From the blog.

Managing Digital Racket
The more I tune out, the less I miss it. But that has presented me with some complex choices for a nuanced approach to curb
Complexity – My Friend, My Enemy
Over my years of network engineering, I've learned that the fewer features you can implement while still achieving a business goal, the better. Why? Fewer

OECG – Chapter 7 “IP Forwarding” – Fast Switching and CEF

568 Words. Plan about 3 minute(s) to read this.

Looking up the appropriate route in the routing table and figuring out where the packet needs to go next are the most challenging parts of this process. They use the most CPU. Cisco has created some special methods (switching paths) to make these processes efficient: fast switching and Cisco Express Forwarding (CEF). There may be other methods Cisco employs, but these are the most common and the ones discussed at this point in the chapter.

Process switching is the what the router does to forward a packet sans optimizations. When you think process switched, think “slow”.

When a router is fast switching, the first packet to a particular destination is process switched. The router will add an entry to the fast-switching cache, aka route cache. The route cache contains that key information: destination IP, next-hop, and layer 2/Data Link information. The next time a packet comes through heading for that destination, there will be a fast switching cache hit, which is quite a bit speedier than process switching.

This all sounds wondeful, but fast switching isn’t perfect. The first packet is process-switched, right? So that’s a little slow. Plus, the cache times out quickly, since there’s entries for every destination IP – NOT for prefixes. Think about it – the fast switching cache could get HUGE really quickly, especially on a busy router. Never minding those issues, you can only load-balance per destination when you’re fast-switching (you know, load-balance – that thing that happens when you have multiple equal-cost next-hops you can forward your packet to).

So here to improve upon fast-switching, we have CEF (If you forgot what CEF stands for, it’s there in the first paragraph. Go ahead and look. I can wait a moment…got it? Good.) CEF doesn’t rely on observed packet flows to build a cache. Rather, CEF builds a cache based on routes in the routing table. This cache is called the forwarding information base (FIB). In this case, the FIB tells you no lies. Sorry. I couldn’t resist that pun. FIB entries appear and disappear in conjunction with the routing table. You don’t have to process switch the first packet with CEF. There’s no cache expiration – entries in the FIB match entries in the routing table, based on prefixes, NOT on destination IP. In addition, you have load-balancing methods other than merely destination.

So, on a CEF-enabled router (which you’d enable by typing “ip cef”), the FIB is searched first to determine where to forward the packet. The FIB is a structured as an mtrie (that’s spelled right, go ahead and Google it, skeptic); the mtrie structure is designed to makes searches really quick. When the match is found, that match will have all required information, included in the CEF adjacency table. You know what adjacent means, right? Next to. So the FIB includes information about how to get to what’s next to the router that can forward this packet. (Which is kind of a subtle reminder that you can’t forward a packet to something that’s 9 hops away – you can only forward to something that’s next to – ADJACENT – to you.)

Last notes. If you wanted to disable CEF for a specific interface, you can do so with the “no ip route-cache cef” interface paragraph command. It’s also worth mentioning that CEF is often optimized in hardware, which helps big iron Cisco boxes get insane L3 forwarding rates.