CEF is enabled by default on any modern Cisco switch that supports its feature.
In contrast to Fast Switching/Route Caching, where the first packet is analyzed by the route processor before caching, the CEF FIB and adjacency tables are pre-populated before any packets arrive.
- Packet flow on the router must be present, since the router’s arp cache is used to inform the adjacency table of the next hop mac address. If there is no arp cache entry, the adjacency table will be incomplete and the packet will be punted.
- Punting is a term used when a packet cannot be CEF-switched. This packet is sent to the route processor and switched by the next most optimal feature (fast switching). Types of punted traffic include:
- Use IP header options
- Expiring IP TTL counter
- Forwarded to a tunnel interface
- Arrive with unsupported encapsulation types
- Routed to an interface with unsupported encapsulation types
- Exceed the MTU of an output interface and must be fragmented
The routing information for CEF is cached in the FIB, or Forwarding Information Base. This contrasts the routing table, because the FIB is a hardware component within the data plane. Characteristics of the FIB include:
- Routing Prefixes are stored in TCAM
- They are arranged from most specific to least specific prefix
- When TCAM space runs out, a wildcard entry redirects frames to the L3 engine
- TCAM updates completely, and only once, following a routing change
The L2 header rewrite information is cached in the Adjacency Table. It is derived from the ARP table. When a packet arrives, there is no intense re-assembly required; the header information is already present, which expedites transmission of the packet on the wire.
Stuck-in-Active: Journal of an IT-Network Administrator 