CEFv6 (Cisco Express Forwarding version 6) is a key component for Cisco device data plane performance. It is responsible for high-speed packet forwarding and relies on two tables - the Routing Information Base (RIB) derived from the routing table and the Adjacency Table derived from Neighbor Discovery to store next hops and encapsulation information. The Forwarding Information Base (FIB) contains resolved routes from the RIB with pointers to the Adjacency Table to allow the fastest possible packet lookups and switching. Troubleshooting device data plane issues requires examining the FIB and Adjacency Tables on line cards where forwarding decisions are made.
1. CEFv6
If you have to Troubleshoot CISCO device One day you will have to deal with CEF!
No DATA PLANE Troubleshooting without CEFv6!...
If you are looking for the Engineering Team with really high skills guys at cisco you are looking for the
CEF team! These guys need to do two things mutually exclusives and this all the time: They must support
a maximum number of services and at the same time they must design the fastest code because all the
cisco switching performances rely on CEF!
If an IP feature is not supported by CEF, the feature has no future if it has also to be Efficient. if it is
a slow terminal conversion things which need the speed of typing with one finger, fine! but if it must
support wire speed? Forget it!
WHY???
We need to get back to the basics of computers to understand...
When a packet is received by an ASIC specialized to process the data coming from a Physical Media
port, an Interrupt is sent to the CPU. An interrupt is a Signal Transition like 0 to +5v or the opposite.
The Interrupt is raised by the Physical Media Processor to tell the CPU that it has a packet just like
the Postman set up the flag after it has dropped a few mails in your mailbox! Guess who is called first
by the CPU when it gets the interrupt signal? CEF...
Now CEF must take a decision either switch the packet in interrupt mode, either Q the packet for
further processing in a time sharing fashion. It is clear that Real-Time traffic will only be supported by
the Interrupt mode. So where is the problem? The process in interrupt mode disables any other
interrupt. The other Line Cards have a dedicated ASIC with MEmory to accomodate a few packet but
not too much...
The process must process the packet as fast as possible for the protocol which is being routed and for
the other traffic waiting to be processed. This is why complex operation cannot be supported by CEF and
this has been the case of NAT-PT in IPv6!
2. Rl# s h o w i p v 6 c e f 2 0 0 1 : d b 8 : c a f e : 1 0 : : / 6 4 i n t e r n a l
2 0 0 1 : D B 8 : C A F E : 1 0 : : / 6 4 , e p o c h 0 , R I B [ I ] , r e f c o u n t 4 , p e r - d e s t i n a t i o n s h a r i n g
s o u r c e s : R I B
f e a t u r e s p a c e :
IPRM: 0 x 0 0 0 3 8 0 0 0
i f n u m s :
F a s t E t h e r n e t 0 / 1 . 1 1 ( 1 1 ) : F E 8 0 : : C 8 0 1 : 4 F F : F E 9 4 : 6
p a t h 6 8 2 2 B A 1 C, p a t h l i s t 6 8 2 2 A 7 7 C, s h a r e 1 / 1 , t y p e a t t a c h e d n e x t h o p , f o r I P v 6
nexthop FE80::C801:4FF:FE94:6 FastEthernet0/1.11, adjacency IPV6 adj out of FastEthernet0/1.11,
addr 7
E 8 0 :
: C 8 0
1 : 4 F
F : F
E 9 4 :
o u t p u t c h a i n : I P V a d j
66F91060
1
This is t he neighbor next-hop and cannot IDEI
anything else but a Link-local address! We
find it also in t he line above which resume
the recursion in case you have multiple
level, t here is one line per level_
Just after you can see the Address of the
Adjacency pointer which is a memory
pointer to a structure which contains the
Adjacency information like the MAC Address
for the encapsulation, from where it comes
from (ND or ARP f or IPv4) and how many
bytes/packets were encapsulated with this
adjacency...
F91
o u t i o f
To process this packet as fast as possible CEFv6 relies on two tables: One is derived from the Routing
Table and One is derived from the ND Table! But the requirements are completely differents.
The Forwarding Information Base (FIB) is the Routing IAble with all the Recursions resolved, it has the
Neighbor Next-hop for each destintation with a pointer to the Adjacency Table, derived from ND to
perform the encapsulation.
The data structure of a Routing Table or RIB is optimized for efficient management of entries in the
table while the FIB is optimized for getting the Fastest Lookup!
In the distributed platform, the FIB and Adjacencies tablessa re downloaded on the Linecards and it is
the ingress LC which takes the switching decision. The central CPU is not involved for forwarding and
for troubleshooting you must attach to the LC as looking to the Central tables is not useless but it is not
the table we need to look for the decision.
Fred Bovy, IPv6 For Life! CCIE #3013
Thiscomesfrom the CEPForwarding Information Base (FIB)!
F a s t E t h e r n e t 0 / 1 . 1 1 ,
R l I f s how a d j a c e n c y F E 8 0 : : C 801 : 4 F F : F E 9 4 : 6
P r o t o c o l I n t e r f a c e A d d r e s s
I PV6 F a s t E t h e r n e t 0 / 1 . 1 1 F E 8 0 : : C 8 0 1 : 4 F F : F E 9 4 : 6 ( 7 )
R l I f s how a d j a c e n c y F E 8 0 : : C 8 0 1 : 4 F F : F E 9 4 : 6 i n t e r n a l
P r o t o c o l I n t e r f a c e A d d r e s s
I PV6 F a s t E t h e r n e t 0 / 1 . 1 1 F E 8 0 : : C 801 : 4F F : F E 94 : 6 ( 7)
0 packets, 0 by te s
epoch 0 T h i s comesfrom the CEPAdjacencyTable
s o u r c e d i n s e v - e p o c h 1
E nc ap l e n g t h 1 8
CA0104940006CA0004940006010000011
86DD
I P v 6 N D
F a s t a d j a c e n c y e n a b l e d [ O K ]
L3 mt u 1500
F l a g s ( 0 x 1 1 A 9 E )
F i x u p d i s a b l e d
H W ID B/ID B p o i n t e r s O x 6 6 C C D D 1 0 / 0 x 6 7 E 5 8 5 0 0
I P r e d i r e c t e n a b l e d
S w i t c h i n g v e c t o r : I P v 6 a d j a c e n c y o c e
A d j a c e n c y p o i n t e r O x 6 6 F 9 1 C 6 0 1
N e x t - h o p F E 8 0 : : C 8 0 1 : 4 F F : F E 9 4 : 6
a d d r F E 8 0 : : C 8 0 1 : 4 F F : F E 9 4 : 6
R1#show ipv6 cef 2001:db8:cafe:10::/64 internal
2001:DB8:CAFE:10::/64, epoch 0, RIB[I], refcount 4, per-destination sharing
sources: RIB
feature space:
IPRM: 0x00038000
ifnums:
FastEthernet0/1.11(11): FE80::C801:4FF:FE94:6
path 6822BA1C, path list 6822A77C, share 1/1, type attached nexthop, for IPv6
nexthop FE80::C801:4FF:FE94:6 FastEthernet0/1.11, adjacency IPV6 adj out of FastEthernet0/1.11,
addr FE80::C801:4FF:FE94:6
output chain: IPV6 adj out of FastEthernet0/1.11, addr FE80::C801:4FF:FE94:6
66F91C60
To process this packet as fast as possible CEFv6 relies on two tables: One is derived from the Routing
Table and One is derived from the ND Table! But the requirements are completely differents.
The Forwarding Information Base (FIB) is the Routing TAble with all the Recursions resolved, it has the
Neighbor Next-hop for each destintation with a pointer to the Adjacency Table, derived from ND to
perform the encapsulation.
The data structure of a Routing Table or RIB is optimized for efficient management of entries in the
table while the FIB is optimized for getting the Fastest Lookup!
In the distributed platform, the FIB and Adjacencies tablessa re downloaded on the Linecards and it is
the ingress LC which takes the switching decision. The central CPU is not involved for forwarding and
for troubleshooting you must attach to the LC as looking to the Central tables is not useless but it is not
the table we need to look for the decision.
Fred Bovy, IPv6 For Life!.... CCIE #3013
R1#show adjacency FE80::C801:4FF:FE94:6
Protocol Interface Address
IPV6 FastEthernet0/1.11 FE80::C801:4FF:FE94:6(7)
R1#show adjacency FE80::C801:4FF:FE94:6 internal
Protocol Interface Address
IPV6 FastEthernet0/1.11 FE80::C801:4FF:FE94:6(7)
0 packets, 0 bytes
epoch 0
sourced in sev-epoch 1
Encap length 18
CA0104940006CA00049400068100000B
86DD
IPv6 ND
Fast adjacency enabled [OK]
L3 mtu 1500
Flags (0x11A9E)
Fixup disabled
HWIDB/IDB pointers 0x66CCDD10/0x67E58500
IP redirect enabled
Switching vector: IPv6 adjacency oce
Adjacency pointer
Next-hop FE80::C801:4FF:FE94:6
This is the neighbor next-hop and cannot be
anything else but a Link-local address! We
find it also in the line above which resume
the recursion in case you have multiple
level, there is one line per level....
Just after you can see the Address of the
Adjacency pointer which is a memory
pointer to a structure which contains the
Adjacency information like the MAC Address
for the encapsulation, from where it comes
from (ND or ARP for IPv4) and how many
bytes/packets were encapsulated with this
adjacency...
This comes from the CEF Forwarding Information Base (FIB)!
This comes from the CEF Adjacency Table
Use the internal argument