Re: cef musings...

From: Olu Rosa (olurosa@yahoo.com)
Date: Wed Aug 18 2004 - 10:08:15 GMT-3

• Next message: gladston@br.ibm.com: "Re: Re: Voice Bandwidth"
• Previous message: ccie2be: "Re: switchport mode access command"
• Maybe in reply to: Daniel Sheedy: "cef musings..."
• Next in thread: Howard C. Berkowitz: "Re: cef musings..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

CET won't break anything , but remember to check the CEF table when troubleshooting routing problems. Atimes the RIB and the CEF FIB have conflicting information .
 
James <james@towardex.com> wrote:
On Sun, Aug 15, 2004 at 06:37:22PM +0200, Daniel Sheedy wrote:
> Hi everyone,
>
> I've had a read through some of the past links on this forum, and it seems
> there are lots of times when we NEED to turn on 'ip cef', or things just dont
> work.
>
> My question is, for the lab, is there something I am missing that would
> 'break' if ip cef was turned on regardless?
>
> And, more importantly, since this is my job as well, what are the dangers of
> auto turning on 'ip cef' in the real world. Does it chew memory or process
> power?

There isn't much of danger in turning CEF on in real world. But there is plenty
of dangers running with CEF turned OFF in real world.

What CEF does is, as soon as you turn it on, it walks through your entire RIB
table and builds a specialized composite, optimized, multibit-trie (mtrie)
called Forwarding Information Base or "FIB." The utilization of FIB by the
router allows it to look up packets at much faster rate than process switching
or using fast-cache out of process switched path.

CEF on a fast router is a requirement if you want to survive at least some
kind of recent distributed denial of service attacks, which significantly
places stress on traditional "process switch first, then cache it" based
route cache. One example is Extreme Networks based Layer 3 Switches when they
are working as IP routers in layer 3 mode. Send 20-50kpps or so of diverse
distributed destination denial of service attack (or even overloaded traffic
of worm viruses can do the same effect) and the switch will become overloaded
with tNetTask trying to process switch the IP from RIB and update ipfdb, which
is a total ethernet based CAM hack for a router.

-J

-- 
James Jun TowardEX Technologies, Inc.
Technical Lead Network Design, Consulting, IT Outsourcing
james@towardex.com Boston-based Colocation & Bandwidth Services
cell: 1(978)-394-2867 web: http://www.towardex.com , noc: www.twdx.net

• Next message: gladston@br.ibm.com: "Re: Re: Voice Bandwidth"
• Previous message: ccie2be: "Re: switchport mode access command"
• Maybe in reply to: Daniel Sheedy: "cef musings..."
• Next in thread: Howard C. Berkowitz: "Re: cef musings..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Sep 03 2004 - 07:02:45 GMT-3