Configuring SDM Templates

Information About SDM Templates

You can use SDM templates to configure the system resources to optimize support for specific features, depending on how your device is used in the network. You can select a template to provide maximum system usage for some functions.

Cisco Catalyst 9400 Series Switches support the following templates:

  • Access

  • Core

  • SDA

  • NAT

After you change the template and the system reboots, you can use the show sdm prefer privileged EXEC command to verify the new template configuration. If you enter the show sdm prefer command before you enter the reload privileged EXEC command, the show sdm prefer command shows the template currently in use and the template that will become active after a reload.

Table 1. Approximate Number of Feature Resources Allowed by Templates in Cisco Catalyst 9400 Series Supervisor 1

Resource

Access

LPM

64K

Host

48K

Layer 2 Multicast

16K

Layer 3 Multicast

16K

MAC Address

64K

SGT

8K

Flexible Netflow

128K/ASIC

Security ACL

18K

QoS ACL

18K

PBR/NAT

2K

Tunnel

1K

LISP

1K

MPLS L3VPN VRF

255

MPLS Label

12K

MPLS L3VPN Routes VRF

32K

MPLS L3VPN Routes Prefix

4K

MVPN MDT Tunnels

1K

L2VPN EOMPLS Attachment

1K
Table 2. Approximate Number of Feature Resources Allowed by Templates in Cisco Catalyst 9400 Series Supervisor 1XL and Supervisor 1XL-Y Module

Template Name

Access

Core

SDA

NAT

LPM

64K

64K

64K

64K

Host

48K

32K

80K

48K

Layer2 Multicast

16K

16K

16K

16K

Layer3 Multicast

16K

32K

16K

32K

MAC Address

64K

16K

16K

16K

SGT

8K

8K

8K

8K

Flexible Netflow

128K/ASIC

128K/ASIC

128K/ASIC

128K/ASIC

Security ACL

18K

18K

18K

18K

QoS ACL

18K

18K

18K

18K

PBR/NAT

2K

2K

2K

16K

Tunnel

1K

1K

1K

1K

LISP

1K

1K

1K

1K

MPLS L3VPN VRF

255

255

N/A

255

MPLS Label

12K

16K

12K

MPLS L3VPN Routes VRF

32K

32K

32K

MPLS L3VPN Routes Prefix

4K

4K

4K

MVPN MDT Tunnels

1K

1K

1K

L2VPN EOMPLS Attachment

1K

1K

1K

1K

SDM Templates and Switch Stacks

In a switch stack, all stack members must use the same SDM template that is stored on the active switch. When a new switch is added to a stack, the SDM configuration that is stored on the active switch overrides the template configured on an individual switch.

You can use the show switch privileged EXEC command to see if any stack members are in SDM mismatch mode.

How to Configure SDM Templates

Setting the SDM Template

Follow these steps to use the SDM template to maximize feature usage:

Procedure

  Command or Action Purpose

Step 1

enable

Example:


Device> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 3

sdm prefer { access | core | | }

Example:


Device(config)# sdm prefer access

Specifies the SDM template to be used on the switch. The keywords have these meanings:

  • access —Sets the switch to the Access template.

  • core —Sets the Core template.

Note

 

The no sdm prefer command and a default template is not supported.

Step 4

end

Example:


Device(config)# end

Returns to privileged EXEC mode.

Step 5

reload

Example:


Device# reload

Reloads the operating system.

After the system reboots, you can use the show sdm prefer privileged EXEC command to verify the new template configuration. If you enter the show sdm prefer command before you enter the reload privileged EXEC command, the show sdm prefer command shows the template currently in use and the template that will become active after a reload.

Monitoring and Maintaining SDM Templates

Verifying SDM Templates

Use the following commands to monitor and maintain SDM templates.

Command Purpose

show sdm prefer

Displays the SDM template in use.

reload

Reloads the switch to activate the newly configured SDM template.


Note

The SDM templates contain only those commands that are defined as part of the templates. If a template enables another related command that is not defined in the template, then this other command will be visible when the show running config command is entered. For example, if the SDM template enables the switchport voice vlan command, then the spanning-tree portfast edge command may also be enabled (although it is not defined on the SDM template).

If the SDM template is removed, then other such related commands are also removed and have to be reconfigured explicitly.

Verifying Customizable SDM Templates

Use the following commands to verify the customizable SDM Template that will be applied.

Table 3. Commands to verify the customizable SDM template

Command

Description

show sdm prefer custom

Displays the custom values that will be applied to the features in the customizable SDM template.

show sdm prefer custom user-input

Displays the values that were entered by the user in the customizable SDM template.

show sdm prefer

Displays the customized SDM template that is currently active.

If any feature in the Customizable SDM template has been assigned a scale value of zero, the feature will not be listed in the output of the show sdm prefer custom command after the device is reloaded.

Configuration Examples for SDM Templates

Examples: Displaying SDM Templates

This is an example output showing the advanced template information on Cisco Catalyst 9400 Series Supervisor 1 Module

Device# show sdm prefer

Showing SDM Template Info
 
This is the Access template.
  Number of VLANs:                                     4094
  Unicast MAC addresses:                               65536
  Overflow Unicast MAC addresses:                      1024
  L2 Multicast entries:                                16384
  Overflow L2 Multicast entries:                       1024
  L3 Multicast entries:                                16384
  Overflow L3 Multicast entries:                       1024
  Directly connected routes:                           49152
  Indirect routes:                                     65536
  Security Access Control Entries:                     18432
  QoS Access Control Entries:                          18432
  Policy Based Routing ACEs / NAT ACEs:                2048
  Netflow Input ACEs:                                  1024
  Netflow Output ACEs:                                 2048
  Flow SPAN ACEs:                                      1024
  Tunnels:                                             1024
  LISP Instance Mapping Entries:                       2048
  Control Plane Entries:                               512
  Input Netflow flows:                                 65536
  Output Netflow flows:                                65536
  SGT/DGT (or) MPLS VPN entries:                       8192
  SGT/DGT (or) MPLS VPN Overflow entries:              512
  Wired clients:                                       2048
  MACSec SPD Entries:                                  1024
  VRF:                                                 256
  MPLS Labels:                                         12288
  MPLS L3 VPN Routes VRF Mode:                         32768
  MPLS L3 VPN Routes Prefix Mode:                      8192
  MVPN MDT Tunnels:                                    1024
  L2 VPN EOMPLS Attachment Circuit:                    1024
  MAX VPLS Bridge Domains :                            128
  MAX VPLS Peers Per Bridge Domain:                    32
  MAX VPLS/VPWS Pseudowires :                          4096
 
These numbers are typical for L2 and IPv4 features.
Some features such as IPv6, use up double the entry size;
so only half as many entries can be created.

This is an example output showing the advanced template information on Cisco Catalyst 9400 Series Supervisor 1XL Module

Device
This is the Access template.
Number of VLANs: 4094
Unicast MAC addresses: 65536
Overflow Unicast MAC addresses: 1024
L2 Multicast entries: 16384
Overflow L2 Multicast entries: 1024
L3 Multicast entries: 16384
Overflow L3 Multicast entries: 1024
Directly connected routes: 49152
Indirect routes: 65536
Security Access Control Entries: 18432
QoS Access Control Entries: 18432
Policy Based Routing ACEs / NAT ACEs: 2048
Netflow Input ACEs: 1024
Netflow Output ACEs: 2048
Ingress Netflow ACEs: 1024
Egress Netflow ACEs: 2048
Flow SPAN ACEs: 1024
Tunnels: 1024
LISP Instance Mapping Entries: 1024
Control Plane Entries: 1024
Input Netflow flows: 65536
Output Netflow flows: 65536
SGT/DGT (or) MPLS VPN entries: 8192
SGT/DGT (or) MPLS VPN Overflow entries: 512
Wired clients: 2048
MACSec SPD Entries: 1024
MPLS L3 VPN VRF: 255
MPLS Labels: 12288
MPLS L3 VPN Routes VRF Mode: 32768
MPLS L3 VPN Routes Prefix Mode: 4096
MVPN MDT Tunnels: 1024
L2 VPN EOMPLS Attachment Circuit: 1024
MAX VPLS Bridge Domains : 128
MAX VPLS Peers Per Bridge Domain: 32
MAX VPLS/VPWS Pseudowires : 4096
These numbers are typical for L2 and IPv4 features.
Some features such as IPv6, use up double the entry size;
so only half as many entries can be created.
* values can be modified by sdm cli.
Device
This is the Core template.
Number of VLANs: 4094
Unicast MAC addresses: 16384
Overflow Unicast MAC addresses: 1024
L2 Multicast entries: 16384
Overflow L2 Multicast entries: 1024
L3 Multicast entries: 32768
Overflow L3 Multicast entries: 1024
Directly connected routes: 32768
Indirect routes: 65536
Security Access Control Entries: 18432
QoS Access Control Entries: 18432
Policy Based Routing ACEs / NAT ACEs: 2048
Netflow Input ACEs: 1024
Netflow Output ACEs: 2048
Ingress Netflow ACEs: 1024
Egress Netflow ACEs: 2048
Flow SPAN ACEs: 1024
Tunnels: 1024
LISP Instance Mapping Entries: 1024
Control Plane Entries: 1024
Input Netflow flows: 65536
Output Netflow flows: 65536
SGT/DGT (or) MPLS VPN entries: 8192
SGT/DGT (or) MPLS VPN Overflow entries: 512
Wired clients: 2048
MACSec SPD Entries: 256
MPLS L3 VPN VRF: 255
MPLS Labels: 16384
MPLS L3 VPN Routes VRF Mode: 32768
MPLS L3 VPN Routes Prefix Mode: 4096
MVPN MDT Tunnels: 1024
L2 VPN EOMPLS Attachment Circuit: 1024
MAX VPLS Bridge Domains : 128
MAX VPLS Peers Per Bridge Domain: 32
MAX VPLS/VPWS Pseudowires : 4096
These numbers are typical for L2 and IPv4 features.
Some features such as IPv6, use up double the entry size;
so only half as many entries can be created.
* values can be modified by sdm cli.
Device
This is the NAT template.
Number of VLANs: 4094
Unicast MAC addresses: 16384
Overflow Unicast MAC addresses: 1024
L2 Multicast entries: 16384
Overflow L2 Multicast entries: 1024
L3 Multicast entries: 32768
Overflow L3 Multicast entries: 1024
Directly connected routes: 49152
Indirect routes: 65536
Security Access Control Entries: 18432
QoS Access Control Entries: 3072
Policy Based Routing ACEs / NAT ACEs: 16384
Netflow Input ACEs: 1024
Netflow Output ACEs: 2048
Ingress Netflow ACEs: 1024
Egress Netflow ACEs: 2048
Flow SPAN ACEs: 1024
Tunnels: 1024
LISP Instance Mapping Entries: 1024
Control Plane Entries: 1024
Input Netflow flows: 65536
Output Netflow flows: 65536
SGT/DGT (or) MPLS VPN entries: 8192
SGT/DGT (or) MPLS VPN Overflow entries: 512
Wired clients: 2048
MACSec SPD Entries: 256
MPLS L3 VPN VRF: 255
MPLS Labels: 12288
MPLS L3 VPN Routes VRF Mode: 32768
MPLS L3 VPN Routes Prefix Mode: 4096
MVPN MDT Tunnels: 1024
L2 VPN EOMPLS Attachment Circuit: 1024
MAX VPLS Bridge Domains : 128
MAX VPLS Peers Per Bridge Domain: 32
MAX VPLS/VPWS Pseudowires : 4096
These numbers are typical for L2 and IPv4 features.
Some features such as IPv6, use up double the entry size;
so only half as many entries can be created.
* values can be modified by sdm cli.
Device
This is the SDA template.
Number of VLANs: 4094
Unicast MAC addresses: 16384
Overflow Unicast MAC addresses: 1024
L2 Multicast entries: 16384
Overflow L2 Multicast entries: 1024
L3 Multicast entries: 16384
Overflow L3 Multicast entries: 1024
Directly connected routes: 81920
Indirect routes: 65536
Security Access Control Entries: 18432
QoS Access Control Entries: 18432
Policy Based Routing ACEs / NAT ACEs: 2048
Netflow Input ACEs: 1024
Netflow Output ACEs: 2048
Ingress Netflow ACEs: 1024
Egress Netflow ACEs: 2048
Flow SPAN ACEs: 1024
Tunnels: 1024
LISP Instance Mapping Entries: 1024
Control Plane Entries: 1024
Input Netflow flows: 65536
Output Netflow flows: 65536
SGT/DGT (or) MPLS VPN entries: 8192
SGT/DGT (or) MPLS VPN Overflow entries: 512
Wired clients: 2048
MACSec SPD Entries: 256
These numbers are typical for L2 and IPv4 features.
Some features such as IPv6, use up double the entry size;
so only half as many entries can be created.
* values can be modified by sdm cli.

Examples: Configuring SDM Templates


		
Device(config)# sdm prefer access 
Device(config)# exit
Device# reload
		Proceed with reload? [confirm]

Additional References for SDM Templates

Related Documents

Related Topic Document Title

For complete syntax and usage information for the commands used in this chapter.

Command Reference (Catalyst 9400 Series Switches)

Feature History for SDM Templates

This table provides release and related information for features explained in this module.

These features are available on all releases subsequent to the one they were introduced in, unless noted otherwise.

Release

Feature

Feature Information

Cisco IOS XE Everest 16.6.1

SDM Template

Standard SDM templates can be used to configure system resources to optimize support for specific features.

Use Cisco Feature Navigator to find information about platform and software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn.