Upload
cisco
View
122
Download
6
Embed Size (px)
Citation preview
New Solutions in Cisco Switching
Dave FusikConsulting Systems Engineer – Federal Defense SalesCCIE# 4768, CCDE# 20130070
February 2017
Agenda
Evolving Networking Trends and Requirements
Introduction to the Digital Network Architecture
DNA Secure Campus Fabric
Campus Switching Platforms and Innovations
Data Traffic will
Grow 10x* by 2019
IT has to Support
More User & Non-User
(IoT) Devices
IT has to Manage
an Increased
Threat Landscape
Why are companies spending so much?
$60B Spent on Network Operations Labor and Tools
*
Enterprise Networks Today are Complex…
Dealing with
Disparate Networks
Defining Policies for
LAN, W-LAN & WAN
Adding Resources
to Scale
Setting Up
Segmentation
VLAN 1 VLAN 2 VLAN 3
WAN
Branch A
VLAN A
Branch A
VLAN B
RemoteVLAN B
HQ
Source: 2016 Cisco Study
Traditional Networking CANNOT Keep Pace with the Demands of Digital Business
OpEx spent on Network Visibility & Troubleshooting
Policy Violations Due to Human Error
Network Changes Performed Manually
95%* 70%* 75%*
…and Have Multiple Operational Challenges
Source: 2016 Cisco Study
Cisco Digital Network Architecture (DNA)
Lower RiskReduce Cost
and ComplexityInnovate FASTER
New Network Requirements for the Digital Age
Insights &Actions
Security & Compliance
Automation& Assurance
HOW is theNetworkEvolving
with DNA?
Automation
Abstraction & Policy Control from Core to Edge
Network-Enabled Applications
Collaboration | IoT | Mobility | Security
Infrastructure
Physical & Virtual | App Hosting
Analytics
Network Data, Contextual Insights
Open & Programmable | Standards-Based | Secure
Open | Developer Friendly | Secure
Software Driven | Extensible | Cloud Enabled | Secure
Cisco Digital Network ArchitectureOverview
Business
Agility
Cost
Reduction
Security &
Compliance
Cisco Internal Use Only – Do Not Review Externally without NDA
Abstraction
Zero touch deployment
Day 0 to Day N
Lower TCO
Published North bound API’s
Cisco and Partner Apps
Openness
Benefits of DNA Software Defined Network (SDN) Automation
ControlAutomation
Brownfield and Greenfield
Embedded best practices
Massive Simplicity
Programmability
Centralized policy
Network wide deployment
Dynamic Network Agility
Masking Network Complexity, Exposing Network Intelligenceto Achieve | Lower TCO | Better ROI | Reduced Risk
.
Cisco Digital Network ArchitectureSimple and Powerful to Support Business and Mission Outcomes
Abstraction andAutomation for
Faster Results
Analytics and Assuranceto Provide Insights
and “Close the Loop”
Simplicityto Match the
Speed of Business
SecurityIntegrated
into the Network
Cisco DNADigital Network
Architecture
Advanced, Multi-Core, Feature-Rich Routing Silicon
QFPQuantumFlow Processor
Fully Programmable:leveraging the many features of IOS-XEwith hardware performance
Scalable: Massive number of CPU cores (40/64), abilityto cascade multiple QFPs = consistent high performance
Advanced on-chip QoS: 100,000+ hardware-based queues, sophisticated traffic shaping and control
Secure: linkage to high-performance crypto capability for secure WAN transport
Extensible Architecture:ability to scale both up and down—the foundation for a long-lived family of high-performance, flexible routing silicon
Operational and Services Uniformity: Routing, Switching, and Wireless consistency
New Foundational Capabilities: HA and operational leadership, state decoupling, net database…
Speed of Innovation Velocity:“Code once and Re-use Many” acrossmultiple places in the network
Foundation for Virtualization: providing for network hosting and integration of virtualized functions (VNFs, containers)
Platform for the Future:the “software stage” for thenext wave of Cisco innovation…
IOS-XE 16.xThe Evolution of IOS
Taking the Proven Strengthsof IOS to the Next Level
Building on that Strong Foundationof Hardware and Software Innovation
UADPUnified Access Data Plane
Flexible, Programmable, High-Performance Switching Silicon
Fully Programmable:excellent flexibility, ability to handlenew encaps (VXLAN, GPE, etc.) –hardware speed, with software elasticity
Scalable: Massive recirculation bandwidth and low recirculation latency provide excellent tunneling and services support for traffic flows
Advanced on-chip QoS:client–level granularity, sophisticatedbandwidth shaping, with integratedon-chip NetFlow for visibility
Secure: integrated on-chip supportfor MACsec encryption (AES-128, CBC)
Extensible Architecture:ability to scale both up and down –the foundation for a long-lived family ofhigh-performance, flexible switching silicon
“People that are really serious about software should build their own hardware”100% Cisco-developed programmable silicon: unlocking the power of DNA at hardware speeds
Orchestration
Platform
Provisioning | Segmentation | Policy | Services | Insights | Telemetry | Troubleshooting
The FINAL Piece of the Puzzle
Orchestration Software
To be delivered 2017
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 16BRKCRS-2700 16
Cisco APIC Enterprise Module
Cisco and Third Party Applications
Network Devices –Catalyst, ASR, ISR
REST API
Security QoS IWAN Network PnP
Masking Network Complexity, Exposing Network Intelligence.
Cisco APIC-EM – Enterprise ControllerOverview
• GRE / mGRE
• MPLS / VPLS
• GETVPN / DMVPN
• CAPWAP
• LISP
• OTV
• DFA
• ACI
Examples of Network Overlays
What exactly is a fabric?
A Fabric is an OverlayAn “Overlay” is a logical topology used to virtually connect devices, built on top of an arbitrary “Underlay” physical topology.
An “Overlay” network often uses alternate forwarding attributes to
provide additional services, not provided by the “Underlay”.
What exactly is a Fabric?Overlay Terminology
Overlay Control Plane
Underlay Control PlaneUnderlay Network
Hosts
(End-Points)
Edge DeviceEdge Device
Overlay Network
Encapsulation
Flexible Overlay Services
• Mobility - Track Endpoints @ Edge• Distribute and partition state to network edge
• Flexibility - Topology Independent• Policy based on Overlay attributes only
• Programmability
Simple Underlay Forwarding
• Physical Devices and Paths
• Intelligent Packet Handling
• Maximize Network Availability
• Simple and Manageable
Separate the “Forwarding Plane” from the “Services Plane”
What exactly is a Fabric?Why Overlays?
1. LISP-based Control-Plane
What is unique about Campus Fabric?Key Components – LISP
Topology + Endpoint Routes
Prefix Next-hop189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
192.58.28.128 171.68.228.121
189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
192.58.28.128 171.68.228.121
189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
192.58.28.128 171.68.228.121
189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
192.58.28.128 171.68.228.121
Prefix Next-hop189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
192.58.28.128 171.68.228.121
189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
192.58.28.128 171.68.228.121
189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
192.58.28.128 171.68.228.121
189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
192.58.28.128 171.68.228.121
BEFOREIP Address = Location + Identity
Prefix Next-hop189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
192.58.28.128 171.68.228.121
189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
192.58.28.128 171.68.228.121
189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
192.58.28.128 171.68.228.121
189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
192.58.28.128 171.68.228.121
Prefix Next-hop189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
192.58.28.128 171.68.228.121
189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
192.58.28.128 171.68.228.121
189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
192.58.28.128 171.68.228.121
189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
192.58.28.128 171.68.228.121
Endpoint
ID Routes
Consolidated
to LISP DB
Flexible
Distributed
Database
Reduced Routes
Prefix RLOC189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
22.78.190.64 171.68.226.121
Prefix Next-hop189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
192.58.28.128 171.68.228.121
Prefix Next-hop189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
192.58.28.128 171.68.228.121
Prefix Next-hop189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
192.58.28.128 171.68.228.121
Prefix RLOC189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
22.78.190.64 171.68.226.121
Prefix Next-hop189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
192.58.28.128 171.68.228.121
Prefix Next-hop189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
192.58.28.128 171.68.228.121
Prefix Next-hop189.16.17.89 171.68.226.120
22.78.190.64 171.68.226.121
172.16.19.90 171.68.226.120
192.58.28.128 171.68.228.121
AFTERIdentity Decoupled from Location
Topology Routes
Endpoint Routes
1. LISP-based Control-Plane
2. VXLAN-based Data-Plane
What is unique about Campus Fabric?Key Components – VXLAN
ORIGINAL
PACKETIP PAYLOADETHERNET
PACKET IN
LISPIP PAYLOADLISPUDPIPETHERNET
IP PAYLOADETHERNETVXLANUDPIPETHERNETPACKET IN
VXLAN
1. LISP-based Control-Plane
2. VXLAN-based Data-Plane
3. Integrated CTS
What is unique about Campus Fabric?Key Components – CTS
IP PAYLOADETHERNETVXLANUDPIPETHERNETPACKET IN
VXLAN
VN & SGT*
What is unique about Campus Fabric?Key Components
LISP based Control-Plane
VXLAN based Data-Plane
Integrated Cisco TrustSec
Key Differences
• L2 + L3 Overlays (vs. L2 or L3 Only)
• Host Mobility with Anycast Gateway
• Adds VRF + SGT into the Data-Plane
• Virtual Tunnel Endpoints (No Static)
• No Topology Limitations (IP reach)
Control-Plane Nodes – Map System that manages the Endpoint to Gateway (Edge or Border) relationship. Contains host tracking database and acts as map server and map resolver.
Edge Nodes – The L3 Gateway device (Access or Distribution), that connects Endpoints to Fabric. Responsible for endpoint registration, mapping of user to group, VXLAN encap / decap, and LISP forwarding.
User / Group Repository – External ID Store device (e.g. ISE or AD) can be leveraged to provide dynamic User / Device to Group mapping.
Border Nodes – The L3 Gateway device (Core), that connects External L3 network(s) to Fabric. Fabric domain exit point responsible for advertising EID subnets, mapping of LISP instance to VRFs and SGT policy mapping
Intermediate Nodes – Normal L3 (IP) Forwarders in the Underlay.
ISE / AD Host DB
Control-Plane
Nodes
User / Group
Repository
Campus FabricRoles & Responsibilities
Fabric Intermediate
Nodes (Underlay)
Fabric Domain
(Overlay)Fabric Border
Nodes
Fabric Edge
Nodes
Campus Fabric Validated Design
• Reference Network Architecture
• Cisco DNA evolution from existing campus LAN designs
• Detailed guides highlighting overview requirements and configurations for deployment
http://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Oct2016/CVD-CampusFabricDesign-2016OCT.pdf
Provision
Simplified ProvisioningDeploy devices into your network using world class “prescriptive
configurations” with minimum clicks…
SecuritySegmentation
X Simple Segmentation constructs to build
Secure boundaries for “users and things”
Monitor Troubleshoot
Health Scores and other key metrics to keep track
of key network resources with “click to resolve” intelligent problem resolution…
Intelligent
Policy
Network Wide
Policy enforcementfollows users irrespective of location, or place in network, with
every policy administered from a central dashboard…
Contextual
Analytics
More deep and meaningful
Insights and Telemetryinto user and application behavior…
The Future of Enterprise Networking
Collaboration Security
Endpoints
APICEM
Branch
BusinessAgility
AutomatedEnterprise
ConsistentPolicy
InvestmentProtection
DNA Secure Campus FabricSummary
Integrated Mobility
Analytics
Catalyst Access PortfolioFrom essential connectivity to Unified Access for next-generation workspaces
UNIFIEDWORKSPACE
• Secure, reliable access
• Low TCO & energy-efficient
Competitive Feature Set at Compelling Prices
BYOD Video Mobility
Converged Wired/Wireless Access
• Scale and performance
• Resiliency & high availability
• Application Visibility
• Cisco TrustSec
Fe
atu
res
Scale
12/24p 1G 1RU Aggregation
Comprehensive
Borderless Feature Set
Highest Performance and Scalability
Lower TCO
Industry-Leading Campus Backbone Platform
FIXED
Fe
atu
res
Scale
Catalyst Backbone Portfolio
Up to 80 10G Ports5 RU Core
MODULAR
Featu
res
Scale
Up to 40 10G Ports
2RU, NG Backbone
16p/32p 1 RU10GE Aggregation
12p/24p/48p 10G 1RU Aggregation
(*)4500-E can be used opportunistically
Catalyst 3850 – Platform Overview
Wireless CAPWAP Termination
Up to 50 APs/2000 clients per stack, and 40G per switch
Modular Uplinks4 x 1G2 x10G 4 x 10G*
Stackpower
Line Rate on All Ports
Multi-Core CPU
480 Gbps Stacking Bandwidth
Full POE+SKUs with UPOE
FRU Fans, Power Supplies - HA
Granular QoSFlexible Netflow
SGT/SGACL
24 or 48 ports 10/100/100Data only or PoE+/UPOE
*4 X 10G uplinks are
available only on 48-port
switches
Built on Cisco’s Innovative “UADP” ASIC
Optional StackWise-160 9 member Stack
Dual FRUPower Supplies
FRU Fans
Full Netflow/QoSfor wired / wireless / QoS in Stack
SGT/SGACL
Full POE+
40G WirelessCapacity Per Switch
Fixed Uplinks4 x 1G2 x10G
4 x 10G (*1)
EEE
MACsecHW Ready
Multi-Core CPU
Line Rate on All Ports
802.11n802.11ac
25 AP’s and 1000 Clients Per Stack
(*1) 4 X 10G uplinks are available only on 48-port switches
Catalyst 3650 – Platform Overview
Built on Cisco’s Innovative “UADP” ASIC
Jan
2013
Oct
2013
May
2014
Jan
2015
Built on Cisco’s Innovative “UADP” ASIC
Catalyst 3850Stackwise-480,
Stackpower
Data/PoE/PoE+/UPoE
FRU Uplinks
Catalyst 3650Stackwise-160,
-
Data/PoE/PoE+/
Fixed Uplinks
Catalyst 3850 SFPStackwise-480,
Stackpower
12 and 24 Port Versions
FRU Uplinks
Catalyst 3850 mGigStackwise-480,
Stackpower
24 and 48 Port Versions
Stacks with any Catalyst 3850
Growing Catalyst 3K Family
Jun
2015
Catalyst 3850 SFP+Stackwise-480,
Stackpower
12 and 24 Port Versions
Enabling 10G Aggregation in
1RU Form Factor
And Another one…
Catalyst 3650 Mini - 12 Inch Deep
11.625 inches
3650 mini
17.625 inches
3650
Migration Option for 3750v2 Customers…
Catalyst 3650 Mini: 24 Port and 48 Port Switches
WS-C3650-24PDM
Fixed Power Supply & Fans
Front to Back Airflow
WS-C3650-48FQM
11.62”
deep
Flexible
Netflow
Converged AccessUADP ASIC
StackWise-160
RPS 2300support
What the Mini Offers
Expands Cisco® Unified Access to small spaces and tight wiring closet designs
Easily stacks with Cisco Catalyst 3650 access switches
Supports converged wired and wireless networks in a stack configuration
Provides network architects with increased flexibility and speed with PoE+ and 10G uplinks
Reduced noise and small form factor make it ideal to deploy where real estate is a premium
Has the same features, Cisco IOS® XE Software, and management as Cisco Catalyst® 3650 access switches; everything is compatible
• Multigigabit in Smallest form Factor
• Ideal for Retail, Branch
• PoE / PoE+
• Industry Leading Fixed Access
• 24 & 48 Port Stackable Switches
• 24 & 12 Multigigabit Ports
• Best In Class Modular Access
• 12 Ports of Multigigabit per slot
• Up to 96 Multigigabit ports per system
Catalyst 4500E Catalyst 3850 Catalyst 3650
Aironet 3800 Series
• Dual radio, 802.11ac Wave 2, 160 MHz
• Combined Data Rate 5.2Gbps w/ Flexible Radio Assignment
• Gigabit Ethernet & Multigigabit Ethernet (1G, 2.5G, 5G)
• Just Launched !!!
• 24 & 48 Port Stackable Switches
• 8 & 12 Multigigabit Ports
• UPOE & 40G Ready
Catalyst 3560CX More to come!
Catalyst Multigigabit Technology Portfolio
New
Catalyst 3850 Multigigabit Switches
Stackable with other 3850 Switches
24-port Catalyst 3850 Mulitgigabit Switch48-port Catalyst 3850 Multigigabit Switch
Downlinks:
36 x 1G LineRate 10/100/1000BASE-T,
PoE/PoE+/UPoE, EEE, MACSec
12 x GE/mGig/10GT –100M/1GE/mGiG/10GBASE-T,
PoE/PoE+/UPoE, EEE, MACSec, LineRate
Uplinks:
4x10GE SFP+, 2 x 40G, 8x10G
Downlinks:
• 24 x GE/mGig/10GT
• EEE, MACSec
• PoE/PoE+/UPOE
Uplinks:
4x10GE SFP+, 2 x 40G, 8x10G
Catalyst 4500 MultiGigabit Line Card
12 mGig Ports, 36 10/100/1000 Ports
Innovation with Investment Protection
Supported with Supervisor Engine 7 and 8 on all 4500-E chassis
Q2CY15
Mode
1mGig Lite Mode48p 1GE UPOE - First 12p mGig (12Gbps)
Mode
2
Mode
3
mGig Enhanced Mode12p mGig UPOE (24Gbps) + 24p 1GE UPOE
mGig Performance Mode12p mGig UPOE (48Gbps)
UPOE, EEE, MACSec
48
Catalyst 3650 Multigigabit Switches
Hard to compete against the value of 3650 mGig!
Competitive 48-port mGig Entry Level 24 port mGig
12 mGig ports 8 mGig ports
New Uplinks2x10G, 4x10G
New 2x40G and 8x10G
New Uplinks2x10G
New 4x10G
Higher SpeedsAdaptive Rate Technology
1G, 2.5G, 5G and 10G
Future Proofed for Higher speeds
Cat5e, Cat6, Cat6a
Investment
ProtectionCable Infrastructure is costly
and time consuming to upgrade.
Stackable with all 3650 & 3650
Mini Switches
Industry
Leading
Power OptionUPoE 60W
PoE+ 30W
PoE 15.4W
Healthcare Education Finance Manufacturing Retail Hospitality
MultiGigabit is Driving High Speed in Campus
Machin Vision Cameras,
Professional Surveillance
Digital Imaging
Server in a Branch
11ac Wave2 APs
Uplinks for Access
Extension
3800 APs
C3560-CX
Shipping
Typical Use Case – Next Gen Mobility with 802.11ac Wave 2
Existing Gigabit infrastructure
is insufficient to handle .11ac
growth beyond 1Gbps
Gigabit Ethernet has been
around since 1999 and has
now become the bottleneck
Market needs an innovative
technology to support >1Gbps
over existing cables
Limited to 1GE!
Cat 5e Cables
WiFi @ 1G>1G
The Solution – Cisco Multigigabit Technology Powered by NBASE-T
Delivers up to 5X Speeds in Enterprise without replacing Cabling Infrastructure
2.5-5G!
Cat 5e Cables
WiFi > 1G
Multigigabit
SwitchMultigigabit
Capable AP
Is a game-changing technology
allowing enterprise networks to
evolve beyond 1G
Enables 2.5 and 5 Gbps up to
100m on legacy cables
Supports all PoE standards
up to 60W
Cisco Multigigabit with
MultiGigabit Cabling Investment Protection
Cable
Type
1G 2.5G 5G 10G
Cat5e 100m 100m 100m * NA
Cat6 100m 100m 100m 55 m
Cat6a 100m 100m 100m 100m
Auto-negotiation of All Speeds Supported
across All cable Types
Brownfield Deployments Can Leverage
Existing Cat5e/Cat6 extending ROI and
Support Speeds at 2.5G and 5G up to a
distance of 100m*
Greenfield Deployments with Cat6a will
Support 10G But Can Also Now Support
Speeds at 2.5G and 5G at a Distance of 100m
* 5Gig on CAT5E may be limited to < 100 meter in certain cable
configurations
UPoE is supported on 3850 and 4500E
802.3bz
Ethernet Alliancehttp://www.ethernetalliance.org/wp-
content/uploads/2016/09/EA_IEEE802bz_FINAL_26Sep16.pdf
Multigigabit Speeds are now Standard!
Network World:http://www.networkworld.com/article/3124948/lan-wan/ieee-sets-
new-ethernet-standard-that-brings-5x-the-speed-without-disruptive-
cable-changes.html
EEE Post:http://standards.ieee.org/findstds/standard/802.3bz-2016.html
Cisco Blog:http://blogs.cisco.com/enterprise/nbase-t-alliance-achieving-a-new-
industry-standard
What is different b/w IEEE 802.3bz and NBASE-T ?
All Multigigabit Products
will be IEEE 802.3bz
standard based with a
software upgrade
The software upgrade is
planned the next 2 – 4
months
Most of IEEE 802.3bz is
same as NBASE-T
The auto Negotiation in
IEEE 802.3bz is different
A software upgrade is needed to comply
with IEEE 802.3bz standard
Catalyst 3850 Resiliency - StackWise-480
5
• Improved Stack Bandwidth:
• 240 Gbps bi-direction
• 480 Gbps with spatial reuse
• Stateful Switch Over (SSO):
• Faster Convergence (vs 3750-X)
• Active-Standby model
• Improved Central synchronization onActive Switch for Wired+Wireless
• Tunnel SSO ensures AP, MA-MCconnectivity during failover
• No Backward Compatibility with 3750 series
A
S
StackPower on the Catalyst 3850 SeriesDelivering Unprecedented Power Availability and Flexibility
Power Resiliency - Adaptable “pool of power” available to all stack members
Provides “Zero-footprint” RPS i.e. power supply redundancy without an RPS
Intelligent power shedding—turn off low priority PoE end devices in the event of a power supply failure
StackPow er
MPLS Features
• Label Distribution Protocol
LDP
• MPLS QOS
• BFD
• MPLS TraceRoute/LSP Ping
• MPLS L3VPN-IPv4
PE-CE Protocols : Static, RIP,
EIGRP, OSPF
PE-P Protocols: OSPF & ISIS
MP-IBGP
CE PPE
PE
P
P
CE
P
PE
PE
CE
CE
MPLS Domain
Label switched path
LDP L3VPN
UADPIOS 16.x
L3 VPN and Campus Segmentation
MPLS in the Access Shipping
Why Cat3K in Fixed Core & Aggregation?
Programmable ASIC IOS XE 16.x Simplified Positioning
High
Performance
Stackwise
Technologies
Investment
ProtectionModern OS
Run Any
Feature
Anywhere
Campus
Fabric,
MPLS,
Programmab
ility
Simplified Positioning with Programmable ASIC & Modern OS
Single
Product
Consistent
Features
Solid
Foundation
And there is one more !!!
Line Rate – 640G Switching Capacity
Introducing 48 Port 10G SFP+ Version of Catalyst 3850
Catalyst 3850 10G – Fixed Core & Aggregation Shipping
C3850-NM-8x10G
C3850-NM-2x40G
C3850-NM-4x10G
C3850-NM-4x10G
4 x QSFP Fixed
Leveraging the Power of IOS XE 16.x
Line Rate on all Ports
12 x 10G SFP+ & Stackwise+
24 x 10G SFP+ & Stackwise+
48 x 10G SFP+ Standalone
Catalyst 3850 Stackable Fiber Switches
Additional deployment options
Supports converged wired and wireless networks in a
stack configuration
Also works in standalone configurations
Flexible port density: 12 or 24 gigabit fiber ports
The same features, Cisco IOS® XE Software, and
management as Cisco Catalyst® 3850 access switches;
everything is compatible
Easily stacks with Cisco Catalyst 3850 access switches
WS-C3850-12S
WS-C3850-24S
Catalyst 3850 48-Port 10G SFP+ Switch
Supports converged wired and wireless networks in a
stack configuration
4-Port 40G QSFP Uplinks
IP Base or IP Services Feature set
Optional AirFlow: Front-to-Back or Back-to-Front
The same features, Cisco IOS® XE Software, and
management as Cisco Catalyst® 3850 access switches;
everything is compatible
UADP ASIC in Catalyst 3850/3650 Enables Convergence
Built on UADP
• Unified Access Data Plane
• Unique and powerful Cisco innovation
• Hardware performance with
software flexibility
• Optimized Performance• CAPWAP encapsulation/de-capsulation,
Flexible Netflow, QoS happens in ASIC forline rate performance
• Future Proofed and Programmable
• Flexparser enables new software features
(like SDN) over the product lifetime
• UADP is used across multiple platforms
• Catalyst 3850/3650, Sup 8E, WLC5760
SW-1 SW-2
WS-C3850-48XS WS-C3850-48XS40G/10G
CoreStackwise Virtual
3850-48XS in 16.3.3
EFT Starting
16.3.2
40G/10G
VSL Link
Dual Active
Detection
Fast Hello
ePAgP*
Target
H1CY17
3850-12XS and 3850-24XS in 16.6.1 planned
One Platform, Various Solutions
• Stacked Together - Other than 48 Port 10G Version
• Collapsed Core Access
• 9 Members OR 32 ASICs
• Converged Access Across the Family
• Stack Power, Modular Uplinks
• New Uplink Options
Based on a Common ASIC and Architecture
Catalyst 4500E Campus Portfolio
4503-E
4510R+E4507R+E
4506-E
Four Chassis Options
7 and 10 Slot with Sup Redundancy
POE: WS-X4748-UPOE+E
Data: WS-X4748-RJ45-E
Port Scale:
Access and Collapse Agg
384 10/100/1000 POE/PoE+/UPOE
96 SFP+ , 192 SFP
Power Supply
Maximize UPOE/POE+/POE delivery
Fully Loaded 10-Slot with POE PWR-C45-9000ACV PWR-C45-6000ACV PWR-C45-4200ACV
Supervisors
Traditional and Wireless Convergence
928G Wired, 20G Wireless WS-X45-SUP8-E/L-E WS-X45-SUP7-E/L-E
1GE: WS-X4712-SFP-E;
WS-X4724-SFP-E;
WS-X4748-SFP-E
10GE: WS-X4712-SFP+E
Works in all existing 4500-E chassis Up to 50APs
2000 Clients
8 SFP+ 10G/1G UplinksNon-blocking
928Gbps total capacity
UADP Daughtercardfor wireless integration (*)
Faster CPU
Modular Value Proposition• Investment Protection to UA Arch• 3,6,7 and 10 slot chassis
• In Service Software Upgrade forwired/wireless
Services•Complete wired/wireless integration
•Application Visibility for Collaboration Protocols (Flexible NetFlow, Wireshark)
Scale• 48G/slot - 928Gbps Switching Capacity
• 20G Wireless Termination
• 100% more Uplink Bandwidth vs 7E
Supervisor 8-E on Catalyst 4500E
* Available as of IOS XE 3.7.0
Performance & Scale
Cisco and/or its affiliates. All rights reserved.T-EN-05-I Cisco Public
Introducing Supervisor 8L-E
Supported on4500-E chassis
4 SFP/SFP+ 1G/10G Uplinks
Enterprise Fabric Ready
Faster CPU
Attribute Sup8LE Sup8E
Uplinks 4 x SFP+ 8 x SFP+
Port Scale 240 384
Chassis
Support
3,6,7 3,6,7,10
FIB Table Size
(V4/V6)
64K/32K 256K/128K
Campus
Fabric
Converged
Access
Not
supported
Low End Supervisor Based on Sup8E
Shipping
10GE Now
40GE Later
QSFP-40G-SR4
QSFP-40G-CSR4
QSFP-40G-SR-BD
QSFP-40G-LR4
… more
Future Proofing with 10G to 40G Adapter
C6800-8P-10G
15.3(1) SY w Sup6T
C6800-16P-10G
C6800-32P-10G
Reverse SFP to QSFP Adapter Can Upgrade Your 10G Ports to 40G
40G Adapter
QSFP
SFP+
15.4(1) SY w Sup2T
Shipping
2R height
19” depth
CVR-TRAY-88 QSFP Adapter Tray – Full 19” Rack Mount Cable management integrated in
chassis design
• 8 x CVR-4SFP10G-QSFP
• 2 RU Tray Height • Cable Routing on Both Sides
• Cable Slack inside Tray (enclosed)
• Venting on Sides & Back (70% open)
Shipping
Why N7K in Campus ?
Highly Scalable
Architecture
Better Design
Options
N7K Technologies
• High Port Density
• Redundant Fabric
Architecture
• Up to 83 Tbps of
Switching Capacity
• Flexible pipeline
capabilities
• Virtualization
(VDC & VPC)
• High Availability
(ISSU, GIR)
• Collapsed Core &
Aggregation
• Common Core for
DC & Campus
Nexus 7700 Chassis Family
Front Rear
26RU
N77-C7718
Nexus 7718
Front Rear
14RU
N77-C7710
Nexus 7710
Front Rear
9RU
N77-C7706
Nexus 7706
Back
Front
Back
Front
True Front to back Air-flow for Campus Deployments
Front RearN77-C7702Front
Back
3RU
Nexus 7702
Supervisor Engine 2E
• System supervisor engines providing control plane and management functions
• High performance, Two quad-core 2.1GHz CPU with 32GB DRAM
• Connects to fabric via 1G inband interface. The switching fabric does not reside on the CPU, hence providing true data plane and control plane separation.
• Interfaces with I/O modules via 1G switched EOBC . Every I/O module has a dedicated link to the SUP.
• Onboard central arbiter ASIC
Controls access to fabric bandwidth via dedicated arbitration path to I/O modulesN77-SUP2E
Crossbar Switch Fabric Modules
• Provide interconnection of I/O modules
• Nexus 7700 fabrics based on Fabric 2 ASIC
• Each installed fabric increases available per-payload slot bandwidth
• Different I/O modules leverage different amount of available fabric bandwidth
• Access to fabric bandwidth controlled using QOS-aware central arbitration with VOQ
Fabric Module Supported ChassisPer-fabric module
bandwidth
Max fabric
modules
Total bandwidth per
slot
Nexus 7700 Fabric 2 7706 / 7710 / 7718 220Gbps per slot 6 1.32Tbps per slot
N77-C7718-FAB-2
N77-C7710-FAB-2
N77-C7706-FAB-2
220Gbps440Gbps660Gbps880Gbps1100Gbps1320GbpsLocal Fabric
#1 (480G)
Local Fabric
#1 (960G)
Local Fabric
#1 (1.2T)
Fabric
#2
Fabric
#2
Fabric
#2
I/O Module Capacity – Nexus 7700
One fabric:
• Any port can pass traffic to any other port in VDC
Three fabrics:
• 480G M3 10G module has maximum bandwidth
Five fabrics:
• 960G M3 40G module has maximum bandwidth
Six fabrics: 1.2T M3 100G module has maximum bandwidth
per slot bandwidth
Fabric 2 Modules
1Fabric
ASICs
2Fabric
ASICs
3Fabric
ASICs
4Fabric
ASICs
5Fabric
ASICs
6Fabric
ASICs
Nexus 7700 M3 I/O Modules
• 10G / 40G / 100G F3 I/O modules
• Share common hardware architecture
• SOC-based forwarding engine design
2 independent SOC ASICs per 10G module
4 independent SOC ASICs per 40G module
6 independent SOC ASICs per 100G module
• Layer 2/Layer 3 forwarding with L3/L4 services (ACL/QOS) and advanced features (MPLS/LISP/SGT/GRE/VXLAN etc.)
N77-M348PX-23L / N77-M324FQ-25L
Module Port Density Optics Bandwidth
M3 10G 48 x 1/10G (plus Nexus 2000 FEX support) SFP+ 480G
M3 40G 24 x 40G (or up to 76 x 10G + 5 x 40G via
breakout)
QSFP+ 960G
M3 100G 12 x 100G (Pre-order available – FCS Dec2016) QSFP28 1.2T
N77-M348PX-23L
N77-M324FQ-25L
Nexus 7K Modular Series
Nexus 7700 M3 100G
Modules
12x 100G QSFP28 Ports
375MB per 100G port
Nexus7000 48p 10G,
& 24p 40G M3 Line Cards
48x 1/10G SFP+ Ports
31.25MB Buffer per 10G port
24x 40G QSFP Ports
125MB Buffer per
40G/port
48x 1/10G SFP+ Ports
31.25MB Buffer per 10G port
24x 40G QSFP Ports
125MB Buffer per 40G/port
Nexus7700 M3 10G &
40G Modules Large Table Size & Packet Buffers -
2M FIB (1M @ FCS), 128K ACL/QoS
384K MAC (128K @ FCS)
MACSEC 256-bit AES
Superset of all Features on previous M & F Cards
+
Persistent PoE (FCS+1)
EEE downlinks
Bluetooth Console Access
800MHzCPU
1.5 MB per ASIC
2 x 1G or 4 x 1G
Cisco IOS®
SoftwareImage
Fanless Operation
Up to 370W PoE+
ELLW
Shallow depthUp to 11.5”
EnergyWise™ Management
Type-A USB for
storage and
Bluetooth dongle
Versatile
Form Factor
Fanless & Quiet
Operation
Award Winning
Cisco® TAC SupportEnergy Efficiency
Simplified
Management
Introducing Catalyst 2960-L SeriesEntry-Level Fixed Access in Most Compact Form Factor
8x/16x/24x/48x 1Gbps
ports at the price of
100mbps
Cisco Internal & Partner Only
Shipping
FlexStack+80Gbps stacking
NetFlow Liteon all ports
4 or 8 queues per port
(2960-XR)
EEE downlinks
Redundant FRU PSU option
(2960-XR)
Dual-CoreCPU
MACsec Ready
4 MB of Buffers
Power SavingDeep Sleep Modes
2 x10G or 4 x 1GUplinks(fixed uplinks)
SignedIOS images
L3 Features(2960-XR)
24 or 48 GE ports (line-rate)
Intelligent Wired Access
Catalyst 2960-X/XR – Platform Overview
FlexStack+ Doubles FlexStack Scale/Performance
Mix & match models1G/10G, 24/48-port, PoE/data
Stack up to 8Up to 384 GigE ports with 2960-X and 2960-XR
80 Gbps throughput2x 2960-S FlexStack performance
Mix & match series2960-X, 2960-S, 2960-SF (up to 4 at 40Gbps)
8 AM – Day StartsEverything Active3-10% Power Saving: High Efficiency Power Supply
12 Noon – Lunch HoursLow Ethernet Traffic Power Savings EEE or Energy Efficient Ethernet
5 PM – Office ClosesEnergyWise Energy Saver30%+ Power Savings
6 PM – Back Office TasksDownlink Hibernation Mode, ½ W Savings/Port24W Saving/48 Port
9 PM & Weekends – Everything closesSwitch Hibernation Mode6 Watt vs 50 Watt
The Greenest Catalyst Access Switch Ever
The Quiet and Fanless 2960X Cool SKU
WS-C2960X-24PSQ-L
MULTIPLE USE CASES
110W PoE on 8 ports 24x1G downlinks2x1G SFP & 2x1G Cu
Retail
Ideal in retail outlets to connect a POS
machine, phone, ringer, video display
with network and PoE powering. Suited
for mounting in confined spaces in the
floor
NetFlow Liteon all ports
11 inch depth, 1RUHigher MTBF rates
Education
Extend access to labs, classrooms and
other training rooms from central/floor
distribution rooms. Reduce cable costs
and ideally suited for classrooms or
confined areas
Defense
Provide network and PoE connectivity
in mobile units to devices in
inconvenient locations reducing cables
and possible power failures. Ideal due
to quiet operation and longer MTBF
rates
Catalyst Compact Switch Portfolio
8 AND 12 PORT
MODELS
QUIET
(FANLESS)
EXTEND THE
CISCO NETWORK
FULL-SIZE
CAPABILITIESLOWER TCO
FAST ETHERNET
2960-C Portfolio
LAN Base
8 and 12 port FE
Data or PoE
2 x 1G Uplinks
E- LLW
Advanced Layer 2
GIGABIT ETHERNET
2960-CX 3560-CX
LAN Base
8 port GE
Data or PoE+
1G Uplinks
E- LLW
IP Base / IP
Services
8 and 12 port GE
Data or PoE+
1G or 10G
Uplinks
E- LLW
Advanced Layer 3 and Layer 2
AN EXPANDING ECOSYSTEM OF PoE DEVICES
Cisco PoE Innovation on the New Compact Switches
Industry’s first fanless portfolio with 240W PoE+
FULL PoE+
• Cisco Innovation: 240W
of PoE+ (8 x 30W)
• Fanless, silent
reliable operation
PERPETUAL PoE*
• Provides non-stop
PoE power
• Switch can continue to
provide PoE+ during
configuration and reboot
DC POWERED*
• Option to power over
18V-60V external
DC power supply,
supports PoE+
PoE PASS-
THROUGH*
Compact Switch in the Ceiling
Ethernet Cable
…
WiFi Access Point
IP Video Surveillance
Camera
Dense Sensor Network
(Light, Motion, CO2/CO, etc.)
Commercial LED PoEFixtures
Building Mgmt(Connected
HVAC)Wall Switch
Digital Ceiling Applications
• Upto 146W PoE+ when
switch is powered over
UPoE & Auxiliary AC/DC
power adapter
Reduced Powering Constraints with PoE Pass-Through
WS-C3560CX-8PT-S
POWERED with Cisco UPOE/PoE+
ELIMINATE THE NEED FOR HUNDREDS
OF METERS OF ETHERNET CABLING
• Support Up to 8 IP devices with a single Ethernet
cable drop
• Save $100–$1000/ cable drop depending on deployment
scenario
DEPLOY APPLICATIONS IN LOCATIONS
WITHOUT ACCESS TO POWER OUTLETS
• Compact Switch and PoE end devices powered by
upstream UPOE/PoE-capable switch/router
(Upto 70W of PoE+)
• Auxillary (External) AC and DC Power Option
(Upto 146W of PoE+)
4500-E
3850
No Power Supply
No Fan
Upto 8 PoE+
Devices