Configuring IP Multilayer Switching
Download this chapter
Configuring IP Multilayer SwitchingConfiguring IP Multilayer Switching
 Feedback

Table Of Contents

Configuring IP Multilayer Switching

Configuring and Monitoring MLS

Configuring MLS on a Router

Monitoring MLS

Monitoring MLS for an Interface

Monitoring MLS Interfaces for VTP Domains

Configuring NetFlow Data Export

Specifying an NDE Address on the Router

Multilayer Switching Configuration Examples

Router Configuration Without Access Lists Example

Router Configuration with a Standard Access List Example

Router Configuration with an Extended Access List Example


Configuring IP Multilayer Switching

This chapter describes how to configure your network to perform IP Multilayer Switching (MLS). This chapter contains these sections:

Configuring and Monitoring MLS

Configuring NetFlow Data Export

Multilayer Switching Configuration Examples

For a complete description of the commands in this chapter, refer to the the Cisco IOS Switching Services Command Reference. To locate documentation of other commands that appear in this chapter, use the command reference master index or search online.

To identify the hardware platform or software image information associated with a feature, use the Feature Navigator on Cisco.com to search for information about the feature or refer to the software release notes for a specific release. For more information, see the section "Identifying Supported Platforms" in the chapter "Using Cisco IOS Software."

Note The information in this chapter is a brief summary of the information contained in the Catalyst 5000 Series Multilayer Switching User Guide. The commands and configurations described in this guide apply only to the devices that provide routing services. Commands and configurations for Catalyst 5000 series switches are documented in the Catalyst 5000 Series Multilayer Switching User Guide. For configuration information for the Catalyst 6000 series switch, see Configuring and Troubleshooting IP MLS on Catalyst 6000 with an MSFC or the "Configuring IP Multilayer Switching" chapter in the Catalyst 6500 Series MSFC (12.x) & PFC Configuration Guide.

Configuring and Monitoring MLS

To configure your Cisco router for MLS, perform the tasks described in the following sections. The first section contains a required task; the remaining tasks are optional. To ensure a successful MLS configuration, you must also configure the Catalyst switches in your network. For a full description for the Catalyst 5000 series, see the Catalyst 5000 Series Multilayer Switching User Guide. For a full description for the Catalyst 6000 series, see the "Configuring IP Multilayer Switching" chapter in the Catalyst 6500 Series MSFC (12.x) & PFC Configuration Guide. Only configuration tasks and commands for routers are described in this chapter.

Configuring MLS on a Router (Required)

Monitoring MLS (Optional)

Monitoring MLS for an Interface (Optional)

Monitoring MLS Interfaces for VTP Domains (Optional)

Configuring MLS on a Router

To configure MLS on your router, use the following commands beginning in global configuration mode. Depending upon your configuration, you might not have to perform all the steps in the procedure.

 
Command
Purpose

Step 1 

Router(config)# mls rp ip

Globally enables MLSP. MLSP is the protocol that runs between the MLS-SE and the MLS-RP.

Step 2 

Router(config)# interface type number

Selects a router interface.

Step 3 

Router(config-if)# mls rp vtp-domain [domain-name]

Selects the router interface to be Layer 3 switched and then adds that interface to the same VLAN Trunking Protocol (VTP) domain as the switch. This interface is referred to as the MLS interface. This command is required only if the Catalyst switch is in a VTP domain.

Step 4 

Router(config-if)# mls rp vlan-id [vlan-id-num]

Assigns a VLAN ID to the MLS interface. MLS requires that each interface has a VLAN ID. This step is not required for RSM VLAN interfaces or ISL-encapsulated interfaces.

Step 5 

Router(config-if)# mls rp ip

Enables each MLS interface.

Step 6 

Router(config-if)# mls rp management-interface

Selects one MLS interface as a management interface. MLSP packets are sent and received through this interface. This can be any MLS interface connected to the switch.

 

Repeat steps 2 through 5 for each interface that will support MLS.

 

Note The interface-specific commands in this section apply only to Ethernet, Fast Ethernet, VLAN, and Fast Etherchannel interfaces on the Catalyst RSM/Versatile Interface Processor 2 (VIP2) or directly attached external router.

To globally disable MLS on the router, use the following command in global configuration mode:

Command
Purpose

Router(config)# no mls rp ip

Disables MLS on the router.


Monitoring MLS

To display MLS details including specifics for MLSP, use the following commands in EXEC mode, as needed:

MLS status (enabled or disabled) for switch interfaces and subinterfaces

Flow mask used by this MLS-enabled switch when creating Layer 3-switching entries for the router

Current settings of the keepalive timer, retry timer, and retry count

MLSP-ID used in MLSP messages

List of interfaces in all VTP domains that are enabled for MLS

Command
Purpose

Router# show mls rp

Displays MLS details for all interfaces.


After entering this command, you see this display: 

router# show mls rp


multilayer switching is globally enabled

mls id is 00e0.fefc.6000

mls ip address 10.20.26.64

mls flow mask is ip-flow

vlan domain name: WBU

   current flow mask: ip-flow

   current sequence number: 80709115

   current/maximum retry count: 0/10

   current domain state: no-change

   current/next global purge: false/false

   current/next purge count: 0/0

   domain uptime: 13:03:19

   keepalive timer expires in 9 seconds

   retry timer not running

   change timer not running

   fcp subblock count = 7

   1 management interface(s) currently defined:

      vlan 1 on Vlan1

   7 mac-vlan(s) configured for multi-layer switching:

      mac 00e0.fefc.6000

         vlan id(s)

         1    10   91   92   93   95   100

   router currently aware of following 1 switch(es):

      switch id 0010.1192.b5ff

Monitoring MLS for an Interface

To show MLS information for a specific interface, use the following command in EXEC mode:

Command
Purpose

Router# show mls rp [interface]

Displays MLS details for a specific interface.


After entering this command, you see this display: 

router# show mls rp int vlan 10


mls active on Vlan10, domain WBU

router#

Monitoring MLS Interfaces for VTP Domains

To show MLS information for a specific VTP domain use the following command in EXEC mode:

Command
Purpose

Router# show mls rp vtp-domain [domain-name]

Displays MLS interfaces for a specific VTP domain.


After entering this command, you see this display: 

router# show mls rp vtp-domain WBU


vlan domain name: WBU

   current flow mask: ip-flow

   current sequence number: 80709115

   current/maximum retry count: 0/10

   current domain state: no-change

   current/next global purge: false/false

   current/next purge count: 0/0

   domain uptime: 13:07:36

   keepalive timer expires in 8 seconds

   retry timer not running

   change timer not running

   fcp subblock count = 7

   1 management interface(s) currently defined:

      vlan 1 on Vlan1

   7 mac-vlan(s) configured for multi-layer switching:

      mac 00e0.fefc.6000

         vlan id(s)

         1    10   91   92   93   95   100

   router currently aware of following 1 switch(es):

      switch id 0010.1192.b5ff

Configuring NetFlow Data Export

Note You need to enable NDE only if you will export MLS cache entries to a data collection application.

Perform the task in this section to configure your Cisco router for NDE. To ensure a successful NDE configuration, you must also configure the Catalyst switch. For a full description, see the Catalyst 5000 Series Multilayer Switching User Guide.

Specifying an NDE Address on the Router

To specify an NDE address on the router, use the following command in global configuration mode:

Command
Purpose

Router(config)# mls rp nde-address ip-address

Specifies an NDE IP address for the router doing the Layer 3 switching. The router and the Catalyst 5000 series switch use the NDE IP address when sending MLS statistics to a data collection application.


Multilayer Switching Configuration Examples

In these examples, VLAN interfaces 1 and 3 are in VTP domain named Engineering. The management interface is configured on the VLAN 1 interface. Only information relevant to MLS is shown in the following configurations:

Router Configuration Without Access Lists Example

Router Configuration with a Standard Access List Example

Router Configuration with an Extended Access List Example

Router Configuration Without Access Lists Example

This sample configuration shows a router configured without access lists on any of the VLAN interfaces. The flow mask is configured to be destination-ip. 

router# more system:running-config


Building configuration...

Current configuration:

.

.

.

mls rp ip


interface Vlan1

 ip address 172.20.26.56 255.255.255.0

 mls rp vtp-domain Engineering

 mls rp management-interface

 mls rp ip


interface Vlan2

 ip address 172.16.2.73 255.255.255.0


interface Vlan3

 ip address 172.16.3.73 255.255.255.0

 mls rp vtp-domain Engineering

 mls rp ip

 .

 .

 end

router#

router# show mls rp


multilayer switching is globally enabled

mls id is 0006.7c71.8600

mls ip address 172.20.26.56

mls flow mask is destination-ip


number of domains configured for mls 1

vlan domain name: Engineering

   current flow mask: destination-ip

   current sequence number: 82078006

   current/maximum retry count: 0/10

   current domain state: no-change

   current/next global purge: false/false

   current/next purge count: 0/0

   domain uptime: 02:54:21

   keepalive timer expires in 11 seconds

   retry timer not running

   change timer not running

   1 management interface(s) currently defined:

      vlan 1 on Vlan1

   2 mac-vlan(s) configured for multi-layer switching:

      mac 0006.7c71.8600

         vlan id(s)

         1    3

   router currently aware of following 1 switch(es):

      switch id 00e0.fe4a.aeff

Router Configuration with a Standard Access List Example

This configuration is the same as the previous example but with a standard access list configured on the VLAN 3 interface. The flow mask changes to source-destination-ip. 

.

interface Vlan3

 ip address 172.16.3.73 255.255.255.0

 ip access-group 2 out

 mls rp vtp-domain Engineering

 mls rp ip

.


router# show mls rp


multilayer switching is globally enabled

mls id is 0006.7c71.8600

mls ip address 172.20.26.56

mls flow mask is source-destination-ip

number of domains configured for mls 1

vlan domain name: Engineering

   current flow mask: source-destination-ip

   current sequence number: 82078007

   current/maximum retry count: 0/10

   current domain state: no-change

   current/next global purge: false/false

   current/next purge count: 0/0

   domain uptime: 02:57:31

   keepalive timer expires in 4 seconds

   retry timer not running

   change timer not running

   1 management interface(s) currently defined:

      vlan 1 on Vlan1

   2 mac-vlan(s) configured for multi-layer switching:

      mac 0006.7c71.8600

         vlan id(s)

         1    3

   router currently aware of following 1 switch(es):

      switch id 00e0.fe4a.aeff

Router Configuration with an Extended Access List Example

This configuration is the same as the previous examples but with an extended access list configured on the VLAN 3 interface. The flow mask changes to ip-flow. 

.

interface Vlan3

 ip address 172.16.3.73 255.255.255.0

 ip access-group 101 out

 mls rp vtp-domain Engineering

 mls rp ip

.



router# show mls rp


multilayer switching is globally enabled

mls id is 0006.7c71.8600

mls ip address 172.20.26.56

mls flow mask is ip-flow

number of domains configured for mls 1

vlan domain name: Engineering

   current flow mask: ip-flow

   current sequence number: 82078009

   current/maximum retry count: 0/10

   current domain state: no-change

   current/next global purge: false/false

   current/next purge count: 0/0

   domain uptime: 03:01:52

   keepalive timer expires in 3 seconds

   retry timer not running

   change timer not running

   1 management interface(s) currently defined:

      vlan 1 on Vlan1

   2 mac-vlan(s) configured for multi-layer switching:

      mac 0006.7c71.8600

         vlan id(s)

         1    3

   router currently aware of following 1 switch(es):

      switch id 00e0.fe4a.aeff