[c-nsp] Get Cisco CEF hash function
Saku Ytti
saku at ytti.fi
Wed Dec 17 11:08:57 EST 2014
On (2014-12-17 10:25 +0100), Xavier Nicollet wrote:
Hey,
> I know I could use
> show ip cef [VIP/32] detail
> show ip cef [VIP/32] internal
> or
> show mls cef exact-route [IPSRC] [VIP]
>
> However, I guess it would be easier to have exact internal hashing
> algorithm.
> Or is there another way to monitor each real server with such configuration
You probably want to have unicast address as well as anycast address and NMS
the unicast address.
I don't think the hash algorithm is publically documented, as vendor probably
does not want customers to rely on it not changing.
I like this configuration, but there is one catch to it, it tends to make
PMTUD issues more pronounced, as there are no guarantees that the ICMP message
generated by transit router will reach correct server, so it might cause
blackholing.
There are two cures for this, use smaller MTU on servers, which is
statistically unlikely to be too large for relevant portion of hosts. Second,
prettier solution is to ask vendor to do ECMP hash for the embedded IP packet
in ICMP message, instead of the top headers.
--
++ytti
More information about the cisco-nsp
mailing list