Embed Size (px)
Citation preview
10G SFP+1G SFP
10/40G 1RU Core/Aggregation
Catalyst 9500
• Fixed 10/40G Core/
Aggregation
• 12p/24p 40G 48Ps 10G
• SDA Border and CP
• MPLS / VPLS / AVC
• 256 VRFs
• ETA and full Netflow
• Upto 128 MB Buffer
1G 1RU Aggregation
Catalyst 3850
1G Fiber
• Fixed 1G Aggregation
• Stackable
• 12p and 24p SKU
• 10G Network Module
Catalyst 6880-X
• Best-in-Class Core
Feature-set
• Up to 80 1G/10G
Ports
• Full MPLS / VPLS
• SDA Border and CP
Support
1/10G 1RU Aggregation
Catalyst 3850
10G Fiber
• Fixed 10 G Aggr.
• 12p, 24p and 48p
SKUs
• Stackable(12p/24p)
• 10G/40G Uplink NM
• MPLS / VPLS / AVC
• SDA Border and CP
1/10G 5RU Core
Catalyst 6840-X
• Best-in-Class Core
Feature-set
• Up to 40 1G/10G Ports
• 40G Uplinks
• Full MPLS / VPLS
• SDA Border and CP
Support
1/10G 2RU Core
Catalyst Fixed Backbone Portfolio FY17 DNAS
ca
le / F
ea
ture
s
10/40G
Catalyst 6800 Nexus 7700
1 2
Catalyst 6500
FY17-
18
Campus Core
Modular
Transition
Position for the following requirements:
• High-density 10/40/100-Gbps
connectivity
• Full Cisco SDA Capability
• Closest in features (MPLS), buffers,
tables to C6K
Position for the following requirements:
• Optimized for 1G/10G and low density 40G
• Full Campus Fabric support
• Proven Catalyst 6K Class of feature set
• Single O/S requirement in the Campus
Caveats: No 100G support Caveats: NexOS in Campus
Network as a Sensor &
Enforcer
APIC-EM
Full MPLS for campus
Campus Fabric
Secure Segmentation with
TrustSec
One Management with Prime
Infrastructure
IT Simplicity with Auto Conf, Interface Template and EEM
One Policy with Identity Services
Engine
High Availability with VSS, SSO and Quad Sup
SSO
3500+ Unique RichCampus Services
Hardware
Investments8P x 40G QSFP Module
– IOS 15.5(1)SY
12/24p 1G 1RU Aggregation
Comprehensive
Borderless Feature Set
Highest Performance and Scalability
Lower TCO
Industry-Leading Campus Backbone Platform
FIXED
Fe
atu
res
Scale
Catalyst Backbone Portfolio FY 2017
Up to 80 10G Ports5 RU Core
NEWSFY17
MODULAR
Featu
res
Scale routes
Up to 40 10G Ports
2RU, NG Backbone
48SFP+ or 12/24QSP 1 RU1/10/40 GE Aggregation
12p/24p/48p 10G 1RU Aggregation
(*)4500-E can be used opportunistically
Catalyst 6807XL10/40G Modular Core
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
Taking Catalyst 6K Up to 880G/Slot
7 Slots10 RU
Investment protection!
Compatible with Sup2T, 6700, 6800, 6900
and latest service modules
Backwards compatible backplane connectors
Catalyst 6500 DNA
Low-power and noise
High-efficiency fans
Up to 4 (N+1) power supply
redundancy
3000W AC
Up to 880G/Slot capable
Next-generation ready
Side-to-side air flow
(redirectable via airflow baffles)
Scalability &
Performance
Supervisor 6TTaking Catalyst 6800 to a New Level
Feature Parity with Sup2T from Day 1: 3000+ Features
SUP2T SUP6T
6807-XL Bandwidth 220G /Slot 440G /Slot
CPU1.5Ghz
MPC8572
2.5Ghz
X86 Dual Core
Memory2 - 4GB
DDR2 667Mhz
4 - 8GB
DDR3 1333Mhz
Uplinks2 x 10G (X2) &
3 x 1G (SFP)
2 x 40G (QSFP) &
8 x 1/10G (SFP+)
Uplinks Advanced
Features
VSS, MACSEC,
SGT, LISP
VSS, MACSEC,
SGT, LISP
Bootdisk Compact Flash eUSB
Mgmt Port CMP Mgmt0
High-Performance
Control Plane
with x86 CPU2 x 40G (QSFP) and 8 x
1/10G (SFP+) Uplinks
Supporting, LISP, etc
Fiber / Copper
Management Ports
Improved Fabric
Providing 440G/slot in
6807-XL
QSFP-40G-SR4
QSFP-40G-CSR4
QSFP-40G-SR-BD
QSFP-40G-LR4
QSFP-40G-ER4
Future Proofing with 10G to 40G Adapter
C6800-8P-10G
Phase I - 15.3(1) SY w Sup6T
C6800-16P-10G
C6800-32P-10G
Reverse SFP to QSFP Adapter Can Upgrade Your 10G Ports to 40G
40G Adapter
QSFP
Shipping Since
April 2016
SFP+
Phase II – 15.4(1)SY w Sup2T
CVR-4SFP10G-QSFP – Transceiver Support
15m 10km 40km150mMax. Distance
Multimode Fiber
Single Mode FiberQSFP-40G-SR-BD
QSFP40G-SR4-SShort Reach MMF
Short Reach MMF (BiDi)
Extended Reach 40km
Long Reach SMF (C-Class)
Long Reach 2km SMF WSP-Q40GLR4L
QSFP-40G-LR4-S
QSFP-40G-LR4QSFP-40G-ER4
AOC QSFP-H40G-AOCxM
Long Reach SMF
Active Optical Cable
2km
Catalyst 6807-XL 1/10/40G Line Cards
C6800 10G Serieswith DFC4-E
New C6800 40G*with DFC4-E
* - No Support on 6500-E Chassis
Full Catalyst 6K Feature Set @ FCS—Mature and Proven
Continued InvestmentsIntroducing New 40G Line Card – 8Px40G for Catalyst 6K
1M IPv4 Routes,
256K QoS & ACLVSS, SGT, MACSec,
LISP, HQoS, etc
15.5(1)SY
160G Throughput,
Performance mode
for line rate
2M NetFlow*
Full IPv4 & IPv6
Large Buffers -
1GB/port
C6800-8P40GOptics Support
QSFP/40G Optics
QSFP-40G-SR4 QSFP-H40G-AOC3M
QSFP-40G-CSR4 QSFP-H40G-AOC5M
QSFP-40G-LR4 QSFP-H40G-AOC7M
QSFP-40G-ER4 QSFP-H40G-AOC10M
QSFP-40G-SR-BD QSFP-H40G-AOC15M
QSFP-H40G-ACU7M QSFP-40G-SR4-S
QSFP-H40G-ACU10M QSFP-40G-LR4-S
QSFP-H40G-AOC1M QSFP-40G-LR4L
QSFP-H40G-AOC2M
Catalyst 950010/40G Fixed Core
Catalyst 9500
Next Gen High Speed Campus Aggregator
Depth: 21.8”
Height:1RU
All ports Non-blocking
Up to 128 MB Packet Buffer per
Core
QSA adapter
Support*
Internal Storage : 16GB
External Storage :
1xUSB 2.0 (front) , 1xUSB 3.0 (back)
* Roadmap
Introducing Catalyst 9500Powering the next generation Fixed Campus Core & Aggregation
Built-In RFID
Bulit-in Blue Beacon
Powerful CPU complexIntel X86 CPU Quad-core 2.4GHz16 GB Memory
• Allow smooth and cost-effective migration to 40 Gigabit
• Option to use lower-speed temporally
• 1G/10G connectivity on a 40G port
• Supports Multiple types of SFP or SFP+ module
CVR-QSFP-SFP10G (QSA Adapter)
Link to : Datasheet
Next Gen High Speed Campus Aggregator
Font to Back
Airflow
Faster
External
Storage:USB
3.0
Up to 128 GB
* Roadmap
Redundant 1+1
950W AC PSU
Redundant N+1
Fans StackWise Virtual *
Introducing Catalyst 9500Powering the next generation Fixed Campus Core & Aggregation
Catalyst 9500-40X
Catalyst 9500-12Q
Catalyst 9500-24Q
Catalyst 9500: Optimized for Enterprise Deployments
Fan Highlights:
• Front to back airflow
• Operate with up to 1 individual fan failures
• “OIR” supported up to 120 seconds
• Can support up to 24000 RPM
Catalyst 9500N+1 Modular Fans
C9K - Foundation
UADP X86 CPUIOS-XE
We continue to build on the strong Foundation
IOS XE Denali 16.5.1
Hosted AppsIOSd
LXC*
LXC*
IOS-XE
DB
Common Infrastructure /
HA
Management Interface
Module Drivers
Kernel
LXC*
Wiresh
ark
IOSd
Blob
IOS
Sub
System
s
IOS
Sub
System
s
IOS
Sub
System
s
Open, Modern OS Programmable ASIC A Platform for App Hosting
21
ASIC Lookup Tables and Profiles
Up to 32MB
Packet BufferUp to 64K x2
Netflow RecordsEmbedded CPUs
Shared
Lookup Up to 240GE
Bandwidth
384K Flex Counters
Up to 2X to 4X
forwarding + TCAM
Universal DeploymentsAdaptable Tables
Enhanced Scale/BufferingMulticore resource share
Investment ProtectionFlexible Pipeline
UADP 2.0 - Next Generation of ASIC Innovation
9300 9400 9500
ASIC UADP 2.0 UADP 2.0 XL UADP 2.0 XL
Number of ASICs 1, 2 (SKU dependent) 3 2,4 (SKU dependent)
ASIC Frequency 500 MHz 625 MHz 750MHz
Total ASIC Bandwidth (64B) 160 G 200 G 240 G
Table Sizes Standard XL Tables XL Tables
TCAM Entries 20 K 54 K 54 K
Buffers 16MB 32 MB 32 MB
Stack Bandwidth 240 G 720 G 720 G
Stack Ring 1 2 2
Catalyst 9K
C9500 Forwarding and TCAM Resources
• LPM Route
• Host Route
• Multicast Route
• IGMP
• MAC
• SGT
Forwarding
• Security ACL• PACL
• VACL
• RACL , etc
• QoS ACL
• Others ACL
• PBR/NAT
• Netflow ACL
• SPAN , etc
TCAM Resources• Netflow Entries
Netflow
Forwarding Resources Not drawn to scale
Packet Buffer
Ne
tflo
w64K
/ C
ore
Network Interface
Stack Interface
Forwarding
LPM
(64K)
MCAST
(16K)
IGMP
(16K)
Host
(48K)
MAC
(64K)
SGT
(16K)
TCAM Resources
Security ACL
(18K)
QoS ACL
(18K)
Others ACL
(18K)
Scales and TCAM Partition
C9500-24Q# show platform hardware fed switch 1 fwd-asic resource tcam
utilization
CAM Utilization for ASIC Instance [0]
Table Max Values Used Values
-----------------------------------------------------------------------------------------------------------
Unicast MAC addresses 65536/512 12/22
IGMP and Multicast groups 8192/512 0/0
L2 Multicast groups 8192/512 0/0
Directly or indirectly connected routes 16384/65024 0/18
NAT/PAT SA address and Port 0 0
QoS Access Control Entries 18432 0
Security Access Control Entries 18432 114
Ingress Netflow ACEs 1024 8
Policy Based Routing ACEs 2048 0
Egress Netflow ACEs 2048 0
Input Microflow policer ACEs 512 0
Output Microflow policer ACEs 1024 7
Flow SPAN ACEs 1024 0
Control Plane Entries 1024 196
Tunnels 1024 17
Lisp Instance Mapping Entries 1024 3
Input Security Associations 512 0
Output Security Associations and Policies 512 5
SGT_DGT 8192/512 0/0
Scale Profile
IPv4 / IPv6 LPM
IPv4 / IPv6 Host
Multicast Route
IGMP/MLD Snooping
MAC Address
SGT Label
Netflow
Security ACL
QoS ACL
Service ACL- PBR / NAT
Border Profile
64K / 32K
80K/ 40K
16K (IPv4)
8K (IPv6)
16K
16K
8K
128K/ASIC
18K
18K
2K
Aggregation Profile
64K / 32K
48K / 24K
16K (IPv4)
8K (IPv6)
16K
64K
8K
128K/ASIC
18K
18K
2K
Collapsed WAN Profile
64K / 32K
48K/ 24K
16K (IPv4)
8K (IPv6)
16K
16K
8K
128K/ASIC
18K
3K
16K
Mix of L2/L3
Capabilities
16.5
Network Address
Translation
16.5
Cross Domain
Policy
16.6
Catalyst 9500Profiles
Core Profile
64K / 32K
32K/16K
16K (IPv4)
8K (IPv6)
16K
16K
8K
128K/ASIC
18K
18K
2K
L3
Capabilities
16.6
C9500 Portfolio
C9500-24Q
• 24 x 40G
• QSFP+ Ports
• 4 x UAPD 2.0
• AC/DC* 950 W PS
• N+1 FRU FAN Modules
• USB 3.0 Module
• IOS-XE 16.5.1a
C9500-12Q
• 12 x 40G
• QSFP+ Ports
• 2 x UAPD 2.0
• AC/DC* 950 W PS
• N+1 FRU FAN Modules
• USB 3.0 Module
• IOS-XE 16.6.1
C9500-40X
• 40 x 1/10G + 8x1/10G /
2x40G
• SFP/SFP+ Ports
• 2 x UAPD 2.0
• AC/DC* 950 W PS
• N+1 FRU FAN Modules
• USB 3.0 Module
• IOS-XE 16.6.1
Shipping Shipping Shipping
* Roadmap
Catalyst 9500Product Comparison
2
9
Catalyst 9500Campus Aggregation and Fixed Core Comparison
Features & Scale C9500 (Default) C3850-10G C4500X (32x10G) C6840-X C6880-X
Chassis Size 1 RU 1 RU 1RU 2 RU 5 RU
Chassis Bandwidth 480,480, 960 Gbps 160, 320, 640 Gbps Up to 800 Gbps 160, 320, 480 Gbps 160-800 Gbps
Memory 16 GB DDR4 8 GB DDR3 4 GB DDR2 4 GB DDR3 4 GB DDR3
Flash 16 GB 8 GB 2 GB 8 GB 8 GB
SSD storage (USB 3.0) Yes No No Yes Yes
Built-in RFID Yes No No Yes Yes
Throughput (IPv4 / IPv6) 720,1440 Mpps 228, 456, 912 Mpps 250/125 Mpps 60/30, 120/60, 180/90 Mpps 60/30 – 300/150 Mpps
Max 40G Density 12p/24p2p (24p NM)
4p (48p Onboard) *Not Supported 2p Not Supported
Max 10G Density 48p12p, 24p or 16p, 32p (NM)
48p or 64p (QSFP Breakout)40 (32 + 8 uplinks)
16p, 24p, 32p, 40p
or 48p (QSFP Breakout)16p or 32p, 64p, 80p
Non-Blocking 10G Density 48p12p, 24p or 16p, 32p (NM)
48p or 64p (QSFP Breakout)40 (32 + 8 uplinks)
8p, 12p, 16p, 20p
or 24p (QSFP Breakout)8p or 16p, 32p, 40p
IPv4 Route Capacity 48K host, 64K routes 24K (host) , 8K (routes) 256K 256K (LE only) 2M (XL) or 256K (LE)
IPv6 Route Capacity 24K host, 32K routes 12K (host) , 4K (routes) 128K 128K (LE only) 1M (XL) or 128K (LE)
Multicast Route Capacity IPv4 16K; IPv6 8K 4K 32K 64K 64K
MAC Address Capacity 64K 32K 55K 128K 128K
Flexible Netflow Entries256K (12p)
512K (24p)
24K (12/24p)
or 48K (48p)128K
512K (16p), 1M (24/32p)
or 1.5M (40p)
1M (XL) or 128K (LE) /
Slot
5M (XL) or 640K (LE) /
Unit
Security & QoS ACL Entries 36K 3K
128K
(64K ingress and 64K in
egress)
64K 256K (XL) / 64K (LE)
SPAN Sessions & Type8 Bi-directional
SPAN, RSPAN,ERSPAN
8 Bi-directional
SPAN, RSPAN
8 line rate bidirectional
SPAN/RSPAN sessions
(ingress and egress)
2 Bi-directional, 14 TX,
RSPAN, ERSPAN & VACL
2 Bi-directional, 14 TX,
RSPAN, ERSPAN &
VACL
* Roadmap
Features & Scale C9500 C3850-FiberC4500X
(32x10 GE Port Base SKU)C6840-X C6880-X
SD-Access Capable Yes Yes No Yes Yes
Fabric enabled Wireless Yes Yes No No No
MPLS Yes Yes No Yes Yes
NAT/PAT Yes No No Yes Yes
AVC using NBAR2 Yes Yes No No No
AVC using DNS-AS Yes * Yes * YesYes (Roadmap) Yes (Roadmap)
IOS XE 16.x Yes YesNo
(Runs IOS XE 3.x)No No
256-bit MACsec Yes Yes No No No
Stackwise Virtual Yes Yes Only VSS mode Only VSS mode Only VSS mode
Containers/App Hosting Yes No No No No
GIR Yes No No No No
Patching Yes No No No No
Programmability - Python
ScriptingYes Yes * ? No No
Programmability -
NETCONF/REST/GRPC
interfaces (GA) with base
Native YANG models
Yes * Yes Yes No No
AVB Yes * Yes No No No
ETA Yes No No No No
Catalyst 9500Campus Aggregation and Fixed Core Comparison
* Roadmap
$909.460
$888.730
C3K/4K C9K
Built-in Benefits
DNA Advantage SD-Access DNA Scale (256 VRF) x86, UADP 2.0 Larger Table Scale Stackwise-Virtual ETA 2x10G uplink priced same as
2x40G uplink LLW on 4500X vs ELLW on
C9500
Significant Customer benefits with DNA Advantage at 2% lower price
New Fixed Core move to 40G as you migrate to C9K
C4500X C4500XAggregation
Access
Scenario-1:
C3K/4K
2x10G
C3850
C3850
C3850
C3850
C3850
C3850
2x10G
C9500 C9500Aggregation
Access
Scenario-2: C9K
2x40G
C9300
C9300
C9300
C9300
C9300
C9300
2x40G
Assumptions:
• 20 wiring closets each with a stack of three switches
• 24P 10G 4500X IP Services, 48P 3850 IP Base, each stack with one 2x10G NM
• 12P 40G C9500 DNA-A, 48P C9300 DNA-A, each stack with one 2x40G NM
• ALC pricing with services included (SNT/SSSNT)
-2%
Catalyst 9400/930010/40G Mini Modular Coreor HighEnd Access
Catalyst 9400: State of the Art High Availability
Only Campus
Access platform
in the industry to
support ISSU
N+1 Power supply redundancySafeguard against power supply failure
Dual Supervisors with sub 50ms ISSU* & NSF/SSO
“Transparent” line card designMinimal on-board components for very high MTBF
Unique uplink redundancyUplinks of failed supervisor continue to remain active
Redundant Fans
N+1 Fan redundancy within Fan-tray;Up to 2 minutes of fan-less operation for servicing fan-tray
N+N Power Supply RedundancySafeguard against power circuit failure
Catalyst 9400 – SUP1XL, SFP LCs
C9400-LC-24XS
24-Port SFP/SFP+
Nov `17
Nov `17
C9400-SUP1XL
Up to 120G per slot
Sup1XL – Up to 120G
Per Slot
Distribution Template
with Sup1XL*
Fiber to the desktop
Collapsed Access
Distribution
SDA Border
Template*Note: 120G per slot on 7 Slot
Full Portfolio readiness in 7 and 10 Slot chassis for 4K Migration
Catalyst 9400 – mGig & PoE+
48x 10/100/1000 Data 48x 10/100/1000 UPoE
24x 1G + 24x mGig UPoE
Shipping
24x mGig + 24x 1G
PoE+ for price
neutral transition
192 ports of mGig
Nov `17
Highest mGig Port Density in the Industry
Catalyst 9300
Now `18
Shipping
Highest 2.5G/mGig in
the Industry
Modular uplinks with
1G,mGig,10G and 40G
Unmatched PoE
resiliency
X86 CPU and
Application Hosting* -
Roadmap
Model driven
Programmability and
Telemetry
Routed Access – Now Available Everywhere
2960L
Lan Lite
includes
Routed Access
Default-route
Static
RIP
2960X
Lan Base
includes
Routed Access
RIP
EIGRP Stub
(Q2FY18)
OSPF(200 routes)
PBR
PIM Stub Multicast
(up to 200 routes)
3650/3850/4500E
Lan Base
includes
Routed Access
RIP
EIGRP Stub
(Q2FY18)
OSPF (1000 routes)
PBR
PIM Stub Multicast
(up to 1000 routes)
3650/3850/4500E
IP Base
includes
Routed Access &
VRF
3 Virtual Networks
for SD-Access
IOS 15.2(6)E IOS 15.2(6)E IOS XE 16.6/3.10E IOS XE 16.6/3.10E IOS XE 16.5
C9K
Network Essentials
includes
Routed Access
RIP
EIGRP Stub
OSPF (1000 routes)
PBR
PIM Stub Multicast
(up to 1000 routes)
Software innovationsPower of Polaris
MPLS Features
L3VPNMP-BGP
Multicast VPNDraft-Rosen
L2VPNEOMPLS
VPLS
IPv6 VPN6PE
6VPE
Polaris | UADP | Standards-based
M
CE MPLS Backbone
CE
CE
PEPE
PESource
Receiver
ReceiverMDT
Multicast VPN
CE
PE
CE
IPV6 IPV6P PE
IPv4 MPLS Enabled
IPv6 VPN – 6PE/6VPE
MCE
MPLS BackboneCE
PEPE
PE
L3VPN
L3 VPN
CE
PE
CE
L2 L2
P PE
EOMPLS
VP
LS
L2VPN – EOMPLS/ VPLS
L3VPN
Multicast VPN - DraftRosen
Catalyst 9K - MPLSShipping
StackWise virtual architectureUnified forwarding architecture
• Cisco® StackWise® Virtual supports fully distributed forwarding architecture
• Centralized unicast/multicast topology development with real-time sync to enable accelerated performance
• Optimal switching data path calculation for low-latency application, improving user experience
Distribution
SW-1 SW-2
Catalyst 9000 Series Catalyst 9000 Series40G/10G
Access
Core
Core
• Expensive Upgrades - Business Loss
• Each device upgrade causes Network outage
Cost
• Reduced IT staff slows software roll out
• Physical presence required
Time
• New Code requires bug analysis, certification
Scope
Software Upgrades are Challenging
SMU Point Fixes
Reduces Validation –
Scope & Time
SMU Types
• Cold Patching (traffic-affecting)
• Install of a SMU will require a system reload in the first release
• Hot Patching (non traffic-affecting)
• Hot Restart of the patched process can be supported in the future
• Install of a SMU will not require a system reload
• ISSU (non traffic-affecting)
• Install the SMU using the ISSU mechanism
• Will be available only on switches with Redundant CPU’s
Installing a SMU
9300#install add file flash:cat9k-universalk9.2017-03-
17_21.53_zhangyu.301.CSCuo76464.SSA.smu.bin
install_add: START Sun Mar 26 01:13:29 UTC 2017
SUCCESS: Finished copying package(s) to the selected switch(es)
SUCCESS: install_add /flash/cat9k-universalk9.2017-03-
17_21.53_zhangyu.301.CSCuo76464.SSA.smu.bin Sun Mar 26 01:13:31 UTC 2017
Adding a SMU file
Activating SMU 9300#install activate file flash:cat9k-universalk9.2017-03-
17_21.53_zhangyu.301.CSCuo76464.SSA.smu.bin
install_activate: START Sun Mar 26 01:14:12 UTC 2017
2 install_activate: Activating SMU...
This operation requires a reload of the system. Do you want to proceed? [y/n]y
2 install_activate: Reloading the box to complete activation of the SMU...
9300#install commit
install_commit: START Sun Mar 26 01:24:41 UTC 2017
SUCCESS: install_commit Sun Mar 26 01:24:43 UTC 2017
Any failures/reloads between activate and commit result in a rollback
Committing it
Prioritize SMU based
on Risk Analysis
PSIRTs & Critical
Applicability to
customer’s deployed
features
Evaluate Impact on
Operations
Hitless/Reload
Customer
Benefits
SMU Applicable
• Platform
• Release
List of SMUs Available
•Recommended
•Optional
SMU Impact
•Reload or Hitless
•Applicable to features deployed
Optional Reloadable SMU SSH Defect – Recommended 23-Dec-2017
Catayst 9k
Catayst 9k Switch
Catayst 9k Switch
Catayst 9k Switch
Cat9k
Cat9k
Problem: SMU Life Cycle Mgmt. at Scale is a challenge with (1) Device types (2) Sw versions
There are three potential solutions
CLIProgrammable APIs(3rd Party tools -
Chef/Puppet/Ansible)
Controller (APIC-EM
DNA-C)
Small Scale Deployments
Per Device Access
Full Control
Mass Scale Deployments
Standard Programmatic Interfaces
• Open Standards APIs
• Consistent across multiple
platforms
Script Support (Shell, Perl, Python)
Mass Scale Deployments
SMU Analysis
SMU Life Cycle Mgmt
SMU Alerts and Notification
SMU Orchestration across Geo’s
Why GIR ?
Hardware
Replacement
Software
Upgrades
Configuration
Changes
Wish to Isolate a node with no or minimal impact
L2
L3 ISIS,BGP
Shutdown
Protocol Exchange
Shutdown
Isolating a node
today Manually
done via CLI’s and
Scripts
L2
L3 ISIS,OSPF*
9300#start maintenance Template default will be applied.
Do you want to continue?[confirm]
*Mar 25 17:43:20.162: %MMODE-6-
MMODE_CLIENT_TRANSITION_START: Maintenance Isolate
start for router isis 1
*Mar 25 17:43:50.213: %MMODE-6-
MMODE_CLIENT_TRANSITION_COMPLETE: Maintenance Isolate
complete for router isis 1
*Mar 25 17:43:50.213: %MMODE-6-
MMODE_CLIENT_TRANSITION_START: Maintenance Isolate
start for shutdown l2
*Mar 25 17:44:20.214: %MMODE-6-
MMODE_CLIENT_TRANSITION_COMPLETE: Maintenance Isolate
complete for shutdown l2
*Mar 25 17:44:20.214: %MMODE-6-MMODE_ISOLATED: System
is in Maintenance
Set-overload-bit
L2 Shutdown
Shutdown
Order for Maintenance:
BGP -> IGPs in parallel (EIGRP, OSPF, OSPFv3,
ISIS) -> L2
9300#start maintenance Template default will be applied.
Do you want to continue?[confirm]
*Mar 25 17:43:20.162: %MMODE-6-MMODE_CLIENT_TRANSITION_START: Maintenance Isolate start for
router isis 1
*Mar 25 17:43:50.213: %MMODE-6-MMODE_CLIENT_TRANSITION_COMPLETE: Maintenance Isolate complete for
router isis 1
*Mar 25 17:43:50.213: %MMODE-6-MMODE_CLIENT_TRANSITION_START: Maintenance Isolate start for
shutdown l2
*Mar 25 17:44:20.214: %MMODE-6-MMODE_CLIENT_TRANSITION_COMPLETE: Maintenance Isolate complete for
shutdown l2
*Mar 25 17:44:20.214: %MMODE-6-MMODE_ISOLATED: System is in Maintenance
Default Template
User-Defined
Template
9300#show system mode maintenance template default
System Mode: Normal
default maintenance-template details:
router isis 1
shutdown l2
9300#conf t
Enter configuration commands, one per line. End with CNTL/Z.
9300(config)#maintenance-template SEVT
9300(config-maintenance-templ)#router isis 1
9300(config-maintenance-templ)#exit
9300(config)#system mode maintenance
9300(config-maintenance)#template SEVT
9300(config-maintenance)#exit
50© 2010 Cisco and/or its affiliates. All rights reserved.
IGPs
go
parallel
“start maintenance” CLI
ISOLATE
SUPPORTED
PROTOCOLS
(if enabled)
Create snapshot
“before_maintenance”
EIGRP*: Poison routes with highest metric values
OSPF*: Refresh LSA with max metric
BGP*: Withdraw BGP routes
ISIS: Refresh LSPs with Overload bit set
Traffic diverted from switch
Switch is in
Maintenance mode
Switch is in
Normal
mode
Graceful Removal via “Isolate” Mode
Order for Maintenance:
BGP -> IGPs in parallel (EIGRP, OSPF, OSPFv3,
ISIS) -> L2
L2: Interface shutdown
Key Points• There MUST be a parallel traffic path bypassing the node in Maintenance
Mode for application data traffic to take.
• Node is “out of service”, but network is “in service”
• Node is not completely shutdown, but isolated from importantapplication data traffic. Node will still be processing management and somecontrol traffic.
• As per default behavior, different protocols will still be running on thenode, maintaining neighborship with peers
Benefits of GIR• Single step / command to take a node into Maintenance Mode
Easy for an end-user to use
• Fits well with Maintenance Window (MW) concept
Within the Maintenance Window, customer can do anything (debugging, s/w upgrade, h/w upgarde/replacement) on that node, without impacting service
• Consistent way of handling across protocols
Each protocol can do different things as part of ‘isolation’ activity
• Consistent way of handling across different Cat9k platforms
Most of the implementation is common / shared across platforms –less development effort
Customer observes the consistent behavior as well across platforms
Catalyst 9K Platform Transitions
Catalyst 3850 Fiber 48 portCatalyst 4500X
Backbone Switching Access Switching
9000 SeriesCatalyst 9400
Catalyst 9500
Catalyst 9300
Catalyst 3850 Copper Catalyst 4500-E
www.cisco.dk
Seminarkalenderen er
opdateret frem til og med
juni 2018
