if problem persists. For additional details please see "show ip cef resource" 
and "show ip cef summary".

Sample Out-of-Resource Error Message

Out of hardware forwarding resource. CEF will now begin resource constrained forwarding 
operation which may result in performance degradation. System will automatically resume 
normal forwarding once network issue is corrected.

To configure the (yellow) threshold used to generate warnings for PLU and TLU memory exhaustion on a Cisco 12000 Series E2 or ISE line card, use the following command in global configuration mode:

Command
Purpose
Router(config)# ip cef table hardware 
resource-failure alarm threshold 
yellow number

Sets the percentage of PLU and TLU hardware-forwarding memory used on an E or ISE line card to generate a caution alarm to indicate resource consumption and possible exhaustion.


Verifying CEF

To verify CEF-related information, use the following commands in privileged EXEC mode:

Command
Purpose
Router# show cef

Displays which packets the line cards dropped or displays which packets were not express forwarded.

Router# show cef interface

Displays CEF-related interface information.

Router# show cef linecard

Displays CEF-related interface information by line card.

Router# show ip cef adjacency

Displays CEF recursive and direct prefixes resolved through an adjacency.

Router# show ip cef events

Displays all recorded CEF FIB and adjacency events.

Router# show ip cef exact-route

Displays the exact route for a source-destination IP address pair.

Router# show ip cef traffic 
prefix-length

Displays CEF traffic statistics.


Verifying Hardware CEF Resiliency

To verify information about hardware-forwarding resources used for Hardware CEF resiliency on Cisco 12000 Series E2 and ISE line cards, use the following commands in privileged EXEC mode:

Command
Purpose
Router# show ip cef resource

Displays the percentage of memory used and current alarm status of CEF hardware resources on all E2 and ISE line cards in a Cisco 12000 Series Internet Router.

Router# execute-on slot number show 
ip cef resource

Displays the percentage of memory used and current alarm status of CEF hardware resources on a specified E2 or ISE line card in a Cisco 12000 Series Internet Router.

Router# show ip cef summary

Displays a summary of the IP CEF table information, including the percentage of memory used and current alarm status of CEF hardware resources on all E2 and ISE line cards in a Cisco 12000 Series Internet Router.

Router# execute-on slot number show 
ip cef summary

Displays a summary of the IP CEF table information, the percentage of memory used and current alarm status of CEF hardware resources on a specified E2 or ISE line card in a Cisco 12000 Series Internet Router.


Additional References

The following sections provide references related to CEF and Hardware CEF resiliency.

Related Documents

Related Topic
Document Title

Description of CEF

"Cisco Express Forwarding Overview" chapter in the Cisco IOS Switching Services Configuration Guide, Release 12.1

Procedures for configuring CEF or distributed CEF (dCEF)

"Configuring Cisco Express Forwarding" chapter in the Cisco IOS Switching Services Configuration Guide, Release 12.1

Cisco Express Forwarding and how it is implemented on Cisco 12000 Series Internet Routers

Understanding Cisco Express Forwarding

Cisco Express Forwarding and CEF Resilience

White Paper: Cisco Express Forwarding (CEF)

Procedures for verifying CEF switching

How to Verify Cisco Express Forwarding Switching

Show commands used to display system information

Monitoring and Maintaining the Cisco 12000 Series


Standards

Standards
Title

No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.


MIBs

MIBs
MIBs Link

No new or modified MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature.

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs


RFCs

RFCs
Title

No new or modified RFCs are supported by this feature.


Technical Assistance

Description
Link

Technical Assistance Center (TAC) home page, containing 30,000 pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.

http://www.cisco.com/public/support/tac/home.shtml


Command Reference

This section documents new commands. All other commands used with this feature are documented in the Cisco IOS Release 12.1 command reference publications.

clear ip cef event-log

clear ip cef inconsistency

debug ip cef fragmentation

debug ip cef table

ip cef table consistency-check

ip cef table event-log

ip cef table hardware resource-failure action

ip cef table hardware resource-failure alarm threshold yellow

show ip cef events

show ip cef inconsistency

show ip cef resource

show ip cef summary

clear ip cef event-log

To clear the Cisco Express Forwarding (CEF) event-log buffer, use the clear ip cef event-log command in EXEC mode.

clear ip cef event-log

Syntax Description

This command has no arguments or keywords.

Command Modes

EXEC

Command History

Release
Modification

12.0(15)S

This command was introduced.


Usage Guidelines

This command clears the entire CEF table event log that holds forwarding information base (FIB) and adjacency events.

Examples

The following example clears the CEF event-log buffer:

Router# clear ip cef event-log

Related Commands

Command
Description

ip cef table consistency-check

Enables CEF table consistency checker types and parameters.

ip cef table event-log

Controls CEF table event-log characteristics.

show ip cef events

Displays all recorded CEF FIB and adjacency events.


clear ip cef inconsistency

To clear the Cisco Express Forwarding (CEF) inconsistency statistics and records found by the CEF consistency checkers, use the clear ip cef inconsistency command in EXEC mode.

clear ip cef inconsistency

Syntax Description

This command has no arguments or keywords.

Command Modes

EXEC

Command History

Release
Modification

12.0(15)S

This command was introduced.


Usage Guidelines

This command clears the CEF inconsistency checker statistics and records that accumulate when the ip cef table consistency-check command is enabled.

Examples

The following example clears all CEF inconsistency checker statistics and records:

Router# clear ip cef inconsistency

Related Commands

Command
Description

ip cef table consistency-check

Enables CEF table consistency checker types and parameters.

show ip cef inconsistency

Displays CEF IP prefix inconsistencies.


debug ip cef fragmentation

To report fragmented IP packets when Cisco Express Forwarding (CEF) is enabled, use the debug ip cef fragmentation command in privileged EXEC mode. To disable debugging, use the no form of this command:

debug ip cef fragmentation

no debug ip cef fragmentation

Syntax Description

This command has no arguments or keywords.

Defaults

This command is disabled by default.

Command Modes

Privileged EXEC

Command History

Release
Modification

12.0(14)S

This command was introduced.


Usage Guidelines

This command is used to troubleshoot fragmentation problems when CEF switching is enabled.

Examples

The following is sample output from the debug ip cef fragmentation command:

Router# debug ip cef fragmentation

00:59:45:CEF-FRAG:no_fixup path:network_start 0x5397CF8E datagramstart 0x5397CF80 
data_start 0x397CF80 data_block 0x397CF40 mtu 1000 datagramsize 1414 data_bytes 1414
00:59:45:CEF-FRAG:send frag:datagramstart 0x397CF80 datagramsize 442 data_bytes 442
00:59:45:CEF-FRAG:send frag:datagramstart 0x38BC266 datagramsize 1006 data_bytes 1006
00:59:45:CEF-FRAG:no_fixup path:network_start 0x5397C60E datagramstart 0x5397C600 
data_start 0x397C600 data_block 0x397C5C0 mtu 1000 datagramsize 1414 data_bytes 1414
00:59:45:CEF-FRAG:send frag:datagramstart 0x397C600 datagramsize 442 data_bytes 442
00:59:45:CEF-FRAG:send frag:datagramstart 0x38BC266 datagramsize 1006 data_bytes 1006

Table 3 describes the significant fields shown in the display.

Table 3 debug ip cef fragmentation Field Descriptions

Field
Description

no_fixup path

A packet is being fragmented in the no_fixup path.

network_start 0x5397CF8E

Memory address of the IP packet.

datagramstart 0x5397CF80

Memory address of the encapsulated IP packet.

data_start 0x397CF80

For particle systems, the memory address where data starts for the first packet particle.

data_block 0x397C5C0

For particle systems, the memory address of the first packet particle data block.

mtu 1000

Maximum transmission unit of the output interface.

datagramsize 1414

Size of the encapsulated IP packet.

data_bytes 1414

For particle systems, the sum of the particle data bytes that make up the packet.

send frag

Fragment is being forwarded.


debug ip cef table

To enable the collection of events that affect entries in the Cisco Express Forwarding (CEF) tables, use the debug ip cef table command in privileged EXEC mode. To disable debugging, use the no form of this command.

debug ip cef table [access-list | consistency-checkers]

no debug ip cef table [access-list | consistency-checkers]

Syntax Description

access-list

(Optional) Controls collection of consistency checker parameters from specified lists.

consistency-checkers

(Optional) Sets consistency checking characteristics.


Defaults

This command is disabled by default.

Command Modes

Privileged EXEC

Command History

Release
Modification

11.2 GS

This command was introduced.

11.1 CC

Multiple platform support was added.

12.0(15)S

The consistency-checkers keyword was added.


Usage Guidelines

This command is used to record CEF table events related to the forwarding information base (FIB) table. Possible types of events include the following:

Routing updates that populate the FIB table

Flushing of the FIB table

Adding or removing of entries to the FIB table

Table reloading process

Examples

The following is sample output from the debug ip cef table command:

Router# debug ip cef table

01:25:46:CEF-Table:Event up, 1.1.1.1/32 (rdbs:1, flags:1000000)
01:25:46:CEF-IP:Checking dependencies of 0.0.0.0/0
01:25:47:CEF-Table:attempting to resolve 1.1.1.1/32
01:25:47:CEF-IP:resolved 1.1.1.1/32 via 9.1.104.1 to 9.1.104.1 Ethernet2/0/0
01:26:02:CEF-Table:Event up, default, 0.0.0.0/0 (rdbs:1, flags:400001)
01:26:02:CEF-IP:Prefix exists - no-op change

Table 4 describes the significant fields shown in the display.

Table 4 debug ip cef table Field Descriptions

Field
Description

CEF-Table

Indicates a table event.

Event up, 1.1.1.1/32

IP prefix 1.1.1.1/32 is being added.

rdbs:1

Event is from routing descriptor block 1.

flags:1000000

Indicates the network descriptor block flags.

CEF-IP

Indicates a CEF IP event.

Checking dependencies of 0.0.0.0/0

Resolves the next hop dependencies for 0.0.0.0/0.

attempting to resolve 1.1.1.1/32

Resolves the next hop dependencies.

resolved 1.1.1.1/32 via 9.1.104.1 to 9.1.104.1 Ethernet2/0/0

Next hop to IP prefix 1.1.1.1/32 is set and is added to the table.

Event up, default, 0.0.0.0/0 Prefix exists - no-op change

Indicates no table change is necessary for 0.0.0.0/32.


ip cef table consistency-check

To enable Cisco Express Forwarding (CEF) table consistency checker types and parameters, use the ip cef table consistency-check command in global configuration mode. To disable consistency checkers, use the no form of this command.

ip cef table consistency-check [type {lc-detect | scan-lc | scan-rib | scan-rp}] [count count_number] [period seconds]

no ip cef table consistency-check [type {lc-detect | scan-lc | scan-rib | scan-rp}] [count count_number] [period seconds]

Specific to Suppress Errors During Route Updates

ip cef table consistency-check [settle-time seconds]

no ip cef table consistency-check [settle-time seconds]

Syntax Description

type

(Optional) Type of consistency check to configure.

lc-detect

(Optional) Line card detects missing prefix. Confirmed by Route Processor (RP).

scan-lc

(Optional) Passive scan check of tables on line card.

scan-rib

(Optional) Passive scan check of tables on RP against Routing Information Base (RIB).

scan-rp

(Optional) Passive scan check of tables on RP.

count count_number

(Optional) Maximum number of prefixes to check per scan. Range is from 1 to 225.

period seconds

(Optional) Period between scans. Range is from 30 to 3600 seconds.

settle-time seconds

(Optional) Time elapsed during which updates for a candidate prefix are ignored as inconsistancies. Range is from 1 to 3600 seconds.


Defaults

All consistency checkers are disabled by default.

Command Modes

Global configuration

Command History

Release
Modification

12.0(15)S

This command was introduced.


Usage Guidelines

This command configures CEF consistency checkers and parameters for the following detection mechanism types:

Detection Mechanism
Operates On
Description

Lc-detect

Line Card

Operates on the line card by retrieving IP prefixes found missing from its forwarding information base (FIB) table. If IP prefixes are missing, the line card can not forward packets for these addresses. Lc-detect will then send IP prefixes to the RP for confirmation. If the RP detects that it has the relevant entry, an inconsistency is detected and an error message will be displayed. Also, the RP will send a signal back to the line card confirming that the IP prefix is an inconsistency.

Scan-lc

Line Card

Operates on the line card by looking through the FIB table for a configurable time period and sending the next n prefixes to the RP. The RP does an exact lookup. If it finds the prefix missing, the RP reports an inconsistency. Finally, the RP sends a signal back to the line card for confirmation.

Scan-rp

Route Processor

Operates on the RP (opposite of the scan-lc) by looking through the FIB table for a configurable time period and sending the next n prefixes to the line card. The line card does an exact lookup. If it finds the prefix missing, the line card reports an inconsistency and finally signals the RP for confirmation.

Scan-rib

Route Processor

Operates on all RPs (even nondistributed), and scans the RIB to ensure that prefix entries are present in the RP FIB table.


Examples

The following example enables the CEF consistency checkers:

ip cef table consistency-check

Related Commands

Command
Description

clear ip cef inconsistency

Clears CEF inconsistency statistics and records found by the CEF consistency checkers.

debug ip cef

Displays various CEF table query and check events.

show ip cef inconsistency

Displays CEF IP prefix inconsistencies.


ip cef table event-log

To control Cisco Express Forwarding (CEF) table event-log characteristics, use the ip cef table event-log command in global configuration mode.

ip cef table event-log [size event-number] [match ip-prefix mask]

no ip cef table event-log [size event-number] [match ip-prefix mask]

Specific to Virtual Private Network (VPN) Event Log

ip cef table event-log [size event-number] [vrf vrf-name] [match ip-prefix mask]

no ip cef table event-log [size event-number] [vrf vrf-name] [match ip-prefix mask]

Syntax Description

size event-number

(Optional) Number of event entries. The range is from 1 to 4294967295.

match

(Optional) Log events matching specified prefix and mask.

ip-prefix

(Optional) IP prefixes matched, in dotted decimal format (A.B.C.D).

mask

(Optional) Network mask written as A.B.C.D.

vrf vrf-name

(Optional) Virtual Routing and Forwarding (VRF) instance CEF table and VRF name.


Defaults

Default size for event log is 10000 entries.

Command Modes

Global configuration

Command History

Release
Modification

12.0(15)S

This command was introduced.


Usage Guidelines

This command is used to troubleshoot inconsistencies that occur in the CEF event log between the routes in the Routing Information Base (RIB), Route Processor (RP) CEF tables and line card CEF tables.

The CEF event log collects CEF events as they occur without debugging enabled. This allows the tracing of an event immediately after it occurs. Cisco technical personnel may ask for information from this event log to aid in resolving problems with the CEF feature.

When the CEF table event log has reached its capacity, the oldest event is written over by the newest event until the event log size is reset using this command or cleared using the clear ip cef event-log command.

Examples

The following example sets the CEF table event log size to 5000 entries:

ip cef table event-log size 5000

Related Commands

Command
Description

ip cef table consistency-check

Enables CEF table consistency checker types and parameters.

show ip cef events

Displays all recorded CEF FIB and adjacency events.

clear ip cef event-log

Clears the CEF event-log buffer.


ip cef table hardware resource-failure action

To configure the default behavior for handling fast-path packet switching during low hardware memory or a memory failure on a Cisco 12000 Series E2 or ISE line card, use the ip cef table hardware resource-failure action command in global configuration mode:

ip cef table hardware resource-failure action {drop | punt}

no ip cef table hardware resource-failure action {drop | punt}

Syntax Description

drop

Drop adjacency. Packets forwarded during low hardware memory or a memory failure are dropped from adjacency memory.

punt

Punt adjacency. Packets forwarded during low hardware memory or a memory failure are punted to a software-switching path instead of being forwarded by the hardware.


Defaults

Packets forwarded during low hardware memory or a memory failure are punted to a software-switching path.

Command Modes

Global configuration

Command History

Release
Modification

12.0(28)S

This command was introduced on Cisco 12000 Series E2 and ISE line cards.


Usage Guidelines

Use the ip cef table hardware resource-failure action command to set the default behavior on a Cisco 12000 Series E2 or ISE line card for handling packets in CEF switching requests received during periods of low PLU or TLU memory or memory failure.

Drop specifies that the packets in a failed memory allocation request are dropped from adjacency memory; punt specifies that the packets are sent to the switching software on the line card instead of being forwarded by the hardware.

When sufficient adjacency memory is available to resume CEF switching on the line card, an automatic recovery takes place and resource requests assigned a punt adjacency are serviced in fast-path switching.

The driver software on an E2 or ISE line card handles a low memory condition or memory exhaustion without involving higher switching levels, such as CEF and IP Routing protocols. No error is returned to CEF. Instead, when a memory allocation request fails, an error message or warning is sent to the system console and logged in the syslog file for troubleshooting.

Examples

The following example shows how to reset the default packet handling behavior during periods of low E2 or ISE hardware memory or memory exhaustion so that packets in failed memory allocation requests are punted to the software driver on an E2 or ISE line card for processing:

ip cef table hardware resource-failure action punt

Related Commands

Command
Description

show ip cef resource

Display the percentage of memory used and current alarm status of CEF hardware resources on all E2 and ISE line cards, or on a specific E2 or ISE line card, in a Cisco 12000 Series Internet Router

show ip cef summary

Displays IP CEF table information, including the percentage of memory used and current alarm status of CEF hardware resources on all E2 and ISE line cards, or on a specific E2 or ISE line card, in a Cisco 12000 Series Internet Router.


ip cef table hardware resource-failure alarm threshold yellow

To configure the (yellow) threshold used to generate a warning for PLU and TLU memory exhaustion on a Cisco 12000 Series E2 or ISE line card, use the ip cef table hardware resource-failure alarm threshold yellow command in global configuration mode:

ip cef table hardware resource-failure alarm threshold yellow number

no ip cef table hardware resource-failure alarm threshold yellow number

Syntax Description

number

Percentage of PLU or TLU hardware-forwarding memory used. The range is from 80 to 95.


Defaults

The default yellow threshold is set at 90% of hardware-forwarding (PLU or TLU) memory.

Command Modes

Global configuration

Command History

Release
Modification

12.0(28)S

This command was introduced on Cisco 12000 Series E2 and ISE line cards.


Usage Guidelines

When PLU or TLU memory runs low or fails on a Cisco 12000 Series E2 or ISE line card, the resource monitoring function prints an alarm (warning or caution message) on the system console and logs the alarm (with suggested troubleshooting actions) in the syslog file for operator intervention.

When PLU or TLU memory is 95% or more exhausted, an error message is sent to the system console and syslog file. This (red) threshold is not configurable

When the percentage of PLU or TLU memory that is exhausted exceeds the current yellow threshold value, a warning is sent to the system console and syslog file. You configure this (yellow) threshold using the ip cef table hardware resource-failure alarm threshold yellow command.

For an example, of the warning and error messages used for Hardware CEF resiliency, see Configuring the E2 or ISE Out-of-Resource Threshold For Alarms.

During a memory allocation failure, a timer-based resource monitoring process is activated in the background. The process checks the percentage of PLU and TLU hardware-forwarding memory used at one-minute intervals. If the yellow or red threshold of memory is exceeded, a new error message or warning is generated. To avoid having repeated warnings sent to the system console every minute, configure the yellow threshold setting to a higher number.

The following warning is printed on the system console when the yellow threshold for hardware memory usage is exceeded:

SLOT 2 is running low on resource. CEF will begin resource constrained forwarding 
operation if problem persists. For additional details please see "show ip cef resource" 
and "show ip cef summary".

Where resource refers to one of the following E2 or ISE hardware-forwarding memory resources:

E2_Rx_PLU

E2_Rx_TLU

E3_Rx_PLU

E3_Rx_TLU


Note You cannot disable the warning generated when the configured percentage of PLU or TLU hardware used is exceeded. You can only raise (or lower) the default yellow threshold value.


Examples

The following example shows how to set the yellow threshold for generating a caution alarm when the amount of E2 or ISE hardware-forwarding memory used exceeds 80% of available PLU or TLU memory:

ip cef table hardware resource-failure alarm threshold yellow 80

Related Commands

Command
Description

show ip cef resource

Display the percentage of memory used and current alarm status of CEF hardware resources on all E2 and ISE line cards, or on a specific E2 or ISE line card, in a Cisco 12000 Series Internet Router

show ip cef summary

Displays IP CEF table information, including the percentage of memory used and current alarm status of CEF hardware resources on all E2 and ISE line cards, or on a specific E2 or ISE line card, in a Cisco 12000 Series Internet Router.


show ip cef events

To display all recorded Cisco Express Forwarding (CEF) forwarding information base (FIB) and adjacency events, use the show ip cef events command in privileged EXEC mode.

show ip cef [vrf vrf-name] events [ip-prefix] [new | within seconds] [detail] [summary]

Syntax Description

vrf

(Optional) A Virtual Private Network (VPN) routing and forwarding (VRF) instance.

vrf-name

(Optional) Name assigned to the VRF.

ip-prefix

(Optional) Next hop IP prefix, in dotted decimal format (A.B.C.D).

new

(Optional) Displays new CEF events not previously shown.

within seconds

(Optional) Displays CEF events that occurred within a specified number of seconds.

detail

(Optional) Displays detailed information for each CEF event entry.

summary

(Optional) Displays a summary of the CEF event log.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.0(15)S

This command was introduced.


Usage Guidelines

This command shows the state of the table event log and must be enabled for events to record.

The ip cef table event-log command controls parameters such as event log size.

Examples

The following sample output is from the show ip cef events command with summary specified:

Router# show ip cef events summary

CEF table events summary:
     Storage for 10000 events (320000 bytes), 822/0 events recorded/ignored
     Matching all events, traceback depth 16
     Last event occurred 00:00:06.516 ago.

The following sample output is from the show ip cef events command displaying events that occurred within 1 second:

Router# show ip cef events within 1

CEF table events (storage for 10000 events, 14 events recorded)
+00:00:00.000:[Default-table] *.*.*.*/*          New FIB table          [OK]
+00:00:00.000:[Default-table] 9.1.80.194/32      FIB insert in mtrie    [OK]
+00:00:00.000:[Default-table] 9.1.80.0/32        FIB insert in mtrie    [OK]
+00:00:00.000:[Default-table] 9.1.80.255/32      FIB insert in mtrie    [OK]
+00:00:00.004:[Default-table] 9.1.80.0/24        FIB insert in mtrie    [OK]
+00:00:00.004:[Default-table] 9.1.80.0/24        NBD up                 [OK]
+00:00:00.004:[Default-table] 224.0.0.0/4        FIB insert in mtrie    [OK]
+00:00:00.012:[Default-table] 9.1.80.0/24        NBD up                 [Ignr]
+00:00:00.012:[Default-table] 224.0.0.0/4        FIB remove             [OK]
+00:00:00.016:[Default-table] 224.0.0.0/4        FIB insert in mtrie    [OK]
+00:00:05.012:[Default-table] 224.0.0.0/4        FIB remove             [OK]
+00:00:05.012:[Default-table] 224.0.0.0/4        FIB insert in mtrie    [OK]
+00:00:28.440:[Default-table] 224.0.0.0/4        FIB remove             [OK]
+00:00:28.440:[Default-table] 224.0.0.0/4        FIB insert in mtrie    [OK]
First event occured at 00:00:36.568 (00:04:40.756 ago)
Last event occured at 00:01:05.008 (00:04:12.316 ago)

Table 5 describes the significant fields shown in the display.

Table 5 show ip cef events Field Descriptions

Field
Description

+00:00:00.000

Time stamp of the IP CEF event.

[Default-table]

Type of VPN routing and forwarding (VRF) table for this event entry.

*.*.*.*/*

All IP prefixes.

9.1.80.194/32

IP prefix associated with the event.

FIB insert in mtrie

IP prefix insert in the FIB table event.

NBD up

IP prefix up event.

FIB remove

FIB entry remove event.

[Ignr]

CEF ignored event.

[OK]

CEF processed event.


Related Commands

Command
Description

ip cef table consistency-check

Enables CEF table consistency checker types and parameters.

ip cef table event-log

Controls CEF table event-log characteristics.


show ip cef inconsistency

To display Cisco Express Forwarding (CEF) IP prefix inconsistencies, use the show ip cef inconsistency command in privileged EXEC mode.

show ip cef [vrf vrf-name] inconsistency [records [detail]]

Syntax Description

vrf

(Optional) A Virtual Private Network (VPN) routing and forwarding (VRF) instance.

vrf-name

(Optional) Name assigned to the VRF.

records

(Optional) Displays all recorded inconsistencies.

detail

(Optional) Displays detailed information for each CEF table entry.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.0(15)S

This command was introduced.


Usage Guidelines

This command is available only on routers with line cards.

This command displays recorded CEF inconsistency records found by the lc-detect, scan-rp, scan-rib, and scan-lc detection mechanisms.

You can configure the CEF consistency detection mechanisms using the ip cef table consistency-check command.

Examples

The following sample output is from the show ip cef inconsistency command:

Router# show ip cef inconsistency

Table consistency checkers (settle time 65s)
 lc-detect:running
  0/0/0 queries sent/ignored/received
 scan-lc:running [100 prefixes checked every 60s]
  0/0/0 queries sent/ignored/received
 scan-rp:running [100 prefixes checked every 60s]
  0/0/0 queries sent/ignored/received
 scan-rib:running [1000 prefixes checked every 60s]
  0/0/0 queries sent/ignored/received
Inconsistencies:0 confirmed, 0/16 recorded

Table 6 describes the significant fields shown in the display.

Table 6 show ip cef inconsistency Field Descriptions

Field
Description

settle time

Time after a recorded inconsistency is confirmed.

lc-detect running

Consistency checker lc-detect is running.

0/0/0 queries

Number of queries sent, ignored, and received.

Inconsistencies:0 confirmed, 0/16 recorded

Number of inconsistencies confirmed, and recorded. Sixteen is the maximum number of inconsistency records to be recorded.


Related Commands

Command
Description

ip cef table consistency-check

Enables CEF table consistency checker types and parameters.


show ip cef resource

To display the percentage of memory used and current alarm status of CEF hardware resources on all E2 and ISE line cards in a Cisco 12000 Series Internet Router, use the show ip cef resource command in privileged EXEC mode:

show ip cef resource

To display the percentage of memory used and current alarm status of CEF hardware resources on a specific E2 or ISE line card, use the execute-on slot number show ip cef resource command in privileged EXEC or attach to the line card and then execute the show ip cef resource command:

execute-on slot number show ip cef resource

Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC or line card

Command History

Release
Modification

12.0(28)S

This command was introduced on Cisco 12000 Series E2 and ISE line cards.


Usage Guidelines

Use the show ip cef resource command to check the percentage that each CEF hardware resource is being used for fast-path forwarding on E2 and ISE line cards in a Cisco 12000 Series Internet Router. For example, you can use the command to monitor PLU and TLU memory utilization on a line card or when you suspect that CEF hardware resources may be running low on the router.

The show ip cef resource command also displays the current operational status for each CEF hardware resource.

Use the show ip cef resource command in privileged EXEC to display usage information about CEF hardware resources on all E2 and ISE line cards in a Cisco 12000 Series Internet Router. To display usage information for CEF hardware resources on a specific E2 or ISE line card, use the execute-on slot number show ip cef resource command in privileged EXEC mode or attach to the line card and then execute the show ip cef resource command as shown in the Examples section.

The utilization percentage and operational status of each CEF hardware resource is updated every minute. If either the yellow (caution) or red (warning) threshold is exceeded, an alarm message is sent to the system console and logged in the syslog file to alert network operators that one or more resources are running low.

Examples

The following example shows how to use the show ip cef resource command in privileged EXEC mode to monitor the operation of CEF hardware resources on all E2 and ISE line cards in a Cisco 12000 Series Internet Router. For a description of each output field, see Table 7.

Router# show ip cef resource

Hardware resource allocation status summary
Green (Normal), Yellow (Caution) Red (Alarm)

Slot			HW Resource Name					Util		Alert
1			E3_Rx_PLU					4		G
1			E3_Rx_TLU					2		G
8			E3_Rx_PLU					4		G
8			E3_Rx_TLU					2		G

The next example shows how to use the show ip cef resource command to monitor CEF hardware resources on an E2 line card in slot 1:

Router# execute-on slot 1 show ip cef resource

========= Line Card (Slot 1) =========
CEF hardware resource allocation failure summary
Green (Normal), Yellow (Caution) Red (Alarm)

HW Resource Name						Util		Alert
E2_Rx_PLU						4		 G
E2_Rx_TLU						2		 G


Router# attach 1

Entering Console for 3 Port Gigabit Ethernet in Slot: 1
Type "exit" to end this session

Press RETURN to get started!

LC-Slot1# show ip cef resource

CEF hardware resource allocation failure summary
Green (Normal), Yellow (Caution) Red (Alarm)

HW Resource Name						Util		Alert
E2_Rx_PLU						4		 G
E2_Rx_TLU						2		 G

Table 7 describes the output fields.

Table 7 show ip cef resource Field Descriptions

Field
Description

Slot

Slot number in which an E2 or ISE line card is installed.

HW Resource Name

Internal name of each hardware resource used by CEF:
E2: Cisco 12000 Series Engine 2 line card
E3: Cisco 12000 Series IP Service Engine (ISE) line card
Rx: Received by the router
Tx: Transmitted by the router
PLU: Pointer look-up memory
TLU: Table look-up memory

Util

Percentage of the resource used for CEF fast-path forwarding.

Alert

Operational status of the resource, based on utilization percentage:
G: Green (Normal) - Less than the yellow threshold percentage is used.
Y: Yellow (Caution) - 80% to 95% is used (this threshold is configured with the ip cef table hardware resource-failure alarm threshold yellow command)
R: Red (Alarm) - 95% or more is used


Related Commands

Command
Description

show ip cef summary

Displays IP CEF table information, including the percentage of memory used and current alarm status of CEF hardware resources on all E2 and ISE line cards, or on a specific E2 or ISE line card, in a Cisco 12000 Series Internet Router.


show ip cef summary

To display a summary of the IP CEF table information, including the percentage of memory used and current alarm status of CEF hardware resources on all E2 and ISE line cards in a Cisco 12000 Series Internet Router, use the show ip cef summary command in privileged EXEC mode:

show ip cef summary

To display IP CEF table information along with memory usage and current alarm status of CEF hardware resources on a specific E2 or ISE line card, use the execute-on slot number show ip cef summary command in privileged EXEC or attach to the line card and then execute the show ip cef summary command:

execute-on slot number show ip cef summary

Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC or line card

Command History

Release
Modification

12.0(28)S

This command was introduced on Cisco 12000 Series E2 and ISE line cards.


Usage Guidelines

Use the show ip cef summary command in the same way as you use the show ip cef resource command when you suspect that CEF hardware resources may be running low on the router or to check the percentage of each CEF hardware resource being used for fast-path forwarding on E2 and ISE line cards in a Cisco 12000 Series Internet Router. The command output displays PLU and TLU memory utilization on E2 and ISE line cards, following a summary of routing information taken from the Routing Information Base (RIB), Route Processor (RP), and the line card (LC) databases.

Use the show ip cef summary command in privileged EXEC to display usage information about CEF hardware resources on all E2 and ISE line cards in a Cisco 12000 Series Internet Router. To display usage information for CEF hardware resources on a specific E2 or ISE line card, use the execute-on slot number show ip cef summary command in privileged EXEC mode or attach to the line card and then execute the show ip cef summary command.

The utilization percentage and operational status of each CEF hardware resource are updated every minute. If either the yellow (caution) or red (warning) threshold is exceeded, an alarm message is sent to the system console and logged in the syslog file to alert network operators that one or more resources are running low.

Examples

The following example shows how to use the show ip cef summary command in privileged EXEC mode to monitor the operation of CEF hardware resources on all E2 and ISE line cards in a Cisco 12000 Series Internet Router and display a summary of IP CEF table information.

Router# show ip cef summary

IP Distributed CEF with switching (Table Version 126), flags=0x0
  79 routes, 0 reresolve, 0 unresolved (0 old, 0 new), peak 0
  0 load sharing elements, 0 references
  0 in-place/0 aborted modifications
  71896 bytes allocated to the FIB table data structures
  universal per-destination load sharing algorithm, id 55F944D9
  2(0) CEF resets
  Resolution Timer: Exponential (currently 1s, peak 1s)
  Tree summary:
   8-8-8-8 stride pattern
   short mask protection disabled
   79 leaves, 56 nodes using 61996 bytes
  Transient memory used: 96, max: 1315820

  Table epoch: 0 (79 entries at this epoch)

Hardware resource allocation status summary
Green (Normal), Yellow (Caution) Red (Alarm)
Slot HW Resource Name        Util     Alert
1    E2_Rx_PLU                4         G
1    E2_Rx_TLU                2         G
8    E2_Rx_PLU                4         G
8    E2_Rx_TLU                2         G

Adjacency Table has 46 adjacencies

The next example shows how to use the show ip cef summary command to monitor CEF hardware resources on an E2 or ISE line card in slot 1 by displaying a summary of IP CEF table information:

Router# execute-on slot 1 show ip cef summary

========= Line Card (Slot 1) =========

IP Distributed CEF with switching (Table Version 124), flags=0x0
  79 routes, 0 reresolve, 0 unresolved (0 old, 0 new), peak 0
  54 load sharing elements, 54 references
  0 in-place/0 aborted modifications
  337640 bytes allocated to the FIB table data structures
  universal per-destination load sharing algorithm, id 55F944D9
  2(0) CEF resets
  Resolution Timer: Exponential (currently 1s, peak 1s)
  Tree summary:
   16-8-8 stride pattern
   short mask protection disabled
   79 leaves, 43 nodes using 309596 bytes

  Table epoch: 0 (79 entries at this epoch)

CEF hardware resource allocation failure summary
Green (Normal), Yellow (Caution) Red (Alarm)
HW Resource Name         Util     Alert
E2_Rx_PLU                4         G
E2_Rx_TLU                2         G

Adjacency Table has 46 adjacencies

Table 8 describes the output fields of CEF-related hardware information.

Table 8 CEF-related Hardware Field Descriptions for show ip cef summary

Field
Description

HW Resource Name

Internal name of each hardware resource used by CEF:
E2: Cisco 12000 Series Engine 2 line card
E3: Cisco 12000 Series IP Service Engine (ISE) line card
Rx: Received by the router
Tx: Transmitted by the router
PLU: Pointer look-up memory
TLU: Table look-up memory

Util

Percentage of the resource used for CEF fast-path forwarding.

Alert

Operational status of the resource, based on utilization percentage:
G: Green (Normal) - Less than the yellow threshold percentage is used.
Y: Yellow (Caution) - 80% to 95% is used (this threshold is configured with the ip cef table hardware resource-failure alarm threshold yellow command)
R: Red (Alarm) - 95% or more is used


Related Commands

Command
Description

show ip cef resource

Display the percentage of memory used and current alarm status of CEF hardware resources on all E2 and ISE line cards, or on a specific E2 or ISE line card, in a Cisco 12000 Series Internet Router


All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0406R)