CEF load balancing cisco 3750

Posted on 2014-09-30
Medium Priority
Last Modified: 2014-10-03

I am trying to configure cef for our two gateways (firewalls).  I do see the cef option, but when I go to the 2 interfaces I do not see  ip load-sharing per-destination

Is there something I am missing

I plan on configuring 2 routes to the gateways with the same netrics 1 1

Thank you for your help in advance
Question by:thomasm1948
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
LVL 14

Expert Comment

ID: 40354378
The details are a bit sketchy from your question.  Have you configured CEF already, but not the two default routes?  If you haven't configured the default routes yet, what routes are there currently for the Internet traffic?  If you don't have equal-cost routes in the routing table, you won't see any load-sharing when enabling CEF.

Here's the link to the Cisco Config Guide to explain the process for configuring CEF: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750/software/release/15-0_2_se/configuration/guide/scg3750/swiprout.html#pgfId-1109701.  Once CEF is enabled, you can check the FIB table by issuing the "show ip cef"-command - Your internet routes should have two entries (via the two ISP's), which would be an indication that load-sharing takes place.

If you can post the output of the "show ip cef" command (you can remove any entries for your internal network), we can perhaps tell you what is missing.

Just one more question:  If you say that you do not see ip load-sharing per-destination, how did you check?  What did you expect, and what did you find?

Author Comment

ID: 40354847

I took out all of the internal traffic stuff:          multicast         receive          drop   receive

Ok, so I wen through the CEF guide and I do not see all of the commands for CEF on the CISCO 3750.  I know that on the CISCO 3750 CEF is enabled by default and that it can do only per-destination and not per-packet.  CEF is also a global option.

I have not put multiple gateways in as of yet.  So I am unsure how the switch will handle it once I put it in being that I do not get a interface options for load-sharing.  I do get load-sharing option under the global config but I only get the option the following option:

ASAMC3750STACK(config)#ip cef load-sharing ?
  algorithm  Per-destination load sharing algorithm selection

I did set that for original.

I my main issue is that they run VOIP and if the switch handles the 2 gateways as round robin then there will occurances where the switch will have to do packet reformation and that can cause an issue for VOIP.  That is why I am just confirming the CEF because I need it to do load-sharing between the two gateways utilizing per-destination so that their VOIP works correctly

Author Comment

ID: 40354868
forgot to add the following for sh ip cef

Prefix               Next Hop             Interface            Vlan16           receive
Are You Using the Best Web Development Editor?

The worlds of web hosting and web development are constantly evolving. Every year we see design trends change, coding standards adapt and new frameworks/CMS created. With such a quick pace of change it’s easy to get lost trying to keep up.

See if your editor made the list.


Author Comment

ID: 40355140
these are the options that I get under the int for IP

Interface IP configuration subcommands:
  access-group  Specify access control for packets
  admission     Apply Network Admission Control
  arp           Configure ARP features
  dhcp          Configure DHCP parameters for this interface
  igmp          IGMP interface commands
  verify        verify
  vrf           VPN Routing/Forwarding parameters on the interface
LVL 14

Accepted Solution

Otto_N earned 2000 total points
ID: 40356874
I think there's a couple of things you need to know.

1. CEF only expedite forwarding, and doesn't change how the packet is handled

CEF ensure fast packet forwarding (at, or close to, the line rate of the interfaces) by pre-calculating the forwarding path and header rewrite information for all entries in the routing table.  So when a packet hits the switch, the switch sends it out the correct port much quicker than with traditional process switching.  But the outgoing packet looks exactly the same, whether it was CEF-switched or process switched.

Your concern regarding VOIP packet reformation (which I do not understand at all) therefore doesn't revolve around the CEF-handling of the packets, but on how the packets will be routed.

2. CEF do per-destination load-balancing BY DEFAULT

CEF was built around the concept of flows (a series of packets between a set of processes on hosts), and forwarding decisions are made per-flow rather than per-packet.  So, if there are two equal-cost paths in the routing table, CEF will ensure that packets in the same flow will be switched in the same way.

The way flows are defined, is determined by the algorithm used.  Originally, only source-destination IP addresses were considered.  But this had a couple of drawbacks:
- If most of the traffic was between a small set of source & destination, one of the equal-cost paths would carry the bulk of the traffic, leaving much spare capacity on the other link.
- If you deployed CEF on consecutive layers, the next CEF device uses the same hash-algorithm, which would then switch all traffic it receives from the first switch out of one link, and not load-share between multiple links.

To overcome these drawbacks, the CEF algorithm was changed to add source and/or destination ports as input to the hash algorithm, or a switch identifier, to ensure that traffic are more evenly shared.  However, the principle of consistent flow switching is still maintained.

You can read more about this on the Usage Guidelines of the "ip cef load-sharing algorithm"-command, available on the Cisco Command Lookup Tool (for registered users only...).
I assume that the per-flow switching characteristics of CEF should alleviate your fears regarding the compatibility issues of VOIP with round-robin forwarding - Not being a VOIP expert, I don't have any practical knowledge to assist in this regard.  However, if you need all VOIP packets to only go one route, you can always set up PBR to ensure that it happens.

Author Closing Comment

ID: 40359264
Thank you for all of your help

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of the companies I’ve worked with have embraced cloud solutions due to their desire to “get out of the datacenter business.” The ability to achieve better security and availability, and the speed with which they are able to deploy, is far grea…
When speed and performance are vital to revenue, companies must have complete confidence in their cloud environment.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question