Table Of Contents

mac-address-table aging-time

mac-address-table dynamic

mac-address-table secure

mac-address-table static

mls qos cos

mls qos map

mls qos trust

mls rp ip multicast management-interface

mls rp ip multicast

mls rp ip

mls rp ipx (global)

mls rp ipx (interface)

mls rp locate ipx

mls rp management-interface

mls rp nde-address

mls rp vlan-id

mls rp vtp-domain

monitor session

mac-address-table aging-time

To configure the aging time for entries in the Layer 2 table, use the mac-address-table aging-time command in global configuration mode. To reset the seconds value to the default setting, use the no form of this command.

Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers

mac-address-table aging-time seconds

no mac-address-table aging-time seconds

Catalyst Switches

mac-address-table aging-time seconds [vlan vlan-id]

no mac-address-table aging-time seconds [vlan vlan-id]

Syntax Description

seconds	Aging time; valid values are 0, and from 10 to 1,000,000 seconds.
vlan vlan-id	(Optional) Specifies the VLAN to apply the changed aging time; valid values are from 2 to 1001.

Defaults

300 seconds

Command Modes

Global configuration

Command History

Release	Modification
12.0(7)XE	This command was introduced on Catalyst 6000 family switches.
12.1(1)E	This command was implemented on Catalyst 6000 family switches.
12.2(2)XT	This command was introduced on Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.
12.2(8)T	This command was integrated into Cisco IOS Release 12.2(8)T on Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.
12.2(11)T	This command was integrated into Cisco IOS  Release 12.2(11)T.

Usage Guidelines

Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers

The aging time entry will take the specified value. Valid entries are from 10 to 1,000,000 seconds.

This command cannot be disabled.

Catalyst Switches

If you do not enter a VLAN, the change is applied to all routed-port VLANs.

Enter 0 seconds to disable aging.

Examples

Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers

The following example shows the aging time being configured:

Router(config)# mac-address-table aging-time 300

Catalyst Switches

The following example shows the aging time being configured:

Router(config)# mac-address-table aging-time 400

The following example shows the aging time being disabled:

Router(config)# mac-address-table aging-time 0

Related Commands

Command	Description
show mac-address-table aging-time	Displays the MAC address aging time.

mac-address-table dynamic

To add dynamic addresses to the MAC address table, use the mac-address-table dynamic command in global configuration mode. Dynamic addresses are automatically added to the address table and dropped from it when they are not in use. To remove dynamic entries from the MAC address table, use the no form of this command.

Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers

mac-address-table dynamic hw-address interface {fa | gi} [slot/port] vlan vlan-id

no mac-address-table dynamic hw-address vlan vlan-id

Catalyst Switches

mac-address-table dynamic hw-address interface [atm slot/port] [vlan vlan-id]

no mac-address-table dynamic hw-address [vlan vlan-id]

Syntax Description

hw-address	MAC address added to or removed from the table.
interface	Port to which packets destined for hw-address are forwarded.
fa	Specifies FastEthernet.
gi	Specifies GigabitEthernet.
slot	(Optional) The slot (slot 1 or slot 2) to which to add dynamic addresses.
port	(Optional) Port interface number. The ranges are based on type of Ethernet switch network module used: 0 to 15 for NM-16ESW 0 to 35 for NM-36ESW 0 to 1 for GigabitEthernet
atm slot/port	(Optional) Add dynamic addresses to the ATM module in slot 1 or 2. The port is always 0 for an ATM interface.
vlan vlan-id	Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers The interface and vlan parameters together specify a destination to which packets destined for hw-address are forwarded. The vlan keyword is optional if the port is a static-access or dynamic-access VLAN port. In this case, the VLAN assigned to the port is assumed to be that of the port associated with the MAC address. The vlan keyword is required for multi-VLAN and trunk ports. This keyword is required on trunk ports to specify to which VLAN the dynamic address is assigned. The vlan-id is the value of the ID of the VLAN to which packets destined for hw-address are forwarded. Valid IDs are 1 to 1005; do not enter leading zeroes. Catalyst Switches (Optional) The interface and vlan parameters together specify a destination to which packets destined for hw-address are forwarded. The vlan keyword is optional if the port is a static-access or dynamic-access VLAN port. In this case, the VLAN assigned to the port is assumed to be that of the port associated with the MAC address. Note When this command is executed on a dynamic-access port, queries to the VLAN Membership Policy Server (VMPS) do not occur. The VMPS cannot verify that the address is allowed or determine to which VLAN the port should be assigned. This command should be used only for testing purposes. The vlan keyword is required for multi-VLAN and trunk ports. This keyword is required on trunk ports to specify to which VLAN the dynamic address is assigned. The vlan-id is the value of the ID of the VLAN to which packets destined for hw-address are forwarded. Valid IDs are 1 to 1005; do not enter leading zeroes.

Defaults

Dynamic addresses are not added to the MAC address table.

Command Modes

Global configuration

Command History

Release	Modification
11.2(8)SA	This command was first introduced.
11.2(8)SA3	The vlan keyword was added.
11.2(8)SA5	The atm keyword was added.
12.2(2)XT	This command was implemented on Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.
12.2(8)T	This command was integrated into Cisco IOS Release 12.2(8)T, on Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.
12.2(11)T	This command was integrated into Cisco IOS  Release 12.2(11)T.

Usage Guidelines

If the vlan-id argument is omitted and the no form of the command is used, the MAC address is removed from all VLANs.

Examples

The following example shows how to add a MAC address on port fa1/1 to VLAN 4:

Switch(config)# mac-address-table dynamic 00c0.00a0.03fa fa1/1 vlan 4

Related Commands

Command	Description
clear mac-address-table	Deletes entries from the MAC address table.
mac-address-table aging-time	Sets the length of time that a dynamic entry remains in the MAC address table after the entry is used or updated.
mac-address-table static	Adds static addresses to the MAC address table.
show mac-address-table	Displays the MAC address table.

mac-address-table secure

To add secure addresses to the MAC address table, use the mac-address-table secure command in global configuration mode. To remove secure entries from the MAC address table, use the no form of this command.

Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers

mac-address-table secure hw-address interface {fa | gi} slot/port vlan vlan-id

no mac-address-table secure hw-address vlan vlan-id

Catalyst Switches

mac-address-table secure hw-address interface [atm slot/port] [vlan vlan-id]

no mac-address-table secure hw-address [vlan vlan-id]

Syntax Description

hw-address	MAC address that is added to the table.
interface	Port to which packets destined for hw-address are forwarded.
fa	Specifies FastEthernet.
gi	Specifies Gigabit Ethernet.
slot	(Optional) The slot (slot 1 or slot 2) to which to add dynamic addresses.
port	(Optional) Port interface number. The ranges are based on type of Ethernet switch network module used: 0 to 15 for NM-16ESW 0 to 35 for NM-36ESW 0 to 1 for GigabitEthernet
atm slot/port	(Optional) Add secure address to the ATM module in slot 1 or 2. The port is always 0 for an ATM interface.
vlan vlan-id	Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers The interface and vlan parameters together specify a destination to which packets destined for hw-address are forwarded. The vlan keyword is optional if the port is a static-access VLAN port. In this case, the VLAN assigned to the port is assumed to be that of the port associated with the MAC address. This keyword is required for multi-VLAN and trunk ports. The value of vlan-id is the ID of the VLAN to which secure entries are added. Valid IDs are 1 to 1005; do not enter leading zeroes. Catalyst Switches (Optional) The interface and vlan parameters together specify a destination to which packets destined for hw-address are forwarded. The vlan keyword is optional if the port is a static-access VLAN port. In this case, the VLAN assigned to the port is assumed to be that of the port associated with the MAC address. This keyword is required for multi-VLAN and trunk ports. The value of vlan-id is the ID of the VLAN to which secure entries are added. Valid IDs are 1 to 1005; do not enter leading zeroes.

Defaults

Secure addresses are not added to the MAC address table.

Command Modes

Global configuration

Command History

Release	Modification
11.2(8)SA	This command was first introduced.
11.2(8)SA3	The vlan keyword was added.
11.2(8)SA5	The atm keyword was added.
12.2(2)XT	This command was implemented on Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.
12.2(8)T	This command was integrated into Cisco IOS Release 12.2(8)T, on Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.
12.2(11)T	This command was integrated into Cisco IOS Release 12.2(11)T.

Usage Guidelines

Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers

Secure addresses can be assigned to only one port at a time. Therefore, if a secure address table entry for the specified MAC address and VLAN already exists on another port, it is removed from that port and assigned to the specified one.

Catalyst Switches

Secure addresses can be assigned only to one port at a time. Therefore, if a secure address table entry for the specified MAC address and VLAN already exists on another port, it is removed from that port and assigned to the specified one.

Dynamic-access ports cannot be configured with secure addresses.

Examples

Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers

The following example shows how to add a secure MAC address to VLAN 6 of port fa1/1:

Router(config)# mac-address-table secure 00c0.00a0.03fa fa1/1 vlan 6

Catalyst Switches

The following example shows how to add a secure MAC address to VLAN 6 of port fa1/1:

Switch(config)# mac-address-table secure 00c0.00a0.03fa fa1/1 vlan 6

The following example shows how to add a secure MAC address to ATM port 2/1:

Switch(config)# mac-address-table secure 00c0.00a0.03fa atm 2/1

Related Commands

Command	Description
clear mac-address-table	Deletes entries from the MAC address table.
mac-address-table aging-time	Sets the length of time that a dynamic entry remains in the MAC address table after the entry is used or updated.
mac-address-table dynamic	Adds dynamic addresses to the MAC address table.
mac-address-table static	Adds static addresses to the MAC address table.
show mac-address-table	Displays the MAC address table.

mac-address-table static

To add static entries to the MAC address table, use the mac-address-table static command in global configuration mode. To remove entries profiled by the combination of specified entry information, use the no form of this command.

Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers

mac-address-table static mac-address {vlan vlan-id} {interface type slot/port}

no mac-address-table static mac-address {vlan vlan-id} {interface type slot/port}

Catalyst Switches

mac-address-table static mac-address {vlan vlan-id} {interface int} [protocol {ip | ipx | assigned}]

no mac-address-table static mac-address {vlan vlan-id} {interface int} [protocol {ip | ipx | assigned}]

Syntax Description

mac-address	Address to add to the MAC address table.
vlan vlan-id	(Optional) Specifies the VLAN associated with the MAC address entry; valid values are from 2 to 100.
interface type slot/port	Specifies the interface type and the slot and port configured.
protocol	(Optional) Specifies the protocol associated with the entry.
ip	Specifies the IP protocol.
ipx	Specifies the IPX protocol.
assigned	Specifies assigned protocol bucket accounts for such protocols as DECnet, Banyan VINES, and AppleTalk.

Defaults

Static entries are not added to the MAC address table.

Command Modes

Global configuration

Command History

Release	Modification
12.0(7)XE	This command was introduced on Catalyst 6000 family switches.
12.1(1)E	Support for this command on Catalyst 6000 family switches was extended to the E train.
12.1(5c)EX	This command was changed to support multicast addresses.
12.2(2)XT	This command was implemented on Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.
12.2(8)T	This command was integrated into Cisco IOS Release 12.2(8)T on Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.
12.2(11)T	This command was integrated into Cisco IO  Release 12.2(11)T.

Usage Guidelines

Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers

The output interface specified must be a Layer 2 IDB and not an SVI.

Entering the no form of this command does not remove system MAC addresses.

When removing a MAC address, entering the interface type slot/port argument is optional. For unicast entries, the entry is removed automatically. For multicast entries, if you do not specify an interface, the entire entry is removed. You can specify the selected ports to be removed by specifying the interface.

Catalyst Switches

The output interface specified must be a Layer 2 IDB and not an switch virtual interface (SVI).

You can enter up to 15 interfaces per command entered, but you can enter more interfaces by repeating the command.

If you do not enter a protocol type, an entry is automatically created for each of the four protocol types.

Entering the no form of this command does not remove system MAC addresses.

When removing a MAC address, entering the interface type slot/port argument is optional. For unicast entries, the entry is removed automatically. For multicast entries, if you do not specify an interface, the entire entry is removed. You can specify the selected ports to be removed by specifying the interface.

Examples

The following example shows how to add static entries to the MAC address table:

Router(config)# mac-address-table static 0050.3e8d.6400 vlan 100 interface fastethernet5/7 

Related Commands

Command	Description
show mac-address-table address	Displays MAC address table information for a specific MAC address.

mls qos cos

To define the default Multilayer Switching (MLS) class of service (CoS) value of a port or to assign the default CoS value to all incoming packets on the port, use the mls qos cos command in interface configuration mode. To return to the default CoS setting, use the no form of this command.

mls qos cos {default-cos | override}

no mls qos cos {default-cos | override}

Syntax Description

default-cos	Assigns a default CoS value to a port. If the port is CoS trusted and packets are untagged, the default CoS value is used to select one output queue as an index into the CoS-to-Differentiated Services Code Point (DSCP) map. The CoS range is 0 to 7. The default is 0.
override	Overrides the CoS of the incoming packets and applies the default CoS value on the port to all incoming packets.

Defaults

The default CoS value for a port is 0.
CoS override is disabled.

Command Modes

Interface configuration

Command History

Release	Modification
12.1(6)EA2	This command was introduced. It replaced the switchport priority command.
12.2(15)ZJ	This command was implemented on the following platforms: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.
12.3(4)T	This command was integrated into Cisco IOS Release 12.3(4)T on the following platforms: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.

Usage Guidelines

You can assign the default CoS and DSCP value to all packets entering a port if the port has been configured by use of the override keyword.

Use the override keyword when all incoming packets on certain ports deserve a higher or lower priority than packets entering from other ports. Even if a port was previously set to trust DSCP or CoS, this command overrides that trust state, and all the CoS values on the incoming packets are changed to the default CoS value that is configured with the mls qos cos command. If an incoming packet is tagged, the CoS value of the packet is modified at the ingress port. It is changed to the default CoS of that port.

Use the show mls qos interface privileged EXEC command to verify your settings.

Examples

The following example shows how to assign 4 as the default port CoS:

Router(config)# interface gigabitethernet0/1

Router(config-if)# mls qos trust cos

Router(config-if)# mls qos cos 4

The following example shows how to assign 4 as the default port CoS value for all packets entering the port:

Router(config)# interface gigabitethernet0/1

Router(config-if)# mls qos cos 4

Router(config-if)# mls qos cos override

Related Commands

Command	Description
mls qos map	Defines the CoS-to-DSCP map or the DSCP-to-CoS map.
mls qos trust	Configures the port trust state.
show interface fax/y switchport	Displays switch port interfaces.
show mls qos interface	Displays QoS information.

mls qos map

To define the Multilayer Switching (MLS) class of service (CoS)-to-Differentiated Services Code Point (DSCP) map or DSCP-to-CoS map, use the mls qos map command in global configuration mode. To return to the default map, use the no form of this command.

mls qos map {cos-dscp dscp1...dscp8 | dscp-cos dscp-list to cos}

no mls qos map {cos-dscp | dscp-cos}

Syntax Description

cos-dscp dscp1...dscp8	Defines the CoS-to-DSCP map. For dscp1...dscp8, enter eight DSCP values that correspond to CoS values 0 to 7. Separate consecutive DSCP values from each other with a space. The supported DSCP values are 0, 8, 10, 16, 18, 24, 26, 32, 34, 40, 46, 48, and 56.
dscp-cos dscp-list to cos	Defines the DSCP-to-CoS map. For dscp-list, enter up to 13 DSCP values separated by spaces. Then enter the to keyword. The supported DSCP values are 0, 8, 10, 16, 18, 24, 26, 32, 34, 40, 46, 48, and 56. For cos, enter the CoS value to which the DSCP value or values correspond. The CoS range is 0 to 7.

Defaults

Table 1 shows the default CoS-to-DSCP map.

Table 1 Default CoS-to-DSCP Map

CoS Value	0	1	2	3	4	5	6	7
DSCP Value	0	8	16	26	32	46	48	56

Table 2 shows the default DSCP-to-CoS map.

Table 2 Default DSCP-to-CoS Map

DSCP Values	0	8, 10	16, 18	24, 26	32, 34	40, 46	48	56
CoS Value	0	1	2	3	4	5	6	7

Command Modes

Global configuration

Command History

Release	Modification
12.1(6)EA2	This command was introduced.
12.2(15)ZJ	This command was implemented on the following platforms: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.
12.3(4)T	This command was integrated into Cisco IOS Release 12.3(4)T on the following platforms: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.

Usage Guidelines

All of the CoS-to-DSCP and DSCP-to-CoS maps are globally defined. You apply all maps to all ports.

If you enter the mls qos trust cos command, the default CoS-to-DSCP map is applied.

If you enter the mls qos trust dscp command, the default DSCP-to-CoS map is applied.

After a default map is applied, you can define the CoS-to-DSCP or DSCP-to-CoS map by entering consecutive mls qos map commands.

If the mls qos trust dscp command is entered and a packet with an untrusted DSCP value is at an ingress port, the packet CoS value is set to 0.

Use the show mls qos maps privileged EXEC command to verify your settings.

Examples

The following example shows how to define the DSCP-to-CoS map. DSCP values 16, 18, 24, and 26 are mapped to CoS 1. DSCP values 0, 8, and 10 are mapped to CoS 0.

Router# configure terminal

Router(config)# mls qos map dscp-cos 16 18 24 26 to 1

Router(config)# mls qos map dscp-cos 0 8 10 to 0

The following example shows how to define the CoS-to-DSCP map. CoS values 0 to 7 are mapped to DSCP values 8, 8, 8, 8, 24, 32, 56, and 56.

Router# configure terminal

Router(config)# mls qos map cos-dscp 8 8 8 8 24 32 56 56

Related Commands

Command	Description
mls qos cos	Defines the default CoS value of a port or assigns the default CoS to all incoming packets on the port.
mls qos trust	Configures the port trust state.
show mls qos maps	Displays QoS mapping information.

mls qos trust

To configure the Multilayer Switching (MLS) port trust state and classify traffic by an examination of the class of service (CoS) or Differentiated Services Code Point (DSCP) value, use the mls qos trust command in interface configuration mode. To return a port to its untrusted state, use the no form of this command.

mls qos trust [cos | dscp]

no mls qos trust [cos | dscp]

Syntax Description

cos	(Optional) Classifies ingress packets that have packet CoS values. For untagged packets, use the port default CoS value.
dscp	(Optional) Classifies ingress packets that have packet DSCP values (most significant 6 bits of 8-bit service-type field). For non-IP packets, the packet CoS value is 0.

Defaults

The port is not trusted. If no keyword is specified, the default is dscp.

Command Modes

Interface configuration

Command History

Release	Modification
12.1(6)EA2	This command was introduced.
12.2(15)ZJ	This command was implemented on the following platforms: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.
12.3(4)T	This command was integrated into Cisco IOS Release 12.3(4)T on the following platforms: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.

Usage Guidelines

Packets entering a quality of service (QoS) domain are classified at its edge. Because the packets are classified at the edge, the switch port within the QoS domain can be configured to one of the trusted states; there is no need to classify the packets at every switch within the domain. Use the mls qos trust command to specify whether the port is trusted and to indicate which fields of the packet are for the classifying of traffic.

When a port is configured with trust DSCP and the incoming packet is a non-IP packet, the CoS value for the packet is set to 0, and the DSCP-to-CoS map is not applied.

If DSCP is trusted, the DSCP field of the IP packet is not modified. However, it is still possible that a DSCP-to-CoS map can modify the CoS value of the packet.

If CoS is trusted, the packet CoS is not modified. However, a CoS-to-DSCP map but DSCP could still modified the DSCP value of the packet if it is an IP packet.

Use the show mls qos interface privileged EXEC command to verify your settings.

Examples

The following example shows how to configure a port to be a DSCP-trusted port:

Router(config)# interface gigabitethernet0/1

Router(config-if)# mls qos trust dscp

The following example shows how to configure a VLAN interface to be a DSCP-trusted port. DSCP-to-COS mapping occurs for all packets that have the configured VLAN ID of 60 and that are egressing from the CPU to the physical port.

Router(config)# interface vlan 60

Router(config-if)# mls qos trust dscp

Related Commands

Command	Description
mls qos cos	Defines the default CoS value of a port or assigns the default CoS to all incoming packets on the port.
mls qos map	Defines the CoS-to-DSCP map or the DSCP-to-CoS map.
show mls qos interface	Displays QoS information.

mls rp ip multicast management-interface

To assign a different interface (other than the default) to act as the management interface for Multilayer Switching (MLS), use the mls rp ip multicast management-interface command in interface configuration mode. To restore the default interface as the management interface, use the no form of this command.

mls rp ip multicast management-interface

no mls rp ip multicast management-interface

Syntax Description

This command has no arguments or keywords.

Defaults

When IP multicast MLS is enabled, the subinterface (or virtual LAN [VLAN] interface) that has the lowest VLAN ID and is active (in the "up" state) is automatically selected as the management interface.

Command Modes

Interface configuration

Command History

Release	Modification
12.0(5)T	This command was introduced.

Usage Guidelines

When you enable IP multicast MLS, the subinterface (or VLAN interface) that has the lowest VLAN ID and is active (in the "up" state) is automatically selected as the management interface. The one-hop protocol Multilayer Switching Protocol (MLSP) is used between a router and a switch to pass messages about hardware-switched flows. MLSP packets are sent and received on the management interface. Typically, the interface in VLAN 1 is chosen (if that interface exists). Only one management interface is allowed on a single trunk link.

In most cases, we recommend that the management interface be determined by default. However, you can optionally use this command to specify a different router interface or subinterface as the management interface. We recommend using a subinterface with minimal data traffic so that multicast MLSP packets can be sent and received more quickly.

If the user-configured management interface goes down, the router uses the default interface (the active interface with the lowest VLAN ID) until the user-configured interface comes up again.

Examples

The following example shows how to configure the Fast Ethernet interface as the management interface:

Router(config)# interface fastethernet1/0.1

Router(config-if)# mls rp ip multicast management-interface

Related Commands

Command	Description
mls rp ip multicast	Enables IP multicast MLS (hardware switching) on an external or internal router in conjunction with Layer 3 switching hardware for the Catalyst 5000 switch.

mls rp ip multicast

To enable IP multicast Multilayer Switching (MLS) (hardware switching) on an external or internal router in conjunction with Layer 3 switching hardware for the Catalyst 5000, use the mls rp ip multicast command in interface configuration mode. To disable IP multicast MLS on the interface or virtual LAN (VLAN), use the no form of this command.

mls rp ip multicast

no mls rp ip multicast

Syntax Description

This command has no arguments or keywords.

Defaults

IP multicast MLS is enabled.

Command Modes

Interface configuration

Command History

Release	Modification
12.0(5)T	This command was introduced.

Usage Guidelines

This command is available only on specific router platforms connected to a Catalyst 5000 switch. Use this command to reduce multicast load on the router. The switch performs the multicast packet replication and forwarding.

IP multicast MLS is enabled by default on an interface once IP multicast routing and PIM are enabled.

Examples

The following example shows how to disable IP multicast MLS:

Router(config)# interface fastethernet1/0.1

Router(config-if)# no mls rp ip multicast

Related Commands

Command	Description
mls rp ip multicast management-interface	Assigns a different interface (other than the default) to act as the management interface for MLSP.
show ip mroute	Displays the contents of the IP multicast routing table.
show mls rp interface	Displays hardware-switched multicast flow information about IP multicast MLS.

mls rp ip

To enable the Multilayer Switching Protocol (MLSP) and Multilayer Switching (MLS), use the mls rp ip command in global configuration mode. To disable MLS, use the no form of this command.

mls rp ip

no mls rp ip

Syntax Description

This command has no arguments or keywords.

Defaults

Multilayer Switching (MLS) is disabled.

Command Modes

Global configuration

Command History

Release	Modification
11.3(3) WA4(4)	This command was introduced.

Usage Guidelines

Use this command to enable MLS, either globally or on a specific interface. MLSP is the protocol that runs between the switches and routers.

Examples

The following example enables MLS:

Router(config)# mls rp ip

Related Commands

Command	Description
mls rp management-interface	Designates an interface as the management interface for MLSP packets.
mls rp nde-address	Specifies a NetFlow Data Export address.
mls rp vlan-id	Assigns a VLAN ID.
mls rp vtp-domain	Selects the router interface to be Layer 3 switched and then adds that interface to a VTP domain.
show mls rp	Displays MLS details, including specifics for MLSP.
show mls rp vtp-domain	Displays MLS interfaces for a specific VTP domain.

mls rp ipx (global)

To enable the router as an IPX Multilayer Switching (MLS) Route Processor (RP), use the mls rp ipx command in global configuration mode. To disable IPX MLS on the router, use the no form of this command.

mls rp ipx

no mls rp ipx

Syntax Description

This command has no arguments or keywords.

Defaults

IPX MLS is disabled.

Command Modes

Global configuration

Command History

Release	Modification
12.0(5)T	This command was introduced.

Usage Guidelines

Multilayer Switching Protocol (MLSP) is the protocol that runs between the MLS Switching Engine and the MLS RP.

Examples

The following example enables IPX MLS on the MLS RP:

Router(config)# mls rp ipx

Related Commands

Command	Description
mls rp locate ipx	Displays information about all switches currently shortcutting for the specified IPX flows.
mls rp management-interface	Designates an interface as the management interface for MLSP packets.
mls rp vlan-id	Assigns a VLAN identification number to an IPX MLS interface.
mls rp vtp-domain	Assigns an MLS interface to a specific VTP domain on the MLS RP.
show mls rp interface	Displays IPX MLS details for the RP, including specific information about the MLSP.
show mls rp ipx	Displays details for all IPX MLS interfaces on the IPX MLS router.
show mls rp vtp-domain	Displays IPX MLS interfaces for a specific VTP domain on the RP.

mls rp ipx (interface)

To enable IPX Multilayer Switching (MLS) on a router interface, use the mls rp ipx command in interface configuration mode. To disable IPX MLS on a router interface, use the no form of this command.

mls rp ipx

no mls rp ipx

Syntax Description

This command has no arguments or keywords.

Defaults

IPX MLS is disabled.

Command Modes

Interface configuration

Command History

Release	Modification
12.0(5)T	This command was introduced.

Usage Guidelines

Multilayer Switching Protocol (MLSP) is the protocol that runs between the MLS Switching Engine and the MLS RP.

Examples

The following example shows how to enable IPX MLS on a router interface:

Router(config-if)# mls rp ipx

Related Commands

Command	Description
mls rp locate ipx	Displays information about all switches currently shortcutting for the specified IPX flows.
mls rp management-interface	Designates an interface as the management interface for MLSP packets.
mls rp vlan-id	Assigns a VLAN identification number to an IPX MLS interface.
mls rp vtp-domain	Assigns an MLS interface to a specific VTP domain on the MLS RP.
show mls rp interface	Displays IPX MLS details for the RP, including specific information about the MLSP.
show mls rp ipx	Displays details for all IPX MLS interfaces on the IPX MLS router.
show mls rp vtp-domain	Displays IPX MLS interfaces for a specific VTP domain on the RP.

mls rp locate ipx

To display information about all switches currently shortcutting for the specified IPX flows, use the mls rp locate ipx command in privileged EXEC mode.

mls rp locate ipx destination-network.destination-node [source-network]

Syntax Description

destination-network.destination-node	The destination network and destination node of IPX packet flows. The destination network consists of 1 to 8 hexadecimal numbers in the format xxxxxxxx. The destination node consists of 1 to 12 hexadecimal numbers in the format xxxx.xxxx.xxxx.
source-network	(Optional) The source network of the IPX flow. The source network consists of 1 to 8 hexadecimal numbers in the format yyyyyyyy.

Command Modes

Privileged EXEC

Command History

Release	Modification
12.0(5)T	This command was introduced.

Examples

The following example shows how to display the switch that is shortcutting routed flows to the specified IPX flow:

Router# mls rp locate ipx 30.0000.1111.2222

locator response from switch id 0010.1400.601f

Related Commands

Command	Description
mls rp ipx (global)	Enables the router as an IPX MLS RP.
mls rp management-interface	Designates an interface as the management interface for MLSP packets.
mls rp vlan-id	Assigns a VLAN identification number to an IPX MLS interface.
mls rp vtp-domain	Assigns an MLS interface to a specific VTP domain on the MLS RP.
show mls rp interface	Displays IPX MLS details for the RP, including specific information about the MLSP.
show mls rp ipx	Displays details for all IPX MLS interfaces on the IPX MLS router.
show mls rp vtp-domain	Displays IPX MLS interfaces for a specific VTP domain on the RP.

mls rp management-interface

To specify an interface as the management interface, use the mls rp management-interface command in interface configuration mode. To remove an interface as the management interface, use the no form of this command.

mls rp management-interface

no mls rp management-interface

Syntax Description

This command has no keywords or arguments.

Defaults

No interface is specified as the management interface.

Command Modes

Interface configuration

Command History

Release	Modification
11.3(3) WA4(4)	This command was introduced.

Usage Guidelines

Multilayer Switching Protocol (MLSP) packets are sent and received through the management interface.

Select only one IPX Multilayer Switching (MLS) interface connected to the switch. If you fail to select this interface, no connection between the MLS Route Processor (RP) and the MLS Switching Engine occurs, and any routing updates or changes to access lists are not reflected on the switch.

Examples

The following example shows how to select a management interface:

Router(config-if)# mls rp management-interface

Related Commands

Command	Description
mls rp ipx (global)	Enables the router as an IPX MLS RP.
mls rp locate ipx	Displays information about all switches currently shortcutting for the specified IPX flows.
mls rp vlan-id	Assigns a VLAN identification number to an IPX MLS interface.
mls rp vtp-domain	Assigns an MLS interface to a specific VTP domain on the MLS RP.
show mls rp interface	Displays IPX MLS details for the RP, including specific information about the MLSP.
show mls rp ipx	Displays details for all IPX MLS interfaces on the IPX MLS router.
show mls rp vtp-domain	Displays IPX MLS interfaces for a specific VTP domain on the RP.

mls rp nde-address

To specify a NetFlow Data Export (NDE) address, use the mls rp nde-address command in global configuration mode.

mls rp nde-address ip-address

Syntax Description

ip-address

NDE IP address.

Defaults

No NDE address is specified.

Command Modes

Global configuration

Command History

Release	Modification
11.3(3) WA4(4)	This command was introduced.

Usage Guidelines

Use this command on a Route Processor (RP) to specify the NDE address for a router. If you do not specify an NDE IP address for the Multilayer Switching (MLS) RP, the MLS RP automatically selects one of its interface's IP addresses and uses that IP address as its NDE IP address and its MLS IP address.

Examples

The following example shows how to set the NDE address to 172.25.2.1:

Router(config)# mls rp nde-address 172.25.2.1

Related Commands

Command	Description
mls rp ip	Enables MLSP.
mls rp management-interface	Designates an interface as the management interface for MLSP packets.
mls rp vlan-id	Assigns a VLAN ID.
mls rp vtp-domain	Selects the router interface to be Layer 3 switched and then adds that interface to a VTP domain.
show mls rp	Displays MLS details, including specifics for MLSP.
show mls rp vtp-domain	Displays MLS interfaces for a specific VTP domain.

mls rp vlan-id

To assign a virtual LAN (VLAN) identification number to an IPX Multilayer Switching (MLS) interface, use the mls rp vlan-id command in interface configuration mode. To remove a VLAN identification number, use the no form of this command.

mls rp vlan-id vlan-id-number

no mls rp vlan-id vlan-id-number

Syntax Description

vlan-id-number

A VLAN identification number from 1 to 4096.

Defaults

No VLAN identification number is assigned.

Command Modes

Interface configuration

Command History

Release	Modification
11.3(3) WA4(4)	This command was introduced.

Usage Guidelines

The assigned IPX MLS interface must be either an Ethernet or Fast Ethernet interface—both without subinterfaces.

Examples

The following example shows how to assign the VLAN identification number 23 to an IPX MLS interface:

Router(config-if)# mls rp vlan-id 23

Related Commands

Command	Description
mls rp ipx (global)	Enables the router as an IPX MLS RP.
mls rp locate ipx	Displays information about all switches currently shortcutting for the specified IPX flows.
mls rp management-interface	Designates an interface as the management interface for MLSP packets.
mls rp vtp-domain	Assigns an MLS interface to a specific VTP domain on the MLS RP.
show mls rp interface	Displays IPX MLS details for the RP, including specific information about the MLSP.
show mls rp ipx	Displays details for all IPX MLS interfaces on the IPX MLS router.
show mls rp vtp-domain	Displays IPX MLS interfaces for a specific VTP domain on the RP.

mls rp vtp-domain

To assign a Multilayer Switching (MLS) interface to a specific Virtual Trunk Protocol (VTP) domain on the MLS Route Processor (RP), use the mls rp vtp-domain command in interface configuration mode. To remove a VTP domain, use the no form of this command.

mls rp vtp-domain domain-name

no mls rp vtp-domain domain-name

Syntax Description

domain-name

The name of the VTP domain assigned to an MLS interface and its related switches.

Defaults

The interface is assigned to the null domain.

Command Modes

Interface configuration

Command History

Release	Modification
11.3(3) WA4(4)	This command was introduced.

Usage Guidelines

The assigned IPX MLS interface must be either an Ethernet or Fast Ethernet interface—both without subinterfaces.

Examples

The following example shows how to assign the MLS interface to the VTP domain named engineering:

Router(config-if)# mls rp vtp-domain engineering

Related Commands

Command	Description
mls rp ipx (global)	Enables the router as an IPX MLS RP.
mls rp locate ipx	Displays information about all switches currently shortcutting for the specified IPX flows.
mls rp management-interface	Designates an interface as the management interface for MLSP packets.
mls rp vlan-id	Assigns a VLAN identification number to an IPX MLS interface.
show mls rp interface	Displays IPX MLS details for the RP, including specific information about the MLSP.
show mls rp ipx	Displays details for all IPX MLS interfaces on the IPX MLS router.
show mls rp vtp-domain	Displays IPX MLS interfaces for a specific VTP domain on the RP.

monitor session

Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers

To start a new Switched Port Analyzer (SPAN) session, add or delete interfaces from an existing SPAN session, or delete a SPAN session, use the monitor session command in global configuration mode. To remove one or more source interfaces or destination interfaces from the SPAN session, use the no form of this command.

Source Interface

monitor session session {source {interface type/slot/port}} [, | - | rx | tx | both]

no monitor session session {source {interface type/slot/port}} [, | - | rx | tx | both]

Destination Interface

monitor session session {destination {interface type/slot/port} [, | -]}}

no monitor session session {destination {interface type/slot/port} [, | -]}}

Session

monitor session session

no monitor session session

Catalyst Switches

To start a new SPAN session, add or delete interfaces or VLANs to or from an existing SPAN session, filter SPAN traffic to specific VLANs, or delete a SPAN session, use the monitor session command in global configuration mode. To remove one or more source or destination interfaces from the SPAN session or a source VLAN from the SPAN session, use the no form of this command.

Source Interface or VLAN

monitor session session {source {interface type number} | {vlan vlan-id}} [, | - | rx | tx | both]

no monitor session session {source {interface type number} | {vlan vlan-id}} [, | - | rx | tx | both]

Destination Interface or VLAN

monitor session session {destination {interface type number} [, | -]} | {vlan vlan-id}}

no monitor session session {destination {interface type number} [, | -]} | {vlan vlan-id}}

Filter VLAN

monitor session session {filter {vlan vlan-id} [, | -]}

no monitor session session {filter {vlan vlan-id} [, | -]}

Syntax Description

session	Number of the SPAN session; valid values are 1 and 2.
source	Specifies the SPAN source.
destination	Specifies the SPAN destination interface.
interface type	(Optional) Specifies the interface type; valid values are fastethernet and gigabitethernet.
slot	(Optional) Specifies interface number; valid entries are 1 or 2.
port	(Optional) Port interface number ranges based on type of Ethernet switch network module used: 0 to 15 for NM-16ESW 0 to 35 for NM-36ESW 0 to 1 for GigabitEthernet
interface type number	Specifies the interface type and number; valid values are ethernet (1 to 9), fastethernet (1 to 9), gigabitethernet (1 to 9), and port-channel (see the "Usage Guidelines" section).
filter	Limits SPAN source traffic to specific VLANs. Note The filter keyword is not supported on the Cisco 2600 series or the Cisco 3600 series routers.
vlan vlan-id	Specifies the VLAN; valid values are from 1 to 1005.
,	(Optional) Specifies another range of SPAN VLANs; valid values are from 1 to 1005.
-	(Optional) Specifies a range of SPAN VLANs.
rx	(Optional) Specifies monitor received traffic only.
tx	(Optional) Specifies monitor transmitted traffic only.
both	(Optional) Specifies monitor received and transmitted traffic.

Defaults

A trunking interface monitors all VLANs and all received and transmitted traffic.

Command Modes

Global configuration

Command History

Release	Modification
12.0(7)XE	This command was introduced on the Catalyst 6000 family switches.
12.1(1)E	Support for this command on the Catalyst 6000 family switches was extended to the E train.
12.1(3a)E3	The number of valid values for the port-channel number was changed; see the "Usage Guidelines" section for valid values.
12.1(5c)EX	These SPAN support restrictions were added: •If your switch has a Switch Fabric Module installed, SPAN is supported among supervisor engines and nonfabric-enabled modules. •If your switch does not have a Switch Fabric Module installed, SPAN is supported on all modules, including fabric-enabled modules. •SPAN on DFC-equipped modules is not supported.
12.2(2)XT	This command was implemented on the Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.
12.2(8)T	This command was integrated into Cisco IOS Release 12.2(8)T on the Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.

Usage Guidelines

Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers

The port-channel number supports six EtherChannels and eight ports in each channel.

Only one SPAN destination for a SPAN session is supported. If you attempt to add another destination interface to a session that already has a destination interface configured, you will get an error. You must first remove a SPAN destination interface before changing the SPAN destination to a different interface.

Catalyst Switches

The number of valid values for port-channel number depends on the software release. For Cisco IOS releases prior to software Release 12.1(3a)E3, valid values are from 1 to 256; for Cisco IOS Release 12.1(3a)E3, 12.1(3a)E4, and 12.1(4)E1, valid values are from 1 to 64. Cisco IOS Release 12.1(5c)EX and later support a maximum of 64 values ranging from 1 to 256.

Only one destination per SPAN session is supported. If you attempt to add another destination interface to a session that already has a destination interface configured, you get an error. You must first remove a SPAN destination interface before changing the SPAN destination to a different interface.

You can configure up to 64 SPAN destination interfaces, but you can have one egress SPAN source interface and up to 64 ingress source interfaces only.

A SPAN session can either monitor VLANs or monitor individual interfaces, but it cannot monitor both specific interfaces and specific VLANs. Configuring a SPAN session with a source interface and then trying to add a source VLAN to the same SPAN session causes an error. Configuring a SPAN session with a source VLAN and then trying to add a source interface to that session also causes an error. You must first clear any sources for a SPAN session before switching to another type of source.

If you enter the filter keyword on a monitored trunk interface, only traffic on the set of specified VLANs is monitored.

Port channel interfaces display in the list of interface options if you have them configured. VLAN interfaces are not supported. However, you can span a particular VLAN by entering the monitor session session source vlan vlan-id command.

Examples

Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers

The following example shows how to add a destination VLAN to an existing SPAN session:

Router(config)# monitor session 1 destination interface fastEthernet 2/0

Catalyst Switches

The following example shows how to add a destination VLAN to an existing SPAN session:

Router(config)# monitor session 1 destination vlan 100

The following example shows how to delete a destination VLAN from an existing SPAN session:

Router(config)# no monitor session 1 destination vlan 100

The following example shows how to limit SPAN traffic to specific VLANs:

Router(config)# monitor session 1 filter vlan 100 - 304

Related Commands

Command	Description
show monitor	Displays SPAN session information.