Active forwarding

Active forwarding is an optimization for layer 3 unicast traffic flowing from the upstream (core) to the downstream (access) through the VSX peers (aggregate). Active forwarding prevents the bridged traffic from switching over the ISL. It also minimizes latency and the ISL bandwidth.

Active forwarding requirements

  • Active forwarding is enabled on a SVI facing core network on a VSX environment.

  • Active forwarding is supported on SVI only.

  • Active forwarding and active gateway are mutually exclusive features. You cannot enable both active forwarding and active gateway on the same SVI.

  • Although the CLI itself does not limit the number of active forwarding SVIs; the maximum number of configured active forwarding SVIs is 128.

  • Active forwarding is supported on more than one SVI per VRF.

  • Active forwarding cannot be configured when ICMP redirect is enabled.

Traffic flow scenario

Active forwarding mitigates the suboptimal path scenarios because of undeterministic layer 3 hashing and layer 2 hashing, as described in the following ECMP (equal-cost multi-path routing) scenario.

This scenario describes a situation when active forwarding is not used. In a VSX environment, a core network is connected to a VSX pair, forming an OSPF adjacency over a VSX LAG. The VSX LAG has ECMP routes to the access network. The core has ECMP routes to choose between either the VSX primary switch or the VSX secondary switch for traffic flowing from the core to the access network. Assume that ECMP picked the VSX primary switch. This traffic is now subjected to the hashing algorithm over the VSX LAG interface. Based on the chosen hashing algorithm, the layer 2 interface might route the traffic to the VSX secondary switch. The secondary VSX switch then bridges this traffic over the ISL to the primary VSX switch. The primary VSX switch in turn routes the traffic toward the access network, which causes extra overhead with ISL bandwidth and network latency.

If active forwarding was enabled in the previous scenario, the traffic destined for the access network would not be bridged over the ISL. The traffic would flow from north to south instead, resulting in less network latency. For more information about the benefits of active forwarding, along with a diagram, see Benefits of active forwarding and active gateway.

Sample Active forwarding configuration

Primary# configure terminal
Primary(config)# no ip icmp redirect
Primary(config)# interface vlan 1000
Primary(config-if-vlan)# vsx active-forwarding
Primary(config-if-vlan)# end