Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4212
Views
0
Helpful
8
Replies

CEF not running even though enabled globally

eddychristian10
Level 1
Level 1

‎04-05-2016 08:00 PM - edited ‎03-05-2019 03:43 AM

Hi,

I have an issue where our internet traffic can suddenly go down and either we need to flap the interface or restart the modem connected to the interface. I can see some CRC increasing during peak period. I can confirm the duplex and speed are the same both side. Cable and modem has been changed. 

Some information that i managed to gather:

- High CPU utilization during peak period caused by ip input

- Checked the CEF and somehow it's not running although enabled globally

R1#show ip cef
%IPv4 CEF not running
R1#show run | i cef
ip cef

- the default route to internet is pointing to outgoing interface instead of nexthop IP address. So, i can see a bunch of arps for internet ip addresses.

- show ip cef summary and show ip int showing as below

R1#show ip cef summary
IPv4 CEF is enabled, but not switching
VRF Default
4294967290 prefixes (4294967290/0 fwd/non-fwd)
Table id 0x0
Database epoch: 0 (71 entries at this epoch)

- R1#show ip int f0/1
FastEthernet0/1 is up, line protocol is up
Internet address is x.x.x.x/x
Broadcast address is 255.255.255.255
Address determined by DHCP
MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is disabled
IP fast switching on the same interface is disabled
IP Flow switching is disabled
IP CEF switching is disabled
IP Null turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Policy routing is disabled
Network address translation is enabled, interface in domain outside
BGP Policy Mapping is disabled
Input features: Stateful Inspection, Virtual Fragment Reassembly, Virtual Fragment Reassembly After IPSec Decryption, NAT Outside, MCI Check
Output features: CCE Output Classification, Post-routing NAT Outside, Stateful Inspection
WCCP Redirect outbound is disabled
WCCP Redirect inbound is disabled
WCCP Redirect exclude is disabled

Here i can see that cef and fast switching is disabled and i don't see anything from show ip cache output. Show run all from the interface also shows that route-cache is enabled.

interface FastEthernet0/1
ip address dhcp
ip redirects
ip proxy-arp
ip load-sharing per-destination
ip cef accounting non-recursive internal
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
snmp trap link-status

May i know what might cause the CEF not running here? i suspect the excessive routes for internet traffic causing the interface to fallback to process switching instead. Need your advise on this.

Router is 1841 with 15.0(1)M3 version

Labels:
0 Helpful
8 Replies 8

Peter Paluch
Cisco Employee
Cisco Employee

‎04-05-2016 08:30 PM

Hi Eddy,

This is strange... I have not yet seen a router claiming that CEF is not running while having it active. Can you please post the complete sanitized configuration of this router?

Apart from that, regarding the static default route defined with an egress interface - don't. I cannot stress that enough. This forum has seen routers with their default route configured using an egress interface consume all their memory due to ever-growing ARP cache, crash and reboot intermittently. I suppose that in your case, the default route is configured using the egress interface because you do not know the IP address of your upstream router as you are using DHCP - but in that case, the DHCP will automatically provide you with a default route (remember that DHCP also assigns a gateway to its clients). Without any static default route, your router will learn about the default gateway and will install a default route toward it automatically. This default route will have an administrative distance of 254 so if you want to make it more trustworthy (this may be necessary in the presence of dynamic routing protocols that could override it), you can actually configure a default route statically as follows:

ip route 0.0.0.0 0.0.0.0 dhcp

This will make the DHCP-learned default route get a default AD of 1. So if possible, please remove your existing default route pointing out an egress interface and replace it with the one shown above.

Best regards,
Peter

0 Helpful

eddychristian10
Level 1
Level 1
In response to Peter Paluch

‎04-07-2016 06:22 AM

Hi, 

thanks for the reply. I will try the dhcp option. It is definitely better to do this method instead of using outgoing interface.

Attached the running-config. i will try to grab the show tech.

it's a simple router config doing NAT to internet.

Preview file
2 KB
0 Helpful

milan.kulik
Level 10
Level 10
In response to eddychristian10

‎04-07-2016 09:59 AM

Hi,

isn't there anything visible in the router Syslog regarding the CEF getting disabled?

Did you think about rebooting the router to observe if CEF keeps disabled?

Best regards,

Milan

0 Helpful

Vinit Jain
Cisco Employee
Cisco Employee
In response to eddychristian10

‎04-07-2016 10:08 AM

Is it possible that you can disable cef globally and enable it back again. Just remember to enable terminal monitor before you do that so that if there any syslog message generated, it can be seen.

Could you please share the output of "show ip route summary"

Regards

Vinit

Thanks
--Vinit
0 Helpful

Vaibhav Vishnoi
Level 1
Level 1
In response to eddychristian10

‎03-17-2017 08:18 PM

Hi Eddy,

Did you get any solution for this problem, i am facing the same issue. 
If you can plz respond.

Regards,

Vaibhav

0 Helpful

Tagir Temirgaliyev
Spotlight
Spotlight
In response to Vaibhav Vishnoi

‎03-19-2017 04:42 AM

answer is do not point default route to interface like this

ip route 0.0.0.0 0.0.0.0 FastEthernet0/1

point it to next hop IP Address

0 Helpful

chrihussey
VIP Alumni
VIP Alumni

‎04-06-2016 05:04 AM

The fact that your F0/1 interface is getting its IP address via DHCP and the default route points just to the interface is the issue. As a result of this, all traffic to the Internet requires constant ARP queries and subsequently a forwarding table cannot be built for CEF to operate.

What you need to do is have an IP address on the F0/1 interface and point the default route to the next hop IP address and all these issues will go away.

0 Helpful

Peter Paluch
Cisco Employee
Cisco Employee
In response to chrihussey

‎04-06-2016 05:35 AM

Hi chrihussey,

We both agree that having a default route pointing out a FastEthernet interface without an IP next-hop address is a bad idea. There is no problem in receiving an interface address via DHCP per se, and there is no problem in learning the default route via DHCP the way I have suggested in my previous response.

Where I beg to differ is that this is the main reason why CEF is being reported as "not running". I do not agree. Whether you have or don't have an ARP entry has no impact on whether CEF, as an IOS subsystem, is active and running. There seems to be something different going on in addition to the unfortunate default route, and I don't think we can tell precisely what it is without seeing the configuration.

In fact, the show tech-support would be ideal.

Best regards,
Peter

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card