fir3net

Sponsored by

PPS Logo Red 200mm

What is CEF (Cisco Express Forwarding)?

Contents[Hide]

Introduction

Cisco Express Forwarding (CEF) is a packet-switching technique used within Cisco routers. The main purpose of CEF is to optimize the forwarding of packets and increase the packet switching speed.

History

Prior to CEF there were 2 methods for packet-switching - Process- Switching and Fast-Switching.

Process-Switching

The first method, process-switching is the oldest and slowest. In short the CPU is involved in every forwarding decision.

Fast-Switching

With fast-switching, the CPU is still used to determine the destination, but only for the initial packet. This information is stored with a fast-switching cache. Subsequent packets are then switched using the cache rather then CPU.
However, the problem with fast-switching is that the cache is built on-demand and the first packet is always process switched. This means, in the event of the router receiving a high volume of traffic to destinations not yet in cache, the CPU will still be consumed and switching performance affected.

To overcome the problems with process-switching and fast-switching CEF was created.

Components

CEF is built around 2 main components - the Forwarding Information Base (FIB) and the Adjacency Table.

FIB

The FIB is an optimized version of the routing table (RIB).
The FIB contains destination reachability information as well as next hop information. This information is then used by the router to make forwarding decisions. The FIB is organized as a multiway trie (Figure1) which allows for very efficient and easy lookups[1].

FIB Tree

Figure1 - source http://www.ciscopress.com/articles/article.asp?p=2244117&seqNum=2

Adjacency Table

The adjacency table maintains layer 2 or switching information linked to a particular FIB entry, avoiding the need for an ARP request for each table lookup[2].

Loadbalancing

CEF provides 2 methods for loadbalancing traffic over multiple links. They are,

  • Per packet - As the name suggests, additionally weights can also be assigned to an interfaces. This allows you to send more packets over one link then another. Useful for unequal links.
  • Per destination - Also known as per session. Packets are loadbalanced based on the source and destination addresses.

Polarization

Polarization is a term given when traffic is sent over a single link, even though multiple links are available. An example would be traffic from multiple sources being proxied and using per destination loadbalancing.

To avoid this you can include additional attributes to your CEF hashing options. Here are the command options,

CommandDescription
mls ip cef load-sharing full   Layer 4 only (src/dest ports)
mls ip cef load-sharing simple   Layer 3 only (src/dst ip)
mls ip cef load-sharing full simple  Layer 3 and 4

Commands

Here are some useful commands for verifying CEF,

CommandDescription
show ip cef  Show CEF table
show ip cef [address] [detail]  Show CEF entry within table for a given address
show ip cef exact-route [source] [destination]  Show CEF entry within table for source and destination address
show cef interface  Show CEF options enabled on each interface

http://blog.ipspace.net/2013/02/process-fast-and-cef-switching-and.html
https://howdoesinternetwork.com/2015/routing-cef

Sources

[1] https://www.petri.com/cisco-express-forwarding-cef-overview
[2] https://en.wikipedia.org/wiki/Cisco_Express_Forwarding

Tags: CEF, RIB, FIB, Polarization, Process-Switching, Fast-Switching

About the Author

RDonato

R Donato

Ricky Donato is the Founder and Chief Editor of Fir3net.com. He currently works as a Principal Network Security Engineer and has a keen interest in automation and the cloud.

You can find Ricky on Twitter @f3lix001