VTP domainsManagement interfaces
Tip On the Catalyst 2926G−L3, 4908G−L3, or 2948G−L3 switch, at least one MLS−RP must be configured.
Multiple MLS−RPs can be configured in a single line; up to 16 MLS−RPs can participate in MLS.
MLS Cache
The MLS cache is used to maintain the flow information for all active flows. The size of the MLS cache is
limited to a maximum of 128K. This size limitation will occasionally cause MLS entries to be dropped from
the MLS cache—usually if no traffic takes place in a network flow for 256 seconds. Certain routing changes
and other network conditions can also force the MLS cache to purge its current entries.
Aging Timers
After the two hosts participating in a flow have completed their communication, you no longer need to
maintain any entries regarding the flow. The quicker the end of the flow can be detected and the entries
purged from the cache, the more effectively the switching process will function. Why? Because detecting and
aging out these entries saves a lot of MLS cache space for real data traffic.
Tip Cisco recommends that the total MLS cache entries be kept below 32K. To implement this limit, set the
initial aging time value to 128 seconds. If the cache entries continue to go over 32K, decrease the aging
time setting and adjust it as necessary. If cache entries still continue to go over 32K, decrease the normal
aging time in increments of 64 seconds from the 128−second default until the cache remains below 32K.
You can adjust the amount of time the MLS cache keeps an entry in its table and set it to a value other than
the default 128 seconds by using the agingtime command. This command is useful for eliminating
short−lived entries in the cache, such as Domain Name Service (DNS).
The aging time can be configured from 8 to 2,032 seconds, in increments of 8 seconds. At the end of the aging
time interval, if no further packets are seen in a network flow, the entries related to that flow will be purged
from the MLS cache.
The agingtime fast command allows you to age out MLS cache entries quickly based on the number of
packets received during a configured time period. The command has two parameters:
fastagingtime—Identifies the amount of time an entry remains in the cache. The default for
fastagingtime is 0, which means that the aging time is disabled and no fast aging occurs. This value
can be configured for 32, 64, 96, or 128 seconds.
pkt_threshold—Identifies the number of packets that must be detected during the configured
fastaging time in order for the entry to remain in the MLS cache. The default parameter value is 0.
You can configure this value to 0, 1, 3, 7, 15, 31, or 63 packets.
Note If fastagingtime is not configured to one of the values indicated, it adjusts to the closest
value.
On the Catalyst 6000, MLS aging is configured somewhat differently. You configure it on the switch using
the mls aging command, which has three parameters:
normal—Configures the waiting time before aging out and deleting shortcut entries in the Layer 3
table. This parameter can be set in the range of 32 to 4,092 seconds.
fast aging—Used similarly to the Catalyst 5000 command for fast aging. Ages out entries created for
flows that use a few packets and then are never used again. Both the fast aging threshold and time
parameters are set with this command; they can be in the range of 1 to 128 seconds.
long—Flushes entries that have been in use for the specified time value, even if the Layer 3 entry is
still active. This parameter is used to prevent inaccurate statistics. The long parameter can be set in
the range of 64 to 900 seconds.
234