Your SlideShare is downloading. ×
CEFv6
If you have to Troubleshoot CISCO device One day you will have to deal with CEF!
No DATA PLANE Troubleshooting witho...
Rl# s h o w i p v 6 c e f 2 0 0 1 : d b 8 : c a f e : 1 0 : : / 6 4 i n t e r n a l
2 0 0 1 : D B 8 : C A F E : 1 0 : : / ...
© Frédéric Bovy 153
CEFv6 – Adjacency Entry
R1#show adjacency FE80::C801:4FF:FE94:6 internal
Protocol Interface Address
IP...
Upcoming SlideShare
Loading in...5
×

CEFv6 in a nutshell

343

Published on

CISCO Express Forwarding details

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
343
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
14
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Transcript of "CEFv6 in a nutshell"

  1. 1. CEFv6 If you have to Troubleshoot CISCO device One day you will have to deal with CEF! No DATA PLANE Troubleshooting without CEFv6!... If you are looking for the Engineering Team with really high skills guys at cisco you are looking for the CEF team! These guys need to do two things mutually exclusives and this all the time: They must support a maximum number of services and at the same time they must design the fastest code because all the cisco switching performances rely on CEF! If an IP feature is not supported by CEF, the feature has no future if it has also to be Efficient. if it is a slow terminal conversion things which need the speed of typing with one finger, fine! but if it must support wire speed? Forget it! WHY??? We need to get back to the basics of computers to understand... When a packet is received by an ASIC specialized to process the data coming from a Physical Media port, an Interrupt is sent to the CPU. An interrupt is a Signal Transition like 0 to +5v or the opposite. The Interrupt is raised by the Physical Media Processor to tell the CPU that it has a packet just like the Postman set up the flag after it has dropped a few mails in your mailbox! Guess who is called first by the CPU when it gets the interrupt signal? CEF... Now CEF must take a decision either switch the packet in interrupt mode, either Q the packet for further processing in a time sharing fashion. It is clear that Real-Time traffic will only be supported by the Interrupt mode. So where is the problem? The process in interrupt mode disables any other interrupt. The other Line Cards have a dedicated ASIC with MEmory to accomodate a few packet but not too much... The process must process the packet as fast as possible for the protocol which is being routed and for the other traffic waiting to be processed. This is why complex operation cannot be supported by CEF and this has been the case of NAT-PT in IPv6!
  2. 2. Rl# s h o w i p v 6 c e f 2 0 0 1 : d b 8 : c a f e : 1 0 : : / 6 4 i n t e r n a l 2 0 0 1 : D B 8 : C A F E : 1 0 : : / 6 4 , e p o c h 0 , R I B [ I ] , r e f c o u n t 4 , p e r - d e s t i n a t i o n s h a r i n g s o u r c e s : R I B f e a t u r e s p a c e : IPRM: 0 x 0 0 0 3 8 0 0 0 i f n u m s : F a s t E t h e r n e t 0 / 1 . 1 1 ( 1 1 ) : F E 8 0 : : C 8 0 1 : 4 F F : F E 9 4 : 6 p a t h 6 8 2 2 B A 1 C, p a t h l i s t 6 8 2 2 A 7 7 C, s h a r e 1 / 1 , t y p e a t t a c h e d n e x t h o p , f o r I P v 6 nexthop FE80::C801:4FF:FE94:6 FastEthernet0/1.11, adjacency IPV6 adj out of FastEthernet0/1.11, addr 7 E 8 0 : : C 8 0 1 : 4 F F : F E 9 4 : o u t p u t c h a i n : I P V a d j 66F91060 1 This is t he neighbor next-hop and cannot IDEI anything else but a Link-local address! We find it also in t he line above which resume the recursion in case you have multiple level, t here is one line per level_ Just after you can see the Address of the Adjacency pointer which is a memory pointer to a structure which contains the Adjacency information like the MAC Address for the encapsulation, from where it comes from (ND or ARP f or IPv4) and how many bytes/packets were encapsulated with this adjacency... F91 o u t i o f To process this packet as fast as possible CEFv6 relies on two tables: One is derived from the Routing Table and One is derived from the ND Table! But the requirements are completely differents. The Forwarding Information Base (FIB) is the Routing IAble with all the Recursions resolved, it has the Neighbor Next-hop for each destintation with a pointer to the Adjacency Table, derived from ND to perform the encapsulation. The data structure of a Routing Table or RIB is optimized for efficient management of entries in the table while the FIB is optimized for getting the Fastest Lookup! In the distributed platform, the FIB and Adjacencies tablessa re downloaded on the Linecards and it is the ingress LC which takes the switching decision. The central CPU is not involved for forwarding and for troubleshooting you must attach to the LC as looking to the Central tables is not useless but it is not the table we need to look for the decision. Fred Bovy, IPv6 For Life! CCIE #3013 Thiscomesfrom the CEPForwarding Information Base (FIB)! F a s t E t h e r n e t 0 / 1 . 1 1 , R l I f s how a d j a c e n c y F E 8 0 : : C 801 : 4 F F : F E 9 4 : 6 P r o t o c o l I n t e r f a c e A d d r e s s I PV6 F a s t E t h e r n e t 0 / 1 . 1 1 F E 8 0 : : C 8 0 1 : 4 F F : F E 9 4 : 6 ( 7 ) R l I f s how a d j a c e n c y F E 8 0 : : C 8 0 1 : 4 F F : F E 9 4 : 6 i n t e r n a l P r o t o c o l I n t e r f a c e A d d r e s s I PV6 F a s t E t h e r n e t 0 / 1 . 1 1 F E 8 0 : : C 801 : 4F F : F E 94 : 6 ( 7) 0 packets, 0 by te s epoch 0 T h i s comesfrom the CEPAdjacencyTable s o u r c e d i n s e v - e p o c h 1 E nc ap l e n g t h 1 8 CA0104940006CA0004940006010000011 86DD I P v 6 N D F a s t a d j a c e n c y e n a b l e d [ O K ] L3 mt u 1500 F l a g s ( 0 x 1 1 A 9 E ) F i x u p d i s a b l e d H W ID B/ID B p o i n t e r s O x 6 6 C C D D 1 0 / 0 x 6 7 E 5 8 5 0 0 I P r e d i r e c t e n a b l e d S w i t c h i n g v e c t o r : I P v 6 a d j a c e n c y o c e A d j a c e n c y p o i n t e r O x 6 6 F 9 1 C 6 0 1 N e x t - h o p F E 8 0 : : C 8 0 1 : 4 F F : F E 9 4 : 6 a d d r F E 8 0 : : C 8 0 1 : 4 F F : F E 9 4 : 6 R1#show ipv6 cef 2001:db8:cafe:10::/64 internal 2001:DB8:CAFE:10::/64, epoch 0, RIB[I], refcount 4, per-destination sharing sources: RIB feature space: IPRM: 0x00038000 ifnums: FastEthernet0/1.11(11): FE80::C801:4FF:FE94:6 path 6822BA1C, path list 6822A77C, share 1/1, type attached nexthop, for IPv6 nexthop FE80::C801:4FF:FE94:6 FastEthernet0/1.11, adjacency IPV6 adj out of FastEthernet0/1.11, addr FE80::C801:4FF:FE94:6 output chain: IPV6 adj out of FastEthernet0/1.11, addr FE80::C801:4FF:FE94:6 66F91C60 To process this packet as fast as possible CEFv6 relies on two tables: One is derived from the Routing Table and One is derived from the ND Table! But the requirements are completely differents. The Forwarding Information Base (FIB) is the Routing TAble with all the Recursions resolved, it has the Neighbor Next-hop for each destintation with a pointer to the Adjacency Table, derived from ND to perform the encapsulation. The data structure of a Routing Table or RIB is optimized for efficient management of entries in the table while the FIB is optimized for getting the Fastest Lookup! In the distributed platform, the FIB and Adjacencies tablessa re downloaded on the Linecards and it is the ingress LC which takes the switching decision. The central CPU is not involved for forwarding and for troubleshooting you must attach to the LC as looking to the Central tables is not useless but it is not the table we need to look for the decision. Fred Bovy, IPv6 For Life!.... CCIE #3013 R1#show adjacency FE80::C801:4FF:FE94:6 Protocol Interface Address IPV6 FastEthernet0/1.11 FE80::C801:4FF:FE94:6(7) R1#show adjacency FE80::C801:4FF:FE94:6 internal Protocol Interface Address IPV6 FastEthernet0/1.11 FE80::C801:4FF:FE94:6(7) 0 packets, 0 bytes epoch 0 sourced in sev-epoch 1 Encap length 18 CA0104940006CA00049400068100000B 86DD IPv6 ND Fast adjacency enabled [OK] L3 mtu 1500 Flags (0x11A9E) Fixup disabled HWIDB/IDB pointers 0x66CCDD10/0x67E58500 IP redirect enabled Switching vector: IPv6 adjacency oce Adjacency pointer Next-hop FE80::C801:4FF:FE94:6 This is the neighbor next-hop and cannot be anything else but a Link-local address! We find it also in the line above which resume the recursion in case you have multiple level, there is one line per level.... Just after you can see the Address of the Adjacency pointer which is a memory pointer to a structure which contains the Adjacency information like the MAC Address for the encapsulation, from where it comes from (ND or ARP for IPv4) and how many bytes/packets were encapsulated with this adjacency... This comes from the CEF Forwarding Information Base (FIB)! This comes from the CEF Adjacency Table Use the internal argument
  3. 3. © Frédéric Bovy 153 CEFv6 – Adjacency Entry R1#show adjacency FE80::C801:4FF:FE94:6 internal Protocol Interface Address IPV6 FastEthernet0/1.11 FE80::C801:4FF:FE94:6(7) 0 packets, 0 bytes epoch 0 sourced in sev-epoch 1 Encap length 18 CA0104940006CA00049400068100000B 86DD IPv6 ND Fast adjacency enabled [OK] L3 mtu 1500 Flags (0x11A9E) Fixup disabled HWIDB/IDB pointers 0x66CCDD10/0x67E58500 IP redirect enabled Switching vector: IPv6 adjacency oce Adjacency pointer 0x66F91C60 Next-hop FE80::C801:4FF:FE94:6 •  !! How!many! packets/bytes! switched!?! MAC!Address! Protocol!Type! Source!of!the!L2! Address! Adjacency)Pointer) from)the)FIB) © Frédéric Bovy 153 CEFv6 – Adjacency Entry R1#show adjacency FE80::C801:4FF:FE94:6 internal Protocol Interface Address IPV6 FastEthernet0/1.11 FE80::C801:4FF:FE94:6(7) 0 packets, 0 bytes epoch 0 sourced in sev-epoch 1 Encap length 18 CA0104940006CA00049400068100000B 86DD IPv6 ND Fast adjacency enabled [OK] L3 mtu 1500 Flags (0x11A9E) Fixup disabled HWIDB/IDB pointers 0x66CCDD10/0x67E58500 IP redirect enabled Switching vector: IPv6 adjacency oce Adjacency pointer 0x66F91C60 Next-hop FE80::C801:4FF:FE94:6 •  !! How!many! packets/bytes! switched!?! MAC!Address! Protocol!Type! Source!of!the!L2! Address! Adjacency)Pointer) from)the)FIB)

×