Configuring CEF Consistency Checkers

This module contains information about and instructions for configuring Cisco Express Forwarding (formerly known as CEF) consistency checkers. Cisco Express Forwarding consistency checkers enable you to find any database inconsistencies, such as an IP prefix missing from a line card or a Route Processor (RP). You can investigate and resolve the inconsistency by examining the associated Cisco Express Forwarding system error messages and by using Cisco Express Forwarding debug and show commands.

Cisco Express Forwarding is an advanced Layer 3 IP switching technology. It optimizes network performance and scalability for all kinds of networks—those that carry small amounts of traffic and those that carry large amounts of traffic in complex patterns, such as the Internet and networks characterized by intensive web-based applications or interactive sessions.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

Prerequisites for CEF Consistency Checkers

Cisco Express Forwarding must be up and running on the networking device before you can configure Cisco Express Forwarding consistency checkers.

Restrictions for CEF Consistency Checkers

The Cisco Express Forwarding consistency checkers—lc-detect, scan-lc-rp—apply only to devices that have distributed Cisco Express Forwarding enabled.

Information About CEF Consistency Checkers

Cisco Platform Support for CEF and dCEF

Cisco Express Forwarding is enabled by default on the Cisco ASR 1000 Series Aggregation Services Routers.

To find out if Cisco Express Forwarding is enabled on your platform, enter the show ip cef command. If Cisco Express Forwarding is enabled, you will see the following output: 

Device# show ip cef 

Prefix              Next Hop            Interface
[...]
10.2.61.8/24        192.168.100.1       FastEthernet1/0/0
                    192.168.101.1       FastEthernet2/1/0
[...]

If Cisco Express Forwarding is not enabled on your platform, you will see the following output for the show ip cef command: 

Device# show ip cef

%CEF not running

If Cisco Express Forwarding is not enabled on your platform, use the ip cef command to enable Cisco Express Forwarding or the ip cef distributed command to enable distributed Cisco Express Forwarding.

CEF Consistency Checker Types

Cisco Express Forwarding uses the routing information that is retrieved from the Routing Information Base (RIB), the Route Processor (RP), and the line card databases to perform express forwarding. Updating these databases may result in incosistencies because the distribution mechanism for these databases is asynchronous. Inconsistencies caused by asynchronous database distribution are of the following types:

  • Missing information, such as a particular prefix, on a line card

  • Different information, such as different next-hop IP addresses, on the line card

Cisco Express Forwarding supports passive and active consistency checkers that run independently to uncover these forwarding inconsistencies. The following table describes the consistency checkers and indicates whether the checker operates on the RP or the line card.

Table 1 Types of Cisco Express Forwarding Consistency Checkers

Checker Type

Operates On

Description

lc-detect

Line card

(Distributed Cisco Express Forwarding only) Detects missing prefixes on the line card. The information is confirmed by the RP.

Retrieves IP prefixes found missing from the line card forwarding information base (FIB) table. If IP prefixes are missing, the line card cannot forward packets for the corresponding addresses. The consistency checker then sends IP prefixes to the RP for confirmation. If the RP finds that it has the relevant entry, an inconsistency is detected, and an error message is displayed. Finally, the RP sends a signal back to the line card confirming that the IP prefix is an inconsistency.

scan-lc-rp

Line card

Distributed Cisco Express Forwarding only looks through the FIB table for a configurable time period and sends the next x prefixes to the RP. The RP does an exact lookup in its FIB table. If the RP finds that the prefix is missing, the RP reports an inconsistency. Finally, the RP sends a signal back to the line card for confirmation.

The time period and the number of prefixes sent are configured with the cef table consistency-check command.

scan-rp-lc

Route Processor

(Distributed Cisco Express Forwarding only) Looks through the RP FIB table for a configurable time period and sends the next x prefixes to the line card. (This action is opposite to the one that the scan-lc-rp checker performs.) The line card does an exact lookup in the FIB table. If the line card finds the prefix missing, the line card reports an inconsistency and signals the RP for confirmation.

The time period and the number of prefixes sent are configured with the cef table consistency-check command.

scan-rib-ios

Route Processor

Compares the Routing Information Base (RIB) to the FIB table and provides the number of entries missing from the FIB table.

scan-ios-rib

Route Processor

Compares the FIB table to the RIB and provides the number of entries missing from the RIB.

Cisco Express Forwarding consistency checkers are disabled by default. Console errors are disabled by default.

If you find a database inconsistency, such as an IP prefix missing from a line card or an RP, you can investigate and resolve the inconsistency by examining the Cisco Express Forwarding system error messages and by using Cisco Express Forwarding debug and show commands.

For Cisco Express Forwarding consistency checker system error messages, see the System Messages for Cisco IOS XE Software.

How to Configure CEF Consistency Checkers

Enabling CEF Consistency Checkers

Perform the following task to enable Cisco Express Forwarding consistency checkers.

SUMMARY STEPS

    1.    enable

    2.    configure terminal

    3.    cef table consistency-check {ipv4 | ipv6} [auto-repair [delay seconds [holddown seconds] | holddown seconds] | data-checking | error-message | type {lc-detect | scan-lc-rp | scan-rp-lc | scan-rib-ios | scan-ios-rib} [count count-number [period seconds] | period seconds]]

    4.    end


DETAILED STEPS
     Command or ActionPurpose
    Step 1 enable


    Example:
    Device> enable
     

    Enables privileged EXEC mode.

    • Enter your password if prompted.

     
    Step 2 configure terminal


    Example:
    Device# configure terminal
     

    Enters global configuration mode.

     
    Step 3 cef table consistency-check {ipv4 | ipv6} [auto-repair [delay seconds [holddown seconds] | holddown seconds] | data-checking | error-message | type {lc-detect | scan-lc-rp | scan-rp-lc | scan-rib-ios | scan-ios-rib} [count count-number [period seconds] | period seconds]]


    Example:
    Device(config)# cef table consistency-check ipv4 scan-rib-ios count 100 period 60
     

    Enables Cisco Express Forwarding table consistency checker types and parameters.

    • The ipv4 keyword checks IPv4 addresses.

    • The ipv6 keyword checks IPv6 addresses.

    • The auto-repair keyword enables the auto-repair function. By default, this function is enabled. You can enter the no form of the command to disable auto repair or enter the default form of the command to reset the auto-repair settings to a 10-second delay and 300-second holddown time.

    • The delay seconds keyword-argument pair specifies how long the consistency checker waits to fix an inconsistency. The valid range is from10 to 300 seconds. The default delay value is 10 seconds

    • The holddown seconds keyword and argument pair specifies how long the consistency checker waits to reenable auto repair after auto repair runs. The valid range is from 300 to 3000 seconds. The default delay value is 300 seconds.

    • The data-checking keyword enables the consistency checker data-checking utility. By default, this function is disabled.

    • The error-message keyword enables the consistency checker to generate an error message when it detects an inconsistency. By default, this function is disabled.

    • The type keyword indicates the type of consistency check that can be enabled.

    • The lc-detect keyword enables the line card to detect a missing prefix, which is confirmed by the Route Processor (RP).

    • The scan-lc-rp keyword performs a passive scan check of tables on the line card.

    • The scan-rp-lc keyword enables a passive scan check of tables on the RP.

    • The scan-rib-ios keyword compares the Routing Information Base (RIB) to the forwarding information base (FIB) and provides the number of entries missing from the FIB table.

    • The scan-ios-rib keyword compares the FIB table to the RIB and provides the number of entries missing from the RIB.

    • The count number keyword-argument pair specifies the maximum number of prefixes to check per scan. The valid range is from 2 to 10000.

    • The period seconds keyword-argument pair specifies the time during which updates for a candidate prefix are ignored as inconsistencies. The valid range is from 30 to 3600 seconds.

     
    Step 4 end


    Example:
    Device(config)# end
     

    Returns to privileged EXEC mode.

     

    Displaying and Clearing Table Inconsistencies

    Perform the following task to display and clear Cisco Express Forwarding table inconsistency records found by the lc-detect, scan-rp-lc, scan-lc-rp, scan-rib-ios, and scan-ios-rib detection mechanisms.

    SUMMARY STEPS

      1.    enable

      2.    test cef table consistency [detail]

      3.    clear ip cef inconsistency

      4.    clear cef linecard [slot-number] [adjacency | interface | prefix]

      5.    show cef table consistency-check

      6.    disable


    DETAILED STEPS
       Command or ActionPurpose
      Step 1 enable


      Example:
      Device> enable
       

      Enables privileged EXEC mode.

      • Enter your password if prompted.

       
      Step 2 test cef table consistency [detail]


      Example:
      Device#  test cef table consistency
       

      Use this command to test the Cisco Express Forwarding forwarding information base (FIB) for prefix consistency.

       
      Step 3 clear ip cef inconsistency


      Example:
      Device# clear ip cef inconsistency
       

      Use this command to clear the Cisco Express Forwarding inconsistency statistics and records found by Cisco Express Forwarding consistency checkers.

       
      Step 4 clear cef linecard [slot-number] [adjacency | interface | prefix]


      Example:
      Device# clear cef linecard
       

      Use this command to clear Cisco Express Forwarding information from line cards.

       
      Step 5 show cef table consistency-check


      Example:
      Device# show cef table consistency-check
       

      Use this command to verify the status of Cisco Express Forwarding consistency checkers in the FIB.

       
      Step 6 disable


      Example:
      Device# disable
       

      Use this command to exit to user EXEC mode.

       

      Configuration Examples for CEF Consistency Checkers

      Example: Enabling CEF Consistency Checkers

      The following example shows how to enable the scan-rp Cisco Express Forwarding consistency checker. 

      Device> enable
Device# configure terminal
Device(config)# cef table consistency-check scan-rp-lc count 225 period 3600
Device(config)# end

      Note

      The Route Processor (RP) is configured to send 3600 prefixes to the line cards every 225 seconds.

      Example: Displaying and Clearing Table Inconsistencies

      The following example shows how to test the Cisco Express Forwarding FIB for prefix consistency: 

      Device# test cef table consistency detail

      The following is sample output from the test cef table consistency detail command: 

      Device# test cef table consistency detail 

full-scan-rib-ios: Checking IPv4 RIB to FIB consistency
full-scan-rib-ios: FIB checked 12 prefixes, and found 0 missing.
full-scan-ios-rib: Checking IPv4 FIB to RIB consistency
full-scan-ios-rib: Checked 12 FIB prefixes in 1 pass, and found 0 extra.
full-scan-rp-lc: Sent 26 IPv4 prefixes to linecards in 1 pass
full-scan-rp-lc: Initiated IPv4 FIB check on linecards..4..1..0..
full-scan-rp-lc: FIB IPv4 check completed on linecards..1..0..4..
full-scan-rp-lc: Linecard 4 checked 26 IPv4 prefixes (ignored 0). 0 inconsistent.
full-scan-rp-lc: Linecard 1 checked 26 IPv4 prefixes (ignored 0). 0 inconsistent.
full-scan-rp-lc: Linecard 0 checked 26 IPv4 prefixes (ignored 0). 0 inconsistent.
full-scan-rib-ios: Checking IPv6 RIB to FIB consistency
full-scan-rib-ios: FIB checked 16 prefixes, and found 5 missing.
full-scan-ios-rib: Checking IPv6 FIB to RIB consistency
full-scan-ios-rib: Checked 11 FIB prefixes in 1 pass, and found 0 extra.
full-scan-rp-lc: Sent 11 IPv6 prefixes to linecards in 1 pass
full-scan-rp-lc: Initiated IPv6 FIB check on linecards..4..1..0..
full-scan-rp-lc: FIB IPv6 check completed on linecards..1..4..0..
full-scan-rp-lc: Linecard 4 checked 11 IPv6 prefixes (ignored 0). 0 inconsistent.
full-scan-rp-lc: Linecard 1 checked 11 IPv6 prefixes (ignored 0). 0 inconsistent.
full-scan-rp-lc: Linecard 0 checked 11 IPv6 prefixes (ignored 0). 0 inconsistent.
No IPv4 inconsistencies found, check took 00:00:01.444
Warning: 5 IPv6 inconsistencies found, check took 00:00:01.240

      The output of this command shows that no IPv4 inconsistencies were found and five (5) IPv6 inconsistencies were found. The output also shows how many prefixes were checked by the FIB and the linecards and how many prefixes were missing, if any.

      The following is sample output from the show cef table consistency-check command: 

      Device# show cef table consistency-check

Consistency checker master control: enabled
IPv4:
 Table consistency checker state:
  scan-rib-ios: disabled
   0/0/0/0 queries sent/ignored/checked/iterated
  scan-ios-rib: disabled
   0/0/0/0 queries sent/ignored/checked/iterated
  full-scan-rib-ios: enabled [1000 prefixes checked every 60s]
   0/0/0/0 queries sent/ignored/checked/iterated
  full-scan-ios-rib: enabled [1000 prefixes checked every 60s]
   0/0/0/0 queries sent/ignored/checked/iterated
 Checksum data checking disabled
 Inconsistency error messages are disabled
 Inconsistency auto-repair is enabled (10s delay, 300s holddown)
 Inconsistency auto-repair runs: 0
 Inconsistency statistics: 0 confirmed, 0/16 recorded
IPv6:
 Table consistency checker state:
  scan-ios-rib: disabled
   0/0/0/0 queries sent/ignored/checked/iterated
  full-scan-rib-ios: enabled [1000 prefixes checked every 60s]
   0/0/0/0 queries sent/ignored/checked/iterated
  full-scan-ios-rib: enabled [1000 prefixes checked every 60s]
   0/0/0/0 queries sent/ignored/checked/iterated
 Checksum data checking disabled
 Inconsistency error messages are disabled
 Inconsistency auto-repair is enabled (10s delay, 300s holddown)
 Inconsistency auto-repair runs: 0
 Inconsistency statistics: 0 confirmed, 0/16 recorded

      The output of this command shows that two full scans are enabled, and at every 60 seconds, 1000 prefixes are checked. It also shows that the auto-repair function is enabled with the default settings of a 10-second delay and a 300-second holddown time. In this example, no inconsistencies were found.

      Additional References for CEF Consistency Checkers

      Related Documents

      Related Topic

      Document Title

      Cisco IOS commands

      Master Commands List, All Releases

      Cisco Express Forwarding Commands

      Cisco IOS IP Switching Command Reference

      Technical Assistance

      Description

      Link

      The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

      http:/​/​www.cisco.com/​cisco/​web/​support/​index.html

      Feature Information for CEF Consistency Checkers

      The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

      Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.
      Table 2 Feature Information for CEF Consistency Checkers

      Feature Name

      Releases

      Feature Information

      This table is intentionally left blank because no features were introduced or modified in Cisco IOS XE Release 2.1 or later. This table will be updated when feature information is added to this module.

      Glossary

      adjacency—A relationship formed between selected neighboring routers and end nodes for the purpose of exchanging routing information. Adjacency is based upon the use of a common media segment by the routers and nodes involved.

      Cisco Cisco Express Forwarding—A Layer 3 switching technology. Cisco Express Forwarding can also refer to a central Cisco Express Forwarding mode, one of two modes of the Cisco Express Forwarding operation. Cisco Express Forwarding enables a Route Processor (RP) to perform express forwarding. Distributed Cisco Express Forwarding is the other mode of the Cisco Express Forwarding operation.

      distributed Cisco Express Forwarding—A mode of Cisco Express Forwarding switching in which line cards maintain identical copies of the forwarding information base (FIB) and adjacency tables. The line cards perform express forwarding between port adapters; this relieves the Route Processor from any involvement in the switching operation.

      FIB—forwarding information base. A component of Cisco Express Forwarding that is conceptually similar to a routing table or information base. The router uses the FIB lookup table to make destination-based switching decisions during the Cisco Express Forwarding operation. The router maintains a mirror image of the forwarding information in an IP routing table.

      IPC—interprocess communication. The mechanism that enables the distribution of Cisco Express Forwarding tables from the RP to the line card when the router is operating in distributed Cisco Express Forwarding mode.

      LIB—label information base. A database used by a label switch router (LSR) to store labels learned from other LSRs, as well as labels assigned by the local LSR.

      line card—A general term for an interface processor that can be used in various Cisco products.

      MPLS—Multiprotocol Label Switching. An industry standard for the forwarding of packets along normal routing paths (sometimes called MPLS hop-by-hop forwarding).

      prefix—The network address portion of an IP address. A prefix is specified by a network and mask and is generally represented in the format network/mask. The mask indicates which bits are network bits. For example, 192.0.2.1/16 means that the first 16 bits of the IP address are masked, making them the network bits. The remaining bits are the host bits. In this example, the network number is 192.0.

      RIB—Routing Information Base. A central repository of routes that contains Layer 3 reachability information and destination IP addresses or prefixes. The RIB is also known as the routing table.

      RP—Route Processor. The processor module that contains the CPU, system software, and most of the memory components that are used in the router. It is sometimes called a supervisory processor.

      VPN—Virtual Private Network. The result of a router configuration that enables IP traffic to use tunneling to travel securely over a public TCP/IP network.

      VRF —A Virtual Private Network (VPN) routing/forwarding instance. A VRF consists of an IP routing table, a derived forwarding table, a set of interfaces that use the forwarding table, and a set of rules and routing protocols that determine what goes into the forwarding table. In general, a VRF includes the routing information that defines a customer VPN site that is attached to a Provider Edge router.