Catalyst Switching Deep Dive February 2016
advertisement
Catalyst Switching Deep Dive February 2016 System Level Innovations OS Level Innovations Automation System Level Innovations Introducing Catalyst 6840-X 16, 24, 32 or 40 SFP+ Uplinks Convert 4 x SFP+ to QSFP* 256K IPv4 Routes 1.5M NetFlow 64K QoS / ACL Now Shipping October 2015 2 models with 2 QSFP Uplinks Convert 4 x SFP+ to QSFP* Height: 2RU Depth: 21.8” High-Scale Control Plane with 2.0GHz CPU Higher Scale for IA VSS, Instant Access, NAT, MPLS, LISP, SGT, MACSEC, HQoS, etc. 750W or 1100W Power Redundant AC / DC Front-to-Back Airflow All Catalyst 6800 Features in a Small Fixed Form Factor C6840-X Series Architecture Overview Feature C6816-X-LE C6832-X-LE C6824-X-LE-40G C6840-X-LE-40G Forwarding ASIC(s) 1 DFC4-E 2 DFC4-E 2 DFC4-E 3 DFC4-E Bandwidth 80 Gbps 160 Gbps 160 Gbps 240 Gbps Throughput 60 Mpps 120 Mpps 120 Mpps 180 Mpps CPU 2.0GHz IB2C 2.0GHz IB2C 2.0GHz IB2C 2.0GHz IB2C Memory Buffer (MB) per Port 4GB DDR3 250 or 500MB (2GB / 8 or 4p) 4GB DDR3 250 or 500MB (2GB / 8 or 4p) 4GB DDR3 250 or 500MB (2GB / 8 or 4p) 4GB DDR3 250 or 500MB (2GB / 8 or 4p) IPv4 Routes 256K 256K 256K 256K IPv6 Routes 128K 128K 128K 128K MAC Address 128K 128K 128K 128K Flexible NetFlow 512K 1M 1M 1.5M QoS & ACL 64K 64K 64K 64K Internal Flash 2GB eUSB+ 2GB eUSB+ 2GB eUSB+ 2GB eUSB+ Console RJ45 / USB Type B RJ45 / USB Type B RJ45 / USB Type B RJ45 / USB Type B Management RJ45 / SFP RJ45 / SFP RJ45 RJ45 / SFP External Flash USB Type A USB Type A USB Type A USB Type A Target FCS Q1 2016 Introducing Supervisor 6T Taking Catalyst 6800 to a New Level Scalability & Performance High-Performance Control Plane with 2.5GHz CPU 2 x 40G (QSFP) and 8x 10G (SFP+) Uplinks Support for IA, LISP, etc SUP2T SUP6T 6807-XL Bandwidth 220G /Slot 440G /Slot 6500-E Bandwidth 80G /Slot 80G /Slot RP CPU 1.5Ghz MPC8572 2.5Ghz X86 Dual Core Memory 2 - 4GB DDR2 667Mhz 4 GB DDR3 1333Mhz Uplinks 2 x 10G (X2) & 3 x 1G (SFP) 2 x 40G (QSFP) & 8 x 1/10G (SFP+) Uplinks Advanced Features VSS, MACSEC, SGT VSS, IA, MACSEC, SGT, LISP, UCI Bootdisk Compact Flash eUSB RJ45 CMP RJ45 / SFP Mgmt0 Fabric Ready Improved Fabric Provides 440G/slot in C6807-XL Fiber / Copper Management Ports Mgmt Port * No CFC or Service Module Support Feature Parity with Sup2T from Day 1: 3000+ Features Supervisor 6T Enables Bigger Domains Taking Catalyst 6800 to a New Level Sup2T Domains A S =/< 1500 Host Ports & 42 FEX IDs* Sup6T Domains A S 2000+ Host Ports & 160 FEX IDs* * Compact IA Increased IA, ARP / NDP, OSPF / EIGRP, BGP, BFD and More! Support Matrix for Cat6k Supervisors Sup720 Sup2T Sup6T C6807-XL ✗ ✓ ✓ C6500E ✓ ✓ ✓ Upcoming 32/16/8 10G Cards ✗ ✓ ✓ 69xx Series Line Cards ✗ ✓ ✓ 68xx Series Line Cards ✗ ✓ ✓ WS-X6716-10G/T ✓ With WS-F6K-DFC4-E With WS-F6K-DFC4-E WS-X6708-10G ✓ ✗ ✗ WS-X6704-10GE with DFC3 ✓ With WS-F6K-DFC4-A With WS-F6K-DFC4-A 67xx Series 1GbE with DFC3 ✓ With WS-F6K-DFC4-A With WS-F6K-DFC4-A 67xx Series with CFC ✓ ✓ With WS-F6K-DFC4-A 61xx Series Line Cards ✓ With 6500E ✗ Current Service Modules ✓ ✓ ✗ WAN Cards ✓ ✗ ✗ Catalyst 6800 Innovations Concept Commit Target Q3’2016 Introducing New 10G/40G/100G Line Cards Sup2T & Sup6T 4 x 100GE 12 x 40GE Line Rate Equal IPv4 & IPv6 Performance 720 Mpps VSS, IA, LISP, UCI 48 x 10GE Large Buffers * No XL Version Full Catalyst 6K Feature Set @ FCS - Mature and Proven End-Of-Sale - March 2016 MODULES* WS-X6708-10G-3C WS-X6748-SFP WS-X6748-GE-TX WX-X6816-10T WS-X6904-40G WS-X6904-40G-10T WS-X6908-10G WS-X6908-10G-2T *including XL, spare versions • • External Announcement Date: End Of Sale Date: October 1, 2015 March 31, 2016 Target FCS March 2016 Introducing Supervisor 8LE Faster CPU Supported on 4500-E chassis Attribute Sup8LE Sup8E Uplinks 4 x SFP+ 8 x SFP+ Port Scale 240 384 Chassis Support 3,6,7 3,6,7,10 64K/32K 256K/128K FIB Table Size (V4/V6) Campus Fabric Enterprise Fabric Ready 4 SFP/SFP+ 1G/10G Uplinks Converged Access Low End Supervisor Based on Sup8E Not supported Target FCS March 2016 C4K VSS Quad Sup Available Bandwidth RPR Redundancy Sup7E/7-LE/8E Only Release: IOS XE 3.8.0 100% 50% Time Default Redundancy Domain VSS Active SSO VSS Standby In-Chassis Active In-Chassis Active Control Plane Active Data Plane Active Control Plane Standby Data Plane Active RPR RPR VSL In-Chassis Standby In-Chassis Standby Control Plane RPR-Cold Control Plane RPR-Cold Catalyst 3850 10G: 12 and 24 Port Now Shipping July 2015 C3850-NM4x10G C3850-NM4x10G UADP ASIC Converged Access Line-Rate StackWise-480 StackPower C3850-NM2x40G C3850NM8x10G 1+1 Power Redundancy C3850-12XS Architecture Overview 480G STACK INTERFACE UADP ASIC Clock – 500 MHz / 80 Gbps Packet Buffer Forwarding Controller Reassembly Crypto Ingress FIFO Core 1 Core 0 Cavium 1.3 GHz 6-Core CPU Packet Buffer Forwarding Controller UADP ASIC0 Egress FIFO Ingress FIFO Core 1 FPGA Reassembly Crypto Egress FIFO Core 0 Network Interface Network Interface SDRAM 4GB Flash 4GB USB 10G PHY MACSec 10G PHY MACSec Dual PHY MACSec EMP 1x6 10G SFP+ 1x6 10G SFP+ 4x10G, 2x1G 2x10G, 4x1G Console C3850-24XS Architecture Overview 480G STACK INTERFACE UADP ASIC Clock – 500 MHz / 80 Gbps Packet Buffer Forwarding Controller Reassembly Crypto Ingress FIFO Packet Buffer Packet Buffer Forwarding Controller Forwarding Controller UADP ASIC1 Egress FIFO Core 1 Network Interface Reassembly Crypto Ingress FIFO Reassembly Crypto Egress FIFO Ingress FIFO Core 0 Forwarding Controller UADP ASIC0 Egress FIFO Network Interface FPGA Reassembly Crypto Ingress FIFO Core 1 Network Interface Cavium 1.3 GHz 6-Core CPU Packet Buffer SDRAM 4GB Egress FIFO Flash 4GB Core 0 Network Interface USB 10G PHY MACSec 10G PHY MACSec 10G PHY MACSec Dual PHY MACSec Dual PHY MACSec EMP 1x6 10G SFP+ 1x6 10G SFP+ 1x6 10G SFP+ 1x6 10G SFP+ 2x40G, 8x10G, 4x10G Console How many Can I stack together? Up to 32 Cores Enforced by Software Up to 9 Limited in ASIC Now Shipping September 2015 Catalyst 3850 10G: 48 Port 640GB Line-Rate UADP ASIC 48 x SFP+ Fixed • 4 x QSFP Fixed Front-to-Back and Back-to-Front Fan options UADP ASIC Converged Access • New 750W AC Power Supplies • 1+1 Power Supply Redundancy Line-Rate No Stacking *No StackWise or StackPower on 48p SKU 1+1 Power Redundancy Front-to-Back & Back-to-Front Fans and Power Supplies Catalyst 3850 SFP+ 48 Port – Block Diagram 480G STACK INTERFACE UADP ASIC Clock – 500 MHz / 80 Gbps Packet Buffer Packet Buffer Core 0 Core 1 Forwarding Controller Forwarding Controller Reass Egr Ingr Reass Egr Ingr embly ess ess embly ess ess Crypt FIF FIF Crypt FIF FIF o o O O O O Network Interface Network Interface ASIC 0 Packet Buffer Core 0 Forwarding Controller Packet Buffer Core 1 Forwarding Controller Ingr Reass Egr Ingr Reass Egr embly ess ess embly ess ess Crypt FIF FIF Crypt FIF FIF o o O O O O Network Interface Network Interface ASIC 1 Packet Buffer Core 0 Forwarding Controller Packet Buffer Core 1 Forwarding Controller Reass Egr Ingr Reass Egr Ingr embly ess ess embly ess ess Crypt FIF FIF Crypt FIF FIF o o O O O O Network Interface Network Interface ASIC 2 Packet Buffer Core 0 Forwarding Controller Cavium 1.3 GHz 6-Core CPU Packet Buffer Core 1 Forwarding Controller Reass Egr Ingr Reass Egr Ingr embly ess ess embly ess ess Crypt FIF FIF Crypt FIF FIF o o O O O O Network Interface Network Interface FPGA SDRAM 8GB ASIC 3 Flash 8GB USB 10G PHY MACSec 10G PHY MACSec 10G PHY MACSec 10G PHY MACSec 10G PHY MACSec 10G PHY MACSec Dual PHY MACSec Dual PHY MACSec EMP 2 x 12 10G SFP+ 2 x 12 10G SFP+ 2x40G, 8x10G, 4x10G Console C3850-XS 10G Family Architecture Overview Feature C3850-12XS C3850-24XS C3850-48XS ASIC(s) 1 UADP 2 UADP 4 UADP Bandwidth 160 Gbps 380 Gbps 640 Gbps Throughput 228 Mpps 456 Mpps 912 Mpps CPU 1.3GHz CN6335 1.3GHz CN6335 1.3GHz CN6335 Memory 4GB DDR3 4GB DDR3 8GB DDR3 IPv4 Routes 24K (host) / 8K (routes) 24K (host) , 8K (routes) 24K (host) , 8K (routes) IPv6 Routes 12K (host) / 4K (routes) 12K (host) , 4K (routes) 12K (host) , 4K (routes) MAC Address 32K 32K 32K Flexible NetFlow 48K 96K 192K QoS & ACL 3K 3K 3K Internal Flash 4GB eMMC Based eUSB+ 4GB eMMC Based eUSB+ 8GB eMMC Based eUSB+ Console RJ45 / USB Type B RJ45 / USB Type B RJ45 / USB Type B Management RJ45 RJ45 RJ45 External Flash USB Type A USB Type A USB Type A Cisco MultiGigabit Driving the Bandwidth in Access Maintain Switch to AP Reach at Higher Speeds Adaptive Rate Technology (FE, 1G, 2.5G, 5G, and 10G) Future proofed for higher speeds Infrastructure Investment Protection Supports 100m distance with Cat5e cabling up to 5G speeds for Brownfield Supports Cat6a cabling for Greenfield deployments for higher speeds POE/POE+/UPOE Cisco Innovation over 10GT Standard to support high end point power needs Standards Compliant 1G and 10G BaseT IEEE standards, intermediate speeds work in progress in IEEE Catalyst 4500E - MultiGigabit Line Card First 12 Ports are MultiGigabit Capable Catalyst 4500 has 48G of Backplane per Slot MultiGigabit Ports are Oversubscribed The Oversubscription Can be Controlled by 3 Modes Available All Available 1Gig Ports are Line Rate Catalyst 4500E - MultiGigabit Line Card Mode Oversubscription Ranges Port Configuration (Depending on MultiGigabit Port Speed) Mode 1 Multigigabit Lite 2.5:1 - 10:1 MultiGigabit 1Gig Mode 2 Multigigabit Enhanced 1.25:1 - 5:1 MultiGigabit Disabled 1Gig Mode 3 Multigigabit Performance 1.25 - 2.5:1 MultiGigabit Disabled MultiGigabit Line Card Architecture ─ Modes Switch Backplane 12G 12G 12G 12G Management FPGA A new FPGA that programs the Modes FPGA 12G Stub ASIC MACSec 12G Stub ASIC MACSec MultiG igabit PHY MultiG igabit PHY RJ45 1-4 RJ45 5-7 12G Stub ASIC MACSec MultiG igabit PHY RJ45 8-12 12G 12G Stub ASIC MACSec 12G Stub ASIC MACSec 12G Stub ASIC MACSec PoE Sub-System 12G Stub ASIC MACSec Stub ASIC MACSec Power Brick Power Brick PoE Controller PHY PHY PHY RJ45 13-48 PHY PHY Power Brick PoE Controller MultiGigabit Line Card Architecture ─ Modes Switch Backplane 12G 12G 12G 12G Management FPGA FPGA 12G Stub ASIC MACSec 12G Stub ASIC MACSec MultiG igabit PHY MultiG igabit PHY RJ45 1-4 RJ45 5-7 12G Stub ASIC MACSec MultiG igabit PHY RJ45 8-12 12G 12G Stub ASIC MACSec 12G Stub ASIC MACSec 12G Stub ASIC MACSec PoE Sub-System 12G Stub ASIC MACSec Stub ASIC MACSec Power Brick Power Brick PoE Controller PHY PHY PHY PHY RJ45 (13-24 Disabled) 25-48 PHY Power Brick PoE Controller MultiGigabit Line Card Architecture ─ Modes Switch Backplane 12G 12G 12G 12G Management FPGA FPGA 12G Stub ASIC MACSec 12G Stub ASIC MACSec MultiG igabit PHY MultiG igabit PHY RJ45 1-4 RJ45 5-7 12G Stub ASIC MACSec MultiG igabit PHY RJ45 8-12 12G 12G Stub ASIC MACSec 12G Stub ASIC MACSec 12G Stub ASIC MACSec PoE Sub-System 12G Stub ASIC MACSec Stub ASIC MACSec Power Brick Power Brick PoE Controller PHY PHY PHY PHY RJ45 (13-48 Disabled) PHY Power Brick PoE Controller MultiGigabit Ports - Command Line Catalyst4500# show ip int br | i up TenGigabitEthernet2/1 unassigned unset up up TenGigabitEthernet2/2 unassigned unset up up TenGigabitEthernet2/3 unassigned unset up up MultiGigabit Ports Are named as TenGigabitEthernet2/4 unassigned Catalyst4500# show int TenGigabitEthernet 2/1 unset up up TenGigabitEthernet indicating its highest is up, line protocol is up unassigned TenGigabitEthernet2/5 possible speed TenGigabitEthernet2/1 unset up up (connected) TenGigabitEthernet2/6 unassigned Hardware is Ten Gigabit Ethernet is unsetPort, up address up 18e7.28d8.55e0 (bia 18e7.28d8.55e0) TenGigabitEthernet2/7 unassigned MultiGigabit Port Speeds unset up MTU 1500 bytes, BW 10000000 Kbit/sec, DLY up 10 usec, reliability txload 1/255, rxload 1/255 TenGigabitEthernet2/8 unassigned 100M / 1Gig / 2.5Gig / 5Gig / 255/255, 10Gig unset up up Encapsulation ARPA, loopback not set TenGigabitEthernet2/9 unassigned unset up up Keepalive set (10 sec) TenGigabitEthernet2/10 unassigned The Non-MultiGigabit Ports Are the unset up up Full-duplex, is auto, media type is Same as Previous Line Cards 10Gb/s, / Productslink – typeTenGigabitEthernet2/11 unassigned 100/1000/2.5G/5G/10GBaseTx unset up up Support 10M/100M/1Gig Speeds TenGigabitEthernet2/12 unassigned unset up up GigabitEthernet2/13 unassigned unset up up YES YES YES YES YES YES YES YES YES YES YES YES YES MultiGigabit Ports’ Modes - CLI Catalyst4500(config)# hw-module module 2 mode ? 1 Multigigabit lite ports (10:1 oversubscribed) and 36 : 12 MultiGigabit 1Gigabit ports 2 Multigigabit enhanced : 12 MultiGigabit ports ( 5:1 oversubscribed) and 24 1Gigabit ports Mode Change - The mode changes on a per line card basis Are named as TenGigabitEthernet indicating its highest possible speed Three Modes Translate to three different oversubscription ratios Mode Change Requires Module Reload – Resetting module is required after configuring the mode 3 Multigigabit performance ports ( 2.5:1 oversubscribed) only : 12 MultiGigabit Catalyst4500# show module Chassis Type : WS-C4507R+E Power consumed by backplane : 40 Watts Mod Ports Card Type Model Serial No. ---+-----+--------------------------------------+-----3 4 Sup 7-E 10GE (SFP+), 1000BaseX (SFP) WSX45-SUP7-E CAT1542L5GW … … Mod LinecardMode ----+-------------------------------------------------2 1 Catalyst4500# Catalyst 3850 ─ MultiGigabit Versions 48 Port Version 24 Port Version Downlinks: Downlinks: 36 x 1G LineRate 10/100/1000BASE-T, 12 x GE/mGig/10GT 24 x GE/mGig/10GT PoE/PoE+/UPoE, EEE, MACSec PoE/PoE+/UPoE, EEE, MACSec Uplinks: 4x10GE SFP+, 2 x 40G QSFP (NEW), 8x10G SFP+ (NEW) Uplinks: 4x10GE SFP+, 2 x 40G QSFP (NEW), 8x10G SFP+ (NEW) All 3850 Versions Can Stack with Each Other Catalyst 3850 MultiGigabit ─ 24 Port Layout 480G STACK INTERFACE One Core/.UADP ASIC Clock – 500 MHz / 80Gbps Packet Buffer Packet Buffer Packet Buffer Forwarding Controller Forwarding Controller ASIC1 Reassembly Crypto Ingress FIFO Forwarding Controller Forwarding Controller ASIC0 Reassembly Crypto Egress FIFO Ingress FIFO Core 1 Reassembly Crypto Egress FIFO Ingress FIFO Core 0 Network Interface Octeon-2 1.3 GHz 6-Core CPU Packet Buffer Egress FIFO Ingress FIFO Core 1 Network Interface FPGA Reassembly Crypto SDRAM 4GB Egress FIFO Flash 2GB Core 0 Network Interface Network Interface USB 10GB PHY MACSec 10GB PHY MACSec 10GB PHY MACSec 10GB PHY MACSec 10GB PHY MACSec 10GB PHY MACSec 12 Port UPoE 12 Port UPoE 12 x 10G 100M/1G/2.5G/5G/10G 12 x 10G 100M/1G/2.5G/5G/10G Dual PHY MACSec Dual PHY MACSec EMP 2x40G, 8x10G, 4x10G, Console Catalyst 3850 MultiGigabit ─ 48 Port Layout 480G STACK INTERFACE One Core/UADP ASIC Clock – 500 MHz / 80Gbps Packet Buffer Packet Buffer Packet Buffer Forwarding Controller Forwarding Controller ASIC1 Reassembly Crypto Ingress FIFO Forwarding Controller Forwarding Controller ASIC0 Reassembly Crypto Egress FIFO Core 1 Ingress FIFO Reassembly Crypto Egress FIFO Ingress FIFO Core 0 Network Interface Octeon-2 1.3 GHz 6-Core CPU Packet Buffer Egress FIFO Ingress FIFO Core 1 Network Interface FPGA Reassembly Crypto SDRAM 4GB Egress FIFO Flash 2GB Core 0 Network Interface Network Interface USB OctalPHY MACSec* OctalPHY MACSec* OctalPHY MACSec* 36 Port UPoE 36 x 1G 10M/100M/1G OctalPHY MACSec* OctalPHY MACSec* 10GB PHY MACSec 10GB PHY MACSec 10GB PHY MACSec Dual PHY MACSec Dual PHY MACSec 12 Port UPoE 12 x 10G 100M/1G/2.5G/5G/10G EMP 2x40G, 8x10G, 4x10G, Console NBASE-TTM Interoperability First Industry mGig Plugfest September 15 • Wide Industry Representation including Amphenol, Aquantia, Aruba, Cisco, CommScope, Fluke Networks, Freescale , Intel, Microsemi, Panduit, SpeedTech, Spirent, Tehuti Networks. • Each vendor tested equipment with every other vendor • All tests passed • • mGig Speeds – Link up Diagnostics Cables – Cat5e, Cat6 • All vendors used Aquantia Phys NBASE-T driving IEEE Standardization MultiGigabit – Campus Server Connectivity mGig Server Connectivity With different speeds > 1G Existing Cable Infra, Cat5e, Cat6, Cat6a Campus Servers with 10G NIC Manufacturing Floors Enterprise Workspace High End Research Workstations Universities Research Labs Expected FCS April ‘16 Roadmap: 3650 “Mini” Converged Access Upto 770W PoE+ budget Fixed Power Supply, Fixed Fans, RPS2300 2 SKU’s • 24 x 1Gbe • 48 x1Gbe 11.62 inch depth, 1RU IP Base/IP Services 11.62” = 295mm Cisco StackWise®-160 48 Ports – 4xSFP+ 24 Ports - 2xSFP & 2xSFP+ Roadmap: 3650 “Mini” Quick comparison 3750V2 3650 Mini 3650 11.6” 11.6” 17.5” Port speeds FE GE GE PoE/UPoE PoE PoE+ PoE+ Uplinks SFP SFP/SFP+ SFP/SFP+ Power Supply & Fans Fixed Fixed FRU No Yes Yes RPS2300 RPS2300 FRU Power Supply Width Converged Access Power Supply Redundancy 3750X / 3560X End of Sale Heads-Up Products 3750X 3560X Announcement 12 months before EoS 12 months before EoS EoS Date 2HCY16 (July-December, 2016) 2HCY16 (July-December, 2016) Replacement Catalyst 3850 Catalyst 3650 Benefits mGig Stack BW FNF CA Improved QoS Bigger buffers (12M) Price CA Opt. Stacking FNF Improved QoS Bigger buffers Warning message on CCW: CALL TO ACTION: Transition customers from legacy platforms OS Level Innovations Cisco IOS Software Release 15SY IOS 15.2(1)SY1a 15.2(1)SY 45+ CFD Fixes Sup2T / 6880-X IOS 15.2(2)SY New Hardware • C6816-X-LE, C6832-X-LE • C6824-X-LE-40G, C6840-X-LE-40G 15.2(2)SY IOS 15.3(1)SY 6840-X New Hardware & Features • New Hardware • • C6800-SUP6T, SUP6T-XL CVR-4SFP-QSFP adapter • Major New Features • • 15.3(1)SY UCI (Enterprise Fabric) IA 3.0 (160 FEX IDs) Sup6T Software Release IOS-XE 3.8.0/IOS15.2.(4)E IOS-XE 3.8.0/IOS15.2.(4)E Extended Maintenance Release 35+ Software Features • New Hardware • Major Software Features • • 15.2(4)E 2960X/XR Horizontal Stacking Quad-SUP VSS-RPR • Supported Platforms • • • C2960+/2960X/XR/2960CX C3750X/3560X/3560CX 4500E/4500x/4900M/4948 3K/3K-Compact • Un-Supported Platforms • C3850/3650 4500 IOS-XE 3.8/IOS 15.2(4)E Key Features MACSEC on All Ports Aggregation Switch/ mGig Switch VSS Quad Supp RPR Auto Identity LANBase Additions Default Redundancy Domain SSO In chassis VSS Active Active Control Plane Active Data Plane Active With help of Templates Inchas R sis P Stand R by Contro l Plane RPRCold Edge Switch VSL In chassis Active VSS Control Standb Plane y Standb y Data Plane Active R P R InChassis Standby Control Plane RPR-Cold MGMT SNMP, Telnet SSO – 4K PVLAN – 4K/3K/2K ICMP Routing Updates Logging ARP IP Options Segment CONTROL PLANE Edge Ports 10G Arriving packets REP Support C2K Horizontal Stacking Data Plane on the 2960X/XR scales to over 130Mpps DATA PLANE Switch Switched packets Control Plan Policing C2960X/XR & C3560CX Front/Horizontal Stacking • • Application • Stacking over standard Fiber and Copper interfaces – longer distances • Stack of units function as a single switch – unified management/control Details • Initial support – 3560CX switches • 10G SFP+, mGig ports (or combination) configured as H-Stack ports (up to 2) • 8 units in a stack • One unit functions as Master • • Single IP address, SNMP agent, Config for the Stack, etc • Holds configuration of the Stack Stack up to 96 GigE ports (3560CX) 40 Gbps throughput Aggregation Switch/ mGig Switch New unit can automatically join stack – auto upgrade firmware Deliverables: 3560CX – IOS 15.2(4)E (Oct 2015) 3850/3650/2960X – CY2016 10G The Power of Polaris Polaris Technical Capabilities Distributed Database Maximizes Scale, Separation of state Information from process Object/Eve nt Tracing Easier Troubleshooting & Debugging Application Platform Deploy Containers, Run on X86, Developer/Operator Views Polaris Architecture Control & Data Plane Separation Enables Scale & Best of Breed Deployment Selective Sensors Pervasive Security Across the Network Distributed Databases – What is it? Crimson Database (Internal Name) Crimson Database stores all Configuration and Operational states Distributed Database - Benefits Enables Real Time Sync of Incremental Updates Allows programmatic access via external facing interfaces Database can be replicated to other Polaris Devices 1:1 or 1:N !!! netconf/restcon f/yang/snmp/re st-api Object/Event Tracing Binary & Radioactive Tracing helps with Faster Troubleshooting Object/Event Tracing Binary Tracing Optimizes LogData Storage Radioactive Tracing helps Conditional Logging Object/Event Tracing Conditional Debugging based on IP or MAC generates a UUID Filtering Logs with UUID reveals only relevant debug messages Polaris#debug platform condition ? both Simultaneous ingress and egress debug egress Egress only debug feature For a specific feature ingress Ingress only debug interface Set interface for conditional debug ipv4 Debug IPv4 conditions ipv6 Debug IPv6 conditions mac Debug MAC conditions mpls Debug MPLS conditions start Start conditional debug stop Stop conditional debug Polaris#debug platform condition Application Platform Network Analytics Configuration Management Network Monitoring Kernel Support for Multiple Containers exist in Polaris Phase-I Depending on the Platform Capabilities, Apps can run in Containers Cisco Signed apps “Open Packages” Cisco + 3rd-party packages netconf/restconf/yang/rest-api Interfaces IOS Life Cycle Management Container OS/Linux NW Devices IOS Container OS/Linux NW Devices AVC will be available in March 2016 for Wired & Wireless Different Levels of Application Recognition Application Recognition Techniques 2 1 DNS-AS & Server Based Signaling NBAR2 with Socket Caching (Performance Optimized) Pre Defined Apps on DNS-AS Server Jabber, Lync, Cisco Telepresence, etc. 1500 Apps – initial few packets Leveraging the work from Routing Platforms Full NBAR2 with DPI 1500 Apps Mostly on Routers, Deep Packet Inspection Using DNS as an Authoritative Source (DNSAS) • DNS is pervasively used - why not have those servers provide App Metadata? • Use the TXT record of DNS servers for police metadata and then let router or switches snoop client DNS request and request an Authoritative Answer from the DNS server DNS Server BR What do we have in Polaris Phase 1 (16.1)? WebUI Day0, Day1 Sub Package Upgrade for WCM Radioactive Tracing for Wired & Wireless Smart Licensing Faster Device Onboarding Cisco Support Administrator Traces Path Quickly Feature Parity with 3.7* Targeted for 16.2 Targeted for 16.3 Deprectated ✗ MACSEC ✗ CISP/NEAT ✗ SGT over FNF ✗ CTS Dot1X ✗ Critical Auth ✗ Medianet ✗ Flexlink License Service Steps to Upgrade 1.Copy Image to flash: 2.‘Software Install’ Command with new and force options 3.Reload stack9#copy tftp://172.20.249.254/polaris/SIT_bld0928_emp3.bin flash:cat3k_caauniversalk9.SSA.16.1.0.EFT3-1.bin Destination filename [cat3k_caa-universalk9.SSA.16.1.0.EFT3-1.bin]? Accessing tftp://172.20.249.254/polaris/SIT_bld0928_emp3.bin... Loading polaris/SIT_bld0928_emp3.bin from 172.20.249.254 (via GigabitEthernet0/0): !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! [OK - 453999188 bytes] 453999188 bytes copied in 125.140 secs (3627930 bytes/sec) stack9# stack9#dir flash:*.bin Directory of flash:/*.bin 30978 -rw- 453999188 Oct 5 2015 14:39:34 -07:00 cat3k_caa-universalk9.SSA.16.1.0.EFT31.bin 1621966848 bytes total (774270976 bytes free) stack9# stack9#software install file flash:cat3k_caa-universalk9.SSA.16.1.0.EFT3-1.bin new force Preparing install operation ... [1]: Copying software from active switch 1 to switches 2,3,4 [1]: Finished copying software to switches 2,3,4 [1 2 3 4]: Starting install operation … … Everything runs on Switching Thank you! Simplified Converged Access – Cisco Prime Infra CA WorkFlow IOS-XE CLI Optimization Shipping : CPI 3.0 TP – Nov’15 CPI – Converged Access WorkFlow 2.0 CA WorkFlow 2.0 Key Enhancements New and simplified User Interface 15+ new CA feature support Increased WLAN and AAA scalability More smarter with built-in error-detection Configuration management support More… Network Deployment Branch Network Campus Network Supported Products Switch : 3650, 3850, 4500E-Sup8E Wireless : 5760 Platforms Software Catalyst 3650 / 3860 / CT5760 3.6.0 Catalyst 4500E – Sup8E 3.7.0 CA – CLI Optimization MC Current 16 MA New 4 CLI’s CLI’s Simplified and Expanded Information Current CLI Structure 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. show wireless mobility controller summary show wireless mobility controller client summary show wireless mobility controller client H.H.H show capwap summary show wlan summary show wlan all show wireless mobility summary show wireless client summary show wireless client mac-address H.H.H detail show access-session mac-address H.H.H detail show wcdb database all show wcm-cs interface show ap dot11 5ghz summary show ap dot11 24ghz summary show license right-to-use summary show passwd encryption status New CLI Structure Distributed – MC and MA (Default) show wireless mobility show wireless ap show wireless wlan show wireless client Centralized – MC Managing MA show wireless mobility show wireless ap show wireless wlan show wireless client show wireless mobility <ma-ip> summary show wireless ap name <map-ip> summary show wireless wlan name <map-ip> summary show wireless mobility controller client summary CA – CLI Optimization New – show wireless mobility summary o o o o Local Wireless Management Interface ID Local Wireless Management IP Address Max Mobility Tunnel Support / In Use status Host Name for Peer WLC and Mobility Agents CA – CLI Optimization New – show wireless ap summary o o o o o o o Max AP Supported vs Installed License AP License In use Host Name of all Mobility Agents in local domain AP Group information for each local/remote APs AP Model # for each local/remotely APs Local and Remote AP IP Address Total Uptime for each AP across its sub-domain CA – CLI Optimization New – show wireless wlan summary o o o o Local WLAN Information with new data columns Per-WLAN Security information SSID association to Radio Interface Aggregated Wireless Client count per SSID Platforms Software Catalyst 3650 / 3860 / CT5760 3.7.3 – Dec’15 Catalyst 4500E – Sup8E 3.8.2 – Apr-16 CA – CLI Optimization New – show wireless mobility client summary (MC) o Overall Wireless Client summary : Max, Local, Foreign and Anchored o Username if user is 802.1X authenticated o Associated AP name o SSID Name which the user is connected to o Per Wireless Client L2 and L3 info : VLAN ID and IP Address o CA info : Switch Peer-Group Name and MA/MC Switch IP Address o MTE : If this MC is MTE (transit WLC) for a client Platforms Software Catalyst 3650 / 3860 / CT5760 3.7.3 – Dec’15 Catalyst 4500E – Sup8E 3.8.2 – Apr-16
