Configuring SDM Templates
This chapter describes how to configure the Switch Database Management (SDM) templates on the Cisco Industrial Ethernet 2000U Series (IE 2000U) and Connected Grid Switches, hereafter referred to as switch . SDM template configuration is supported in both IP Services and LAN Base images.
NoteFor complete syntax and usage information for the commands used in this chapter, see the command reference listed in the“Related Documents” section.
This chapter includes the following sections:
Information About the SDM Templates
If the switch is running the IP services image, you can use SDM templates to optimize system resources in the switch to support specific features, depending on how the switch is used in the network. The SDM templates allocate TCAM resources to support different features. You can use the SDM templates for IP Version 4 (IPv4) and select the default template to balance system resources or select the layer-2 template to support only Layer 2 features in hardware.
- Layer-2—The layer-2 template maximizes system resources for Layer 2 functionality and does not support routing. You should use this template when the switch is being used for Layer 2 forwarding. When you select the layer-2 template on a switch running the IP services image, any routing is done through software, which overloads the CPU and severely degrades routing performance.
- Default—The default template gives balance to all functions: Layer 2 and Layer 3 (routing). This template is available on switches running either the IP Services or LAN Base image. If you do not use the default template with IP Services image and with routing enabled on the switch (that is, you use the layer-2 template instead), any routing is done through software, which overloads the CPU and severely degrades routing performance.
The dual IPv4 and IPv6 templates also enable a dual stack environment. See the “Dual IPv4 and IPv6 SDM Templates” section.
Table 6-1 shows the approximate number of each resource supported in each of the two IPv4 templates. The values in the template are based on eight routed interfaces and approximately 1024 VLANs and represent the approximate hardware boundaries set when a template is selected. If a section of a hardware resource is full, all processing overflow is sent to the CPU, seriously impacting switch performance.
Table 6-1 Approximate Number of Feature Resources Allowed by Each Template
|
|
|
Unicast MAC addresses |
8 K |
5 K |
IPv4 IGMP groups + multicast routes (default only) |
– |
1 K |
IP v4 IGMP groups (layer-2 only) |
1 K |
– |
IPv4 multicast routes (layer-2 only) |
0 |
– |
IPv4 IGMP groups and multicast routes |
1 K |
– |
IPv4 unicast routes |
0 |
9 K |
- Directly connected IPv4 hosts
|
– |
5 K |
|
– |
4 K |
IPv4 policy-based routing ACEs |
0 |
0.5 K |
IPv4 or MAC QoS ACEs |
0.5 K |
0.5 K |
IPv4 or MAC security ACEs |
1 K |
1 K |
Dual IPv4 and IPv6 SDM Templates
You can select SDM templates to support IP Version 6 (IPv6). For more information about IPv6 and how to configure IPv6 routing, see the “Configuring IPv6 Unicast Routing” chapter in the Unicast Routing Software Configuration Guide for Cisco IE 2000U and Connected Grid Switches . For information about configuring IPv6 ACLs, see the “Configuring IPv6 ACLs” chapter in the Security Software Configuration Guide for Cisco IE 2000U and Connected Grid Switches .
This software release does not support Policy-Based Routing (PBR) when forwarding IPv6 traffic. The software supports IPv4 PBR only when the dual-ipv4-and-ipv6 routing template is configured.
The dual IPv4 and IPv6 templates allow the switch to be used in dual stack environments (supporting both IPv4 and IPv6). Using the dual stack templates results in less TCAM capacity allowed for each resource. Do not use them if you plan to forward only IPv4 traffic.
These SDM templates support IPv4 and IPv6 environments:
- Dual IPv4 and IPv6 default template—supports Layer 2, multicast, routing, QoS, and ACLs for IPv4; and Layer 2, routing, and ACLs for IPv6 on the switch.
- Dual IPv4 and IPv6 routing template—supports Layer 2, multicast, routing (including policy-based routing), QoS, and ACLs for IPv4; and Layer 2, routing, and ACLs for IPv6 on the switch.
- Dual IPv4 and IPv6 VLAN template—supports basic Layer 2, multicast, QoS, and ACLs for IPv4, and basic Layer 2 and ACLs for IPv6 on the switch
This software release does not support IPv6 multicast routing, IPv6 QoS, or IPv6 Multicast Listener Discovery (MLD) snooping.
NoteAn IPv4 route requires only one TCAM entry. Because of the hardware compression scheme used for IPv6, an IPv6 route can take more than one TCAM entry, reducing the number of entries forwarded in hardware.
Table 6-2 defines the approximate feature resources allocated by each dual template. Template estimations are based on a switch with 8 routed interfaces and approximately 1000 VLANs.
Table 6-2 Approximate Feature Resources Allowed by Dual IPv4-IPv6 Templates
|
|
|
|
Unicast MAC addresses |
2 K |
1.5 K |
8 K |
IPv4 IGMP groups and multicast routes |
1 K |
1K |
1 K |
Total IPv4 unicast routes: |
3 K |
2.75 K |
0 |
- Directly connected IPv4 hosts
|
2 K |
1.5 K |
0 |
|
1 K |
1.25 K |
0 |
IPv6 multicast groups |
1 K |
1 K |
1 K |
Total IPv6 unicast routes: |
3 K |
2.75 K |
0 |
- Directly connected IPv6 addresses
|
2 K |
1.5 K |
0 |
- Indirect IPv6 unicast routes
|
1 K |
1.25 K |
0 |
IPv4 policy-based routing ACEs |
0 |
0.25 K |
0 |
IPv4 or MAC QoS ACEs (total) |
0.75 K |
0.75 K |
0.75 K |
IPv4 or MAC security ACEs (total) |
1 K |
0.5 K |
1K |
IPv6 policy-based routing ACEs |
0 |
0.25 K |
0 |
IPv6 QoS ACEs |
0.5 K |
0.5 K |
0.5 K |
IPv6 security ACEs |
0.5 K |
0.5 K |
0.5 K |
Prerequisites
Determine whether routing is enabled on the switch and whether you have both IPv6 and IPv4 traffic on the network.
Guidelines and Limitations
Follow these guidelines when selecting and configuring SDM templates:
- You must reload the switch for the configuration to take effect.
- If you are using the switch for Layer 2 features only, select the layer-2 template.
- Do not use the default template if you do not have routing enabled on your switch. The sdm prefer default global configuration command prevents other features from using the memory allocated to unicast routing in the routing template.
- You should use the default template when you plan to enable routing on the switch. If you do not use the default template when routing is enabled, routing is done through software, which overloads the CPU and severely degrades routing performance.
- If you try to configure IPv6 features without first selecting a dual IPv4 and IPv6 template, a warning message is generated.
- Using the dual stack templates results in less TCAM capacity allowed for each resource, so do not use if you plan to forward only IPv4 traffic.
- In the event that you are swapping your SD flash card from a failed unit to a replacement unit and you are not using the default template, you need to re-configure the preferred SDM template and then reload the switch for the selected template to take effect.
NoteFor details on how to replace (swap) the SD flash card, see the "Switch Installation" chapter within theCisco IE 2000U Switch Hardware Installation Guide.
Default Settings
The default template for a switch running either the IP services or LAN Base image is the default template.
Configuring the Switch SDM Template
Follow this procedure to use the SDM template to select a template on a switch running the IP services image.
DETAILED STEPS
|
|
|
Step 1 |
configure terminal |
Enter global configuration mode. |
Step 2 |
sdm prefer { default | dual-ipv4-and-ipv6 { default | routing | vlan } | layer-2 } |
Specify the SDM template to be used on the switch: The keywords have these meanings:
- default —Balance all functions.
- dual-ipv4-and-ipv6 —Select a template that supports both IPv4 and IPv6 routing.
– default —Balance IPv4 and IPv6 Layer 2 and Layer 3 functionality. – routing —Provide maximum usage for IPv4 and IPv6 routing, including IPv4 policy-based routing. – vlan —Provide maximum usage for IPv4 and IPv6 VLANs.
- layer-2 —Support Layer 2 functionality and do not support routing on the switch.
|
Step 3 |
end |
Return to privileged EXEC mode. |
Step 4 |
reload |
Reload the operating system. |
After the system reboots, you can use the show sdm prefer privileged EXEC command to verify the new template configuration. If you enter the show sdm prefer command before you enter the reload privileged EXEC command, the show sdm prefer command shows the template currently in use and the template that will become active after a reload.
EXAMPLE
This is an example of an output display when you have changed the template to the layer-2 template and have not reloaded the switch:
The current template is "default" template.
The selected template optimizes the resources in
the switch to support this level of features for
8 routed interfaces and 1024 VLANs.
number of unicast mac addresses: 5K
number of IPv4 IGMP groups + multicast routes: 1K
number of IPv4 unicast routes: 9K
number of directly-connected IPv4 hosts: 5K
number of indirect IPv4 routes: 4K
number of IPv4 policy based routing aces: 0.5K
number of IPv4/MAC qos aces: 0.5K
number of IPv4/MAC security aces: 1K
On next reload, template will be "layer-2" template.
To return to the default template, use the no sdm prefer global configuration command.
This example shows how to configure a switch with the layer-2 template:
Switch(config)# sdm prefer layer-2
Proceed with reload? [confirm]
Verifying Configuration
Use the show sdm prefer privileged EXEC command with no parameters to display the active template. Use the show sdm prefer [default | dual-ipv4-and-ipv6 {default | routing | vlan} | layer-2] privileged EXEC command to display the resource numbers supported by the specified template.
This is an example of output from the show sdm prefer command, displaying the template in use:
The current template is "default" template.
The selected template optimizes the resources in
the switch to support this level of features for
8 routed interfaces and 1024 VLANs.
number of unicast mac addresses: 5K
number of IPv4 IGMP groups + multicast routes: 1K
number of IPv4 unicast routes: 9K
number of directly-connected IPv4 hosts: 5K
number of indirect IPv4 routes: 4K
number of IPv4 policy based routing aces: 0.5K
number of IPv4/MAC qos aces: 0.5K
number of IPv4/MAC security aces: 1K
This is an example of output from the show sdm prefer layer-2 command:
Switch# show sdm prefer layer-2
The selected template optimizes the resources in
the switch to support this level of features for
8 routed interfaces and 1024 VLANs.
number of unicast mac addresses: 8K
number of IPv4 IGMP groups: 1K
number of IPv4 multicast routes: 0
number of IPv4 unicast routes: 0
number of IPv4 policy based routing aces: 0
number of IPv4/MAC qos aces: 0.5K
number of IPv4/MAC security aces: 1K
This is an example of output from the show sdm prefer dual-ipv4-and-ipv6 routing command:
Switch# show sdm prefer dual-ipv4-and-ipv6 routing
"desktop IPv4 and IPv6 routing" template:
The selected template optimizes the resources in
the switch to support this level of features for
8 routed interfaces and 1024 VLANs.
number of unicast mac addresses: 1.5K
number of IPv4 IGMP groups + multicast routes: 1K
number of IPv4 unicast routes: 2.75K
number of directly-connected IPv4 hosts: 1.5K
number of indirect IPv4 routes: 1.25K
number of IPv6 multicast groups: 1.125k
number of directly-connected IPv6 addresses: 1.5K
number of indirect IPv6 unicast routes: 1.25K
number of IPv4 policy based routing aces: 0.25K
number of IPv4/MAC qos aces: 0.75K
number of IPv4/MAC security aces: 0.5K
number of IPv6 policy based routing aces: 0.25K
number of IPv6 qos aces: 0.5K
number of IPv6 security aces: 0.5K
Configuration Example
This is an example of an output display when you have changed the template to the layer-2 template and have not reloaded the switch:
The current template is "default" template.
The selected template optimizes the resources in
the switch to support this level of features for
8 routed interfaces and 1024 VLANs.
number of unicast mac addresses: 5K
number of IPv4 IGMP groups + multicast routes: 1K
number of IPv4 unicast routes: 9K
number of directly-connected IPv4 hosts: 5K
number of indirect IPv4 routes: 4K
number of IPv4 policy based routing aces: 0.5K
number of IPv4/MAC qos aces: 0.5K
number of IPv4/MAC security aces: 1K
On next reload, template will be "layer-2" template.
This example shows how to configure a switch with the layer-2 template:
Switch(config)# sdm prefer layer-2
Proceed with reload? [confirm]
Feature History
|
|
IE 2000U |
Cisco IOS Release 15.0(2)EH |
CGS 2520 |
Cisco IOS Release 12.2(53)EX |
Ethernet Switch Module (ESM) for CGR 2010 |
Cisco IOS Release 12.2(53)EX |