Conduct hardware-specific troubleshooting

If you are troubleshooting a Cisco Express Forwarding platform that supports dCEF or hardware switching, the final step is looking for potential hardware-specific problems.

If you are troubleshooting CEF on a Cisco IOS router that is only performing software switching and are unable to find any issues based on the previous sections, the next step is to open a Cisco TAC case and include relevant information. However, if you are troubleshooting a platform that supports dCEF or hardware switching, more analysis is needed.

Chapter 5 provides information on troubleshooting hardware switching on a Cisco Catalyst 6500. Example 4-21 illustrates performing troubleshooting of dCEF by examining the hardware-switching adjacency table on a Catalyst 4500 switch.

Example 4-21 Viewing a Hardware-Switching Adjacency Table

Troubleshooting Punt Adjacencies

Example 4-22 Determining Whether the FIB Prefix Points to Punt Adjacency

The CEF table output indicates that the entry is a valid punt adjacency. The term punt in Cisco IOS refers to sending a packet to the next-level switching process. By default, Cisco IOS always uses the fastest switching method possible; however, the fastest switching method usually does not support advanced features such as Network Address Translation (NAT) and policy-based routing (PBR) early in the product life cycle. Therefore, to handle these cases effectively, Cisco IOS punts the packet to the next-level switch method that can switch the frame. The following list illustrates the typical switching method hierarchy, with the fastest, most effective switching method listed first:

  • Hardware-based dCEF (hardware-based switching on line cards)
  • Hardware-based CEF (hardware-based, centralized forwarding typically found on Cisco Catalyst switches)
  • PXF switching
  • Software-based CEF
  • Software-based fast switching
  • Software-based process switching

Generally, the fastest and most effective switching methods generally lag software-based CEF in feature support. Therefore, when using new and unique features, Cisco IOS generally supports the feature in software first in low- to mid-range routers and switches. High-end routers and switches only support advanced features in hardware because the throughput required for the high-end routers and switches exceeds the capability of software-based switching methods. Use the show cef not-cef-switched command to view packets that are not CEF switched. In later code, the show ip cef switching statistics command gives detailed information of why a pass occurs and replaces the show cef not command. Example 4-23 illustrates an example of the show cef not-cef-switched command followed by Table 4-4, which illustrates descriptions for each of fields.

Example 4-23 Sample Output from the show cef not-cef-switched Command

Table 4-4 show cef not-cef-switched Command Field Descriptions

Field Description
Slot Refers to the slot for the respective ingress packet counts. For Cisco IOS routers that do not support dCEF, this value is always RP.
No_adj Indicates the number of packets dropped because of incomplete adjacency.
No_encap Indicates the number of packets sent to the processor for ARP resolution.
Unsupp'ted Indicates the number of packets fast-dropped by CEF (drop adjacency) because of an unsupported feature.
Redirect Indicates the number of packets requiring ICMP redirect by process switching.
Receive Indicates the number of packets ultimately destined to the router, or packets destined to a tunnel endpoint on the router. If the decapsulated tunnel packet is IP, the packet is CEF switched. Otherwise, packets are process switched.
Options Indicates the number of packets with options. Packets with IP options are process switched.
Access Indicates the number of packets punted because of an access list failure.
Frag Indicates the number of packets punted because of fragmentation failure.
MTU Indicates the number of packets punted because of maximum transmission unit (MTU) failure. Note: This field is not supported for IPv4 packets.

As hardware-switching components evolve, more features are being supported by CEF and dCEF. Unfortunately, most legacy software features are not supported by CEF or dCEF. Nevertheless, when troubleshooting CEF, you should note whether a software feature such as NAT, PBR, or accounting supports CEF. To verify such features, check the platform specific release notes, data sheets, and configuration guides.

Understanding CEF Error Messages

With current-generation Cisco IOS routers and Catalyst switches, some error messages pertaining to CEF are platform specific. As a result, you need to understand platform differences when troubleshooting CEF error messages. Nevertheless, Table 4-5 lists the general CEF EXEC error messages applicable to all Cisco IOS routers and Catalyst switches when configuring CEF and CEF features.

Table 4-5 General CEF EXEC Error Messages

Error Message Troubleshooting Action
Must enable IP routing first. When enabling CEF, IP routing must be enabled first.
Cannot disable CEF on this platform. When disabling CEF, some platforms, such as the Catalyst 6500, do not support disabling CEF.
CEF is not enabled. When attempting to configure a global configuration command that requires CEF, CEF must first be enabled.
CEF not enabled on this interface. Enable first. When attempting an interface configuration that requires CEF, CEF must be enabled first.

A useful tool when working with CEF error messages is the Error Message Decoder on found at the following website (you must be a registered user):

Table 4-6 reviews the most important commands discussed and illustrated in this chapter.

Table 4-6 Important CEF Troubleshooting Commands

Command Description
debug ip cef Enables debugging with IP CEF from the Cisco IOS CLI. Because this debug is intrusive, the recommended procedure is to use this debug option with optional parameters including ACLs to limit output. Furthermore, you should use this debug command under the supervision of a Cisco TAC engineer.
show adjacency detail Displays the IP CEF Layer 2 rewrite information and statistical information from the perspective of the software-switching path.
show arp Displays the ARP table contents. This command is the first step in troubleshooting adjacency issues because the adjacency table is built from the ARP table.
show ip cef Displays the IP CEF information from the software-switching path perspective. This command displays the prefix, next hop, and next-hop interface (outgoing interface) for verification. This command does not clearly illustrate the information contained through the hardware switching path.
show ip route Displays the IP routing table. This command is the first step in troubleshooting IP routing or IP CEF issues because the CEF tables are built from the IP routing table from a high-level perspective.

The following checklist reviews the important points of troubleshooting a software-based CEF issue:

  • Never assume that you are experiencing a Cisco IOS CEF issue; always troubleshoot from Layer 1 (physical layer) up.
  • In terms of troubleshooting CEF, verify the IP routing table and ARP table as a first step, because the CEF tables are built from those tables.
  • In Cisco IOS, use the show interface command to verify physical layer connectivity as the initial step in troubleshooting any IP connectivity issue.
  • Using the ICMP echo command ping from the Cisco IOS CLI always initiates echoes using the software-switching path.
  • After verifying the ARP and IP routing table in Cisco IOS, verify the software switching path for CEF by verifying the rewrite and next-hop information from the show ip cef detail and show adjacency commands.
  • In controlled environments on select platforms that do not support dCEF, disabling CEF is an available troubleshooting option.
  • Most mid- to high-end routers and all Catalyst switches do not support disabling CEF because CEF is required for normal operation.
  • To determine why CEF is dropping ingress packets, use the show cef drop command.
  • When troubleshooting CEF punt adjacencies, use the show cef not-cef-switched command to determine which CEF drop category the drops fall into.

This chapter covered many topics outside of CEF and presented a model that eventually leads to CEF troubleshooting. CEF is a scapegoat for many IP connectivity issues. The most common IP connectivity issues that are not CEF issues occur at the physical layer and Layer 2, such as spanning-tree or HSRP failures. Therefore, you should troubleshoot based on the OSI model. If a device uses hardware switching, conduct additional troubleshooting to isolate the issue.


Cisco, CEF Quick Help Guide, (This link requires registration.)

Cisco, Configuring CEF, products_configuration_guide_chapter09186a00800ca7cc.html. (This link requires registration.)

Cisco, Configuring Cisco Express Forwarding, ps1831/products_configuration_guide_chapter09186a00800ca6ca.html.

Cisco, How to Verify Cisco Express Forwarding Switching, products_tech_note09186a00801e1e46.shtml. (This link requires registration.)

Cisco, Troubleshooting Incomplete Adjacencies with CEF, Document ID: 17812,
(This link requires Cisco.comregistration.)

Cisco, Troubleshooting Cisco Express Forwarding, Document ID: 26083, (This link requires registration.)

Cisco, Troubleshooting Prefix Inconsistencies with Cisco Express Forwarding, technologies_tech_note09186a00800946f7.shtm. (This link requires registration.)

Cisco, Cisco Express Forwarding: Command Changes, sw/iosswrel/ps1838/products_feature_guide09186a008029b100.html.

Learn how to troubleshoot Cisco's Express Forwarding network switching technology in "Basic IP Connectivity and CEF Troubleshooting," Chapter 4 from the book Cisco Express Forwarding by Nakia Stringfield, Russ White and Stacia McKee.

Basic IP Connectivity and CEF Troubleshooting

  Accurately describe the problem
  Scope the network topology
  Review the OSI model for troubleshooting
  Verify the ARP table
  Verify the IP routing table
  Verify the CEF FIB table
  Verify the adjacency table
  Conduct hardware-specific troubleshooting

Reproduced from the book Cisco Express Forwarding. Copyright 2007, Cisco Systems, Inc. Reproduced by permission of Pearson Education, Inc., 800 East 96th Street, Indianapolis, IN 46240. Written permission from Pearson Education, Inc. is required for all other uses.

This was last published in July 2007

Dig Deeper on Campus area networks and services

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.