Configuring SDM Templates

Similar documents
Configuring SDM Templates

Configuring SDM Templates

Configuring SDM Templates

Configuring System MTU

Configuring Private VLANs

Configuring Local Policies

Configuring VLANs. Finding Feature Information. Prerequisites for VLANs

Switches running the LAN Base feature set support only static routing on SVIs.

Configuring VLANs. Finding Feature Information. Prerequisites for VLANs

Configuring SDM Templates

Flexible NetFlow Full Flow support

Configuring SDM Templates

Configuring SDM Templates

Configuring Cache Services Using the Web Cache Communication Protocol

MLDP In-Band Signaling/Transit Mode

BGP mvpn BGP safi IPv4

Configuring Port-Based Traffic Control

Autoroute Announce and Forwarding Adjacencies For OSPFv3

Autoroute Announce and Forwarding Adjacencies For OSPFv3

Configuring VLAN Trunks

Access Switch Device Manager Template Configuration

Configuring SDM Templates

Configuring Access Point Groups

Configuring Access Point Groups

BGP-MVPN SAFI 129 IPv6

Configuring Ethernet Management Port

BGP Link Bandwidth. Finding Feature Information. Prerequisites for BGP Link Bandwidth

Password Strength and Management for Common Criteria

Configuring Switched Port Analyzer

Using Flexible NetFlow Flow Sampling

Using Flexible NetFlow Flow Sampling

Object Tracking: IPv6 Route Tracking

Configuring the Cisco Discovery Protocol

RADIUS Route Download

Flow-Based per Port-Channel Load Balancing

IPv6 Access Control Lists

VRF-Aware Cloud Web Security

PPPoE Smart Server Selection

Restrictions for Disabling Flow Cache Entries in NAT and NAT64

PPPoE Smart Server Selection

Configuring Control Plane Policing

BGP-RT and VPN Distinguisher Attribute Rewrite Wildcard

LISP Multicast. Finding Feature Information. Prerequisites for LISP Multicast

Configuring Spanning Tree Protocol

Bulk Logging and Port Block Allocation

Configuring Multicast VLAN Registration

Configuring Secure Shell (SSH)

NBAR2 HTTP-Based Visibility Dashboard

BGP Named Community Lists

Configuring Virtual Private LAN Services

MPLS LDP Autoconfiguration

802.1P CoS Bit Set for PPP and PPPoE Control Frames

Configuring Local Authentication and Authorization

IEEE 802.1X Multiple Authentication

IP over IPv6 Tunnels. Information About IP over IPv6 Tunnels. GRE IPv4 Tunnel Support for IPv6 Traffic

Configuring Client Roaming

Configuring Online Diagnostics

IEEE 802.1ah on Provider Backbone Bridges

IP Overlapping Address Pools

BGP Dynamic Neighbors

Flexible NetFlow - MPLS Support

Configuring the Physical Subscriber Line for RADIUS Access and Accounting

Configuring Embedded Resource Manager-MIB

IPv6 Configuration Guide, Cisco IOS XE Fuji 16.8.x (Catalyst 9400 Switches)

SSH Algorithms for Common Criteria Certification

MPLS VPN over mgre. Finding Feature Information. Last Updated: November 1, 2012

Using NetFlow Sampling to Select the Network Traffic to Track

Carrier Grade Network Address Translation

Encrypted Vendor-Specific Attributes

Configuring Auto-QoS

QoS Group Match and Set for Classification and Marking

IPv6 Multicast Listener Discovery Protocol

Configuring System MTU

Configuring Private Hosts

Configuring Secure Shell (SSH)

Predownloading an Image to Access Points

Configuring the Cisco IOS DHCP Relay Agent

Configuring Right-To-Use Licenses

Basic IGMP v3 snooping support (BISS) is supported. Bridge domain (BD) interfaces from 1 to 4094 support IGMP snooping.

Stateful Network Address Translation 64

Configuring the Service Discovery Gateway

Configuring Data Export for Flexible NetFlow with Flow Exporters

BGP Event-Based VPN Import

Configuring Flexible NetFlow

Configuring MPLS Egress NetFlow Accounting and Analysis

Multiprotocol Label Switching (MPLS) on Cisco Routers

Classifying and Marking MPLS EXP

IPv6 Client IP Address Learning

BGP Cost Community. Prerequisites for the BGP Cost Community Feature

Configuring Client Roaming

AAA Dead-Server Detection

Configuring DHCP Option 60 and Option 82 with VPN-ID Support for Transparent Automatic Logon

Dynamic Bandwidth Sharing

Configuring System Message Logs

Configuring MPLS and EoMPLS

Conditional Debug and Radioactive Tracing

MPLS VPN Inter-AS with ASBRs Exchanging VPN-IPv4 Addresses

Configuring DHCP for WLANs

Configuring Right-To-Use Licenses

Configuring WLAN Security

Transcription:

Information About, on page 1 How to Configure SDM Templates, on page 2 Monitoring and Maintaining SDM Templates, on page 3 Configuration Examples for SDM Templates, on page 4 Additional References for SDM Templates, on page 7 Feature History and Information for, on page 8 Information About You can use SDM templates to configure system resources to optimize support for specific features, depending on how your device is used in the network. You can select a template to provide maximum system usage for some functions. Cisco Catalyst 9500 High Performance Series Switches supports these templates: Core SDA NAT Distribution After you change the template and the system reboots, you can use the show sdm prefer privileged EXEC command to verify the new template configuration. If you enter the show sdm prefer command before you enter the reload privileged EXEC command, the show sdm prefer command shows the template currently in use and the template that will become active after a reload. Table 1: Approximate Number of Feature Resources Allowed by Templates Resource Advanced VLAN Number of VLANs 4094 4094 Unicast MAC addresses 32 K 32 K Overflow unicast MAC addresses IGMP groups and multicast routes 4K 4K 1

How to Configure SDM Templates Resource Overflow IGMP groups and multicast routes Directly connected routes Indirectly connected IP hosts Policy-based routing ACEs QoS classification ACEs Netflow ACEs Input Microflow policer ACEs Output Microflow policer ACEs FSPAN ACEs Control Plane Entries Input Netflow flows Output Netflow flows Advanced 16K 7 K 1024 3 K 1024 256 K 256 K 256 8 K 16 K VLAN 16 K 7 K 0 3 K 1024 0 0 256 8 K 16 K The tables represent approximate hardware boundaries set when a template is selected. If a section of a hardware resource is full, all processing overflow is sent to the CPU, seriously impacting switch performance. How to Configure SDM Templates Configuring the Switch SDM Template Setting the SDM Template Follow these steps to use the SDM template to maximize feature usage: SUMMARY STEPS 1. enable 2. configure terminal 3. sdm prefer { core nat sda distribution } 4. end 5. reload 2

Monitoring and Maintaining SDM Templates DETAILED STEPS Step 1 Command or Action enable Purpose Enables privileged EXEC mode. Enter your password if prompted. Device> enable Step 2 configure terminal Enters global configuration mode. Device# configure terminal Step 3 sdm prefer { core nat sda distribution } Device(config)# sdm prefer nat Specifies the SDM template to be used on the switch. The keywords have these meanings: core Sets the Core template. nat Maximizes the NAT configuration on the switch. sda Sets the SDA template. distribution Sets the Distribution template. Note The no sdm prefer command and a default template is not supported. Step 4 end Returns to privileged EXEC mode. Device(config)# end Step 5 reload Device# reload Reloads the operating system. After the system reboots, you can use the show sdm prefer privileged EXEC command to verify the new template configuration. If you enter the show sdm prefer command before you enter the reload privileged EXEC command, the show sdm prefer command shows the template currently in use and the template that will become active after a reload. Monitoring and Maintaining SDM Templates Command show sdm prefer Purpose Displays the SDM template in use. 3

Configuration Examples for SDM Templates Command reload Purpose Reloads the switch to activate the newly configured SDM template. Note The SDM templates contain only those commands that are defined as part of the templates. If a template enables another related command that is not defined in the template, then this other command will be visible when the show running config command is entered. For example, if the SDM template enables the switchport voice vlan command, then the spanning-tree portfast edge command may also be enabled (although it is not defined on the SDM template). If the SDM template is removed, then other such related commands are also removed and have to be reconfigured explicitly. Configuration Examples for SDM Templates Examples: Displaying SDM Templates This is an example output showing the advanced template information on Cisco Catalyst 9500 High Performance Series Switches Device# show sdm prefer core This is the Core template. Security Ingress IPv4 Access Control Entries*: 6656 (current) - 6656 (proposed) Security Ingress Non-IPv4 Access Control Entries*: 5632 (current) - 5632 (proposed) Security Egress IPv4 Access Control Entries*: 6656 (current) - 6656 (proposed) Security Egress Non-IPv4 Access Control Entries*: 8704 (current) - 8704 (proposed) QoS Ingress IPv4 Access Control Entries*: 4608 (current) - 4608 (proposed) QoS Ingress Non-IPv4 Access Control Entries*: 3584 (current) - 3584 (proposed) QoS Egress IPv4 Access Control Entries*: 4608 (current) - 4608 (proposed) QoS Egress Non-IPv4 Access Control Entries*: 3584 (current) - 3584 (proposed) Netflow Input Access Control Entries*: 1024 (current) - 1024 (proposed) Netflow Output Access Control Entries*: 1024 (current) - 1024 (proposed) Flow SPAN Input Access Control Entries*: (current) - (proposed) Flow SPAN Output Access Control Entries*: (current) - (proposed) Number of VLANs: 4094 Unicast MAC addresses: 32768 Overflow Unicast MAC addresses: 768 Overflow L2 Multicast entries: 2304 L3 Multicast entries: 32768 Overflow L3 Multicast entries: 768 Ipv4/Ipv6 shared unicast routes: 212992 Overflow shared unicast routes: 1536 STP Instances: 1024 Policy Based Routing ACEs / NAT ACEs: 3072 Tunnels: 2816 LISP Instance Mapping Entries: 1024 Control Plane Entries: 1024 Input Netflow flows: 32768 Output Netflow flows: 32768 SGT/DGT (or) MPLS VPN entries: 32768 SGT/DGT (or) MPLS VPN Overflow entries: 768 Wired clients: 2048 MACSec SPD Entries: 256 4

Examples: Displaying SDM Templates MPLS L3 VPN VRF: 1024 MPLS Labels: 45056 MPLS L3 VPN Routes VRF Mode: 209920 MPLS L3 VPN Routes Prefix Mode: 32768 MVPN MDT Tunnels: 1024 L2 VPN EOMPLS Attachment Circuit: 1024 MAX VPLS Bridge Domains : 1024 MAX VPLS Peers Per Bridge Domain: 32 MAX VPLS/VPWS Pseudowires : 4096 Ipv4/Ipv6 Direct and Indirect unicast routes share same space * values can be modified by sdm cli Device# show sdm prefer nat This is the NAT template. Security Ingress IPv4 Access Control Entries*: 6656 (current) - 6656 (proposed) Security Ingress Non-IPv4 Access Control Entries*: 5632 (current) - 5632 (proposed) Security Egress IPv4 Access Control Entries*: 4096 (current) - 4096 (proposed) Security Egress Non-IPv4 Access Control Entries*: 4096 (current) - 4096 (proposed) QoS Ingress IPv4 Access Control Entries*: 2048 (current) - 2048 (proposed) QoS Ingress Non-IPv4 Access Control Entries*: 2048 (current) - 2048 (proposed) QoS Egress IPv4 Access Control Entries*: 2048 (current) - 2048 (proposed) QoS Egress Non-IPv4 Access Control Entries*: 2048 (current) - 2048 (proposed) Netflow Input Access Control Entries*: 1024 (current) - 1024 (proposed) Netflow Output Access Control Entries*: 1024 (current) - 1024 (proposed) Flow SPAN Input Access Control Entries*: (current) - (proposed) Flow SPAN Output Access Control Entries*: (current) - (proposed) Number of VLANs: 4094 Unicast MAC addresses: 32768 Overflow Unicast MAC addresses: 768 Overflow L2 Multicast entries: 2304 L3 Multicast entries: 32768 Overflow L3 Multicast entries: 768 Ipv4/Ipv6 shared unicast routes: 212992 Overflow shared unicast routes: 1536 STP Instances: 1024 Policy Based Routing ACEs / NAT ACEs: 15872 Tunnels: 1792 LISP Instance Mapping Entries: 1024 Control Plane Entries: 1024 Input Netflow flows: 32768 Output Netflow flows: 32768 SGT/DGT (or) MPLS VPN entries: 32768 SGT/DGT (or) MPLS VPN Overflow entries: 768 Wired clients: 2048 MACSec SPD Entries: 256 MPLS L3 VPN VRF: 1024 MPLS Labels: 45056 MPLS L3 VPN Routes VRF Mode: 209920 MPLS L3 VPN Routes Prefix Mode: 32768 MVPN MDT Tunnels: 1024 L2 VPN EOMPLS Attachment Circuit: 1024 MAX VPLS Bridge Domains : 1024 MAX VPLS Peers Per Bridge Domain: 32 MAX VPLS/VPWS Pseudowires : 4096 Ipv4/Ipv6 Direct and Indirect unicast routes share same space * values can be modified by sdm cli Device# show sdm prefer sda This is the SDA template. Security Ingress IPv4 Access Control Entries*: 4096 (current) - 4096 (proposed) Security Ingress Non-IPv4 Access Control Entries*: 4096 (current) - 4096 (proposed) Security Egress IPv4 Access Control Entries*: 13824 (current) - 13824 (proposed) Security Egress Non-IPv4 Access Control Entries*: 5632 (current) - 5632 (proposed) QoS Ingress IPv4 Access Control Entries*: 4608 (current) - 4608 (proposed) 5

Examples: Displaying SDM Templates QoS Ingress Non-IPv4 Access Control Entries*: 3584 (current) - 3584 (proposed) QoS Egress IPv4 Access Control Entries*: 4608 (current) - 4608 (proposed) QoS Egress Non-IPv4 Access Control Entries*: 3584 (current) - 3584 (proposed) Netflow Input Access Control Entries*: 1024 (current) - 1024 (proposed) Netflow Output Access Control Entries*: 1024 (current) - 1024 (proposed) Flow SPAN Input Access Control Entries*: (current) - (proposed) Flow SPAN Output Access Control Entries*: (current) - (proposed) Number of VLANs: 4094 Unicast MAC addresses: 32768 Overflow Unicast MAC addresses: 768 Overflow L2 Multicast entries: 2304 L3 Multicast entries: 32768 Overflow L3 Multicast entries: 768 Ipv4/Ipv6 shared unicast routes: 212992 Overflow shared unicast routes: 1536 STP Instances: 1024 Policy Based Routing ACEs / NAT ACEs: 2048 Tunnels: 2816 LISP Instance Mapping Entries: 2048 Control Plane Entries: 1024 Input Netflow flows: 32768 Output Netflow flows: 32768 SGT/DGT (or) MPLS VPN entries: 32768 SGT/DGT (or) MPLS VPN Overflow entries: 768 Wired clients: 2048 MACSec SPD Entries: 256 MPLS L3 VPN VRF: 255 MPLS Labels: 16384 MPLS L3 VPN Routes VRF Mode: 16384 MPLS L3 VPN Routes Prefix Mode: 4096 MVPN MDT Tunnels: 1024 L2 VPN EOMPLS Attachment Circuit: 1024 MAX VPLS Bridge Domains : 1024 MAX VPLS Peers Per Bridge Domain: 32 MAX VPLS/VPWS Pseudowires : 4096 Ipv4/Ipv6 Direct and Indirect unicast routes share same space * values can be modified by sdm cli Device# show sdm prefer distribution This is the Distribution template. Security Ingress IPv4 Access Control Entries*: 6656 (current) - 6656 (proposed) Security Ingress Non-IPv4 Access Control Entries*: 5632 (current) - 5632 (proposed) Security Egress IPv4 Access Control Entries*: 6656 (current) - 6656 (proposed) Security Egress Non-IPv4 Access Control Entries*: 8704 (current) - 8704 (proposed) QoS Ingress IPv4 Access Control Entries*: 4608 (current) - 4608 (proposed) QoS Ingress Non-IPv4 Access Control Entries*: 3584 (current) - 3584 (proposed) QoS Egress IPv4 Access Control Entries*: 4608 (current) - 4608 (proposed) QoS Egress Non-IPv4 Access Control Entries*: 3584 (current) - 3584 (proposed) Netflow Input Access Control Entries*: 1024 (current) - 1024 (proposed) Netflow Output Access Control Entries*: 1024 (current) - 1024 (proposed) Flow SPAN Input Access Control Entries*: (current) - (proposed) Flow SPAN Output Access Control Entries*: (current) - (proposed) Number of VLANs: 4094 Unicast MAC addresses: 81920 Overflow Unicast MAC addresses: 768 Overflow L2 Multicast entries: 2304 L3 Multicast entries: 16384 Overflow L3 Multicast entries: 768 Ipv4/Ipv6 shared unicast routes: 114688 Overflow shared unicast routes: 1536 STP Instances: 1024 Policy Based Routing ACEs / NAT ACEs: 3072 Tunnels: 2816 LISP Instance Mapping Entries: 1024 6

Examples: Control Plane Entries: 1024 Input Netflow flows: 49152 Output Netflow flows: 49152 SGT/DGT (or) MPLS VPN entries: 32768 SGT/DGT (or) MPLS VPN Overflow entries: 768 Wired clients: 2048 MACSec SPD Entries: 256 MPLS L3 VPN VRF: 1024 MPLS Labels: 45056 MPLS L3 VPN Routes VRF Mode: 112640 MPLS L3 VPN Routes Prefix Mode: 32768 MVPN MDT Tunnels: 1024 L2 VPN EOMPLS Attachment Circuit: 1024 MAX VPLS Bridge Domains : 1024 MAX VPLS Peers Per Bridge Domain: 32 MAX VPLS/VPWS Pseudowires : 4096 Ipv4/Ipv6 Direct and Indirect unicast routes share same space * values can be modified by sdm cli Examples: Device(config)# sdm prefer access Device(config)# exit Device# reload Proceed with reload? [confirm] Additional References for SDM Templates Related Documents Related Topic Command Reference Document Title Command Reference, (Catalyst 9400 Series Switches) Standards and RFCs Standard/RFC None Title MIBs MIB All the supported MIBs for this release. MIBs Link To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL: http://www.cisco.com/go/mibs 7

Feature History and Information for Technical Assistance Description The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies. To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds. Access to most tools on the Cisco Support website requires a Cisco.com user ID and password. Link http://www.cisco.com/support Feature History and Information for Release Cisco IOS XE Everest 16.6.1 Modification This feature was introduced. 8

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback