[c-nsp] Clearing CEF entry (routing loop)

Ihsan Junaidi Ibrahim ihsan at synthexp.net
Thu Oct 27 12:55:21 EDT 2005 

On Fri, 28 Oct 2005 00:25:31 +0800, Paul McDonnell <el.seed at gmail.com>  
wrote:

> Ihsan, if I understand correctly, R2 and R3 are internet facing and they
> know of each other via R1 (your core device). You mentioned that the  
> routing
> table on R2 showed the prefix (presumably as a result of a 'show ip  
> route')
> as known via the T1 interface to your provider and that this is at odds  
> with
> the CEF adjacency info, indicating an issue with the CEF table. You did  
> not
> include many details of your routing arch so I would first ask if it is  
> at
> all possible in your arch that R3 would be able to advertise a preferable
> route to R2 (via iBGP or such?) that gets trumped on R1 by a lower cost,  
> or
> locally significant route (R2-originated default, static?) that points  
> back
> to R2 causing the CEF entry on R2 to be in effect valid? I ask this as in
> most cases the suggestion provided by Oli should work. In certain  
> situations
> I have also seen 'clear interface X' resolve invalid CEF adjacencies (on
> frame-relay I think).
>
> Best Regards,
>
> -paul

This is my 'show cef detail' output for the affected prefix at R2:

GLSFB_ROC7_004#show ip cef 202.152.0.0
202.152.0.0/18, version 45448917, epoch 0, cached adjacency
157.130.246.125
0 packets, 0 bytes
    via 157.130.246.125, 0 dependencies, recursive
      next hop 157.130.246.125, GigabitEthernet0/1 via 157.130.246.125/32
      valid cached adjacency
GLSFB_ROC7_004#show ip cef 202.152.54.66
202.152.0.0/18, version 26346694, epoch 0, cached adjacency to POS1/0
0 packets, 0 bytes
    via 203.127.119.241, 0 dependencies, recursive
      next hop 203.121.16.50, POS1/0 via 203.127.119.241/32
      valid cached adjacency

The routing table is correct, only the CEF entry is misplaced. I don't  
really how many prefixes are being affected by this if I were to reroute  
certain prefixes but thus far this is the only entry. I'm pretty sure  
there are more.

As you can see, for the same prefix, I have 2 conflicting entries. 'show  
cef detail' at R1 correctly points to T1. The IP 157.130.246.125 refers to  
T1 and 203.127.119.241, to T2. As another poster (oboehmer) suggested in a  
private conversation, one of my recourse is to 'clear ip cef epoch',  
failing that, is to reset CEF. For the mean time, I've routed the  
particular prefix via T2. I would have preferred to route it via T1 though.

-- 
Thank you for your time,
Ihsan Junaidi Ibrahim

More information about the cisco-nsp mailing list