08-07-2013 07:09 AM - edited 03-07-2019 02:48 PM
Hi,
I noticed an 3945-SEC having quite high CPU load without doing much, because there are more packets Process-Switched than CEF switched.
To investigate, I issued the following command:
Router#sh ip cef switching statistics feature
IPv4 CEF input features:
Feature Drop Consume Punt Punt2Host Gave route
Access List 24911921 0 0 14678240 0
Policy Routing 0 0 0 0 20433673
Total 24911921 0 0 14678240 20433673
IPv4 CEF output features:
Feature Drop Consume Punt Punt2Host New i/f
CCE Output Class 0 0 715266717 0 0
Total 0 0 715266717 0 0
IPv4 CEF post-encap features:
Feature Drop Consume Punt Punt2Host New i/f
IPSEC Post-encap 1 655816389 0 0 0
Total 1 655816389 0 0 0
IPv4 CEF for us features:
Feature Drop Consume Punt Punt2Host New i/f
Total 0 0 0 0 0
IPv4 CEF punt features:
Feature Drop Consume Punt Punt2Host New i/f
Total 0 0 0 0 0
IPv4 CEF local features:
Feature Drop Consume Punt Punt2Host Gave route
Total 0 0 0 0 0
The punted (= non cef-switched, "punted" to another switching mechanism) packets for the feature "CCE Output Class" are increasing by ~1000 per second.
This made me wonder, what exactly the feature "CCE Output Class" is. As I see in the following output, this feature actually is enabled on my Tunnel Interface:
Router#sh ip int tu0
Tunnel0 is up, line protocol is up
Internet address is x.x.x.x/xx
Broadcast address is x.x.x.x
Address determined by non-volatile memory
MTU is 1400 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Multicast reserved groups joined: 224.0.0.10
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is disabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are never sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP fast switching on the same interface is disabled
IP Flow switching is disabled
IP CEF switching is enabled
IP CEF switching turbo vector
IP Null turbo vector
Tunnel VPN Routing/Forwarding "xxx"
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled
Input features: Process Packet Capture, MCI Check, TCP Adjust MSS
Output features: CCE Output Classification, NHRP Redirect, CCE Post NAT Classification, TCP Adjust MSS, QoS Preclassification
Post encapsulation features: IPSEC Post-encap output classification
WCCP Redirect outbound is disabled
WCCP Redirect inbound is disabled
WCCP Redirect exclude is disabled
Can anybody tell me, what "CCE Output Classification" is, and why this is extensivly used by my router?
Solved! Go to Solution.
08-07-2013 11:23 AM
Hello Sebastian,
CCE is the common classification engine.I believe its used to "match' traffic for features like qos, nat, etc. Based on the "sh in tu" output, some feature on output direction is causing packets to be punted.You could try "debug ip cef drop" for a few seconds while the counter increments, usually it will give a punt reason. Common reasons are as listed below.
ACL with log or log-input option (or)
An unreachable next-hop for a route (or)
A missing arp entry for a next hop (or)
Missing arp entry for outside nat ...etc.
****Plz do rate this post without fail if you found it to be helpful*********
Thanks & Regards,
Vignesh R P
08-07-2013 11:23 AM
Hello Sebastian,
CCE is the common classification engine.I believe its used to "match' traffic for features like qos, nat, etc. Based on the "sh in tu" output, some feature on output direction is causing packets to be punted.You could try "debug ip cef drop" for a few seconds while the counter increments, usually it will give a punt reason. Common reasons are as listed below.
ACL with log or log-input option (or)
An unreachable next-hop for a route (or)
A missing arp entry for a next hop (or)
Missing arp entry for outside nat ...etc.
****Plz do rate this post without fail if you found it to be helpful*********
Thanks & Regards,
Vignesh R P
08-08-2013 02:44 AM
I had NBAR protocol discovery enabled earlier on the router, but disabled it in the meantime. Maybe the classification engine was still running for that.
I restarted the router now and the "CCE Output Classification" disappeared from the "show ip int Tu0" and the "show ip cef switching stat feature".
Thanks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide