Once again, this is a no non-sense post, with no Topology associated to it (though there will be some router output to demonstrate things).
I’ll do this one bullet point style, think it makes the points jump out a bit more:
- CEF is described as Layer 3 Switching, but this means packet switching, not frame switching which is solely a Layer 2 function
- CEF is Cisco properietary, other vendors run hardware ASIC cards to perform similar L3 Packet Switching instead of using Software / CPU
Another bullet point style of topics that are important here, are knowing our 3 planes of existence on the Cisco Router:
- Management Plane – Plane involved with Router management (obviously), in terms of configuration of protocols / ip address configuration / etc, including turning services of the router on and off
- Control Plane – Plane involved with the gathering of routing information. Routing protocols run on this plane, ARP and IP tables are built here as well
- Data Plane – Plane where the routing occurs, and Where CEF’s two key components run, the FIB (Forwarding Information Base) and the AT (Adjacency Table)
Now a couple of outputs I want to show regarding CEF right off the bat, is how to configure and remove it from a router, and a VERY simple output for this command:
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#ip cef
R1(config)#do sh ip cef
Prefix Next Hop Interface
0.0.0.0/0 drop Null0 (default route handler entry)
0.0.0.0/32 receive
1.1.1.1/32 receive
172.12.15.0/24 attached FastEthernet0/1
172.12.15.0/32 receive
172.12.15.1/32 receive
172.12.15.255/32 receive
172.12.123.0/24 attached Serial0/0
172.12.123.0/32 receive
172.12.123.1/32 receive
172.12.123.2/32 172.12.123.2 Serial0/0
172.12.123.3/32 172.12.123.3 Serial0/0
172.12.123.255/32 receive
224.0.0.0/4 drop
224.0.0.0/24 receive
255.255.255.255/32 receive
R1(config)#
It looks essentially like the routing table in Prefix notation, because that is exactly what it is, welcome to what is known as the FIB Table!
*** VERY IMPORTANT CONCEPT*** The “RIB” as you’ve seen throughout studies is the IP route table on the Data Plane (“sh ip route), which references the “FIB” when deciding where to route data (“sh ip cef”), as the FIB has a more complete / concise view of the network. AGAIN VERY IMPORTANT TO UNDERSTAND THOROUGHLY!
Now that I am done yelling in red, let us move on.
By default CEF should already be running on a Cisco Router or Switch, however in the exam room it may not be, so lets go over a scenario where we turn it off:
R1(config)#no ip cef
R1(config)#do sh ip cef
%CEF not running
Prefix Next Hop Interface
R1(config)#do sh ip route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback1
172.12.0.0/24 is subnetted, 2 subnets
C 172.12.15.0 is directly connected, FastEthernet0/1
C 172.12.123.0 is directly connected, Serial0/0
R1(config)#
Now with CEF turned off, lets make a quick OSPF configuration, and see if the IP Route table (RIB) will be able to still see a single loopback advertised with a FIB to reference:
R2(config)#int s0/0
R2(config-if)#ip ospf pri 0
R2(config-if)#router ospf 1
R2(config-router)#network 172.12.123.0 0.0.0.255 area 0
R2(config-router)#
ASR#3
[Resuming connection 3 to r3 … ]
R3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#int s0/2
R3(config-if)#ip ospf pri 0
R3(config-if)#router ospf 1
R3(config-router)#network 172.12.123.0 0.0.0.255 area 0
R3(config-router)#network 3.3.3.3 0.0.0.0 area 3
R3(config-router)#
ASR#1
[Resuming connection 1 to r1 … ]
R1(config)#router ospf 1
R1(config-router)#network 172.12.123.0 0.0.0.255 area 0
R1(config-router)#neighbor 172.12.123.2
R1(config-router)#neighbor 172.12.123.3
R1(config-router)#
Very simple, nothing tricky, I prefer to start at the spokes to set ip ospf pri 0 on the interfaces before interacting with R1 but I could have started with R1 then “clear ip ospf proc” to get the election rigged back in R1’s favor and this is an NBMA so need the “neigbor” statements in R1’s configuration.
*Mar 31 13:29:02.836: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Serial0/0 from LOADING to FULL, Loading Done
*Mar 31 13:29:02.880: %OSPF-5-ADJCHG: Process 1, Nbr 3.3.3.3 on Serial0/0 from LOADING to FULL, Loading Done
Adjacencies are now up, lets check it out:
R1(config-router)#do sh ip cef
%CEF not running
Prefix Next Hop Interface
R1(config-router)#do sh ip route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback1
3.0.0.0/32 is subnetted, 1 subnets
O IA 3.3.3.3 [110/65] via 172.12.123.3, 00:00:56, Serial0/0
172.12.0.0/24 is subnetted, 2 subnets
C 172.12.15.0 is directly connected, FastEthernet0/1
C 172.12.123.0 is directly connected, Serial0/0
To my surprise it does, showing that even though it references the FIB for packet switching / routing, it does not NEED it. I though I could explain this away as the Adjacency Table (AT) playing some role, but it does not run if CEF is not on:
R1(config)#do sh adj
%CEF not running
R1(config)#do sh ip ospf nei
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 0 FULL/DROTHER 00:01:46 172.12.123.2 Serial0/0
3.3.3.3 0 FULL/DROTHER 00:01:46 172.12.123.3 Serial0/0
R1(config)#do ping 3.3.3.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 64/65/68 ms
R1(config)#
So that is something to note, I am not quite sure what impact CEF being off will have on the IP routing tables decisions, but it seems to survive quite well even without the FIB.
Layer 2 information is kept in the Adjacency Table (AT), and you can see the info with either “sh adj” or “she adj detail” as seen below this time from R5 who I configured OSPF on as well, as the output from IOS 15.x is slightly different than 12.x for this table:
R1(config)#ip cef
R1(config)#do sh adj
Protocol Interface Address
IP Serial0/0 172.12.123.3(7)
IP Serial0/0 172.12.123.2(5) (incomplete)
R1(config)#do sh adj detail
Protocol Interface Address
IP Serial0/0 172.12.123.3(7)
0 packets, 0 bytes
1CB10800
FR-MAP never
Epoch: 0
IP Serial0/0 172.12.123.2(5) (incomplete)
0 packets, 0 bytes
1CA10800
FR-MAP never
Epoch: 0
R1(config)#
Incomplete is not something we want to see, because that means something is wrong between Layer 2 and Layer 3, and in this situation I took off R2’s interface IP address, however the local router still has a frame-map statement to it knowing of it’s existence.
So if you see this in the adjacency table, you will want to verify the Layer 2 and Layer 3 connection information to the destination, as this is telling you bluntly it is incomplete.
Now, going back to the “sh ip cef” output and how to determine it and drill down:
R1#sh ip cef
Prefix Next Hop Interface
0.0.0.0/0 drop Null0 (default route handler entry)
0.0.0.0/32 receive
1.1.1.1/32 receive
3.3.3.3/32 172.12.123.3 Serial0/0
172.12.15.0/24 attached FastEthernet0/1
172.12.15.0/32 receive
172.12.15.1/32 receive
172.12.15.5/32 172.12.15.5 FastEthernet0/1
172.12.15.255/32 receive
172.12.123.0/24 attached Serial0/0
172.12.123.0/32 receive
172.12.123.1/32 receive
172.12.123.2/32 172.12.123.2 Serial0/0
172.12.123.3/32 172.12.123.3 Serial0/0
172.12.123.255/32 receive
224.0.0.0/4 drop
224.0.0.0/24 receive
255.255.255.255/32 receive
R1#sh ip cef 2.2.2.2
0.0.0.0/0, version 0, epoch 0, attached, default route handler
0 packets, 0 bytes
via 0.0.0.0, 0 dependencies
valid no route adjacency
R1#sh ip cef 3.3.3.3
3.3.3.3/32, version 16, epoch 0, cached adjacency 172.12.123.3
0 packets, 0 bytes
via 172.12.123.3, Serial0/0, 0 dependencies
next hop 172.12.123.3, Serial0/0
valid cached adjacency
R1#
First, every router running CEF will have a default route at the top of its Prefix list (0.0.0.0/0) which if none is set on the local router, it will point to the packet trash can Null0 (drop the packet). If there is no valid next hop to the right of the default route, then it doesn’t have one, unlike R2 which just got a default route put on it to demonstrate:
R2#sh ip cef
Prefix Next Hop Interface
0.0.0.0/0 172.12.123.1 Serial0/0
0.0.0.0/32 receive
Second, I accidentally entered “sh ip cef 2.2.2.2” instead of 3.3.3.3, and notice it still gives me output of how that network will route through the default route which isn’t set, so packets going to that network will be discarded.
Finally, when doing “sh ip cef 3.3.3.3” on the correct network, it shows “valid cached entry” which is what we want to see as that means the route entry is good to go.
A quick but important side note, note I said “network” and not “route” above because you want to use the network NUMBER and NOT the specific IP address you want details on:
R1#sh ip cef 172.12.15.0
172.12.15.0/32, version 5, epoch 0, receive
Not much to it as this is a directly connected route, so the output is much more limited than that of a dynamic learned route, but what about a state route?
R1(config)#ip route 5.5.5.5 255.255.255.255 172.12.15.5
R1(config)#do sh ip cef 5.5.5.5
5.5.5.5/32, version 18, epoch 0, cached adjacency 172.12.15.5
0 packets, 0 bytes
via 172.12.15.5, 0 dependencies, recursive
next hop 172.12.15.5, FastEthernet0/1 via 172.12.15.5/32
valid cached adjacency
Same output as a dynamically learned route, Valid Cached Adjacency is good!
Now let us dive into the glory of another IMPORTANT verification command:
R1#sh ip int s0/0
Serial0/0 is up, line protocol is up
Internet address is 172.12.123.1/24
Broadcast address is 255.255.255.255
Address determined by non-volatile memory
MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Multicast reserved groups joined: 224.0.0.5 224.0.0.6
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is disabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP fast switching on the same interface is enabled
IP Flow switching is disabled
IP CEF switching is enabled
IP CEF Fast switching turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
Not only can you verify CEF is running which I’ve highlighted in red, but you get SO much more information highlighted in blue, like MTU size set / ACL’s in/out / Multicast Groups – I can tell this is an OSPF DR because it’s on the all OSPF routers multicast group and the all-DR OSPF routers group!
It’s the “ip” in the command that makes the difference, just like you need “ipv6” before any command to do with ipv6 configuration, you should get used to using “ip” follow “show ip (something)” to get a list of IP services running!
To round off this discussion of CEF, I’d like to hit on “Process Switching vs Fast Switching”, as CEF uses what is known as Fast Switch which is a huge improvement over Process switching (obviously by the name of it).
Process switching examines every packet as it comes in, whereas fast switching exmaines only the first packet of a packet flow in its switching cache on the router, so when packets come into the router it can quickly compare against that cache to then forward the packets.
So fast switching checks the first packet against that cache to look for an entry, and if there is a matching entry, the packets are forwarded.
On an interface, to enable fast switching, “ip route-cache” on the interface level config, and to remove it “no ip route-cache”.
And with that, I need to go get some food and get into IP SLA, as we are in for another long night leading up to test day!
The DEVNET GRIND! 
cool article
LikeLike