RE: Hardware CEF entry usage is at 95% capacity on 7600

From: Lars Christensen (perseusdk@gmail.com)
Date: Sun Dec 14 2008 - 13:49:43 ARST

Scott,

As you said... It all depends... I just referenced the latest analysis from
cidr-report.org, which actually is not that far from the tables my routers
receive on a daily basis.

In the end, most could actually work just fine with a default route :)

Regards,
Lars

-----Original Message-----
From: Scott Morris [mailto:smorris@internetworkexpert.com]
Sent: 14. december 2008 16:43
To: 'Lars Christensen'; 'Johnny Phan'; 'ZZ'; 'Cristea, Bogdan, VF-RO'
Cc: 'Marko Milivojevic'; 'Pavel Bykov'; 'Cisco certification'
Subject: RE: Hardware CEF entry usage is at 95% capacity on 7600

Bogus? I think that will depend on who you are getting your feed through
and what aggregation points may exist over one path but not another! (or
what policies)

I think it's more perspective that bogus or not! ;)

Scott Morris, CCIE4 #4713, JNCIE-M #153, JNCIS-ER, CISSP, et al.
CCSI/JNCI-M/JNCI-ER
Senior CCIE Instructor

smorris@internetworkexpert.com

 

Knowledge is power.
Power corrupts.
Study hard and be Eeeeviiiil......
 

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Lars
Christensen
Sent: Sunday, December 14, 2008 6:12 AM
To: 'Johnny Phan'; 'ZZ'; 'Cristea, Bogdan, VF-RO'
Cc: 'Marko Milivojevic'; 'Pavel Bykov'; 'Cisco certification'
Subject: RE: Hardware CEF entry usage is at 95% capacity on 7600

Johnny,

That seems to be bogus information. Just take a look at the latest report
from cidr-report.org. The number is more like 282k routes at the moment.

Regards,
Lars Lystrup Christensen
CCIE #20292

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Johnny Phan
Sent: 14. december 2008 03:44
To: ZZ; Cristea, Bogdan, VF-RO
Cc: Marko Milivojevic; Pavel Bykov; Cisco certification
Subject: Re: Hardware CEF entry usage is at 95% capacity on 7600

240k is the number of BGP routes out there at the moment.

Johnny

----- Original Message -----
From: "ZZ" <zurabz@gmail.com>
To: "Cristea, Bogdan, VF-RO" <Bogdan.Cristea@vodafone.com>
Cc: "Marko Milivojevic" <markom@markom.info>; "Pavel Bykov"
<slidersv@gmail.com>; "Cisco certification" <ccielab@groupstudy.com>
Sent: Wednesday, December 03, 2008 7:15 AM
Subject: Re: Hardware CEF entry usage is at 95% capacity on 7600

> this is excellent explanation!
>
> Thank you
>
> On Wed, Dec 3, 2008 at 2:17 AM, Cristea, Bogdan, VF-RO <
> Bogdan.Cristea@vodafone.com> wrote:
>
>> Hi all,
>> Hope the bellow explication helps:
>>
>>
>> Because the 7600 uses FIB downloaded in the PFC there is the following
>> scenario:
>> If you inject in RIB a number of routes larger then the maximum routes
>> for the supervisor you own then you will reach the case when the desired
>> FIB for download into PFC is larger that the maximum defined and you
>> will get that message.
>>
>> show mls cef maximum-routes
>> FIB TCAM maximum routes :
>> =======================
>> Current :-
>> -------
>> IPv4 + MPLS - 192k (default)
>> IPv6 + IP Multicast - 32k (default)
>>
>> The event will trigger an exception leading to exception state set to
>> TRUE for the type of routes for which you reached the maximum routes
>>
>> The normal output would be:
>> show mls cef exception status
>> Current IPv4 FIB exception state = FALSE
>> Current IPv6 FIB exception state = FALSE
>> Current MPLS FIB exception state = FALSE
>>
>>
>> You can also check that you hit the exception looking in the output of
>> show mls cef at the start.
>>
>>
>> There are 2 solutions:
>>
>> 1. power cycle the router
>> 2. if you have a redundant supervisor:
>> Power cycle the standby supervisor (this will enforce the
>> download of the current FIB in the PFC
>> Check that after the reload the command "remote command
>> standby-sp show mls cef exception status" shows you false for each
>> exception state
>> Then perform a switchover. If the old active supervisor does not
>> reboot you will need also to power cycle it manually.
>>
>> I had the same problem on a 7600 box and resolved via solution number 2.
>> The behaviour before resolving the problem was random packet drops.
>> Also if I was transforming to process switching the packet forwarding
>> was ok
>>
>> The solution with new ios works because you actually need to power cycle
>> the box/supervisors but not because the ios version is the root cause.
>>
>> Take care when you perform the steps in order to not disrupt your live
>> services :)
>>
>> Bogdan Cristea
>>
>>
>> -----Original Message-----
>> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
>> Marko Milivojevic
>> Sent: 02 December 2008 21:43
>> To: ZZ
>> Cc: Pavel Bykov; Cisco certification
>> Subject: Re: Hardware CEF entry usage is at 95% capacity on 7600
>>
>> On Tue, Dec 2, 2008 at 16:09, ZZ <zurabz@gmail.com> wrote:
>> > I totally agree, it shouldn't crash, maximum it should it is to
>> disable CEF.
>> >
>> > I'm running 12.2(33)SRB2
>>
>> Well, it can't disable CEF as it has no other forwarding mechanism
>> available. It should drop flows that it has no space for. Now that I
>> see what IOS you are running -- run from it and run fast :-). That one
>> is trouble. I believe they are up to SRB5 now.
>>
>> --
>> Marko
>> CCIE #18427 (SP)
>> My network blog: http://cisco.markom.info/
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net

This archive was generated by hypermail 2.1.4 : Thu Jan 01 2009 - 12:53:08 ARST