09-25-2003 09:46 AM - edited 03-02-2019 10:36 AM
I just did the command
"set mls flow ip full" on our 6509 as recommended by cisco to check users who are infected by the NAchi worm and using ICMP.
Is there a way to take this out. Would it OK to leave it on.
thanks,
gilbert
Solved! Go to Solution.
09-25-2003 02:20 PM
The sup1 uses mls cache to store hw fwd entries. Since the tcam has limited resources you would use the command I gave to determine if you were approaching it's limits - resulting in some traffic being punted up to the msfc for forwarding. This would be a potential problem of running with full flow mask enabled. However, you have sup2 which uses hw based cef for forwarding and not mls. The mls information is still maintain but is used for netflow stats and not hw forwarding so there shouldn't be any performance impact in your case.
09-25-2003 09:58 AM
Is this a sup1 or sup2? 'sh mls' will tell how many of your sup1 mls entries are used in your cache. If it's not too many then you may be ok with leaving it enabled. Otherwise, 'set mls flow destination' will back you out.
09-25-2003 10:48 AM
thanks for the quick reply. We have sup2's I am not sure what is "how many" but it is large. Beside ICMP can I try to find other ports with MLS? for example workstation that are using port 135?
09-25-2003 11:00 AM
Can i use something like this on an IOS based switch
09-25-2003 11:05 AM
here is the link
http://www.cisco.com/en/US/products/sw/voicesw/ps556/products_tech_note09186a00801b143a.shtml
It has the commands for IOS based swithes.
hope it helps
09-25-2003 11:06 AM
Figured out how to do it to ge to the 135 ports thanks!
09-25-2003 02:20 PM
The sup1 uses mls cache to store hw fwd entries. Since the tcam has limited resources you would use the command I gave to determine if you were approaching it's limits - resulting in some traffic being punted up to the msfc for forwarding. This would be a potential problem of running with full flow mask enabled. However, you have sup2 which uses hw based cef for forwarding and not mls. The mls information is still maintain but is used for netflow stats and not hw forwarding so there shouldn't be any performance impact in your case.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: