Hello,
In book, there is a paragraph about the "Using Multiple Routers with a Single MLS-Capable Catalyst". I don't understand how the "Double lookups" and "Double Rewrite" operate, could you take a look at this and give me a instruction?
Picture: Two MLS Routers and One MLS Switch
formatting link
Description in the book: Here, Host-A is still located in the Red VLAN and Host-B is still located in the Blue VLAN. However, a new VLAN has been created between the two routers (call it the Purple VLAN). Host-A still sends traffic destined to Host-B to its default gateway using the Red VLAN. As the first packet passes through the Catalyst, the NFFC recognizes it as a candidate packet and creates a partial shortcut entry (labeled Step 1 in the picture). Router-A then forwards the traffic over the Purple VLAN to Router-B. As the packet passes back through the Catalyst, the NFFC recognizes the packet as an enable packet and completes the shortcut entry (Step 2 in the picture). However, it also recognizes the destination MAC address as that of Router-B and therefore sees this packet as another candidate packet (Step 3 in the picture). Router-B then routes the packet normally and forwards it to Host-B over the Blue VLAN. As the packet passes back through the Catalyst for the third time, it is identified as an enable packet for the partial entry created in Step 3. A second shortcut entry is created (Step 4 the picture).
******When additional traffic flows from Host-A to Host-B (Step 5 in the picture), two sets of shortcut lookups and rewrite operations are performed. ******** As a result, the additional packets are not sent to either router.
I don't quite understand the above sentence besieged by asterisks. How the "two sets" work, please? If anyone comprehends very well, could you give me a detail explanation?
THANK YOU VERY MUCH.