Before discussing CEF one needs to be familiar with how a router actually routes a packet, these are the steps summarized:
1. Packet is received, Frame Check Sequence (FCS) is checked, if passed it moves to step 2.
2. The eth type field is is checked to indicate what the inner packet is, if 0x0800 (IPv4) then the router throws away the data link layer info and continues to step 3.
3. The IPv4 header checksum is checked (IPv6 does not have a header checksum).
4. Check whether packet is destined to self (MGMT or control plane) or if needs to be forwarded
5. If routed, the packet has its TTL checked (greater than 1, if not TTL time exceeded is sent to source)
6. Router checks routing table and finds best route/ next hop router
7. Router finds L2 resolution of next hop (ARP)
8. Router updates TTL and IPv4 header checksum of packet
9. Router Encapsulates the packet with L2 and sends it.
Checking the routing table to find the next hop and L2 resolution for the next hop are the most costly actions for the router when it’s forwarding packets.
The above is what happens when a router is process switching, meaning there are no enhancements , hardware or software accelerations.
Cisco has created two optimization methods called fast switching and Cisco Express Forwarding (CEF) to speed up the process.
Fast switching works by caching results to a destination. The first packet to a particular destination is process switches, then those results are stored in the fast / route cache.
Any subsequent packets to the same destination use the cache for forwarding info and L2 headers rather than process switching the packets. This greatly sped up the process.
Fast switching however good it may have sounded, was not perfect. It held cache information per destination IP rather than per prefix. This was an issue because caches became too big, thus needed to expire often. It really wasn’t efficient. Also, a huge influx of packets to a new destination could easily cripple the CPU because it had to process switch all of the packets first. Also, we could only load balance per destination, so we had polarization on traffic.
As of IOS version 12.2, process switching has been removed, in favor of completely using CEF.
CEF can be implemented in two ways, software or hardware (using tcam).
Most Cisco routers like 29xx or 4xxx have CEF in software, and they use the system memory. Whereas higher end switches/routers are able to utilize TCAM for faster ASIC lookups.
CEF should be on by default, but can be activated via global config:
Router(config)#ip cef
Router(config)#ipv6 unicast-routing
Router(config)#ipv6 cef
Note IPV6 CEF requires IPv4 CEF
To disable CEF per interface use the following command:
no ip route-cache cef
Routing and Switching 5.0, Volume 1, 5th edition
Pages 271 – 285
Cisco Nexus FIB information/CEF
https://www.trueneutral.eu/2014/nexus-fib.html