Cisco Express Forwarding – Path Selection

Today’s post is a blast from the past. While studying for the CCNP I came across the CEF section which reminded me of my first introduction to CEF. It started with a report that users that some servers were down. The helpdesk was very confused because when they tried to talk to the servers it worked. The first technician tried to take control of the user’s workstation but couldn’t yet another technician could.

When I heard of the issue I knew what the root problem was. The location in which the user was at had dual equal cost paths and one of the paths was down. What made me pause for a second was the network engineer asking me a very simple question “how can I tell which path will be selected?”. It was a perfect case of knowing how a technology worked but not how to prove what I was seeing.

The first place to start is checking to make sure you actually have redudant paths recognized by CEF and the routing table. To start with you can check the CEF table and issue the following command:

Router#sh ip cef
Prefix Next Hop Interface


192.168.1.0/24 172.16.1.17 Serial1
               172.16.1.13 Serial0

As you can see there are two entries for the 192.168.1.0 network. You can verify that both routes are in the routing table by taking the network and doing the following:

Router#show ip route 192.168.1.0 255.255.255.0
Routing entry for 192.168.1.0/24
Known via “eigrp 1″, distance 90, metric 3321856, type internal
Redistributing via eigrp 1
Last update from 172.16.1.13 on Serial0, 00:04:01 ago
Routing Descriptor Blocks:
* 172.16.1.17, from 172.16.1.17, 00:04:01 ago, via Serial1
Route metric is 3321856, traffic share count is 1
Total delay is 65000 microseconds, minimum bandwidth is 1544 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 3
172.16.1.13, from 172.16.1.13, 00:04:01 ago, via Serial0
Route metric is 3321856, traffic share count is 1
Total delay is 65000 microseconds, minimum bandwidth is 1544 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 3

This output shows you the two routes and the details about the routes. The one with the * next to it will be the default selected path. Now that you know there are in fact dual paths you can get more details about the CEF effects. The first command to enter will be:

Router#show ip cef 192.168.1.0 255.255.255.0
192.168.1.0/24, version 20, epoch 0, per-destination sharing
0 packets, 0 bytes
via 172.16.1.17, Serial1, 0 dependencies
traffic share 1
next hop 172.16.1.17, Serial1
valid adjacency
via 172.16.1.13, Serial0, 0 dependencies
traffic share 1
next hop 172.16.1.13, Serial0
valid adjacency
0 packets, 0 bytes switched through the prefix
tmstats: external 0 packets, 0 bytes
internal 0 packets, 0 bytes

The important part to get from this output is “per-destination” this tells you which type of load balancing is in use. This tells you that the path is selectd on a per-destination basis instead of changing it up on a per-packet basis. This is very important. If you are passing order sensative data such as voice packing arriving out of order is very bad. As such you want to make sure per-destination is selected. The way load balancing is done is there are 16 bit buckets created inside the router and those bit buckets are evenly split up between the avaialble paths. To see how the buckets are distributed enter the following command:

Router#show ip cef 192.168.1.0 255.255.255.0 internal
192.168.1.0/24, version 20, epoch 0, per-destination sharing
0 packets, 0 bytes
via 172.16.1.17, Serial1, 0 dependencies
traffic share 1
next hop 172.16.1.17, Serial1
valid adjacency
via 172.16.1.13, Serial0, 0 dependencies
traffic share 1
next hop 172.16.1.13, Serial0
valid adjacency

0 packets, 0 bytes switched through the prefix
tmstats: external 0 packets, 0 bytes
internal 0 packets, 0 bytes
Load distribution: 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 (refcount 1)

Hash OK Interface Address Packets
1 Y Serial1 point2point 0
2 Y Serial0 point2point 0
3 Y Serial1 point2point 0
4 Y Serial0 point2point 0
5 Y Serial1 point2point 0
6 Y Serial0 point2point 0
7 Y Serial1 point2point 0
8 Y Serial0 point2point 0
9 Y Serial1 point2point 0
10 Y Serial0 point2point 0
11 Y Serial1 point2point 0
12 Y Serial0 point2point 0
13 Y Serial1 point2point 0
14 Y Serial0 point2point 0
15 Y Serial1 point2point 0
16 Y Serial0 point2point 0
refcount 6

Now that you have verified that dual paths exist and you understand what method the router is using to select paths the question that arises is how can I see which path will be used under certain conditions. This can be done via the following command:

Router#show ip cef exact-route 192.168.2.1 192.168.1.1
192.168.2.1 -> 192.168.1.1 : Serial1 (next hop 172.16.1.17)
Router#show ip cef exact-route 192.168.2.1 192.168.1.2
192.168.2.1 -> 192.168.1.2 : Serial0 (next hop 172.16.1.13)

The first argument is the source IP and the second is the destination IP. This lets you ask the router if it were to process a packet with that source and that destination which path it would select. As you can see with this example with the destination changing the link selected has changed.

Under the conditions I created in my lab and the output shown this scenario would not exist. That is beause the routes are populated via EIGRP and as such when one of the paths is broken the routes will be automatically removed and the path depricated.

This entry was posted on Tuesday, December 16th, 2008 at 10:40 pm and is filed under General. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply