Cisco IOS XR IP Addresses and Services Configuration Guide, Release 3.7
Implementing Cisco Express Forwarding on Cisco IOS XR Software
Download this chapter
Implementing Cisco Express Forwarding on Cisco IOS XR SoftwareImplementing Cisco Express Forwarding on Cisco IOS XR Software
Download the complete book
Book-level PDF: Cisco IOS XR IP Addresses and Services Configuration GuideBook-level PDF: Cisco IOS XR IP Addresses and Services Configuration Guide (PDF - 5 MB)
give_us_feedback

Table Of Contents

Implementing Cisco Express Forwarding on Cisco IOS XR Software

Contents

Prerequisites for Implementing Cisco Express Forwarding on Cisco IOS XR Software

Information About Implementing Cisco Express Forwarding on Cisco IOS XR Software

Key Features Supported in the Cisco IOS XR Cisco Express Forwarding Implementation

Benefits of CEF

CEF Components

Border Gateway Protocol Policy Accounting

Reverse Path Forwarding (Strict and Loose)

Route Processor Management Ethernet Forwarding

Per-Flow Load Balancing

OSPFv2 SPF Prefix Prioritization

BGP Attributes Download

How to Implement CEF on Cisco IOS XR Software

Verifying CEF

Configuring BGP Policy Accounting

Prerequisites

Verifying BGP Policy Accounting

Prerequisites

Configuring a Route Purge Delay

Configuring Unicast RPF Checking

Configuring Modular Services Card-to-Route Processor Management Ethernet Interfaces Switching

Configuring Per-Flow Load Balancing

Configuring a 7-Tuple Hash Algorithm

Verifying the CEF Exact Route with 7-Tuple Parameters

Configuring OSPFv2 SPF Prefix Prioritization

Configuring BGP Attributes Download

Configuration Examples for Implementing CEF on Cisco IOS XR Software

Configuring BGP Policy Accounting: Example

Verifying BGP Policy Statistics: Example

Configuring Unicast RPF Checking: Example

Configuring the Switching of Modular Services Card to Management Ethernet Interfaces on the Route Processor: Example

Configuring Per-Flow Load Balancing: Example

Configuring OSPFv2 SPF Prefix Prioritization: Example

Configuring BGP Attributes Download: Example

Additional References

Related Documents

Standards

MIBs

RFCs

Technical Assistance


Implementing Cisco Express Forwarding on Cisco IOS XR Software

Cisco Express Forwarding (CEF) is advanced, Layer 3 IP switching technology. CEF optimizes network performance and scalability for networks with large and dynamic traffic patterns, such as the Internet, on networks characterized by intensive web-based applications, or interactive sessions.

Note For complete descriptions of the CEF commands listed in this module, you can refer to the "Related Documents" section of this module. To locate documentation for other commands that might appear in the course of executing a configuration task, search online in the Cisco IOS XR software master command index.

Feature History for Implementing CEF on Cisco IOS XR Software

Release
Modification

Release 2.0

This feature was introduced on the Cisco CRS-1.

Release 3.0

No modification.

Release 3.2

This feature was supported on the Cisco XR 12000 Series Router.

Release 3.3.0

Loose and Strict support for uRPF was added.

The CEF Nonrecursive Accounting feature was removed.

Release 3.4.0

No modification.

Release 3.5.0

IPv4 Strict uRPF support was added on the Cisco XR 12000 Series Router.

Release 3.6.0

Per-flow load balancing feature was added on the Cisco CRS-1.

Release 3.7.0

The OSPFv2 SPF Prefix Prioritization feature was added.

The show cef bgp-attribute command was added.


Contents

Prerequisites for Implementing Cisco Express Forwarding on Cisco IOS XR Software

Information About Implementing Cisco Express Forwarding on Cisco IOS XR Software

How to Implement CEF on Cisco IOS XR Software

Configuration Examples for Implementing CEF on Cisco IOS XR Software

Additional References

Prerequisites for Implementing Cisco Express Forwarding on Cisco IOS XR Software

The following prerequisites are required to implement Cisco Express Forwarding:

You must be in a user group associated with a task group that includes the proper task IDs for CEF commands. Task IDs for commands are listed in the Cisco IOS XR IP Addresses and Services Command Reference Guide.

You must install and activate the Cisco IOS XR Unicast Routing Core Bundle for Cisco Express Forwarding. The Cisco Express Forwarding commands are installed as part of the Base Package which is included in the Cisco IOS XR Unicast Routing Core Bundle.

For detailed information about bundle installation, see the Cisco IOS XR Getting Started Guide.

You must be familiar with Cisco Express Forwarding commands. See the Cisco Express Forwarding Commands on Cisco IOS XR Software module in the Cisco IOS XR IP Addresses and Services Command Reference.

Information About Implementing Cisco Express Forwarding on Cisco IOS XR Software

To implement Cisco Express Forwarding features in this document you must understand the following concepts:

Key Features Supported in the Cisco IOS XR Cisco Express Forwarding Implementation

Benefits of CEF

CEF Components

Border Gateway Protocol Policy Accounting

Reverse Path Forwarding (Strict and Loose)

Route Processor Management Ethernet Forwarding

Per-Flow Load Balancing

OSPFv2 SPF Prefix Prioritization

BGP Attributes Download

Key Features Supported in the Cisco IOS XR Cisco Express Forwarding Implementation

The following features are supported for CEF on Cisco IOS XR software:

Border Gateway Protocol (BGP) policy accounting

Reverse path forwarding (RPF)

Virtual interface support

Multipath support

Route consistency

High availability features such as packaging, restartability, and Out of Resource (OOR) handling

OSPFv2 SPF prefix prioritization

BGP attributes download

Benefits of CEF

CEF offers the following benefits:

Improved performance—CEF is less CPU-intensive than fast-switching route caching. More CPU processing power can be dedicated to Layer 3 services such as quality of service (QoS) and encryption.

Scalability—CEF offers full switching capacity at each modular services card (MSC).

Resilience—CEF offers an unprecedented level of switching consistency and stability in large dynamic networks. In dynamic networks, fast-switched cache entries are frequently invalidated due to routing changes. These changes can cause traffic to be process switched using the routing table, rather than fast switched using the route cache. Because the Forwarding Information Base (FIB) lookup table contains all known routes that exist in the routing table, it eliminates route cache maintenance and the fast-switch or process-switch forwarding scenario. CEF can switch traffic more efficiently than typical demand caching schemes.

CEF Components

Cisco IOS XR CEF always operates in CEF mode with two distinct components: a Forwarding Information Base (FIB) database and adjacency table—a protocol-independent adjacency information base (AIB).

CEF is a primary IP packet-forwarding database for Cisco IOS XR software. CEF is responsible for the following functions:

Software switching path

Maintaining forwarding table and adjacency tables (which are maintained by the AIB) for software and hardware forwarding engines

The following CEF forwarding tables are maintained in Cisco IOS XR software:

IPv4 CEF database

IPv6 CEF database

MPLS LFD database

Multicast Forwarding Table (MFD)

The protocol-dependent FIB process maintains the forwarding tables for IPv4 and IPv6 unicast in the route processor (RP) and each MSC.

The FIB on each node processes Routing Information Base (RIB) updates, performing route resolution and maintaining FIB tables independently in the RP and each MSC. FIB tables on each node can be slightly different. Adjacency FIB entries are maintained only on a local node, and adjacency entries linked to FIB entries could be different.

Border Gateway Protocol Policy Accounting

Border Gateway Protocol (BGP) policy accounting measures and classifies IP traffic that is sent to, or received from, different peers. Policy accounting is enabled on an individual input or output interface basis, and counters based on parameters such as community list, autonomous system number, or autonomous system path are assigned to identify the IP traffic.

Note There are two types of route policies. The first type (regular BGP route policies) is used to filter the BGP routes advertised into or out from the BGP links. This type of route policy is applied to the specific BGP neighbor. The second type (specific route policy) is used to set up a traffic index for the BGP prefixes. This route policy is applied to the global BGP IPv4 address family to set up the traffic index when the BGP routes are inserted into the RIB table. BGP policy accounting uses the second type of route policy.

Using BGP policy accounting, you can account for traffic according to the route it traverses. Service providers can identify and account for all traffic by customer and bill accordingly. In Figure 1, BGP policy accounting can be implemented in Router A to measure packet and byte volumes in autonomous system buckets. Customers are billed appropriately for traffic that is routed from a domestic, international, or satellite source.

Note BGP policy accounting measures and classifies IP traffic for BGP prefixes only.

Figure 1 Sample Topology for BGP Policy Accounting

Based on the specified routing policy, BGP policy accounting assigns each prefix a traffic index (bucket) associated with an interface. BGP prefixes are downloaded from the Routing Information Base (RIB) to the FIB along with the traffic index.

There are a total of 63 (1 to 63) traffic indexes (bucket numbers) that can be assigned for BGP prefixes. Internally, there is an accounting table associated with the traffic indexes to be created for each input (ingress) and output (egress) interface. The traffic indexes allow you to account for the IP traffic, where the source IP address, the destination IP address, or both are BGP prefixes.

Note Traffic index 0 contains the packet count using Interior Gateway Protocol (IGP) routes.

Reverse Path Forwarding (Strict and Loose)

Unicast IPv4 and IPv6 Reverse Path Forwarding (uRPF), both strict and loose modes, help mitigate problems caused by the introduction of malformed or spoofed IP source addresses into a network by discarding IP packets that lack a verifiable IP source address. Unicast RPF does this by doing a reverse lookup in the CEF table. Therefore, Unicast Reverse Path Forwarding is possible only if CEF is enabled on the router. Cisco IOS XR software supports both modes of Unicast IPv4 Reverse Path Forwarding on all IP Services Engine (ISE/Engine 3) and Engine 5 line cards in the Cisco XR 12000 Series Router and the strict mode of Unicast IPv6 Reverse Path Forwarding on Engine 5 line cards.

Note Unicast RPF allows packets with 0.0.0.0 source address and 255.255.255.255 destination addresses to pass so that Bootstrap Protocol and Dynamic Host Configuration Protocol (DHCP) will function properly.

When strict uRPF is enabled, the source address of the packet is checked in the FIB. If the packet is received on the same interface that would be used to forward the traffic to the source of the packet, the packet passes the check and is further processed; otherwise, it is dropped. Strict uRPF should only be applied where there is natural or configured symmetry. Because internal interfaces are likely to have routing asymmetry, that is, multiple routes to the source of a packet, strict uRPF should not be implemented on interfaces that are internal to the network.

Note The behavior of strict RPF varies slightly by platform, number of recursion levels, and number of paths in Equal-Cost Multipath (ECMP) scenarios. A platform may switch to loose RPF check for some or all prefixes, even though strict RPF is configured.

When loose uRPF is enabled, the source address of the packet is checked in the FIB. If it exists and matches a valid forwarding entry, the packet passes the check and is further processed; otherwise, it is dropped.

Loose and strict uRPF supports two options: allow self-ping and allow default. The self-ping option allows the source of the packet to ping itself. The allow default option allows the lookup result to match a default routing entry. When the allow default option is enabled with the strict mode of the uRPF, the packet is processed further only if it arrived through the default interface.

Note On Cisco XR 12000 Series Routers, strict uRPF supports load-balanced prefixes for a maximum of eight interfaces on the same line card. When a packet is received on a load-balanced prefix, it is verified against each of the interfaces in the load balance. If a packet is received on a load-balanced prefix with more than eight interfaces on the same line card, a loose uRPF check is performed, even if the packet is received on an interface that was configured for strict uRPF.

Route Processor Management Ethernet Forwarding

Forwarding from the MSC interface to the RP Management Ethernet is disabled by default. The rp mgmtethernet forwarding command is used to enable forwarding from the MSC interface to RP Management Ethernet.

Forwarding from the RP Management Ethernet to the MSC interface, and from the RP Management Ethernet to RP Management Ethernet, is enabled by default.

Note This command is not supported on the Cisco XR 12000 Series Router.

Per-Flow Load Balancing

Load balancing describes the functionality in a router that distributes packets across multiple links based on Layer 3 (network layer) and Layer 4 (transport layer) routing information. If the router discovers multiple paths to a destination, the routing table is updated with multiple entries for that destination.

Per-flow load balancing performs the following functions:

Incoming data traffic on the Cisco CRS-1 is evenly distributed over multiple equal-cost connections.

Data traffic is evenly distributed over multiple member links within a bundle interface.

On the Cisco CRS-1, per-flow load balancing is the only load balancing algorithm that is used to perform Layer 2 bundle and Layer 3 (network layer) load balancing decisions on IPv4, IPv6, and MPLS flows, which are supported for the 7-tuple hash algorithm.

A 7-tuple hash algorithm provides more granular load balancing than the existing 3-tuple hash algorithm.

The same hash algorithm (3-tuple or 7-tuple) is used for load balancing over multiple equal-cost Layer 3 (network layer) paths. The Layer 3 (network layer) path is on a physical interface or on a bundle interface. In addition, load balancing over member links can occur within a Layer 2 bundle interface.

The cef load-balancing fields command allows you to select either the 3-tuple hash algorithm (default) or the 7-tuple hash algorithm.

The 3-tuple load-balance hash calculation contains the following inputs:

Layer 3 (Network Layer) Routing Information

Source IP address

Destination IP address

Protocol

The 7-tuple load-balance hash calculation contains the 3-tuple inputs and the additional following Layer 4 inputs:

Layer 4 (Transport Layer) Routing Information

Source Port

Destination Port

The following inputs are listed as specific to the Cisco CRS-1 platform:

Cisco CRS-1 Platform-Specific Information

Router ID

Ingress interface handle

Note In load-balancing scenarios, a line card may not use all output paths downloaded from routing protocols. This behavior varies by platform, number of recursion levels, and whether or not MPLS is involved.

OSPFv2 SPF Prefix Prioritization

The OSPFv2 SPF Prefix Prioritization feature enables an administrator to converge important prefixes faster during route installation.

When a large number of prefixes must be installed in the Routing Information Base (RIB) and the Forwarding Information Base (FIB), the update duration between the first and last prefix can be significant during SPF.

In networks where time-sensitive traffic (for example, VoIP) may transit the same router along with other traffic flows, it is important to prioritize RIB and FIB updates during SPF for these time-sensitive prefixes.

The OSPFv2 SPF Prefix Prioritization feature provides the administrator with the ability to prioritize important prefixes to be installed into the RIB during SPF calculations. Important prefixes converge faster among prefixes of the same route type per area. Before RIB and FIB installation, routes and prefixes are assigned to various priority batch queues in the OSPF local RIB based on specified route policy. The RIB priority batch queues are classified as "critical," "high," "medium," and "low," in the order of decreasing priority.

When enabled, prefix alters the sequence of updating the RIB with the following prefix priority:

Critical > High > Medium > Low

As soon as prefix priority is configured, /32 prefixes are no longer preferred by default and are placed in the low-priority queue if they are not matched with higher-priority policies. Route policies must be devised to retain /32s in the higher-priority queues.

Priority is specified using route policy, which can be matched based on IP addresses or route tags. During SPF, a prefix is checked against the specified route policy and is assigned to the appropriate RIB batch priority queue.

The following are examples of this scenario:

If only high-priority route policy is specified, and no route policy is configured for a medium priority:

Permitted prefixes are assigned to a high-priority queue.

Unmatched prefixes, including /32s, are placed in a low-priority queue.

If both high-priority and medium-priority route policies are specified, and no maps are specified for critical priority:

Permitted prefixes matching high-priority route policy are assigned to a high-priority queue.

Permitted prefixes matching medium-priority route policy are placed in a medium-priority queue.

Unmatched prefixes, including /32s, are moved to a low-priority queue.

If both critical-priority and high-priority route policies are specified, and no maps are specified for medium priority:

Permitted prefixes matching critical-priority route policy are assigned to a critical-priority queue.

Permitted prefixes matching high-priority route policy are assigned to a high-priority queue.

Unmatched prefixes, including /32s, are placed in a low-priority queue.

If only medium-priority route policy is specified and no maps are specified for high priority or critical priority:

Permitted prefixes matching medium-priority route policy are assigned to a medium-priority queue.

Unmatched prefixes, including /32s, are placed in a low-priority queue.

Note You must devise corresponding route policies to retain /32s in high-priority or medium-priority queues.

The [no] spf prefix-priority route-policy rpl command is used to prioritize OSPFv2 prefix installation into the global RIB during SPF.

SPF prefix prioritization is disabled by default. In disabled mode, /32 prefixes are installed into the global RIB before other prefixes. If SPF prioritization is enabled, routes are matched against the route-policy criteria and are assigned to the appropriate priority queue based on the SPF priority set. Unmatched prefixes, including /32s, are placed in the low-priority queue.

If all /32s are desired in the high-priority queue or medium-priority queue, configure the following single route map: 

prefix-set ospf-medium-prefixes

0.0.0.0/0 ge 32

end-set

BGP Attributes Download

The BGP Attributes Download feature enables you to display the installed BGP attributes in CEF. Configure the show cef bgp-attribute command to display the installed BGP attributes in CEF. You can use the show cef bgp-attribute attribute-id command and the show cef bgp-attribute local-attribute-id command to look at specific BGP attributes by attribute ID and local attribute ID.

How to Implement CEF on Cisco IOS XR Software

This section contains instructions for the following tasks:

Verifying CEF

Configuring BGP Policy Accounting

Verifying BGP Policy Accounting

Configuring a Route Purge Delay

Configuring Unicast RPF Checking

Configuring Modular Services Card-to-Route Processor Management Ethernet Interfaces Switching

Configuring Per-Flow Load Balancing

Configuring OSPFv2 SPF Prefix Prioritization

Configuring BGP Attributes Download

Verifying CEF

This task allows you to verify CEF.

SUMMARY STEPS

1. show cef {ipv4 | ipv6}

2. show cef {ipv4 | ipv6} summary

3. show cef {ipv4 | ipv6} detail

4. show adjacency detail

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

show cef {ipv4 | ipv6}

Example:

RP/0/RP0/CPU0:router# show cef ipv4

Displays the IPv4 or IPv6 CEF table. The next hop and forwarding interface are displayed for each prefix.

Note The output of the show cef command varies by location.

Step 2 

show cef {ipv4 | ipv6} summary

Example:

RP/0/RP0/CPU0:router# show cef ipv4 summary

Displays a summary of the IPv4 or IPv6 CEF table.

Step 3 

show cef {ipv4 | ipv6} detail

Example:

RP/0/RP0/CPU0:router# show cef ipv4 detail

Displays detailed IPv4 or IPv6 CEF table information.

Step 4 

show adjacency detail

Example:

RP/0/RP0/CPU0:router# show adjacency detail

Displays detailed adjacency information, including Layer 2 information for each interface.

Note The output of the show adjacency command varies by location.

Configuring BGP Policy Accounting

This task allows you to configure BGP policy accounting.

Note There are two types of route policies. BGP policy accounting uses the type that is used to set up a traffic index for the BGP prefixes. The route policy is applied to the global BGP IPv4 address family to set up the traffic index when the BGP routes are inserted into the RIB table.

BGP policy accounting enables per interface accounting for ingress and egress IP traffic based on the traffic index assigned to the source IP address (BGP prefix) and destination IP address (BGP prefix). The traffic index of BGP prefixes can be assigned according to the following parameters using Routing Policy Language (RPL):

prefix-set

AS-path-set

community-set

Note BGP policy accounting is supported on IPv4 prefixes only.

Two configuration tasks provide the ability to classify BGP prefixes that are in the RIB according to the prefix-set, AS-path-set, or the community-set parameters:

1. Use the route-policy command to define the policy for traffic index setup based on the prefix-set, AS-path-set, or community-set.

2. Use the BGP table-policy command to apply the defined route policy to the global BGP IPv4 unicast address family.

See the Cisco IOS XR Routing Command Reference for information on the route-policy and table-policy commands.

BGP policy accounting can be enabled on each interface with the following options:

Use the ipv4 bgp policy accounting command with one of the following keyword options:

input source-accounting

input destination-accounting

input source-accounting destination-accounting

Use the ipv4 bgp policy accounting command with one of the following keyword options:

output source-accounting

output destination-accounting

output source-accounting destination-accounting

Use any combination of the keywords provided for the ipv4 bgp policy accounting command.

Prerequisites

Before using the BGP policy accounting feature, you must enable BGP on the router (CEF is enabled by default). See the Cisco IOS XR Routing Configuration Guide for information on enabling BGP.

SUMMARY STEPS

1. configure

2. as-path-set

3. prefix-set

4. route-policy policy-name (to configure the route policy to set up the traffic index for the BGP prefixes)

5. end

6. configure

7. router bgp autonomous-system-number

8. address-family {ipv4 | ipv6} {unicast | multicast}

9. table-policy policy-name

10. end

11. configure

12. interface type instance

13. ipv4 bgp policy accounting {input | output {destination-accounting [source-accounting] | source-accounting [destination-accounting]}}

14. end

or

commit

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

configure

Example:

RP/0/RP0/CPU0:router# configure

Enters global configuration mode.

Step 2 

as-path-set

Example:

RP/0/RP0/CPU0:router(config)# as-path-set as107

RP/0/RP0/CPU0:router(config-as)# ios-regex '107$'

RP/0/RP0/CPU0:router(config-as)# end-set


RP/0/RP0/CPU0:router(config)# as-path-set as108

RP/0/RP0/CPU0:router(config-as)# ios-regex '108$'

RP/0/RP0/CPU0:router(config-as)# end-set

Enters policy configuration mode.

Step 3 

prefix-set

Example:

RP/0/RP0/CPU0:router(config)# prefix-set RT-65.0

RP/0/RP0/CPU0:router(config)# 65.0.0.0/16 ge 16 le 32

RP/0/RP0/CPU0:router(config)# end-set


RP/0/RP0/CPU0:router(config)# prefix-set RT-66.0

Defines the prefix list.

Step 4 

route-policy policy-name

Example:

RP/0/RP0/CPU0:router(config-pfx)# 66.0.0.0/16 ge 16 le 32

RP/0/RP0/CPU0:router(config-pfx)# end-set


RP/0/RP0/CPU0:router(config)# route-policy set-traffic-index


RP/0/RP0/CPU0:router(config-rpl)# if destination in (27.1.1.0/24) then

RP/0/RP0/CPU0:router(config-rpl)# set traffic-index 1

RP/0/RP0/CPU0:router(config-rpl)# elseif destination in (27.1.2.0/24) then

RP/0/RP0/CPU0:router(config-rpl)# set traffic-index 2

RP/0/RP0/CPU0:router(config-rpl)# elseif destination in (27.1.3.0/24) then

RP/0/RP0/CPU0:router(config-rpl)# set traffic-index 3

RP/0/RP0/CPU0:router(config-rpl)# elseif destination in (27.1.4.0/24) then

RP/0/RP0/CPU0:router(config-rpl)# set traffic-index 4

RP/0/RP0/CPU0:router(config-rpl)# elseif destination in (27.1.5.0/24) then

RP/0/RP0/CPU0:router(config-rpl)# set traffic-index 5

RP/0/RP0/CPU0:router(config-rpl)# endif


RP/0/RP0/CPU0:router(config-rpl)# if destination in (28.1.1.0/24) then


RP/0/RP0/CPU0:router(config-rpl)# set traffic-index 6

RP/0/RP0/CPU0:router(config-rpl)# elseif destination in (28.1.2.0/24) then

RP/0/RP0/CPU0:router(config-rpl)# set traffic-index 7

RP/0/RP0/CPU0:router(config-rpl)# elseif destination in (28.1.3.0/24) then

RP/0/RP0/CPU0:router(config-rpl)# set traffic-index 8

RP/0/RP0/CPU0:router(config-rpl)# elseif destination in (28.1.4.0/24) then


RP/0/RP0/CPU0:router(config-rpl)# set traffic-index 9

RP/0/RP0/CPU0:router(config-rpl)# elseif destination in (28.1.5.0/24) then

RP/0/RP0/CPU0:router(config-rpl)# set traffic-index 10

RP/0/RP0/CPU0:router(config-rpl)# endif

RP/0/RP0/CPU0:router(config-rpl)# if as-path in as107 then

RP/0/RP0/CPU0:router(config-rpl)# set traffic-index 7

RP/0/RP0/CPU0:router(config-rpl)# elseif as-path in as108 then

Specifies the policy parameters.

 
 

RP/0/RP0/CPU0:router(config-rpl)# set traffic-index 8

RP/0/RP0/CPU0:router(config-rpl)# endif


RP/0/RP0/CPU0:router(config-rpl)# if destination in RT-65.0 then

RP/0/RP0/CPU0:router(config-rpl)# set traffic-index 15

RP/0/RP0/CPU0:router(config-rpl)# elseif destination in RT-66.0 then

RP/0/RP0/CPU0:router(config-rpl)# set traffic-index 16

RP/0/RP0/CPU0:router(config-rpl)# endif


RP/0/RP0/CPU0:router(config-rpl)# end-policy

 

Step 5 

end

Example:

RP/0/RP0/CPU0:router(config-rpl)# end

Saves configuration changes.

When you issue the end command, the system prompts you to commit changes: 

Uncommitted changes found, commit them before 
exiting(yes/no/cancel)? 
[cancel]:

Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.

Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.

Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.

Step 6 

configure

Example:

RP/0/RP0/CPU0:router# configure

Enters global configuration mode.

Step 7 

router bgp autonomous-system-number

Example:

RP/0/RP0/CPU0:router(config)# router bgp 1

Allows you to configure the BGP routing process.

Step 8 

address-family {ipv4 | ipv6} {unicast | multicast}

Example:

RP/0/RP0/CPU0:router(config-bgp)# address-family ipv4 unicast

Allows you to enter the address family configuration mode while configuring a BGP routing session.

Step 9 

table policy policy-name

Example:

RP/0/RP0/CPU0:router(config-bgp-af)# table-policy set-traffic-index

Applies a routing policy to routes being installed into the routing table.

Step 10 

end

Example:

RP/0/RP0/CPU0:router(config-bgp-af)# end

Saves configuration changes.

When you issue the end command, the system prompts you to commit changes: 

Uncommitted changes found, commit them before 
exiting(yes/no/cancel)? 
[cancel]:

Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.

Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.

Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.

Step 11 

configure

Example:

RP/0/RP0/CPU0:router# configure

Enters global configuration mode.

Step 12 

interface type instance

Example:

RP/0/RP0/CPU0:router(config)# interface TenGigE0/1/0/2

Enters interface configuration mode.

Step 13 

ipv4 bgp policy accounting {input | output {destination-accounting [source-accounting] | source-accounting [destination-accounting]}}

Example:

RP/0/RP0/CPU0:router(config-if)# ipv4 bgp policy accounting output destination-accounting

Enables BGP policy accounting.

Step 14 

end

or

commit

Example:

RP/0/RP0/CPU0:router(config-if)# end

or

RP/0/RP0/CPU0:router(config-if)# commit

Saves configuration changes.

When you issue the end command, the system prompts you to commit changes: 

Uncommitted changes found, commit them before 
exiting(yes/no/cancel)? 
[cancel]:

Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.

Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.

Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.

Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

Verifying BGP Policy Accounting

This task allows you to verify BGP policy accounting.

Note BGP policy accounting is supported on IPv4 prefixes.

Prerequisites

BGP policy accounting must be configured. See the "Configuring BGP Policy Accounting" section.

SUMMARY STEPS

1. show route bgp

2. show bgp summary

3. show bgp ip-address

4. show route ipv4 ip-address

5. show cef ipv4 prefix

6. show cef ipv4 prefix detail

7. show cef ipv4 interface type instance bgp-policy-statistics

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

show route bgp

Example:

RP/0/RP0/CPU0:router# show route bgp

Displays all BGP routes with traffic indexes.

Step 2 

show bgp summary

Example:

RP/0/RP0/CPU0:router# show bgp summary

Displays the status of all BGP neighbors.

Step 3 

show bgp ip-address

Example:

RP/0/RP0/CPU0:router# show bgp 40.1.1.1

Displays BGP prefixes with BGP attributes.

Step 4 

show route ipv4 ip-address

Example:

RP/0/RP0/CPU0:router# show route ipv4 40.1.1.1

Displays the specific BGP route with the traffic index in the RIB.

Step 5 

show cef ipv4 prefix

Example:

RP/0/RP0/CPU0:router# show cef ipv4 40.1.1.1

Displays the specific BGP prefix with the traffic index in the RP FIB.

Step 6 

show cef ipv4 prefix detail

Example:

RP/0/RP0/CPU0:router# show cef ipv4 40.1.1.1 detail

Displays the specific BGP prefix with detailed information in the RP FIB.

Step 7 

show cef ipv4 interface type instance bgp-policy-statistics

Example:

RP/0/RP0/CPU0:router# show cef ipv4 interface TenGigE 0/2/0/4 bgp-policy-statistics

Displays the BGP Policy Accounting statistics for the specific interface.

Configuring a Route Purge Delay

This task allows you to configure a route purge delay. A purge delay purges routes when the RIB or other related process experiences a failure.

SUMMARY STEPS

1. configure

2. cef purge-delay seconds

3. end

or

commit

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

configure

Example:

RP/0/RP0/CPU0:router# configure

Enters global configuration mode.

Step 2 

cef purge-delay seconds

Example:

RP/0/RP0/CPU0:router(config)# cef purge-delay 180

Configures a delay in purging routes when the Routing Information Base (RIB) or other related processes experience a failure.

Step 3 

end

or

commit

Example:

RP/0/RP0/CPU0:router(config)# end

or

RP/0/RP0/CPU0:router(config)# commit

Saves configuration changes.

When you issue the end command, the system prompts you to commit changes: 

Uncommitted changes found, commit them before 
exiting(yes/no/cancel)? 
[cancel]:

Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.

Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.

Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.

Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

Configuring Unicast RPF Checking

This task allows you to configure unicast Reverse Path Forwarding (uRPF) RPF checking. Unicast RPF checking allows you to mitigate problems caused by malformed or forged (spoofed) IP source addresses that pass through a router. Malformed or forged source addresses can indicate denial-of-service (DoS) attacks based on source IP address spoofing.

SUMMARY STEPS

1. configure

2. interface type instance

3. {ipv4 | ipv6} verify unicast source reachable-via {any | rx} [allow-default] [allow-self-ping]

4. end

or

commit

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

configure

Example:

RP/0/RP0/CPU0:router# configure

Enters global configuration mode.

Step 2 

interface type instance

Example:

RP/0/RP0/CPU0:router(config)# interface pos 0/1/0/0

Enters interface configuration mode.

Step 3 

{ipv4 | ipv6} verify unicast source reachable-via {any | rx} [allow-default] [allow-self-ping]

Example:

RP/0/RP0/CPU0:router(config-if)# ipv4 verify unicast source reachable-via rx

Enables IPv4 or IPv6 uRPF checking.

The rx keyword enables strict unicast RPF checking. If strict unicast RPF is enabled, a packet is not forwarded unless its source prefix exists in the routing table and the output interface matches the interface on which the packet was received.

The allow-default keyword enables the matching of default routes. This option applies to both loose and strict RPF.

The allow-self-ping keyword enables the router to ping out an interface. This option applies to both loose and strict RPF.

Step 4 

end

or

commit

Example:

RP/0/RP0/CPU0:router(config-if)# end

or

RP/0/RP0/CPU0:router(config-if)# commit

Saves configuration changes.

When you issue the end command, the system prompts you to commit changes: 

Uncommitted changes found, commit them before 
exiting(yes/no/cancel)? 
[cancel]:

Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.

Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.

Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.

Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

Configuring Modular Services Card-to-Route Processor Management Ethernet Interfaces Switching

This task allows you to enable MSC-to-RP management Ethernet interface switching.

SUMMARY STEPS

1. configure

2. rp mgmtethernet forwarding

3. end
or
commit

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

configure

Example:

RP/0/RP0/CPU0:router# configure

Enters global configuration mode.

Step 2 

rp mgmtethernet forwarding

Example:

RP/0/RP0/CPU0:router(config)# rp mgmtethernet forwarding

Enables switching from the MSC to the route processor Management Ethernet interfaces.

Step 3 

end

or

commit

Example:

RP/0/RP0/CPU0:router(config)# end

or

RP/0/RP0/CPU0:router(config)# commit

Saves configuration changes.

When you issue the end command, the system prompts you to commit changes: 

Uncommitted changes found, commit them before 
exiting(yes/no/cancel)? 
[cancel]:

Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.

Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.

Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.

Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

Configuring Per-Flow Load Balancing

This section describes the following tasks to configure per-flow load balancing:

Configuring a 7-Tuple Hash Algorithm

Verifying the CEF Exact Route with 7-Tuple Parameters

Configuring a 7-Tuple Hash Algorithm

This task allows you to configure per-flow load balancing for a 7-tuple hash algorithm.

SUMMARY STEPS

1. configure

2. cef load-balancing fields {L3 | L4}

3. end
or
commit

4. show cef {ipv4 | ipv6} summary [location node-id]

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

configure

Example:

RP/0/RP0/CPU0:router# configure

Enters global configuration mode.

Step 2 

cef load-balancing fields {L3 | L4}

Example:

RP/0/RP0/CPU0:router(config)# cef load-balancing fields L4

Configures the hashing algorithm that is used for load balancing during forwarding. The example shows that the L4 field is selected.

Use the L3 keyword to specify the Layer 3 load-balancing for the hash algorithm

Since L3 is configured as the default value, you do not need to use the cef load-balancing fields command unless you want to configure Layer 4.

Use the L4 keyword to specify the Layer 3 and Layer 4 load-balancing for the hash algorithm.

For a list of the inputs for Layer 3 and Layer 4, see "Per-Flow Load Balancing" section.

Step 3 

end

or

commit

Example:

RP/0/RP0/CPU0:router(config)# end

or

RP/0/RP0/CPU0:router(config)# commit

Saves configuration changes.

When you issue the end command, the system prompts you to commit changes: 

Uncommitted changes found, commit them 
before exiting(yes/no/cancel)? 
[cancel]:

Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.

Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.

Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.

Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

Step 4 

show cef {ipv4 | ipv6} summary [location node-id]

Example:

RP/0/RP0/CPU0:router# show cef ipv4 summary

Displays the load balancing field for the IPv4 or IPv6 CEF table.

(Optional) Use the location keyword display a summary of the IPv4 CEF table for the designated node. The node-id argument is entered in the rack/slot/module notation

Verifying the CEF Exact Route with 7-Tuple Parameters

The following 7-tuple parameters are specified to obtain the CEF exact route for both IPv4 and IPv6:

Source address

Destination address

Source port and range of destination ports

Protocol

Ingress interface

Router ID

To display the path an MPLS flow would take, use the show mpls forwarding exact-route command. The MPLS flow comprises a source address and a destination address. For more information, see Cisco IOS XR Multiprotocol Label Switching Command Reference.

To display the path a bundle flow would take, use the bundle-hash command. The bundle flow comprises a source and a destination address. For more information, see Cisco IOS XR Interface and Hardware Component Command Reference.

To verify the IPv4 7-tuple parameters, perform the following steps:

Step 1 Configure parallel interfaces between back-to-back routers.

Step 2 Create route traffic streams so that there is a stream placed onto each configured interface.

Step 3 Use the show cef ipv4 exact-route command in EXEC mode to verify that the interface selected for load balancing matches with the output from this command. The following example shows the exact route for the Layer 4 information: 

RP/0/RP0/CPU0:router# show cef ipv4 exact-route 20.6.1.9 22.6.1.9 protocol udp source-port 
1 destination-port 1 ingress-interface GigabitEthernet 0/1/0/4


22.6.1.9/32 version 0, internal 0x40040001 (0x78439fd0) [3], 0x0 (0x78aaf928), 0x4400 
(0x78ed62d0)  remote adjacency to POS0/1/4/4  Prefix Len 32, traffic index 0, precedence 
routine (0)

   via POS0/1/4/4

To verify the IPv6 7-tuple parameters, perform the following steps:

Step 1 Configure Equal Cost Multipath Protocol (ECMP) interfaces, for example, between back-to-back routers.

Step 2 Create route traffic streams so that there is a stream placed onto each configured interface.

Step 3 Use the show cef ipv6 exact-route command in EXEC mode to verify that the interface selected for load balancing matches with the output from this command. The following example shows the exact route for the Layer 4 information: 

RP/0/RP0/CPU0:router# show cef ipv6 exact-route 20:6:1::9 22:6:1::9 protocol udp 
source-port 1 destination-port 1 ingress-interface GigabitEthernet 0/1/0/4 


22:6:1::/64, version 0, internal 0x40000001 (0x7846c048) [3], 0x0 (0x78aea3d0), 0x0 (0x0)  
remote adjacency to POS0/1/4/4  Prefix Len 64, traffic index 0, precedence routine (0)

   via POS0/1/4/4

Configuring OSPFv2 SPF Prefix Prioritization

This task allows you to configure OSPFv2 SPF prefix prioritization.

SUMMARY STEPS

1. configure

2. prefix-set prefix-set name

3. route-policy route-policy name if destination in prefix-set name then set spf-priority {critical | high | medium} endif

4. router ospf ospf name

5. spf prefix-priority route-policy route-policy name

6. end
or
commit

7. show rpl route-policy route-policy name [detail]

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

configure

Example:

RP/0/RP0/CPU0:router# configure

Enters global configuration mode.

Step 2 

prefix-set prefix-set name

Example:

RP/0/RP0/CPU0:router(config)#prefix-set ospf-critical-prefixes

RP/0/RP0/CPU0:router(config-pfx)#

RP/0/RP0/CPU0:router(config-pfx)#66.0.0.0/16

RP/0/RP0/CPU0:router(config-pfx)#end-set

RP/0/RP0/CPU0:router(config)#

Configures the prefix set.

Step 3 

route-policy route-policy name if destination in prefix-set name then set spf-priority {critical | high | medium} endif

Example:

RP/0/RP0/CPU0:router(config)#route-policy ospf-spf-priority

RP/0/RP0/CPU0:router(config-rpl)#

RP/0/RP0/CPU0:router(config-rpl)#if destination in ospf-critical-prefixes then set spf-priority critical

endif

RP/0/RP0/CPU0:router(config-rpl)#end-policy

RP/0/RP0/CPU0:router(config)#

Configures route policy and sets OSPF SPF priority.

Step 4 

router ospf ospf name

Example:

RP/0/RP0/CPU0:router(config)# router ospf 1

RP/0/RP0/CPU0:router(config-ospf)#

RP/0/RP0/CPU0:router(config-ospf)# router-id 66.0.0.1

Enters ospf configuration mode.

Step 5 

spf prefix-priority route-policy route-policy name

Example:

RP/0/RP0/CPU0:router(config-ospf)# spf prefix-priority route-policy ospf-spf-priority

RP/0/RP0/CPU0:router(config-ospf)#

Configures spf prefix-priority for the defined route policy.

Note Configure the spf prefix-priority command under router OSPF.

Step 6 

end
or
commit

Example:

RP/0/RP0/CPU0:router(config-ospf)# end
or
RP/0/RP0/CPU0:router(config-ospf)# commit

Saves configuration changes.

When you issue the end command, the system prompts you to commit changes: 

Uncommitted changes found, commit them 
before exiting(yes/no/cancel)? 
[cancel]:

Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.

Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.

Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.

Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

Step 7 

show rpl route-policy route-policy name detail

Example:

RP/0/RP0/CPU0:router#show rpl route-policy ospf-spf-priority detail

prefix-set ospf-critical-prefixes

66.0.0.0/16

end-set

!

route-policy ospf-spf-priority

if destination in ospf-critical-prefixes then

set spf-priority critical

endif

end-policy

!

Displays the set SPF prefix priority.

Configuring BGP Attributes Download

This task allows you to configure the BGP Attributes Download feature.

SUMMARY OF STEPS

1. configure

2. cef bgp attribute {attribute-id | local-attribute-id}

3. end
or
commit

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

configure

Example:

RP/0/RP0/CPU0:router# configure

Enters global configuration mode.

Step 2 

cef bgp attribute {attribute-id|local-attribute-id}

Example:

RP/0/RP0/CPU0:router(config)#cef bgp attribute {attribute-id| local-attribute-id}

Configures a CEF BGP attribute.

Step 3 

end
or
commit

Example:

RP/0/RP0/CPU0:router(config)# end

or

RP/0/RP0/CPU0:router(config)# commit

Saves configuration changes.

When you issue the end command, the system prompts you to commit changes: 

Uncommitted changes found, commit them 
before exiting(yes/no/cancel)? 
[cancel]:

Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.

Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.

Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.

Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

Configuration Examples for Implementing CEF on Cisco IOS XR Software

This section provides the following configuration examples:

Configuring BGP Policy Accounting: Example

Verifying BGP Policy Statistics: Example

Configuring Unicast RPF Checking: Example

Configuring the Switching of Modular Services Card to Management Ethernet Interfaces on the Route Processor: Example

Configuring Per-Flow Load Balancing: Example

Configuring OSPFv2 SPF Prefix Prioritization: Example

Configuring BGP Attributes Download: Example

Configuring BGP Policy Accounting: Example

The following example shows how to configure BGP policy accounting.

Configure loopback interfaces for BGP router-id: 

interface Loopback1

ipv4 address 190.1.1.1 255.255.255.255

Configure interfaces with the BGP policy accounting options: 

interface TenGigE0/2/0/2

 mtu 1514

 ipv4 address 17.1.0.1 255.255.255.0

 proxy-arp

 ipv4 directed-broadcast

 ipv4 bgp policy accounting input source-accounting destination-accounting

 ipv4 bgp policy accounting output source-accounting destination-accounting

!

interface TenGigE0/2/0/2.1

 ipv4 address 17.1.1.1 255.255.255.0

 ipv4 bgp policy accounting input source-accounting destination-accounting

 ipv4 bgp policy accounting output source-accounting destination-accounting

 dot1q vlan 1

!

interface TenGigE0/2/0/4

 mtu 1514

 ipv4 address 18.1.0.1 255.255.255.0

 proxy-arp

 ipv4 directed-broadcast

 ipv4 bgp policy accounting input source-accounting destination-accounting

 ipv4 bgp policy accounting output source-accounting destination-accounting

!

interface TenGigE0/2/0/4.1

 ipv4 address 18.1.1.1 255.255.255.0

 ipv4 bgp policy accounting input source-accounting destination-accounting

 ipv4 bgp policy accounting output source-accounting destination-accounting

 dot1q vlan 1

!

interface POS0/0/0/4

 mtu 4474

 ipv4 address 4.1.0.1 255.255.0.0

 ipv4 directed-broadcast

 ipv4 bgp policy accounting input source-accounting destination-accounting

 ipv4 bgp policy accounting output source-accounting destination-accounting

 encapsulation ppp

 pos

  crc 32

 !

 keepalive disable

!

interface POS0/0/0/8

 mtu 4474

 ipv4 address 8.1.0.1 255.255.0.0

 ipv4 directed-broadcast

 ipv4 bgp policy accounting input source-accounting destination-accounting

 ipv4 bgp policy accounting output source-accounting destination-accounting

 pos

  crc 32

 !

 keepalive disable

!

Configure controller: 

controller SONET0/0/0/4

 ais-shut

 path

  ais-shut

 !

 threshold sf-ber 5

!

controller SONET0/0/0/8

 ais-shut

 path

  ais-shut

 !

 threshold sf-ber 5

!

Configure AS-path-set and prefix-set: 

as-path-set as107

  ios-regex '107$'

end-set


as-path-set as108

  ios-regex '108$'

end-set


prefix-set RT-65.0

  65.0.0.0/16 ge 16 le 32

end-set


prefix-set RT-66.0

  66.0.0.0/16 ge 16 le 32

end-set

Configure the route-policy (table-policy) to set up the traffic indexes based on each prefix, AS-path-set, and prefix-set: 

route-policy bpa1


  if destination in  (27.1.1.0/24) then

    set traffic-index 1

  elseif destination in  (27.1.2.0/24) then

    set traffic-index 2

  elseif destination in  (27.1.3.0/24) then

    set traffic-index 3

  elseif destination in  (27.1.4.0/24) then

    set traffic-index 4

  elseif destination in  (27.1.5.0/24) then

    set traffic-index 5

  endif


  if destination in  (28.1.1.0/24) then

    set traffic-index 6

  elseif destination in  (28.1.2.0/24) then

    set traffic-index 7

  elseif destination in  (28.1.3.0/24) then

    set traffic-index 8

  elseif destination in  (28.1.4.0/24) then

    set traffic-index 9

  elseif destination in  (28.1.5.0/24) then

    set traffic-index 10

  endif


  if as-path in as107 then

       set traffic-index 7

  elseif as-path in as108 then

       set traffic-index 8

  endif


  if destination in RT-65.0 then

     set traffic-index 15

  elseif destination in RT-66.0 then

     set traffic-index 16

  endif


end-policy

Configure the regular BGP route-policy to pass or drop all the BGP routes: 

route-policy drop-all

  drop

end-policy

!

route-policy pass-all

  pass

end-policy

!

Configure the BGP router and apply the table-policy to the global ipv4 address family: 

router bgp 100

 bgp router-id Loopback1

 bgp graceful-restart

 bgp as-path-loopcheck

 address-family ipv4 unicast

  table-policy bpa1

  maximum-paths 8

  bgp dampening

 !

Configure the BGP neighbor-group: 

neighbor-group ebgp-peer-using-int-addr

  address-family ipv4 unicast

   policy pass-all in

   policy drop-all out

  !

 !

 neighbor-group ebgp-peer-using-int-addr-121

  remote-as 121

  address-family ipv4 unicast

   policy pass-all in

   policy drop-all out

  !

 !

 neighbor-group ebgp-peer-using-int-addr-pass-out

  address-family ipv4 unicast

   policy pass-all in

   policy pass-all out

  !

 !

Configure BGP neighbors: 

neighbor 4.1.0.2

  remote-as 107

  use neighbor-group ebgp-peer-using-int-addr

 !

 neighbor 8.1.0.2

  remote-as 108

  use neighbor-group ebgp-peer-using-int-addr

 !

 neighbor 17.1.0.2

  use neighbor-group ebgp-peer-using-int-addr-121

 !

 neighbor 17.1.1.2

  use neighbor-group ebgp-peer-using-int-addr-121

 !

neighbor 18.1.0.2

  remote-as 122

  use neighbor-group ebgp-peer-using-int-addr

 !

 neighbor 18.1.1.2

  remote-as 1221

  use neighbor-group ebgp-peer-using-int-addr

 !

end

Verifying BGP Policy Statistics: Example

The following example shows how to verify the traffic index setup for each BGP prefix and BGP Policy Accounting statistics on ingress and egress interfaces. The following traffic stream is configured for this example:

Traffic comes in from TenGigE0/2/0/4 and goes out to 5 VLAN subinterfaces under TenGigE0/2/0/2

Traffic comes in from POS0/0/08 and goes out to POS0/0/0/4 

show cef ipv4 interface POS0/0/0/8 bgp-policy-statistics


POS0/0/0/8 is up 

Input BGP policy accounting on dst IP address enabled

  buckets      packets       bytes

  7            5001160   500116000

  15          10002320  1000232000

Input BGP policy accounting on src IP address enabled

  buckets      packets       bytes

  8            5001160   500116000

  16          10002320  1000232000

Output BGP policy accounting on dst IP address enabled

  buckets      packets       bytes

  0                 15         790

Output BGP policy accounting on src IP address enabled

  buckets      packets       bytes

  0                 15         790


show cef ipv4 interface POS0/0/0/4 bgp-policy-statistics


POS0/0/0/4 is up 

Input BGP policy accounting on dst IP address enabled

  buckets      packets       bytes

Input BGP policy accounting on src IP address enabled

  buckets      packets       bytes

Output BGP policy accounting on dst IP address enabled

  buckets      packets       bytes

  0                 13         653

  7            5001160   500116000

  15          10002320  1000232000

Output BGP policy accounting on src IP address enabled

  buckets      packets       bytes

  0                 13         653

  8            5001160   500116000

  16          10002320  1000232000


show cef ipv4 interface TenGigE0/2/0/4 bgp-policy-statistics 


TenGigE0/2/0/4 is up 

Input BGP policy accounting on dst IP address enabled

  buckets      packets       bytes

  1            3297102   329710200

  2            3297102   329710200

  3            3297102   329710200

  4            3297101   329710100

  5            3297101   329710100

Input BGP policy accounting on src IP address enabled

  buckets      packets       bytes

  6            3297102   329710200

  7            3297102   329710200

  8            3297102   329710200

  9            3297101   329710100

  10           3297101   329710100

Output BGP policy accounting on dst IP address enabled

  buckets      packets       bytes

  0                 15         733

Output BGP policy accounting on src IP address enabled

  buckets      packets       bytes

  0                 15         733


show cef ipv4 interface TenGigE0/2/0/2.1 bgp-policy-statistics


TenGigE0/2/0/2.1 is up 

Input BGP policy accounting on dst IP address enabled

  buckets      packets       bytes

Input BGP policy accounting on src IP address enabled

  buckets      packets       bytes

Output BGP policy accounting on dst IP address enabled

  buckets      packets       bytes

  0                 15         752

  1            3297102   329710200

  2            3297102   329710200

  3            3297102   329710200

  4            3297101   329710100

  5            3297101   329710100

Output BGP policy accounting on src IP address enabled

  buckets      packets       bytes

  0                 15         752

  6            3297102   329710200

  7            3297102   329710200

  8            3297102   329710200

  9            3297101   329710100

  10           3297101   329710100

The following example show how to verify BGP routes and traffic indexes: 

show route bgp


B    27.1.1.0/24 [20/0] via 17.1.1.2, 00:07:09

      Traffic Index 1

B    27.1.2.0/24 [20/0] via 17.1.1.2, 00:07:09

      Traffic Index 2

B    27.1.3.0/24 [20/0] via 17.1.1.2, 00:07:09

      Traffic Index 3

B    27.1.4.0/24 [20/0] via 17.1.1.2, 00:07:09

      Traffic Index 4

B    27.1.5.0/24 [20/0] via 17.1.1.2, 00:07:09

      Traffic Index 5

B    28.1.1.0/24 [20/0] via 18.1.1.2, 00:07:09

      Traffic Index 6

B    28.1.2.0/24 [20/0] via 18.1.1.2, 00:07:09

      Traffic Index 7

B    28.1.3.0/24 [20/0] via 18.1.1.2, 00:07:09

      Traffic Index 8

B    28.1.4.0/24 [20/0] via 18.1.1.2, 00:07:09

      Traffic Index 9

B    28.1.5.0/24 [20/0] via 18.1.1.2, 00:07:09

      Traffic Index 10

B    65.0.1.0/24 [20/0] via 4.1.0.2, 00:07:09

      Traffic Index 15

B    65.0.2.0/24 [20/0] via 4.1.0.2, 00:07:09

      Traffic Index 15

B    65.0.3.0/24 [20/0] via 4.1.0.2, 00:07:09

      Traffic Index 15

B    65.0.4.0/24 [20/0] via 4.1.0.2, 00:07:09

      Traffic Index 15

B    65.0.5.0/24 [20/0] via 4.1.0.2, 00:07:09

      Traffic Index 15

B    65.0.6.0/24 [20/0] via 4.1.0.2, 00:07:09

      Traffic Index 15

B    65.0.7.0/24 [20/0] via 4.1.0.2, 00:07:09

      Traffic Index 15

B    65.0.8.0/24 [20/0] via 4.1.0.2, 00:07:09

      Traffic Index 15

B    65.0.9.0/24 [20/0] via 4.1.0.2, 00:07:09

      Traffic Index 15

B    65.0.10.0/24 [20/0] via 4.1.0.2, 00:07:09

      Traffic Index 15

B    66.0.1.0/24 [20/0] via 8.1.0.2, 00:07:09

      Traffic Index 16

B    66.0.2.0/24 [20/0] via 8.1.0.2, 00:07:09

      Traffic Index 16

B    66.0.3.0/24 [20/0] via 8.1.0.2, 00:07:09

      Traffic Index 16

B    66.0.4.0/24 [20/0] via 8.1.0.2, 00:07:09

      Traffic Index 16

B    66.0.5.0/24 [20/0] via 8.1.0.2, 00:07:09

      Traffic Index 16

B    66.0.6.0/24 [20/0] via 8.1.0.2, 00:07:09

      Traffic Index 16

B    66.0.7.0/24 [20/0] via 8.1.0.2, 00:07:09

      Traffic Index 16

B    66.0.8.0/24 [20/0] via 8.1.0.2, 00:07:09

      Traffic Index 16

B    66.0.9.0/24 [20/0] via 8.1.0.2, 00:07:09

      Traffic Index 16

B    66.0.10.0/24 [20/0] via 8.1.0.2, 00:07:09

      Traffic Index 16

B    67.0.1.0/24 [20/0] via 4.1.0.2, 00:07:09

      Traffic Index 7

B    67.0.2.0/24 [20/0] via 4.1.0.2, 00:07:09

      Traffic Index 7

B    67.0.3.0/24 [20/0] via 4.1.0.2, 00:07:09

      Traffic Index 7

B    67.0.4.0/24 [20/0] via 4.1.0.2, 00:07:09

      Traffic Index 7

B    67.0.5.0/24 [20/0] via 4.1.0.2, 00:07:09

      Traffic Index 7

B    67.0.6.0/24 [20/0] via 4.1.0.2, 00:07:09

      Traffic Index 7

B    67.0.7.0/24 [20/0] via 4.1.0.2, 00:07:09

      Traffic Index 7

B    67.0.8.0/24 [20/0] via 4.1.0.2, 00:07:09

      Traffic Index 7

B    67.0.9.0/24 [20/0] via 4.1.0.2, 00:07:09

      Traffic Index 7

B    67.0.10.0/24 [20/0] via 4.1.0.2, 00:07:09

      Traffic Index 7

B    68.0.1.0/24 [20/0] via 8.1.0.2, 00:07:09

      Traffic Index 8

B    68.0.2.0/24 [20/0] via 8.1.0.2, 00:07:09

      Traffic Index 8

B    68.0.3.0/24 [20/0] via 8.1.0.2, 00:07:09

      Traffic Index 8

B    68.0.4.0/24 [20/0] via 8.1.0.2, 00:07:09

      Traffic Index 8

B    68.0.5.0/24 [20/0] via 8.1.0.2, 00:07:09

      Traffic Index 8

B    68.0.6.0/24 [20/0] via 8.1.0.2, 00:07:09

      Traffic Index 8

B    68.0.7.0/24 [20/0] via 8.1.0.2, 00:07:09

      Traffic Index 8

B    68.0.8.0/24 [20/0] via 8.1.0.2, 00:07:09

      Traffic Index 8

B    68.0.9.0/24 [20/0] via 8.1.0.2, 00:07:09

      Traffic Index 8

B    68.0.10.0/24 [20/0] via 8.1.0.2, 00:07:09

      Traffic Index 8


show bgp summary


BGP router identifier 190.1.1.1, local AS number 100

BGP generic scan interval 60 secs

BGP main routing table version 151

Dampening enabled

BGP scan interval 60 secs

BGP is operating in STANDALONE mode.


Process         RecvTblVer    bRIB/RIB  SendTblVer

Speaker                151         151         151


Neighbor        Spk    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  St/PfxRcd

4.1.0.2           0   107      54      53      151    0    0 00:25:26       20

8.1.0.2           0   108      54      53      151    0    0 00:25:28       20

17.1.0.2          0   121      53      54      151    0    0 00:25:42        0

17.1.1.2          0   121      53      53      151    0    0 00:25:06        5

17.1.2.2          0   121      52      54      151    0    0 00:25:04        0

17.1.3.2          0   121      52      53      151    0    0 00:25:26        0

17.1.4.2          0   121      53      54      151    0    0 00:25:41        0

17.1.5.2          0   121      53      54      151    0    0 00:25:43        0

17.1.6.2          0   121      51      53      151    0    0 00:24:59        0

17.1.7.2          0   121      51      52      151    0    0 00:24:44        0

17.1.8.2          0   121      51      52      151    0    0 00:24:49        0

18.1.0.2          0   122      52      54      151    0    0 00:25:21        0

18.1.1.2          0  1221      54      54      151    0    0 00:25:43        5

18.1.2.2          0  1222      53      54      151    0    0 00:25:38        0

18.1.3.2          0  1223      52      53      151    0    0 00:25:17        0

18.1.4.2          0  1224      51      52      151    0    0 00:24:57        0

18.1.5.2          0  1225      52      53      151    0    0 00:25:14        0

18.1.6.2          0  1226      52      54      151    0    0 00:25:04        0

18.1.7.2          0  1227      52      54      151    0    0 00:25:13        0

18.1.8.2          0  1228      53      54      151    0    0 00:25:36        0


show bgp 27.1.1.1


BGP routing table entry for 27.1.1.0/24

Versions:

  Process           bRIB/RIB  SendTblVer

  Speaker                102         102

Paths: (1 available, best #1)

  Not advertised to any peer

  Received by speaker 0

  121

    17.1.1.2 from 17.1.1.2 (17.1.1.2)

      Origin incomplete, localpref 100, valid, external, best

      Community: 27:1 121:1


show bgp 28.1.1.1


BGP routing table entry for 28.1.1.0/24

Versions:

  Process           bRIB/RIB  SendTblVer

  Speaker                107         107

Paths: (1 available, best #1)

  Not advertised to any peer

  Received by speaker 0

  1221

    18.1.1.2 from 18.1.1.2 (18.1.1.2)

      Origin incomplete, localpref 100, valid, external, best

      Community: 28:1 1221:1


show bgp 65.0.1.1


BGP routing table entry for 65.0.1.0/24

Versions:

  Process           bRIB/RIB  SendTblVer

  Speaker                112         112

Paths: (1 available, best #1)

  Not advertised to any peer

  Received by speaker 0

  107

    4.1.0.2 from 4.1.0.2 (4.1.0.2)

      Origin incomplete, localpref 100, valid, external, best

      Community: 107:65


show bgp 66.0.1.1


BGP routing table entry for 66.0.1.0/24

Versions:

  Process           bRIB/RIB  SendTblVer

  Speaker                122         122

Paths: (1 available, best #1)

  Not advertised to any peer

  Received by speaker 0

  108

    8.1.0.2 from 8.1.0.2 (8.1.0.2)

      Origin incomplete, localpref 100, valid, external, best

      Community: 108:66


show bgp 67.0.1.1


BGP routing table entry for 67.0.1.0/24

Versions:

  Process           bRIB/RIB  SendTblVer

  Speaker                132         132

Paths: (1 available, best #1)

  Not advertised to any peer

  Received by speaker 0

  107

    4.1.0.2 from 4.1.0.2 (4.1.0.2)

      Origin incomplete, localpref 100, valid, external, best

      Community: 107:67


show bgp 68.0.1.1


BGP routing table entry for 68.0.1.0/24

Versions:

  Process           bRIB/RIB  SendTblVer

  Speaker                142         142

Paths: (1 available, best #1)

  Not advertised to any peer

  Received by speaker 0

  108

    8.1.0.2 from 8.1.0.2 (8.1.0.2)

      Origin incomplete, localpref 100, valid, external, best

      Community: 108:68


show route ipv4 27.1.1.1


Routing entry for 27.1.1.0/24

  Known via "bgp 100", distance 20, metric 0

  Tag 121, type external, Traffic Index 1

  Installed Nov 11 21:14:05.462

  Routing Descriptor Blocks

    17.1.1.2, from 17.1.1.2

      Route metric is 0

  No advertising protos. 


show route ipv4 28.1.1.1


Routing entry for 28.1.1.0/24

  Known via "bgp 100", distance 20, metric 0

  Tag 1221, type external, Traffic Index 6

  Installed Nov 11 21:14:05.462

  Routing Descriptor Blocks

    18.1.1.2, from 18.1.1.2

      Route metric is 0

  No advertising protos. 


show route ipv4 65.0.1.1


Routing entry for 65.0.1.0/24

  Known via "bgp 100", distance 20, metric 0

  Tag 107, type external, Traffic Index 15

  Installed Nov 11 21:14:05.462

  Routing Descriptor Blocks

    4.1.0.2, from 4.1.0.2

      Route metric is 0

  No advertising protos. 


show route ipv4 66.0.1.1


Routing entry for 66.0.1.0/24

  Known via "bgp 100", distance 20, metric 0

  Tag 108, type external, Traffic Index 16

  Installed Nov 11 21:14:05.462

  Routing Descriptor Blocks

    8.1.0.2, from 8.1.0.2

      Route metric is 0

  No advertising protos. 


show route ipv4 67.0.1.1


Routing entry for 67.0.1.0/24

  Known via "bgp 100", distance 20, metric 0

  Tag 107, type external, Traffic Index 7

  Installed Nov 11 21:14:05.462

  Routing Descriptor Blocks

    4.1.0.2, from 4.1.0.2

      Route metric is 0

  No advertising protos. 


show route ipv4 68.0.1.1


Routing entry for 68.0.1.0/24

  Known via "bgp 100", distance 20, metric 0

  Tag 108, type external, Traffic Index 8

  Installed Nov 11 21:14:05.462

  Routing Descriptor Blocks

    8.1.0.2, from 8.1.0.2

      Route metric is 0

  No advertising protos. 


show cef ipv4 27.1.1.1


27.1.1.0/24, version 263, source-destination sharing

Prefix Len 24, Traffic Index 1, precedence routine (0)

  via 17.1.1.2, 0 dependencies, recursive

    next hop 17.1.1.2/24, TenGigE0/2/0/2.1 via 17.1.1.0/24

    valid remote adjacency

  Recursive load sharing using 17.1.1.0/24


show cef ipv4 28.1.1.1


28.1.1.0/24, version 218, source-destination sharing

Prefix Len 24, Traffic Index 6, precedence routine (0)

  via 18.1.1.2, 0 dependencies, recursive

    next hop 18.1.1.2/24, TenGigE0/2/0/4.1 via 18.1.1.0/24

    valid remote adjacency

  Recursive load sharing using 18.1.1.0/24


show cef ipv4 65.0.1.1


65.0.1.0/24, version 253, source-destination sharing

Prefix Len 24, Traffic Index 15, precedence routine (0)

  via 4.1.0.2, 0 dependencies, recursive

    next hop 4.1.0.2/16, POS0/0/0/4 via 4.1.0.0/16

    valid remote adjacency

  Recursive load sharing using 4.1.0.0/16


show cef ipv4 66.0.1.1


66.0.1.0/24, version 233, source-destination sharing

Prefix Len 24, Traffic Index 16, precedence routine (0)

  via 8.1.0.2, 0 dependencies, recursive

    next hop 8.1.0.2/16, POS0/0/0/8 via 8.1.0.0/16

    valid remote adjacency

  Recursive load sharing using 8.1.0.0/16


show cef ipv4 67.0.1.1


67.0.1.0/24, version 243, source-destination sharing

Prefix Len 24, Traffic Index 7, precedence routine (0)

  via 4.1.0.2, 0 dependencies, recursive

    next hop 4.1.0.2/16, POS0/0/0/4 via 4.1.0.0/16

    valid remote adjacency

  Recursive load sharing using 4.1.0.0/16


show cef ipv4 68.0.1.1


68.0.1.0/24, version 223, source-destination sharing

Prefix Len 24, Traffic Index 8, precedence routine (0)

  via 8.1.0.2, 0 dependencies, recursive

    next hop 8.1.0.2/16, POS0/0/0/8 via 8.1.0.0/16

    valid remote adjacency

  Recursive load sharing using 8.1.0.0/16


show cef ipv4 27.1.1.1 detail


27.1.1.0/24, version 263, source-destination sharing

Prefix Len 24, Traffic Index 1, precedence routine (0)

  via 17.1.1.2, 0 dependencies, recursive

    next hop 17.1.1.2/24, TenGigE0/2/0/2.1 via 17.1.1.0/24

    valid remote adjacency


  Recursive load sharing using 17.1.1.0/24

  Load distribution: 0 (refcount 6)


  Hash  OK  Interface                 Address  Packets

  1     Y   TenGigE0/2/0/2.1          (remote)               0


show cef ipv4 28.1.1.1 detail


28.1.1.0/24, version 218, source-destination sharing

Prefix Len 24, Traffic Index 6, precedence routine (0)

  via 18.1.1.2, 0 dependencies, recursive

    next hop 18.1.1.2/24, TenGigE0/2/0/4.1 via 18.1.1.0/24

    valid remote adjacency


  Recursive load sharing using 18.1.1.0/24

  Load distribution: 0 (refcount 6)


  Hash  OK  Interface                 Address  Packets

  1     Y   TenGigE0/2/0/4.1          (remote)               0


show cef ipv4 65.0.1.1 detail


65.0.1.0/24, version 253, source-destination sharing

Prefix Len 24, Traffic Index 15, precedence routine (0)

  via 4.1.0.2, 0 dependencies, recursive

    next hop 4.1.0.2/16, POS0/0/0/4 via 4.1.0.0/16

    valid remote adjacency


  Recursive load sharing using 4.1.0.0/16

  Load distribution: 0 (refcount 21)


  Hash  OK  Interface                 Address  Packets

  1     Y   POS0/0/0/4                (remote)               0


show cef ipv4 66.0.1.1 detail


66.0.1.0/24, version 233, source-destination sharing

Prefix Len 24, Traffic Index 16, precedence routine (0)

  via 8.1.0.2, 0 dependencies, recursive

    next hop 8.1.0.2/16, POS0/0/0/8 via 8.1.0.0/16

    valid remote adjacency


  Recursive load sharing using 8.1.0.0/16

  Load distribution: 0 (refcount 21)


  Hash  OK  Interface                 Address  Packets

  1     Y   POS0/0/0/8                (remote)               0


show cef ipv4 67.0.1.1 detail


67.0.1.0/24, version 243, source-destination sharing

Prefix Len 24, Traffic Index 7, precedence routine (0)

  via 4.1.0.2, 0 dependencies, recursive

    next hop 4.1.0.2/16, POS0/0/0/4 via 4.1.0.0/16

    valid remote adjacency


  Recursive load sharing using 4.1.0.0/16

  Load distribution: 0 (refcount 21)


  Hash  OK  Interface                 Address  Packets

  1     Y   POS0/0/0/4                (remote)               0


show cef ipv4 68.0.1.1 detail


68.0.1.0/24, version 223, source-destination sharing

Prefix Len 24, Traffic Index 8, precedence routine (0)

  via 8.1.0.2, 0 dependencies, recursive

    next hop 8.1.0.2/16, POS0/0/0/8 via 8.1.0.0/16

    valid remote adjacency


  Recursive load sharing using 8.1.0.0/16

  Load distribution: 0 (refcount 21)


  Hash  OK  Interface                 Address  Packets

  1     Y   POS0/0/0/8                (remote)               0

Configuring Unicast RPF Checking: Example

The following example shows how to configure unicast RPF checking: 

configure

interface POS 0/0/0/1

ipv4 verify unicast source reachable-via rx

end

Configuring the Switching of Modular Services Card to Management Ethernet Interfaces on the Route Processor: Example

The following example shows how to configure the switching of the MSC to Management Ethernet interfaces on the route processor: 

configure

rp mgmtethernet forwarding

end

Configuring Per-Flow Load Balancing: Example

The following example shows how to configure Layer 3 and Layer 4 load-balancing for the hash algorithm from the cef load-balancing fields command, and how to verify summary information for the CEF table from the show cef summary command: 

configure

 cef load-balancing fields L4

 end

 !

show cef summary


Router ID is 1.1.1.101


IP CEF with switching (Table Version 0) for node0_RP0_CPU0


  Load balancing: L4

  Tableid 0xe0000000, Vrfid 0x60000000, Vrid 0x20000000, Flags 0x301

  Vrfname default, Refcount 286242

  286122 routes, 0 reresolve, 0 unresolved (0 old, 0 new), 20600784 bytes

  11124 load sharing elements, 3014696 bytes, 297064 references

  8 shared load sharing elements, 3008 bytes

  11116 exclusive load sharing elements, 3011688 bytes

  0 CEF route update drops, 3900571 revisions of existing leaves

  Resolution Timer: 15s

  0 prefixes modified in place

  0 deleted stale prefixes

  0 prefixes with label imposition, 11032 prefixes with label information Adjacency Table 
has 15 adjacencies

  1 incomplete adjacency

Configuring OSPFv2 SPF Prefix Prioritization: Example

The following example shows how to configure /32 prefixes as medium-priority, in general, in addition to placing some /32 and /24 prefixes in critical-priority and high-priority queues: 

sh rpl route-policy ospf-priority detail 

prefix-set ospf-critical-prefixes 

192.41.5.41/32, 

11.1.3.0/24, 

192.168.0.44/32 

end-set 

! 

prefix-set ospf-high-prefixes 

44.4.10.0/24, 

192.41.4.41/32, 

41.4.41.41/32 

end-set 

! 

prefix-set ospf-medium-prefixes 

0.0.0.0/0 ge 32 

end-set 

! 


route-policy ospf-priority

  if destination in ospf-high-prefixes then

    set spf-priority high

  else

    if destination in ospf-critical-prefixes then

      set spf-priority critical

    else

      if destination in ospf-medium-prefixes then

        set spf-priority medium

      endif

    endif

  endif

end-policy



RP/0/1/CPU0:ospf-4-1# sh run router ospf

router ospf 1

 spf prefix-priority route-policy ospf-priority

 area 0

  interface POS0/3/0/0

  !

 !

 area 3

  interface GigabitEthernet0/2/0/0

  !

 !

 area 8

  interface GigabitEthernet0/2/0/0.590

  !

 !

!

Configuring BGP Attributes Download: Example

The following example shows how to configure the BGP Attributes Download feature: 

router configure

show cef bgp attribute {attribute-id| local-attribute-id}

Additional References

The following sections provide references related to implementing CEF on Cisco IOS XR software.

Related Documents

Related Topic
Document Title

Cisco IOS XR CEF commands: complete command syntax, command modes, command history, defaults, usage guidelines, and examples

Cisco Express Forwarding Commands on Cisco IOS XR Software module in Cisco IOS XR IP Addresses and Services Command Reference

BGP commands: complete command syntax, command modes, command history, defaults, usage guidelines, and examples

BGP Commands on Cisco IOS XR Software module in Cisco IOS XR Routing Command Reference

Link Bundling Commands: complete command syntax, command modes, command history, defaults, usage guidelines, and examples

Link Bundling Commands on Cisco IOS XR Software module in Cisco IOS XR Interface and Hardware Component Command Reference


Standards

Standards
Title

No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.


MIBs

MIBs
MIBs Link

To locate and download MIBs using Cisco IOS XR software, use the Cisco MIB Locator found at the following URL and choose a platform under the Cisco Access Products menu: http://cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml


RFCs

RFCs
Title

No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature.


Technical Assistance

Description
Link

The Cisco Technical Support website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.

http://www.cisco.com/techsupport