Configuring MLS

This section provides a sample MLS configuration. To check if MLS is enabled, type the show mls command on the switch, as shown in Example 6-2.

Example 6-2. MLS Output from the Switch

Switch3 (enable) show mls

Multilayer switching enabled

Multilayer switching aging time = 256 seconds

Multilayer switching fast aging time = 0 seconds, packet threshold = 0

Current flow mask is Destination flow

Configured flow mask is Destination flow

Total packets switched = 0

Active shortcuts = 0

Netflow Data Export disabled

Netflow Data Export port/host is not configured.

Total packets exported = 0


---------------- ------------ ---- ---------------------------------        0010f6b34800    2 00-10-f6-b3-48-00  2-3

Example 6-2 provides a wealth of information, such as the status of MLS, MLS aging timer, the type of flow configured, and so on. The NetFlow Data Export section of the output is optional. This feature is important for billing purposes. For instance, a department is charged by the volume of the traffic generated on the network. Another important field is the MLS-RP IP section. This IP address belongs to the router, which also has an XTAG value associated with it. This router is responsible for traffic created on VLAN 2 and VLAN 3. For each of these VLANs, the MLS-enabled switch will create a shortcut. Any other VLANs that are not configured for MLS will be fast switched by the router itself.

The commands in Example 6-3 enable MLS on the internal router (refer to Figure 6-1). As noted, MLS-RP IP must be globally turned on. The mls-rp management command needs to be enabled on one interface only. All interfaces must have mls rp ip and mls rp vtp-domain commands configured. The switch component should already have MLS enabled. If not, set mls enable will do the trick.

Example 6-3. Configuring MLS on the RSM

RSM(config)#mls rp ip

RSM(config)#int vlan2

RSM(config-if)#mls rp vtp-domain Cisco

RSM(config-if)#mls rp ip

RSM(config-if)#mls rp management-interface

RSM(config-if)#int vlan 3

RSM(config-if)#mls rp vtp-domain Cisco

RSM(config-if)#mls rp ip

MLS-5-ROUTERADD:Route Processor a Dded

The syslog message in Example 6-3 is generated when the switch finds the Route Processor (RP) through MLSP.

In Example 6-4, the MLS entry has been defined per destination, which is the default for the Catalyst switch. As noted in the output, the destination IP addresses are given with their associated VLAN and port numbers.

Example 6-4. MLS Entry on the Switch

Switch3 (enable) show mls entry

                Last Used         Last    Used

Destination IP  Source IP       Prot DstPrt SrcPrt Destination Mac   Vlan Port

--------------- --------------- ---- ------ ------ ----------------- ---- -----

MLS-RP         0    -      -      00-04-c0-d0-a8-54 2    7/3         0    -      -      00-02-fc-76-c4-38 3    7/2

The MLS entries were created because of Host1-generated pings toward Host2. Keep in mind the MLS is one direction only. When traffic returns, the switch must also create a shortcut for the return traffic. Again, the flow defined in Example 6-4 is based on destination only. If more granular MLS entries are required, full flow can be configured. Quite a bit more information is now available regarding the flow. There is a memory cost associated with enabling MLS full flow. Most networks leave the per-destination flow on.

Example 6-5 illustrates how to enable MLS full flow and then examine the MLS table. Configuring MLS full flow is more resource intensive because more information is gathered about the traffic flow, such as source IP address and port type.

Example 6-5. Configuring the Switch to Full Flow

Switch3 (enable) set mls flow full

Switch3 (enable) show mls entry

Destination IP  Source IP       Prot DstPrt SrcPrt Destination Mac   Vlan Port

--------------- --------------- ---- ------ ------ ----------------- ---- -----

MLS-RP        ICMP -      -      00-02-fc-76-c4-38 3    7/2        ICMP -      -      00-04-c0-d0-a8-54 2    7/3

The default timer for the MLS entry is 256 seconds. This can be changed by manipulating the aging timer. The aging timer is a multiple of 8. In Example 6-6, the aging time was set at 100, which is not a multiple of 8. The switch changed the 100 to 104 to make it a multiple of 8.

Example 6-6. Configuring Aging Time

Switch3 (enable) set mls agingtime 100

Switch3 (enable) show mls

Multilayer switching enabled

Multilayer switching aging time = 104 seconds

MLS also provides some statistics that can be useful when troubleshooting networks. For instance, the statistics parameters provide information on how much a protocol is generating traffic (see Example 6-7).

Example 6-7. Statistics for Protocols

Switch3 (enable) show mls statistics protocol

Protocol    TotalFlows  TotalPackets  TotalBytes

----------  ----------  ------------  --------------

Telnet      0                      0               0

FTP         0                      0               0

WWW         0                      0               0

SMTP        0                      0               0

X           0                      0               0

DNS         0                      0               0

Others      3                      9            1022

Total       3                      9            1022

Some of this data can also be extrapolated from the router using show mls rp.