All Cisco-Network Study Notes: Configuring the MLS-SE

Configuring the MLS-SE

This area deals with capacity complex in agreement of the switching agent or MLS-SE.

Topics covered accommodate enabling MLS, MLS caching, acceptance MLS, alien router support,

and about-face admittance lists.

MLS is enabled by absence on Catalyst alternation switches that abutment Layer 3 switching—in other

words, if an RSM is on the switch. There are, however, a brace of cases area configuring the

switch is necessary. The aboriginal is obvious, back the MLS-RP happens to be an alien router.

Because an alien router is not an basic allotment of the switch, no ability of Layer 3

switching exists. The added case is back the crumbling time of MLS accumulation entries is altered than

the default, hence, acute some agreement to change this parameter.

In the accident that a about-face has been disabled for Layer 3 switching, admission the afterward command

in advantage EXEC approach on the about-face to re-enable it:

Switch(enable)#set mls enable

The alive agreement in Archetype 8-9 shows the admission that shows the MLS-SE is

configured to abutment MLS.

Enter the set mls attenuate command to attenuate MLS on the MLS-SE. This command stops the

MLS-SE from processing the MLSP letters from the MLS-RP and purges all absolute MLS

cache entries in the switch.

MLS Caching

Because the MLS accumulation has a admeasurement limitation, MLS entries will be deleted from the accumulation if

certain altitude are met. This deletion, or aging, action takes into aftereffect for the following

reasons:

• Candidate entries abide in the accumulation for bristles abnormal with no enabled admission afore timing

out.

• An MLS admission is deleted from the accumulation if a breeze for that admission has not been detected for

the authentic crumbling time. The absence crumbling time is 256 seconds.

• Added events, such as applying admission lists, acquisition changes, or disabling MLS on the

switch, can account MLS entries to be purged.

Example 8-9 Determining if the MLS-SE Is Configured to Abutment MLS

Switch(enable)#show config

(Text Deleted)

#mls

set mls enable

286 Affiliate 8: Multilayer Switching

The bulk of time an MLS admission charcoal in the accumulation is user modifiable. To adapt the bulk of

the crumbling time, admission the afterward command in advantaged EXEC mode:

Switch(enable)#set mls agingtime agingtime

where agingtime is the bulk of time an admission charcoal in the accumulation afore the admission is deleted.

The ambit of the crumbling time bulk is from 8 to 2032 seconds. The absence bulk is 256 seconds.

The alive agreement in Archetype 8-10 states that entries in which no packets accept been

detected for a aeon of six account will be deleted from the cache.

The ethics for agingtime are entered in eight-second increments. Any agingtime bulk that is

not a assorted of eight abnormal is adapted to the abutting one.

Some MLS flows are desultory or short-lived. An archetype of a desultory or brief flow

would be packets that are beatific to or accustomed from a Area Name System (DNS) or Trivial

File Transfer Agreement (TFTP) server. Because the affiliation may be bankrupt afterwards one request

and one acknowledgment cycle, that MLS admission in the accumulation is acclimated alone once. However, that MLS entry

still consumes admired accumulation amplitude until the admission is age-old out. Detecting and crumbling out these

entries bound can save MLS admission amplitude for absolute abstracts traffic.

To break the botheration of brief entries in the cache, a altered blazon of crumbling mechanism,

called fast aging, is available. This blazon of crumbling states that if the MLS-SE does not ascertain a

specified cardinal of packets in a assertive time period, again that admission is removed from the cache.

To configure the fast crumbling option, admission the afterward command in advantage EXEC mode:

Switch(enable)# set mls agingtime fast fastagingtime pkt_threshold

where fastagingtime indicates the bulk of time an admission charcoal in the accumulation afore the entry

is deleted. Allowable agreement ethics are 32, 64, 96, or 128 seconds. The absence is 0

seconds.

The pkt_threshold altercation indicates the cardinal of packets that charge be detected aural the

specified bulk of time. Allowable agreement ethics are 0, 1, 3, 7, 15, 31 or 63 packets.

The absence is 0 packets.

In the agreement in Archetype 8-11, we accept configured a fastagingtime of 96 and a

pkt_threshold of 15. So for this example, any accumulation entries in which no added than 15 packets

have been detected for a aeon of 96 abnormal will be deleted from the cache.

Example 8-10 Configuring Accumulation Aging

Switch(enable)show config

(Text Deleted)

#mls

set mls enable

set mls agingtime 272

Configuring the MLS-SE 287

Verifying MLS Configurations

To affectation advice about MLS on a MLS-SE, admission the afterward command in privileged

EXEC mode:

Switch (enable) appearance mls

The afterward advice is displayed as aftereffect of alive the aloft command (see Example

8-12):

• Cachet of MLS.

• Crumbling time, in seconds, for an MLS accumulation entry.

• Fast crumbling time, in seconds, and the packet alpha for a flow.

• Breeze mask.

• Total packets switched.

• Cardinal of alive MLS entries in the cache.

• Whether Netflow abstracts consign is enabled and, if so, for which anchorage and host.

• MLS-RP IP address, MAC address, XTAG, and accurate VLANs.

Example 8-11 Determining Entries to Be Deleted from the Cache

Switch (enable)show config

(Text Deleted)

#mls

set mls enable

set mls agingtime 272

set mls agingtime fast 96 15

Example 8-12 Displaying Advice about MLS on an MLS-SE

Switch (enable) appearance mls

Multilayer switching enabled

Multilayer switching crumbling time = 110 seconds

Multilayer switching fast crumbling time = 64 seconds, packet alpha = 7

Full flow

Total packets switched = 87128

Active shortcuts = 1298

Netflow Abstracts Consign disabled

Netflow Abstracts Consign port/host is not configured.

Total packets exported = 0

MLS-RP IP MLS-RP ID XTAG MLS-RP MAC-Vlans

--------- ----------- ---- ------------------------

192.168.1.127 0010f6fe12a3 28 00-10-f6-fe-12-a3 1,21-22

288 Affiliate 8: Multilayer Switching

If you appetite to affectation advice about a specific MLS-RP, admission the appearance mls rp command

and baptize the IP abode of the ambition MLS-RP.

where you assassinate the command does accomplish a difference. You can assassinate this command on

both the MLS-SE and the MLS-RP. In this case, we are talking about the MLS-SE

External Router Support

If the about-face supports an evidently absorbed MLS-RP, the about-face charge be manually configured

to admit that MLS-RP. To manually accommodate an alien MLS-RP, admission the following

command in advantage EXEC approach on the switch:

Switch (enable) set mls accommodate ip-addr

where ip-addr is the MLS IP abode of the alien router. To actuate the IP abode of the

MLS-RP, admission the appearance mls rp command on the MLS-RP.

Perform this command alone for alien routers. The MLS-SE automatically includes the IP

address of co-resident RSMs in the about-face admittance list. Back the RSM is physically removed

from the about-face anatomy or MLS is disabled on an RSM, the RSM IP abode is removed from

the admittance list. The auto-included RSM cannot be austere application the bright mls include

command. Figure 8-6 demonstrates implementing the set mls accommodate command to support

MLS for alien routers.

Figure 8-6 Including Alien Routers

The alive agreement in Archetype 8-13 states that an alien MLS-RP with the IP address

of 172.16.41.168 has been added to the MLS accommodate list.

To abolish the MLS-RP from the about-face admittance list, admission the bright mls accommodate command.

A distinct MLS-RP can be removed by entering the IP abode of a specific MLS-RP. All

externally affiliated MLS-RPs can be removed from the about-face admittance account by entering the

clear mls accommodate all command.

Switch (enable) set mls accommodate 192.168.17.2

Multilayer switching enabled for router 192.168.17.2

Interface FastEthernet 0

192.168.17.2

Port 4/2

192.168.17.1

Configuring the MLS-SE 289

Switch Admittance Lists

To affectation the capacity of the about-face admittance account to actuate which MLS-RPs are

participating in MLS with the MLS-SE, admission the afterward command in advantage EXEC mode:

Switch (enable) appearance mls include

The consistent affectation allotment the IP addresses of all MLS-RPs that are accommodating in MLS

with the MLS-SE.

If the IP abode of an MLS-RP does not arise in the about-face admittance list, the MLS-SE will

not accomplish Layer 3 switching for the MLS-RP. If the MLS-SE is declared to be performing

Layer 3 switching for a specific router and its IP abode is not listed in the admittance list, check

the following:

• Is the router for which you manually entered the MLS IP abode external?

• If the router is an RSM, is there an RSM citizen and is it functional?

• Is MLS globally enabled on the MLS-RP?

Displaying MLS Accumulation Entries

To affectation the MLS accumulation entries, admission the afterward command in advantage EXEC mode:

Switch (enable) appearance mls entry.

This command ability be acclimated as a troubleshooting apparatus or aloof to analysis the cachet of a particular

flow that you’re absorbed in.

This command can be added authentic to appearance MLS accumulation entries for the ambit authentic in

Table 8-2.

To abolish entries from the MLS cache, admission the bright mls admission command in advantage EXEC

mode. Table 8-3 lists how to abolish MLS accumulation entries based on accustomed criteria.

Example 8-13 Including Alien Routers in Multilayer Switching

Switch (enable)show config

(Text Deleted)

#mls

set mls enable

set mls agingtime 256

set mls agingtime fast 0 0

set mls accommodate 172.16.41.168

290 Affiliate 8: Multilayer Switching

Refer to the “Configuring Multilayer Switching” area of the Catalyst Alternation Switch

Configuration Guide (4.3), accessible online at www.cisco.com/univercd/cc/td/doc/product/lan/

cat5000/rel_4_3/config/mls.htm#41001 for capacity on how to architecture this command for anniversary of

the aloft instances.

Table 8-2 Displaying Specific MLS Accumulation Entries

MLS Accumulation Admission Based On Command to Use

Specific destination IP abode appearance mls admission destination ip-address

Specific antecedent IP abode appearance mls admission antecedent ip-address

Specific MLS_RP ID appearance mls admission rp ip-address

Specific IP breeze appearance mls admission breeze agreement source-port destination-port

Table 8-3 Removing MLS Accumulation Entries

Remove MLS Accumulation Entry

Based On Command to Use

Specific antecedent IP abode bright mls admission antecedent ip-address

Specific destination IP abode bright mls admission destination ip-address

Specific breeze bright mls admission breeze agreement src-port dst-port

Foundation Arbitrary 291

Foundation Summary

The Foundation Arbitrary is a accumulating of tables and abstracts that accommodate a acceptable review

of abounding key concepts in this chapter. For those of you already adequate with the capacity in

this chapter, this arbitrary could advice you anamnesis a few details. For those of you who aloof read

this chapter, this analysis should advice coalesce some key facts. For any of you accomplishing your final

prep afore the exam, these tables and abstracts will hopefully be a acceptable way to analysis the

day afore the exam.

Table 8-4 Apparatus of Multilayer Switching

Component Description

Multilayer Switching About-face Engine

(MLS-SE)

The MLS-SE is a NetFlow Affection Agenda residing on a

Supervisor Agent III agenda in a Catalyst switch. It can also

be a Supervisor I and the PFC on the 6000 series.

Multilayer Switching Avenue Processor

(MLS-RP)

An RSM, RSFC, MSFC or an evidently affiliated Cisco

7500, 7200, 4500, 4700, or 8500 alternation router with

software that supports multilayer switching.

Multilayer Switching Agreement (MLSP) This agreement operates amid the MLS-SE and MLS-RP

to accredit multilayer switching.

Table 8-5 MLS Router Commands

Command Description

access-list access-list-number Creates an admission list.

ip access-group access-list-number Assigns an admission account to an interface.

mls rp input-acl Supports the conception of MLS breeze entries from interfaces

with ascribe ACLs.

mls rp ip Enables multilayer switching on an MLS-RP and on a

specific interface.

mls rp management-interface Establishes a administration interface through which MLSP

messages are sent.

mls rp vtp-domain vtp-domain-name Assigns an interface to a VTP domain.

show mls rp Displays the MLS agreement on the MLS-RP.

show run Displays the accepted agreement on the router.

292 Affiliate 8: Multilayer Switching

Table 8-6 MLS About-face Commands

Command Description

set mls agingtime abnormal Alters the time in which MLS entries are maintained in

the MLS cache.

set mls accredit Enables multilayer switching on the MLS-SE.

show mls Displays the MLS agreement on the MLS-SE.

show mls accommodate Displays the about-face MLS-RP admittance list.

show mls admission Displays the MLS cache.

show mls rp Displays the MLS agreement on the MLS-RP.

Q&A 293

Q&A

The questions and scenarios in this book are added difficult than what you should acquaintance on

the absolute exam. The questions do not attack to awning added across or abyss than the exam;

however, they are advised to accomplish abiding that you apperceive the answer. Rather than acceptance you

to acquire the acknowledgment from clues hidden central the catechism itself, the questions claiming your

understanding and anamnesis of the subject. Questions from the “Do I Apperceive This Already?” quiz

from the alpha of the affiliate are again actuality to ensure that you accept baffled the

chapter’s affair areas. Hopefully, these questions will advice absolute the cardinal of assay questions

on which you attenuated your choices to two options and again guess. If you get an acknowledgment wrong,

review the adapted area of this affiliate to accomplish abiding you accept the acumen for your

mistake.

The answers to these questions can be begin in Appendix A, on folio 477.

1 What accessories are the base for Layer 3 switching as it relates in a Cisco environment?

_______________________________________________________________________

2 What accessory is the analogue of a Multilayer About-face Agent (MLS-SE)?

_______________________________________________________________________

3 What accessories can be acclimated as a Multilayer About-face Avenue Processor (MLS-RP)?

_______________________________________________________________________

4 What is the command for enabling MLS on an RP?

_______________________________________________________________________

5 What two things are appropriate to accomplish an interface on an RP MLS-enabled?

_______________________________________________________________________

294 Affiliate 8: Multilayer Switching

6 What command is acclimated to verify the MLS agreement for an MLS-RP ?

______________________________________________________________________

7 What are the three types of breeze masks modes accurate on a MLS-SE?

______________________________________________________________________

8 What is the command to add an ascribe admission account to a MLS flow?

______________________________________________________________________

9 Back application an alien RP to a switch, is this configured automatically or manually?

______________________________________________________________________

10 What is the command to accredit Multilayer Switching for a Catalyst switch?

______________________________________________________________________

11 Assuming that MLS is running, what aftereffect does the command bright ip avenue do on an

MLS-RP?

______________________________________________________________________

12 What three apparatus are appropriate in a Cisco accomplishing of MLS?

______________________________________________________________________

Q&A 295

13 Define a Destination-IP breeze mask.

_______________________________________________________________________

14 What is the command to affectation MLS entries in the cache?

_______________________________________________________________________

296 Affiliate 8: Multilayer Switching

Scenarios

Scenario 8-1

Refer to Figure 8-7, which depicts a simple router and about-face bureaucracy for this scenario.

Figure 8-7 Book 8-1 Network Setup

We’ve absitively that we charge to abutment MLS on these two accessories due to achievement issues.

1 What commands would be all-important to apparatus MLS on these two devices?

2 Assume we are activity to use the Interface VLAN12 on the RP. Also, the area is called

SJC-1. Configure accordingly.

3 Interface VLAN12 is additionally the administration interface. Actuate this feature.

4 We charge to actuate an ascribe admission account for VLAN12. Configure this accordingly.

5 On the MLS-SE, we appetite the MLS accumulation to abeyance afterwards 224 seconds. Configure this on

the switch.

6 The RP pictured is to be included and has an IP abode of 172.16.48.113. Configure

accordingly.

7 Blazon the command to affectation included RPs.

MLS-SE MLS-RP

Scenario 8-2 297

Scenario 8-2

Refer to the achievement in Archetype 8-14 and 8-15 from appearance commands on a Catalyst about-face acting

as an MLS-SE, and again acknowledgment the questions that follow.

1 Use the achievement from Archetype 8-14 and 8-15 to accomplish a agreement of the about-face as

it relates to MLS.

2 How abounding VLANs are complex in MLS? What are they?

3 What is the XTAG for the MLS-RP?

4 Is the MLS-RP an RSM or an alien absorbed router?

5 What blazon of breeze is actuality acclimated here?

Example 8-14 Book 8-2 appearance mls Command Output

Switch (enable) appearance mls

Multilayer switching enabled

Multilayer switching crumbling time = 192 seconds

Multilayer switching fast crumbling time = 56 seconds, packet alpha = 12

Full flow

Total packets switched = 81391

Active shortcuts = 1115

Netflow Abstracts Consign disabled

Netflow Abstracts Consign port/host is not configured.

Total packets exported = 0

MLS-RP IP MLS-RP ID XTAG MLS-RP MAC-Vlans

--------- ----------- ---- ------------------------

172.16.30.15 0010f6ad4cb2 28 00-10-f6-ad-4c-b2 1,4-5

Example 8-15 Book 8-2 appearance mls accommodate Command Output

Switch (enable) appearance mls include

Included MLS-RP

----------------------

172.16.30.15

298 Affiliate 8: Multilayer Switching

Scenarios Answers

Scenario 8-1 Answers

1 To configure MLS on the RP, the command is mls rp ip while in all-around configuration

mode. On the SE, in accredit mode, the command is set mls enable.

2 Beneath the interface VLAN12, admission the command mls rp vtp-domain sjc-1.

3 Again, beneath the interface VLAN12, admission the command mls rp management-domain.

4 Also, beneath the interface VLAN12, admission the command mls rp ip input-acl.

5 On the switch, in accredit mode, admission the command set mls agingtime 224.

6 On the switch, in accredit mode, admission the command set mls accommodate 172.16.48.113.

7 In adjustment to affectation included RPs, admission the afterward command on the switch: appearance mls

include.

Router Agreement for Book 8-1

Switch Agreement for Book 8-1

Router#show run

Building configuration...

(Text Deleted)

mls rp ip

interface Vlan1

ip abode 172.16.1.1 255.255.255.0

interface Vlan12

ip abode 172.16.48.113 255.255.255.0

mls rp vtp-domain sjc-1

mls rp management-interface

mls rp ip input-acl

mls rp ip

Switch (enable)show config

(Text Deleted)

#mls

set mls enable

set mls agingtime 224

set mls agingtime fast 96 15

set mls accommodate 172.16.48.113

Scenario 8-2 Answers 299

Display for appearance mls accommodate Command (Question 7)

Scenario 8-2 Answers

1 Archetype 8-16 shows the actual agreement for Book 8-2.

2 There are three VLANs and they are VLAN 1, VLAN 4, and VLAN5.

3 The XTAG for the RP is 28.

4 Because there is an included router, this is the assurance that the RP is an alien router, rather

than an RSM.

5 This is a abounding flow.

Switch (enable) appearance mls include

Included MLS-RP

----------------------

172.16.48.113

Example 8-16 Book 8-2 Configuration

Switch (enable)show config

(Text Deleted)

#mls

set mls enable

set mls agingtime 192

set mls agingtime fast 56 12

set mls accommodate 172.16.30.15

This affiliate covers the afterward capacity that you will charge to adept for the CCNP

Switching Exam:

• HSRP Overview—This area outlines an overview of Hot Standby Router Protocol

(HSRP). Additionally declared are the issues and nuances of application HSRP in a switched

network application both acceptable routers and basic routers.

• HSRP Operations—This area deals with router alternation in an HSRP standby

group.

• Configuring HSRP—This sections deals with how to configure HSRP on the various

devices that accomplish up the about-face block and how to ensure accountability advanced design.