4.3.4 Describing CEF Configuration Commands
Use the commands in Figure to configure CEF and verify its operation. Figure describes the CEF configuration and verification commands.
4.3.5 Enabling CEF-Based MLS
Hardware Layer 3 switching is permanently enabled on Cisco Catalyst 6500 Series Supervisor Engine 720s with Policy Feature Card 2 (PFC2) or PFC3, Multilayer Switch Feature Card 3s (MSFC3s), and Distributed Forwarding Cards (DFCs). No configuration is required, and CEF cannot be disabled.
You can use the no ip cef command to disable CEF on the Cisco Catalyst 4000 or the no ip route-cache cef command on a Cisco Catalyst 3550 interface.
If CEF is enabled globally, it is automatically enabled on all interfaces as long as IP routing is enabled on the device. You can then enable or disable CEF on an interface basis. Cisco recommends that CEF be enabled on all Layer 3 interfaces. If CEF is disabled on an interface, you can enable CEF as follows:
On the Cisco Catalyst 3550 switch, use the ip route-cache cef interface configuration command.
On the Cisco Catalyst 4000 switch, use the ip cef interface configuration command.
Per-destination load balancing allows the router to use multiple paths to achieve load sharing. Packets for a given source-destination host pair are guaranteed to take the same path, even if multiple paths are available. This ensures that packets for a given host pair arrive in order. Per-destination load balancing is enabled by default when you enable CEF, and it is the load balancing method of choice for most situations.
Because per-destination load balancing depends on the statistical distribution of traffic, load sharing becomes more effective as the number of source-destination pairs increases.
The show ip cef command displays entries in the FIB.
4.3.6 Describing Common CEF Problems and Solutions
CEF is the fastest means of switching Layer 3 packets in hardware. The CEF tables stored in hardware are populated from information gathered by the route processor. There are two primary steps in troubleshooting CEF operations:
Ensure that the normal Layer 3 operations on the route processor are functioning properly so that the switch tables are populated with accurate and complete information.
Verify that information from the route processor has properly populated the FIB and adjacency table, and is being used by CEF to switch Layer 3 packets in hardware.
Troubleshooting CEF is, in essence, verifying that packets are indeed receiving the full benefit of CEF switching and not being punted to a slower packet switching or processing method. The Cisco term "punt" describes the action of sending a packet down to the next-fastest switching level. The following list defines the order of preferred Cisco IOS switching methods, from fastest to slowest:
Distributed CEF
CEF
Fast switching
Process switching
A punt occurs when the preferred switching method did not produce a valid path or, in CEF, a valid adjacency. If the CEF lookup process fails to find a valid entry in the FIB, CEF installs a punt adjacency to the less-preferred system. CEF punts all packets with that adjacency to the next-best switching mode to forward all the packets by some means, even if that means is less efficient.
Figure describes some basic CEF problems and associated solutions.
4.3.7 Describing CEF Troubleshooting Commands
The commands available to troubleshoot CEF are platform dependent. The commands in Figure can be used to troubleshoot CEF on the Cisco Catalyst 4500 series switch.
You can use the show interface command with the | begin L3 argument to verify that Layer 3 traffic is being switched, thereby utilizing CEF.
Use the show interfaces command with the | include switched command to show switching statistics at each layer for the interface and to verify that Layer 3 packets are being switched.
Figure illustrates the command used to display detailed information about the adjacency table.
Each time an adjacency entry is created, a Layer 2 data link–layer header for that adjacent node is pre-computed and stored in the adjacency table. This information is subsequently used for encapsulation during CEF switching of packets.
The show adjacency detail command displays the information to be used during this Layer 2 encapsulation. The header information displayed should be the same as would be expected during normal (non-CEF) Layer 2 forwarding operations. Adjacency statistics are updated approximately every 60 seconds.
The show cef drops command displays whether packets are being dropped because of incomplete or nonexistent adjacencies. The two known reasons for incomplete or nonexistent adjacencies are as follows:
The router cannot use ARP successfully for the next-hop interface.
After a clear ip arp or a clear adjacency command, the router marks the adjacency as incomplete, and then it fails to clear the entry.
The debug facility can be used to display detailed information on CEF operations. Use the debug ip cef command to view CEF drops because of an incomplete adjacency. You can include arguments to limit the output, which reduces overhead and allows you to focus on a specific CEF operation.
The following arguments limit the debug output:
drops: Records dropped packets.
access-list: Limits the collection of debugging information from specified lists.
receive: Records packets that are not switched using information from the FIB but that are received and sent to the next switching layer.
events: Records general CEF events.
prefix-ipc: Records updates related to IP prefix information, including the following:
Debugging of IP routing updates in a line card
Reloading of a line card with a new table
Notification that adding a route update from the route processor to the line card exceeds the maximum number of routes
Control messages related to FIB prefixes
table: Produces a table showing events related to the FIB. Possible types of events include the following:
Routing updates that populate the FIB
Flushing of the FIB
Adding or removing entries to the FIB
Table reloading process
4.3.8 Troubleshooting Layer 3 CEF-Based MLS
The CEF tables stored in hardware are populated from information gathered by the route processor. To properly troubleshoot CEF operations, first ensure that the normal Layer 3 operations on the route processor are functioning properly so that the CEF tables are populated with accurate and complete information. Next, verify that information from the route processor has properly populated the FIB and adjacency table used by CEF to perform Layer 3 switching of packets.
The steps below verify whether packet transfer between the following hosts is occurring using CEF:
Host 1 in VLAN10 with an IP address of 192.168.10.10
Host 2 in VLAN150 with an IP address of 192.168.150.3
Step 1 Verify CEF.
Verify that CEF is operational at global or interface level using these commands:
show ip cef summary
show ip cef vlan 10
Note:
CEF cannot be turned off on most Cisco Catalyst platforms. If CEF is not operational, it is likely that the Cisco Catalyst has disabled the feature. This may be because of a software, feature, or hardware incompatibility or inadequate memory to support a large FIB and adjacency table.
Step 2 Verify the configuration.
If CEF is not operational, display the running configuration to determine whether any switching functions have been configured that might disable CEF operations.
If CEF is operational, display the running configuration to verify the IP configuration of the Layer 3 interfaces used for the hosts to communicate. The IP addresses should be appropriate for the subnet, and the interfaces should not be shut down. The following is a sample of the configuration output expected for the VLANs associated with the host communication. On this router, VLAN 199 is the transit path that is traversed to arrive at subnet 192.168.150.0:
Switch#show running-config
interface VLAN 10
description Source VLAN
ip address 192.168.10.1 255.255.255.0
!
interface VLAN 199
description Transit VLAN
ip address 192.168.199.1 255.255.255.0
Step 3 Verify the population of the routing table on the route processor.
The routing protocols and route processor must populate the routing table accurately before those routing table entries can be of use, because they are transferred to the FIB to facilitate Layer 3 switching. Verify the routing table by referring to a network diagram, knowing which routes should appear in the routing table, and then execute the show ip route command. In the case of troubleshooting connectivity to the specific network of the destination host (192.168.150.3/24), use the following command:
Switch#show ip route | include 192.168.150.0
O 192.168.150.0/24 [110/2] via 192.168.199.3, 00:13:00, VLAN 199
Step 4 The network is accessible via the next-hop address 192.168.199.3. Therefore, the ARP entry by which to access 192.168.150.3 should be the MAC address resolved for 192.168.199.3.
Verify an ARP entry on the route processor.
Verify that there is an ARP entry for the next-hop IP address before checking whether that entry is represented in the adjacency table.
Switch#show ip arp 192.168.199.3
Protocol Address Age Hardware Addr Type Interface
Internet 192.168.199.3 176 0030.7150.6800 ARPA VLAN 199
Step 5 Verify the CEF FIB table entry for the route.
Step 3 verified that a route to network 192.168.150.0 existed in the routing table. Now verify that a CEF FIB entry exists to that same destination to ensure that packets are CEF-switched using the FIB rather than process-switched using the routing table.
Switch#show ip cef 192.168.150.0
192.168.150.0/24, version 298, cached adjacency 192.168.199.3
0 packets, 0 bytes
via 192.168.199.3, VLAN 199, 0 dependencies
next−hop 192.168.199.3, VLAN 199
valid cached adjacency
This output verifies that there is a valid CEF entry for the destination network. Packets can be CEF-switched to the destination host.
Step 6 Verify an adjacency table entry for the destination.
Verify that the FIB entry shown in step 5 has an associated adjacency table entry by using this command:
Switch#show adjacency detail | begin 192.168.199.3
IP VLAN 199 192.168.199.3(7)
0 packets, 0 bytes
003071506800
.....
...
.
The above output indicates that there is an adjacency for the next-hop IP address. The destination MAC address (003071506800) is the MAC address in the ARP table, as displayed in step 4.
The counters (0 packets, 0 bytes) are almost always 0, since packets are switched in hardware and, as such, they never reach the route processor, which is required to increment counters.
Step 7 Verify CEF from the supervisor engine.
The CEF FIB and adjacency table entries shown in the example can also be verified from the supervisor engine on modular switch platforms, such as the 6500 series switches. This step is not necessary on fixed configuration switches, such as the 3560.
To display an FIB entry for the specific network from the supervisor engine:
Console> (enable) show mls entry cef ip 192.168.150.0/24
Mod FI-Type Destination-IP Destination-Mask NextHop-IP Weight
--------------------------------------------------------------
15 resolved 192.168.150.0 255.255.255.255 192.168.199.3 1
To display an FIB entry for the specific network from the supervisor engine:
Console> (enable) show mls entry cef ip 192.168.150.0/24 adjacency
Mod:15
Destination-IP : 192.168.199.3 Destination-Mask : 255.255.255.255
FIB-Type : resolved
AdjType NextHop-IP NextHop-Mac VLAN Encp TX-Packets
--------------------------------------------------------------
connect 192.168.199.3 00-30-71-50-68-00 199 ARPA 0
४.4Inter-VLAN Routing Lab Exercises
4.4.1 Lab 4-1 Inter-VLAN Routing with an External Router
Lab Exercise: Lab 4-1 Inter-VLAN Routing with an External Router
This lab configures inter-VLAN routing using an external router, also known as a router-on-a-stick.
4.4.2 Lab 4-2 Inter-VLAN Routing with an Internal Route Processor and Monitoring CEF Functions
Lab Exercise: Lab 4-2 Inter-VLAN Routing with an Internal Route Processor and Monitoring CEF Functions
This lab routes between VLANs using a 3560 switch with an internal route processor using Cisco Express Forwarding (CEF)
Module Sumary
The configuration of multiple VLANs usually requires that Layer 3 routing occurs between those VLANs. This inter-VLAN routing can be provided external to a Layer 2 switch or within a multilayer switch through the configuration of Switch Virtual Interfaces (SVIs) and IP routing. When routing occurs within a Cisco Catalyst multilayer switch, Cisco Express Forwarding (CEF) is deployed to facilitate Layer 3 switching through hardware-based tables, providing an optimal packet-forwarding process.
No hay comentarios:
Publicar un comentario