Specifications
Multilayer Switching Overview
Features That Affect MLS
17
Access List Impact on Flow Masks
Access lists impact the flow mask advertised by an MLS-RP. When no access list on any MLS-RP
interface, the flow mask mode is destination-ip (the least specific). When there is a standard access list
is on any of the MLS-RP interfaces, the mode is source-destination-ip. When there is an extended access
list is on any of the MLS-RP interfaces, the mode is ip-flow (the most specific).
Reflexive Access Lists
Router interfaces with reflexive access lists cannot participate in Layer 3 switching.
IP Accounting
Enabling IP accounting on an MLS-enabled interface disables the IP accounting functions on that
interface.
Note To collect statistics for the Layer 3-switched traffic, enable NDE.
Data Encryption
MLS is disabled on an interface when the data encryption feature is configured on the interface.
Policy Route Maps
MLS is disabled on an interface when a policy route map is configured on the interface.
TCP Intercept
With MLS interfaces enabled, the TCP intercept feature (enabled in global configuration mode) might
not work properly. When you enable the TCP intercept feature, the following message is displayed:
Command accepted, interfaces with mls might cause inconsistent behavior.
Network Address Translation
MLS is disabled on an interface when Network Address Translation (NAT) is configured on the
interface.
Committed Access Rate
MLS is disabled on an interface when committed access rate (CAR) is configured on the interface.