Configuring MLS
This section provides a sample MLS configuration. To check if MLS is enabled, type the show mls command on the switch, as shown in Example 6-2.
Example 6-2. MLS Output from the Switch
Switch3 (enable) show mls
Multilayer switching enabled
Multilayer switching aging time = 256 seconds
Multilayer switching fast aging time = 0 seconds, packet threshold = 0
Current flow mask is Destination flow
Configured flow mask is Destination flow
Total packets switched = 0
Active shortcuts = 0
Netflow Data Export disabled
Netflow Data Export port/host is not configured.
Total packets exported = 0
MLS-RP IP MLS-RP ID XTAG MLS-RP MAC-Vlans
---------------- ------------ ---- ---------------------------------
10.1.2.10 0010f6b34800 2 00-10-f6-b3-48-00 2-3
Example 6-2 provides a wealth of information, such as the status of MLS, MLS aging timer, the type of flow configured, and so on. The NetFlow Data Export section of the output is optional. This feature is important for billing purposes. For instance, a department is charged by the volume of the traffic generated on the network. Another important field is the MLS-RP IP section. This IP address belongs to the router, which also has an XTAG value associated with it. This router is responsible for traffic created on VLAN 2 and VLAN 3. For each of these VLANs, the MLS-enabled switch will create a shortcut. Any other VLANs that are not configured for MLS will be fast switched by the router itself.
The commands in Example 6-3 enable MLS on the internal router (refer to Figure 6-1). As noted, MLS-RP IP must be globally turned on. The mls-rp management command needs to be enabled on one interface only. All interfaces must have mls rp ip and mls rp vtp-domain commands configured. The switch component should already have MLS enabled. If not, set mls enable will do the trick.
Example 6-3. Configuring MLS on the RSM
RSM(config)#mls rp ip RSM(config)#int vlan2 RSM(config-if)#mls rp vtp-domain Cisco RSM(config-if)#mls rp ip RSM(config-if)#mls rp management-interface RSM(config-if)#int vlan 3 RSM(config-if)#mls rp vtp-domain Cisco RSM(config-if)#mls rp ip MLS-5-ROUTERADD:Route Processor 10.1.2.10 a Dded
The syslog message in Example 6-3 is generated when the switch finds the Route Processor (RP) through MLSP.
In Example 6-4, the MLS entry has been defined per destination, which is the default for the Catalyst switch. As noted in the output, the destination IP addresses are given with their associated VLAN and port numbers.
Example 6-4. MLS Entry on the Switch
Switch3 (enable) show mls entry
Last Used Last Used
Destination IP Source IP Prot DstPrt SrcPrt Destination Mac Vlan Port
--------------- --------------- ---- ------ ------ ----------------- ---- -----
MLS-RP 10.1.2.10:
10.1.2.1 0.0.0.0 0 - - 00-04-c0-d0-a8-54 2 7/3
10.1.3.5 0.0.0.0 0 - - 00-02-fc-76-c4-38 3 7/2
The MLS entries were created because of Host1-generated pings toward Host2. Keep in mind the MLS is one direction only. When traffic returns, the switch must also create a shortcut for the return traffic. Again, the flow defined in Example 6-4 is based on destination only. If more granular MLS entries are required, full flow can be configured. Quite a bit more information is now available regarding the flow. There is a memory cost associated with enabling MLS full flow. Most networks leave the per-destination flow on.
Example 6-5 illustrates how to enable MLS full flow and then examine the MLS table. Configuring MLS full flow is more resource intensive because more information is gathered about the traffic flow, such as source IP address and port type.
Example 6-5. Configuring the Switch to Full Flow
Switch3 (enable) set mls flow full Switch3 (enable) show mls entry Destination IP Source IP Prot DstPrt SrcPrt Destination Mac Vlan Port --------------- --------------- ---- ------ ------ ----------------- ---- ----- MLS-RP 10.1.2.10: 10.1.3.5 10.1.2.1 ICMP - - 00-02-fc-76-c4-38 3 7/2 10.1.2.1 10.1.3.5 ICMP - - 00-04-c0-d0-a8-54 2 7/3
The default timer for the MLS entry is 256 seconds. This can be changed by manipulating the aging timer. The aging timer is a multiple of 8. In Example 6-6, the aging time was set at 100, which is not a multiple of 8. The switch changed the 100 to 104 to make it a multiple of 8.
Example 6-6. Configuring Aging Time
Switch3 (enable) set mls agingtime 100 Switch3 (enable) show mls Multilayer switching enabled Multilayer switching aging time = 104 seconds
MLS also provides some statistics that can be useful when troubleshooting networks. For instance, the statistics parameters provide information on how much a protocol is generating traffic (see Example 6-7).
Example 6-7. Statistics for Protocols
Switch3 (enable) show mls statistics protocol
Protocol TotalFlows TotalPackets TotalBytes
---------- ---------- ------------ --------------
Telnet 0 0 0
FTP 0 0 0
WWW 0 0 0
SMTP 0 0 0
X 0 0 0
DNS 0 0 0
Others 3 9 1022
Total 3 9 1022
Some of this data can also be extrapolated from the router using show mls rp.
