background image
Fundamentals of MLS
273
The match is made using the following criteria:
The source MAC address is from an MLS-RP.
The destination IP matches the destination IP of a candidate packet.
The source MAC address is associated to the same XTAG value as the
candidate packet's destination MAC address.
If all three of these criteria are met, the MLS-SE completes the shortcut
cache entry.
Frame Modification
It is important to understand that this shortcut switching occurs at layer 3.
The layer 2 frame is rewritten by the switch. Normally, a router (layer 3
device) would rewrite the frame with the necessary information. A rewrite
consists of changing the VLAN assignment, the source and destination MAC
addresses, and the checksums. The MLS-SE can also modify the TTL, check-
sums, TOS, and encapsulation
Because MLS packets are no longer sent to the router, the MLS-SE must
perform the rewrite function. When it changes the source and destination
MAC address, the MLS-SE uses the MAC address of the MLS-RP for the
source, and it changes the destination MAC to the MAC of the directly con-
nected host. Through this procedure, the frame appears to the destination
host as if it had come through the router. Figure 7.6 depicts the differences
between the incoming frame and the exiting frame.
Copyright ©2000 SYBEX , Inc., Alameda, CA
www.sybex.com