RE: CPPr

Hopalong/Miroslav,

The third is the CEF exception not the CEF interface but you did a good job
working thru the stuff Miroslav. CEF traffic typically doesn't leave the
data plane; hardware/specialized software when traversing the router. The
FIB allows the traffic to remain in the data plane without further
processing by the router. Thus this traffic is not process switched.

So just a comment on this CEF Exception interface for clarification. This
would be traffic that typically is only meant to traverse the data plane of
the router but is punted to the route processor for further processing
either due to something like IP options in the packet that the router needs
to check or an ACL or other feature configured on the router that causes
further processing of CEF based traffic. Non IP traffic would not be
forwarded by the router unless the router is configured to do so, for IPX or
other non IP traffic. But this wouldn't be a good classification of what is
considered to be the CEF exception traffic. I.E. ARP and CDP traffic
wouldn't be CEF exception traffic as this is traffic that would be expected
to be processed by the router as the traffic is not intended to be forwarded
by the router to another subnet. ARP is part of the building block of the
FIB and the CEF Table is not built without it; meaning it is a precursor to
the CEF process.

Regards,
 
Tyson Scott - CCIE #13513 R&S, Security, and SP
Technical Instructor - IPexpert, Inc.
Mailto: tscott_at_ipexpert.com
Telephone: +1.810.326.1444, ext. 208

-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
Miroslav Kosut
Sent: Saturday, January 02, 2010 6:29 PM
To: hopalong
Cc: Cisco certification
Subject: Re: CPPr

Hello,

it depends on the destination of this traffic:

1. If the traffic is destined for the web server running on the router (i.e.
web gui), then the policy must be configured on the "host" subinterface.
2. If the traffic is supposed to be enter and leave the router, then the
policy must be configured on the "top-level (aggregate)" interface.

Basically, all three subinterfaces are used for packets which are handled
specially (otherwise a policy should be configured on "top-level aggregate
interface"):

a) "host" subinterface - traffic destined to one of the router interfaces
(examples: telnet, ssh, http[s], icmp, .. and many many more!)
b) "transit" subinterface - ::: IP traffic ::: entered and left from the
router, BUT only packets which are ::process-switched:: (ciscoDoc example:
nonterminating tunnels)
c) "cef-interface" subinterface - my understanding is that this interface is
used for packets which the router guess to be CEF switched, but after L2
deencapsulation it found out that they are non-IP packets so they must be
process switched (when he finds in L2 payload an ARP packet, or L2
keepalive,
or IPX packet, ... anything with Ethernet II Type field different from
0x0800
(IP) and 802.3 ethernet not carrying IP such as CDP)

I hope I helped. Anyone - please comment if I am wrong. Thanks!

Regards,
Miroslav Kosut

On Jan 2, 2010, at 10:49 PM, hopalong wrote:

> Hi
>
> Can anyone help me with a *nice* explanation of the 3 subinterfaces
> (CEF/Host/Transit) in terms of describing or rather working out which
> traffic goes to which interface from the question!
>
> For instance if a CCPr question said something like 'Set the queue-limit
for
> input HTTP packets to 400 packets and limit the packet rate to 10 per
> second' - would this be Host or Transit and why?
>
> Thank you!
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Sun Jan 03 2010 - 01:54:49 ART