Hi, I would like understand the circumstances under which an operator may want to clear all (or a subset of) the routes programmed in the forwarding table (FIB). I believe the command to do this on Cisco is clear forwarding {ipv4 | ipv6} route {* | prefix} [vrf vrf-name] module {slot| all} I ask this since doing this would result in the router dropping all transit traffic till the routes get reprogrammed in the FIB. Why would somebody ever want to do this? One scenario that i can think of is when because of a bug a route does not get programmed in the FIB and the operator uses this command to install this once again the FIB. Thanks, Manav
On 2013-10-18, at 11:40, Manav Bhatia <manavbhatia@gmail.com> wrote:
I would like understand the circumstances under which an operator may want to clear all (or a subset of) the routes programmed in the forwarding table (FIB).
Because of bugs which have led to the FIB containing data that doesn't match the RIB, and which is causing customer enragement. They don't call it CEF for nothing.
I believe the command to do this on Cisco is
clear forwarding {ipv4 | ipv6} route {* | prefix} [vrf vrf-name] module {slot| all}
Cool. Back when I was chasing packets at 6461 the best we could do was router(config)# interface blah router(config-if)# shutdown router(config-if)# no shutdown
I ask this since doing this would result in the router dropping all transit traffic till the routes get reprogrammed in the FIB.
Seems likely!
Why would somebody ever want to do this?
Screaming customer on the phone. Joe
This is a hack that most vendors provide, just in case their code doesnt work as expected. Nobody in his sane mind will clear the FIB on a live router. This creates all sorts of problems. The router starts sending out ICMP errors (unreachables, etc), BFD times out, causing all hell to break lose within the domain. It might make some sense to do this on flow based routers where you clear the FIB so that newer flows can get established in case there are hash collisions or issues in flow caches. Even in that case its an issue as all live traffic starts hitting SW before the flow can get established. Customers, you can rest assured, will not appreciate you doing this. And its precisely for this that you never ever do this on a live router. On Friday, 18 October 2013, 21:31, Manav Bhatia <manavbhatia@gmail.com> wrote: Hi, I would like understand the circumstances under which an operator may want to clear all (or a subset of) the routes programmed in the forwarding table (FIB). I believe the command to do this on Cisco is clear forwarding {ipv4 | ipv6} route {* | prefix} [vrf vrf-name] module {slot| all} I ask this since doing this would result in the router dropping all transit traffic till the routes get reprogrammed in the FIB. Why would somebody ever want to do this? One scenario that i can think of is when because of a bug a route does not get programmed in the FIB and the operator uses this command to install this once again the FIB. Thanks, Manav
On Fri, Oct 18, 2013 at 10:32 AM, John Smith <jsmith4112003@yahoo.co.uk>wrote:
This is a hack that most vendors provide, just in case their code doesnt work as expected.
Nobody in his sane mind will clear the FIB on a live router. This creates all sorts of problems. The router starts sending out ICMP errors (unreachables, etc), BFD times out, causing all hell to break lose within the domain.
Oh, plenty of people on the list here have had to do exactly that on live routers. Not sure whether or not we would ever be accused of being of 'sane mind', but that kinda comes with the territory of trying to move large volumes of packets at high speeds around the planet. When one or two linecards in a chassis have a bad entry stuck in their copy of the forwarding table, and things are getting screwy, it's better to flush and relearn the FIB then continue black-holing traffic for a subset of the network. :/
It might make some sense to do this on flow based routers where you clear the FIB so that newer flows can get established in case there are hash collisions or issues in flow caches. Even in that case its an issue as all live traffic starts hitting SW before the flow can get established.
Customers, you can rest assured, will not appreciate you doing this. And its precisely for this that you never ever do this on a live router.
Unless of course the customer is being black-holed due to a bad FIB entry; in which case, the customer will most assuredly be more appreciative of you doing it, than of you *not* doing it. Matt
On Friday, 18 October 2013, 21:31, Manav Bhatia <manavbhatia@gmail.com> wrote: Hi,
I would like understand the circumstances under which an operator may want to clear all (or a subset of) the routes programmed in the forwarding table (FIB).
I believe the command to do this on Cisco is
clear forwarding {ipv4 | ipv6} route {* | prefix} [vrf vrf-name] module {slot| all}
I ask this since doing this would result in the router dropping all transit traffic till the routes get reprogrammed in the FIB.
Why would somebody ever want to do this? One scenario that i can think of is when because of a bug a route does not get programmed in the FIB and the operator uses this command to install this once again the FIB.
Thanks, Manav
I've had a route that remained in the RIB (and consequently the FIB) after a BGP session had been disabled or went down (all routes but one were removed correctly). I'm guessing similar bugs exist in other portions of the software, making manual clearing tools a bandaid for these hard to pin down bugs. --Blake Manav Bhatia wrote the following on 10/18/2013 10:40 AM:
Hi,
I would like understand the circumstances under which an operator may want to clear all (or a subset of) the routes programmed in the forwarding table (FIB).
I believe the command to do this on Cisco is
clear forwarding {ipv4 | ipv6} route {* | prefix} [vrf vrf-name] module {slot| all}
I ask this since doing this would result in the router dropping all transit traffic till the routes get reprogrammed in the FIB.
Why would somebody ever want to do this? One scenario that i can think of is when because of a bug a route does not get programmed in the FIB and the operator uses this command to install this once again the FIB.
Thanks, Manav
participants (5)
-
Blake Hudson -
Joe Abley -
John Smith -
Manav Bhatia -
Matthew Petach