Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
308
Views
0
Helpful
3
Replies

Question on MLS & route-map

yatao
Level 1
Level 1

‎09-07-2002 05:43 AM - edited ‎03-02-2019 01:11 AM

6509 switch with sup1A and MSFC2, running 6.3.5 CatOS and 12.1(8b)E9 IOS.

Q1. How does destination only MLS cache affect source based routing with route-map (Policy route)?

A policy routed packet will not create a MLS cache as expected, but when a not policy routed packet which has the same destination created a MLS cache entry, how will the next "to be policy routed" packet behave? It should follow the MLS entry, right? But that will wrong, since it supposed to be policy routed.

Anyway, 6509 switch somehow can differentiate those packets. I can think of any way to do that except for every packet through the route-mapped interface will run against the route-map, that will have big impact on performance.

Q2. What kind of performance impact does a route-map have on the above switch?

Anyone want to share his knowledge? even better, point me to a resource where I can find the answer.

Thanks,

Yatao

Labels:
0 Helpful
3 Replies 3

efrahim
Level 4
Level 4

‎09-07-2002 07:29 AM

Sup1A, whether MSFC 1 or 2-- the PBR by default done in the software but you can use the mls ip pbr global configuration command on the MSFC to enable in hardware- BUt the diaadvantage of hardware PBR then the policy applied to all the vlan interfaces on the MSFC, NOT just on the interface where the policy is applied with the ip policy route-map interface configuration command. So you have to enable the same policy on all the interfaces to work correctly- otherwise sometime traffic will route according to the policy and sometime not, it depends from where the first packet coming , on the policy based interface or non plocy based interface - which ever make the first entry in the mls because of rest of the packets will follow that entry..

If done in software, the PBR works normally-

Sup2 doesn;t have this limitation.PBR done in hardware by default , each policy only works on the interface it appplied. -

Hope this helps

0 Helpful

yatao
Level 1
Level 1
In response to efrahim

‎09-08-2002 04:36 AM

Thanks for your reply.

It seems that the "mls ip pbr" command is for native IOS running on Catalysts switch. I am running the hybird mode now, so this command is not an option.

But I do see different behaviors on MSFC1 and MSFC2. on 1, I need to set the mls flow to dest-source to make the PBR work, but on MSFC2, I don't need to do that.

So when you said PBR done in software, you mean all the traffic coming from the policy based interface will be routed by software, even there is mls cache entry for this traffic? Does this have big impact on performance?

Thanks again,

Yatao

0 Helpful

efrahim
Level 4
Level 4
In response to yatao

‎09-08-2002 03:18 PM

Mls rp pbr is support in the hybrid since 12.1.4 as shown below It may be hidden.

Console> (enable) sess 15

Trying Router-15...

Connected to Router-15.

Escape character is '^]'.

Router>en

Router#conf t

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#mls ip pbr

Router(config)#

Switch in the software means that will affect the perfermance if causes high cpu. it depends on the traffic. And only the traffic that matches the policy will be forwarded to the MSFC for processing.

0 Helpful
Customers Also Viewed These Support Documents