IP address multi-layer switching example configuration

Multilayer Switching (MLS) is an Ethernet-based route exchange technology that provides a layer-3 Switch with an existing router. This article includes IP-only MLS; ipx mls and multicast MLS are out of the scope of this article.

A traditional router typically performs two main functions: rewrites the Media Access Control (MAC) address based on the route table and information packet exchange route processing computing, and checks and TTL) ). The main difference between a vro and a layer-3 vswitch is that the information packet exchange is completed by a microprocessor-based engine in the vro, and the layer-3 vswitch is composed of a specific application integrated circuit (ASIC) finished in hardware.

MLS requires three different components:

• MLS-RP: multi-layer switching routing processor. It notifies the MLS-SE of the MLS configuration and uses the route protocol (RP) for route computing.

• MLS-SE: multi-layer switching engine. It is responsible for the information packet switching and rewriting functions in the custom ASIC, and can identify the third layer.

• MLSP: multi-layer switching Protocol: multicast protocol information transmitted by the MLS-RP notifies the MLS-RP MAC address of the MLS-SE used, route and access control list changes, and so on. The MLS-SE uses this information to program the custom ASIC.

Convention

SeeCisco technical reminder practices.

Network Diagram

The following example uses the Routing Switching Module (RSM) to display a IP-MLS sample configuration:

MLS running

In the example above, the PC-A wants to contact the PC-B. They use different VLANs, so data streams pass through RSM (the default gateway will be routed as a personal computer ). The first packet will be sent by the PC-A and routed to the PC-B by the RSM; shortcuts, PC-A --> PC-B, will be created and all subsequent information packages will be the third layer (Supervisor = NFFC) for MLS-SE switching ).

Note:When the PC-B is connected to the PC-A, the contact entry is unidirectional for shortcuts, And the other entry is created.

The following syntax displays PC communication, MLS shortcuts, and other MLS information.

PC-A #Ping 12.12.12.12
! -- Pinging PC-B
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 12.12.12, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4 MS

On the vswitch:
Switch-MLS-SE)Show mls entry
Destination IP Source IP Prot DstPrt SrcPrt Destination Mac Vlan Port
------------------------------------------------------------------------
MLS-RP 11.11.11.1:
11.11.11.11 12.12.12 ICMP--00-d0-58-43-9f-60 11 6/11
! -- As in the note above we have two shortcuts A-> B and B->
12.12.12 11.11.11.11 ICMP--00-00-0c-07-ac-01 12 6/12
Switch-MLS-SE)
Switch-MLS-SE)Show mls
Multilayer switching enabled
! -- By default, MLS is enabled on the switch
Multilayer switching aging time = 256 seconds
Multilayer switching fast aging time = 0 seconds, packet threshold = 0
Current flow mask is Destination flow
Configured flow mask is Destination flow
Total packets switched = 8
! -- Five echos and five replies were sent; the first echo and reply went
! -- Through the RSM and subsequent were Layer 3 switched, which gives us a total
! -- Eight Layer 3 switched packets and two shortcuts.
Active shortcuts = 2
Netflow Data Export disabled
Total packets exported = 0
MLS-RP IP MLS-RP id xtag MLS-RP MAC-Vlans
-----------------------------------------------------------------
11.11.11.1 00100b0000800 2 00-10-0b-10-88-00 11-12
Switch-MLS-SE)
Switch-MLS-SE)Show mls statistics rp
Total packets switched = 8
Active shortcuts = 2
Total packets exported = 0
Total switched
MLS-RP IP MLS-RP ID packets bytes
-------------------------------------------------
11.11.11.1 00100b0000800 8 944
Switch-MLS-SE)
RSM-MLS-RP #Sho mls rp
Multilayer switching is globally enabled
Mls id is 0010.0b10.8800
Mls ip address 11.11.11.1
! -- IPaddress of MLS-RP
Mls flow mask is destination-ip
Number of domains configured for mls 1
Vlan domain name: sales
Current flow mask: destination-ip
Current sequence number: 3150688457
Current/maximum retry count: 0/10
Current domain state: no-change
Current/next global purge: false/false
Current/next purge count: 0/0
Domain uptime: 1d00h
Keepalive timer expires in 8 seconds
Retry timer not running
Change timer not running
1 management interface (s) currently defined:
Vlan 11 on Vlan11
2 mac-vlan (s) configured for multi-layer switching:
Mac 0010.0b10.8800
Vlan id (s)
11 12
! -- VLANs, interfaces maid in MLS
Router currently aware of following 1 switch (es ):
Switch id 0050. d133.2bff
! -- MAC address of the MLS-SE

[Page]

Hardware and software requirements

The following figure shows the hardware and software you have selected when you implement this configuration:
Vswitch Engine
Catalytic 5000
Manage upstream SW 4.1 (1) or above.

The Catalyst 5000 family switch uses the Management Engine ii g or iii g or management engine III or iii f with the Netflow Feature Card (NFFC) or nffc ii.

If you run MLS over ATM media, the software version of The Catalyst 5000 family ATM module is 11.3 (8) wa4 (11) or later, or 12.0 (3c) W5 (10) or later.
Catalytic 6000

All MLS Catalyst 6000s support the use of multi-layer switch feature cards (MSFC ).

Routing Engine

RSM, RSFC, or external Cisco 7500,720 4500 3600, or series routers

Cisco IOS 12.0 (3c) W5 (8a) or later route switch function card (RSFC)

Cisco IOS 12.0 (2) or later Cisco 3600 series routers

Cisco IOS 11.3 (2) wa4 (4) or later Routing Switching Module (RSM), or Cisco 4700, 4500, and series routers

Cisco IOS version 12.0 (3c) W5 (8) or later MLS-RP if you run MLS over ATM Media
In this example, we use RSM as the MLS-RP. The software version is as follows:

IOS (tm) C5RSM Software (C5RSM-JSV-M), Version 11.3 (9) WA4 (12) RELEASE SOFTWARE
Copyright (c) 1986-1999 by cisco Systems, Inc.

The software version is as follows:
WS-C5509 Software, Version McpSW: 4.5 (2) NmpSW: 4.5 (2)
Copyright (c) 1995-1999 by Cisco Systems

Configuration
By default, MLS is enabled on the vswitch. If it is RSM, no MLS-RP IP address needs to be specified. However, to be an external router for the MLS-RP, we need to use this IP address to configure the switch by using the following command:
Set mls include <IP address of the external MLS-RP>

To configure a vro, follow these steps:

Enable the global configuration of the mls ip Address:

Router (config) # mls rp ip

Specifies a VTP domain in a MLS interface. The show vtp domain command provides the VTP domain name on the forwarder. Our example is "sales ":

Router (config-if) # mls rp vtp-domain sales

Enable MLS on the interface so that you can participate in the shortcut process:

Router (config-if) # mls rp ip

Specify a router interface as a management interface that allows communication using multicast protocol (MLSP) for MLS-SE and MLS-RP:

Router (config-if) # mls rp management-interface

Repeat all interfaces involved in MLS in step 2 and step 3.

Note: Step 1 is required only once in an interface for MLSP to allow communication: MLS-RP <-> MLS-SE.

The current MLS-RP configuration is as follows:

MLS-RP (RSM)
Current configuration: ! version 11.3 ! hostname RSM-MLS-RP ! ! mls rp ip ! ! interface Vlan11 ip address 11.11.11.1 255.255.255.0 mls rp vtp-domain sales mls rp management-interface mls rp ip ! interface Vlan12 ip address 12.12.12.1 255.255.255.0 mls rp vtp-domain sales mls rp ip ! ip classless ! ! ! line con 0 line aux 0 line vty 0 4 login ! end

MLS considerations

• For working MLS, The MLS-SE must find the information package to go to The MLS-RP and back from the same MLS-RP to the same MLS-SE.

• The MLS-SE never involves all routing protocols or routing calculations. All routing protocols (such as OSPF, VPN, IGRP, RIP, etc.) are used by the MLS-RP.

• The MLS-RP does not know that the MLS-SE forwards some packets that represent it.

• If the MLS-SE cannot set level 3 entries for any reason, send messages to the MLS-RP as a normal route and it does not drop information packets.

• The hot backup routing protocol (HSRP) and MLS can be used with each other without any problems.

Verification prompt

Once the MLS is configured, you can view the entries in the MLS cache (shortcut.

The MLS mechanism is relatively simple: The PC-A sends the initial information package; the router overwrites the second layer address and fills in the third layer field. Example:

The data information package is allowed to return and the shortcut is now complete. The subsequent information package will be the third layer of the stream to be exchanged. Example:

In short, we have the following processes for all layer-3 exchange information packages:

1. The candidate information package is sent to the vro.

2. The data packets allowed by the router.

3. Configure all the methods for obtaining the quick release and start layer-3 switching for this stream (A <-> B ).

The following figure shows an example:

Supported functions and structures

Access Control List

The input access list supports Cisco IOS 12.0 (2) and later versions with the IP address MLS. Before 12.0 (2), the input access list is not compatible with MLS. The output access list is always supported.

Ip accounting

Enable Ip accounting to disable the IP accounting function on the interface with Ip support for MLS.

Data Encryption

When the data encryption function is in the interface, configure ip mls to disable the interface.