Fundamentals of MLS
271
If the incoming frame is not destined for a MAC address associated with
the MLS-RP, no cache entry is made. No cache entry is made because MLS
is used to avoid additional route lookups. If the frame is destined to another
MAC address in the CAM table, the frame is layer 2 switched.
Let's move on to discuss the processes for identifying and acting on the
next two criteria. First we'll discuss what happens when an entry already
exists. Then we'll cover the details of the cache entry process for a candidate
packet. Figure 7.4 depicts the occurrence of a candidate packet.
F I G U R E 7 . 4
Candidate packet
Cache Entry Exists
When frames enter the switch destined for an MLS-RP MAC address, the
MLS-SE checks to see if a cache entry has been made that matches the
attributes of the current packet.
As was mentioned briefly previously, each frame has distinguishing char-
acteristics or attributes that allow the MLS-SE to categorize a packet into a
flow. The MLS-SE uses these attributes to pattern match. If an incoming
packet has the same attributes as an established flow cache entry, the packet
is layer 3 or shortcut-switched.
VLAN10
VLAN50
VLAN10
VLAN50
VLAN10
VLAN50
Switch1
FE0/0.10
FE0/0
FE0/0.50
Candidate packet
RouterA
HostA
HostB
HostC
HostD
HostE
HostF
Copyright ©2000 SYBEX , Inc., Alameda, CA
www.sybex.com