Configuring Multilayer Switching

Configuring and Monitoring MLS

Configuring MLS on a Router

Monitoring MLS

Monitoring MLS for an Interface

Monitoring MLS Interfaces for VTP Domains

Configuring NetFlow Data Export

Specify a NetFlow Data Export Address on the Router

Multilayer Switching Configuration Examples

Router Configuration without Access Lists

Router Configuration with Standard Access List

Router Configuration with Extended Access List

Configuring Multilayer Switching

This chapter describes how to configure your network to perform Multilayer Switching (MLS) For a complete description of the Multilayer Switching commands see the chapter "Multilayer Switching Commands" in the Cisco IOS Switching Services Command Reference. For documentation of other commands that appear in this chapter, you can use the command reference master index or search online.

Note The information in this document, Cisco IOS Switching Services Configuration Guide, is a brief summary of the information contained in the Catalyst 5000 Series Multilayer Switching User Guide. The commands and configurations described in this guide apply only to the devices that provide routing services. Commands and configurations for Catalyst 5000 series switches are not documented here

Configuring and Monitoring MLS

Perform the tasks in this section to configure your Cisco router for MLS. To ensure a successful MLS configuration, you must also configure the Catalyst Switches in your network. For a full description, see the Catalyst 5000 Series Multilayer Switching User Guide. Only configuration tasks and commands for routers are described in this chapter.

The following task is required:

Configuring MLS on a Router

The following tasks are optional:

Configuring MLS on a Router

Perform the steps in this section to configure your router(s) for MLS. Depending upon your configuration, you might not have to perform all the steps in the procedure. Use the following commands to configure MLS on your router:

Step Command Purpose

1 .

mls rp ip

Globally enable MLSP. MLSP is the protocol that runs between the MLS-SE and the MLS-RP.

Use steps 2 through 5 for each interface that will support MLS.

2 .

interface type number

Select a router interface

3 .

mls rp vtp-domain [domain-name]

Select the router interface to be Layer 3 switched and then add that interface to the same VLAN Trunking Protocol (VTP) domain as the switch. This interface is referred to as the MLS interface. This command is required only if the Catalyst switch is in a VTP domain.

4 .

mls rp vlan-id [vlan-id-num]

Assign a VLAN ID to the MLS interface. MLS requires that each interface has a
VLAN ID. This step is not required for RSM VLAN interfaces or ISL-encapsulated interfaces.

5 .

mls rp ip

Enable each MLS interface.

6 .

mls rp management-interface

Select one MLS interface as a management interface. MLSP packets are sent and received through this interface. This can be any MLS interface connected to the switch.

Note The interface-specific commands in this section apply only to Ethernet, Fast Ethernet, VLAN, and Fast Etherchannel interfaces on the Catalyst RSM/Versatile Interface Processor 2 (VIP2) or directly attached external router.

Use the following command to globally disable MLS on the router:

Command Purpose

no mls rp ip

Disable MLS on the router.

Command	Purpose
no mls rp ip	Disable MLS on the router.

Monitoring MLS

Use the show mls rp command to display MLS details including specifics for MLSP. Displays include:

MLS status (enabled or disabled) for switch interfaces and subinterfaces
Flow mask used by this MLS-enabled switch when creating Layer 3-switching entries for the router
Current settings of the keepalive timer, retry timer, and retry count
MLSP-ID used in MLSP messages
List of interfaces in all VTP domains that are enabled for MLS

Command Purpose

show mls rp

Show MLS details for all interfaces.

Command	Purpose
show mls rp	Show MLS details for all interfaces.

After entering this command, you see this display:

router# show mls rp

multilayer switching is globally enabled
mls id is 00e0.fefc.6000
mls ip address 10.20.26.64
mls flow mask is ip-flow
 
vlan domain name: WBU
   current flow mask: ip-flow
   current sequence number: 80709115
   current/maximum retry count: 0/10
   current domain state: no-change
   current/next global purge: false/false
   current/next purge count: 0/0
   domain uptime: 13:03:19
   keepalive timer expires in 9 seconds
   retry timer not running
   change timer not running
   fcp subblock count = 7
 
   1 management interface(s) currently defined:
      vlan 1 on Vlan1
 
   7 mac-vlan(s) configured for multi-layer switching:
 
      mac 00e0.fefc.6000
         vlan id(s)
         1    10   91   92   93   95   100
 
   router currently aware of following 1 switch(es):
      switch id 0010.1192.b5ff
 
router#

Monitoring MLS for an Interface

Use the following command to show MLS information for a specific interface:

Command Purpose

show mls rp [interface]

Show MLS details for a specific interface.

Command	Purpose
show mls rp [interface]	Show MLS details for a specific interface.

After entering this command, you see this display:

router# show mls rp int vlan 10

mls active on Vlan10, domain WBU
router#

Monitoring MLS Interfaces for VTP Domains

 


Command
Purpose

 show mls rp vtp-domain [domain-name]
 Show MLS interfaces for a specific VTP domain.

Command	Purpose
show mls rp vtp-domain [domain-name]	Show MLS interfaces for a specific VTP domain.

After entering this command, you see this display:

router# show mls rp vtp-domain WBU

vlan domain name: WBU
   current flow mask: ip-flow
   current sequence number: 80709115
   current/maximum retry count: 0/10
   current domain state: no-change
   current/next global purge: false/false
   current/next purge count: 0/0
   domain uptime: 13:07:36
   keepalive timer expires in 8 seconds
   retry timer not running
   change timer not running
   fcp subblock count = 7
 
   1 management interface(s) currently defined:
      vlan 1 on Vlan1
 
   7 mac-vlan(s) configured for multi-layer switching:
 
      mac 00e0.fefc.6000
         vlan id(s)
         1    10   91   92   93   95   100
 
   router currently aware of following 1 switch(es):
      switch id 0010.1192.b5ff
 
router#

Configuring NetFlow Data Export

Note You need to enable NDE only if you are going to export MLS cache entries to a data collection application.

Perform the task in this section to configure your Cisco router for NDE. To ensure a successful NDE configuration, you must also configure the Catalyst Switch. For a full description, see the Catalyst 5000 Series Multilayer Switching User Guide. Only configuration tasks and commands for routers are described in this chapter.

Perform the following tasks to configure NetFlow Data Export on your network. The first task is for the router, the remaining tasks are for the switch:

Specify a NetFlow Data Export Address on the Router
Specify a NetFlow Data Export Collector
Enable NetFlow Data Export on the Switch
Specify a Filter for NDE Flow from the Switch

Specify a NetFlow Data Export Address on the Router

Use the following command to specify a NewFlow Data Export address on the router:

Command Purpose

mls rp nde-address ip-address

Specify an NDE IP address for the router doing the Layer 3 switching. The router and the Catalyst 5000 series switch use the NDE IP address when sending MLS statistics to a data collection application.

Command	Purpose
mls rp nde-address ip-address	Specify an NDE IP address for the router doing the Layer 3 switching. The router and the Catalyst 5000 series switch use the NDE IP address when sending MLS statistics to a data collection application.

Multilayer Switching Configuration Examp les

In these examples, VLAN interfaces 1 and 3 are in VTP domain Engineering. The management interface is configured on the VLAN 1 interface. Only information relevant to MLS is shown in the following configurations:

Router Configuration without Access Lists

This sample configuration shows a router configured without access lists on any of the VLAN interfaces. The flow mask is configured to be destination-ip.

router# more system:running-config

Building configuration...
 
Current configuration:
.
.
.
mls rp ip
interface Vlan1
 ip address 172.20.26.56 255.255.255.0
  mls rp vtp-domain Engineering
 mls rp management-interface
 mls rp ip
interface Vlan2
 ip address 128.6.2.73 255.255.255.0
interface Vlan3
 ip address 128.6.3.73 255.255.255.0
  mls rp vtp-domain Engineering
 mls rp ip
 .
  .
  end
router#
router# show mls rp

multilayer switching is globally enabled
mls id is 0006.7c71.8600
mls ip address 172.20.26.56
mls flow mask is destination-ip
number of domains configured for mls 1
vlan domain name: Engineering
   current flow mask: destination-ip
   current sequence number: 82078006
   current/maximum retry count: 0/10
   current domain state: no-change
   current/next global purge: false/false
   current/next purge count: 0/0
   domain uptime: 02:54:21
   keepalive timer expires in 11 seconds
   retry timer not running
   change timer not running
 
   1 management interface(s) currently defined:
      vlan 1 on Vlan1
 
   2 mac-vlan(s) configured for multi-layer switching:
 
      mac 0006.7c71.8600
         vlan id(s)
         1    3
 
   router currently aware of following 1 switch(es):
      switch id 00e0.fe4a.aeff
router#

Router Configuration with Standard Access List

This configuration is the same as the previous example but with a standard access list configured on the VLAN 3 interface. The flow mask changes to source-destination-ip.

.
interface Vlan3
 ip address 128.6.3.73 255.255.255.0
 ip access-group 2 out
  mls rp vtp-domain Engineering
 mls rp ip
.
router# show mls rp

multilayer switching is globally enabled
mls id is 0006.7c71.8600
mls ip address 172.20.26.56
mls flow mask is source-destination-ip
 
number of domains configured for mls 1
vlan domain name: Engineering
   current flow mask: source-destination-ip
   current sequence number: 82078007
   current/maximum retry count: 0/10
   current domain state: no-change
   current/next global purge: false/false
   current/next purge count: 0/0
   domain uptime: 02:57:31
   keepalive timer expires in 4 seconds
   retry timer not running
   change timer not running
 
   1 management interface(s) currently defined:
      vlan 1 on Vlan1
 
   2 mac-vlan(s) configured for multi-layer switching:
 
      mac 0006.7c71.8600
         vlan id(s)
         1    3
 
   router currently aware of following 1 switch(es):
      switch id 00e0.fe4a.aeff
 
router#

Router Configuration with Extended Access List

This configuration is the same as the previous examples but with an extended access list configured on the VLAN 3 interface. The flow mask changes to ip-flow.

.
interface Vlan3
 ip address 128.6.3.73 255.255.255.0
 ip access-group 101 out
  mls rp vtp-domain Engineering
 mls rp ip
.
router# show mls rp

multilayer switching is globally enabled
mls id is 0006.7c71.8600
mls ip address 172.20.26.56
mls flow mask is ip-flow
 
number of domains configured for mls 1
vlan domain name: Engineering
   current flow mask: ip-flow
   current sequence number: 82078009
   current/maximum retry count: 0/10
   current domain state: no-change
   current/next global purge: false/false
   current/next purge count: 0/0
   domain uptime: 03:01:52
   keepalive timer expires in 3 seconds
   retry timer not running
   change timer not running
 
   1 management interface(s) currently defined:
      vlan 1 on Vlan1
 
   2 mac-vlan(s) configured for multi-layer switching:
 
      mac 0006.7c71.8600
         vlan id(s)
         1    3
 
   router currently aware of following 1 switch(es):
      switch id 00e0.fe4a.aeff
 
router#

Table of Contents

Configuring Multilayer Switching