[nsp] Cat6509 MSFC1 interface stats.

[Todd, Douglas M.]

all:

Some information on the 6k mls from cisco and mls flows w/the pfc and the
msfc. The stats should be equal between the two info below:

IP MLS Flows
Layer 3 protocols, such as IP and Internetwork Packet Exchange (IPX), are
connectionless-they deliver every packet independently of every other
packet. However, actual network traffic consists of many end-to-end
conversations, or flows, between users or applications.

A flow is a unidirectional sequence of packets between a particular source
and destination that share the same protocol and transport-layer
information. Communication from a client to a server and from the server to
the client are separate flows. For example, Telnet traffic transferred from
a particular source to a particular destination comprises a separate flow
from File Transfer Protocol (FTP) packets between the same source and
destination.

Flows are based only on Layer 3 addresses, which allow IP traffic from
multiple users or applications to a particular destination to be carried on
a single flow if only the destination IP address is used to identify a flow.

Layer 3 MLS Cache
The Policy Feature Card (PFC) maintains a Layer 3 switching table (the Layer
3 MLS cache) for Layer 3-switched flows. The cache also includes entries for
traffic statistics that are updated in tandem with the switching of packets.
After the MLS cache is created, packets identified as belonging to an
existing flow can be Layer 3 switched based on the cached information. The
MLS cache maintains flow information for all active flows.

An MLS cache entry is created for the initial packet of each flow. Upon
receipt of a packet that does not match any flow currently in the MLS cache,
a new IP MLS entry is created.

The state and identity of the flow are maintained while packet traffic is
active; when traffic for a flow ceases, the entry ages out. You can
configure the aging time for MLS entries kept in the MLS cache. If an entry
is not used for the specified period of time, the entry ages out and
statistics for that flow can be exported to a flow collector application.

The maximum MLS cache size is 128K entries. However, an MLS cache larger
than 32K entries increases the probability that a flow will not be switched
by the PFC and will get forwarded to the router.

taken from:

http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration
_guide_chapter09186a008007f2a8.html#xtocid244531

-----Original Message-----
From: Stephen J. Wilcox [mailto:steve@telecomplete.co.uk]
Sent: Friday, December 20, 2002 4:47 AM
To: James Kilton
Cc: Lars Erik Gullerud; cisco-nsp@puck.nether.net
Subject: Re: Re[2]: [nsp] Cat6509 MSFC1 interface stats.



Not tried this with catos, but the docs for native ios suggest that mls is
automatically enabled and the sh mls rp in the ios would appear to be for
multicasting out to find other switches ie it automatically does the
internal
switch...

Now not sure if my interpretation is correct and not sure if this applies to
catos but it may still be switching mls even tho the cmd shows it
disabled...

Steve

On Thu, 19 Dec 2002, James Kilton wrote:

> Thanks for the info about CEF... Wasn't aware of that.
> 
> MLS is disabled globally on the MSFC:
> 
> #sh mls rp
> ip multilayer switching is globally disabled
> ipx multilayer switching is globally disabled
> ipx mls inbound acl override is globally disabled
> mls id is 0030.9633.1c6c
> mls ip address 0.0.0.0
> mls ip flow mask is unknown
> mls ipx flow mask is unknown
> number of domains configured for mls 0
> 
> I just noticed something that only serves to confuse
> me more, though.  MLS is enabled on the SUP itself:
> 
> Cat6509=> (enable) sh mls
> Total packets switched = 1387031763
> Total Active MLS entries = 83
>   MSFC x.x.x.2 (Module 15) entries = 0
>   MSFC x.x.x.3 (Module 16) entries = 83
> Long-duration flows aging time = 1920 seconds
> IP Multilayer switching aging time = 256 seconds
> IP Multilayer switching fast aging time = 0 seconds,
> packet threshold = 0
> IP Current flow mask is Destination flow
> Active IP MLS entries = 83
> Netflow Data Export version: 7
> Netflow Data Export disabled
> Netflow Data Export port/host is not configured.
> Total packets exported = 0
> 
> Any idea how is MLS working (it seems to be working
> based on the above, and a 'sh mls entry' does indeed
> show entries) if it's disabled on the MSFC?  
> 
> --- Lars Erik Gullerud <lerik@nolink.net> wrote:
> > 
> > There's a difference between CEF being enabled
> > locally on the MSFC (for
> > packets that are actually switched by the MSFC) and
> > the Sup2/PFC2 which
> > uses CEF directly with the PFC2. The Sup1A/PFC MLS,
> > if I understand it
> > correctly, punts the first packet in a flow to the
> > MSFC, which then
> > routes the packet normally (and for this, you can
> > have CEF enabled, to
> > handle the actual switching of this packet on the
> > MSFC), and installs an
> > MLS cache entry on the PFC to switch additional
> > packets in the flow
> > directly on the PFC ASICs. In that scenario, it
> > would be normal that the
> > interface counters on the MSFC only show the few
> > packets that actually
> > gets sent up to it from the Sup/PFC. (With the
> > Sup2/PFC2 you in fact
> > hardly see any packets at all on the MSFC's
> > interface counters)
> > 
> > You are saying that you have MLS disabled - have you
> > just disabled it on
> > this interface with "no mls ip" on the vlan int, or
> > globally?
> > 
> > /leg
> > 
> > 
> > 
> 
> 
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
> http://mailplus.yahoo.com
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> http://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 

_______________________________________________
cisco-nsp mailing list  cisco-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/