Dubrovnik, Croatia, South East Europe 20-22 May, 2013 What’s … · Technical Marketing Engineer...
Transcript of Dubrovnik, Croatia, South East Europe 20-22 May, 2013 What’s … · Technical Marketing Engineer...
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Connect 1 1 © 2013 Cisco and/or its affiliates. All rights reserved.
What’s New in Campus Switching
Scott Hodgdon
Technical Marketing Engineer
Enterprise Backbone Business Unit
Dubrovnik, Croatia, South East Europe
20-22 May, 2013
AGENDA
Catalyst 4500-E / 4500-X Overview
Catalyst 6500 Overview
Catalyst 3850 Overview
Next-Generation Campus Architecture
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Connect 3
Next-Generation Campus Architecture
MDM Manager
Cisco Catalyst Switches
Wired Network
AnyConnect VPN
Cisco WLAN Controller
Wireless Network
One Network
Next-Generation Campus Architecture One Policy, One Management, One Network
Good
Identity Services Engine and TrustSec
One Policy
Cisco Prime Infrastructure
One Management
Dis
trib
ution
A
ccess
Core
Security Group Access
Simple, smart segmentation
Control Plane Protection
Protect critical system resources
What
You
Need to
Deploy
Flexible NetFlow Unprecedented
network Visibility
Medianet Makes high quality
Collaboration / Video plug ‘n play easy
Smart Install Zero-touch
deployments
EEM Automate your
network
Quad Sup VSS SSO
99.999% uptime
ISSU / EFSU Guarantees availability
Resilience Security
Smart
Operations
Application Visibility
and Control
What Features Enable It ? Next-Generation Converged Campus Architecture
Lead with Catalyst 6500 Sup2T
Backbone
Lead with Catalyst 6500 Sup 2T
Distribution
Lead with Catalyst 4K / 3K
Access
Campus
Positioning the Correct Solution Cisco Catalyst in the Campus to Support BYOD and Collaboration
Engineering Investments and Roadmap Follows Positioning
Data Center
Lead with Nexus 7000
Backbone
Lead with Nexus 7000
Aggregation
Lead with Nexus 5000/2000
Access
Cisco Catalyst
or Nexus?
Mobility/
BYOD
Security
Video Workload
Mobility VM
10G/
Virtualizatio
n
Energy
Efficiency
Switching Requirements Difference Between Campus and Data Center
Campus Catalyst Family - IOS
User Access Control / Segmentation 802.1X / Easy Virtual Networks (EVN)
Video Intelligence Medianet
Wired / Wireless Convergence Wireless Controller Integration
Application Visibility Flexible NetFlow, NAM-3 (NBAR2)
Power over Ethernet
UPOE, EnergyWise
Data Center / Cloud Nexus Family – NX-OS
Cloud Security and VM Awareness
Nexus 1000v, VSG, ASA, 1000v
VM Mobility
LISP, VXLAN, OTV
LAN / SAN Convergence
Unified Ports, FCoE
Fabric Scale & Resilience
FabricPath, vPC, Wire Speed 10/40/100G
Data Center Consolidation
VDC, FEX, DCNM
Your Requirements / Needs the Deciding Factor
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Connect 8
Catalyst 3850 Overview
NEW Catalyst 3850 Switch
Bui l t on C isco ’s Innova t ive “UADP” ASIC
The In te l l i gen t Swi tch fo r the Wor ld Connec ted
* Roadmap
Wireless CAPWAP Termination
Up to 2000 Clients per
Stack
40 Gbps Uplink Bandwidth
Line Rate on All Ports
FRU Fans, Power Supplies
Granular
QoS/Flexible NetFlow
Up to 50 APs/2000 clients per stack, and 40G per switch
480 Gbps Stacking Bandwidth
Stackpower
SGT/SGACL*
Full POE+
B e n e f i t s
• Built on UADP ASIC – Cisco’s Innovative Flexparser ASIC technology
• Eliminates operational complexity
• Single Operating System for wired and wireless
• 802.11n
• CleanAir
• VideoStream
• Radio Resource Management (RRM)
• Wireless Intrusion Prevention System (WiPS)
• 802.11ac Ready
Features
:
• Stacking
• Stackpower
• Flexible Netflow
• Granular QoS
• Trustsec*/Identity
• AVC/Medianet*
• Smart Operations
• EnergyWise*
Features
:
Single Platform for Wired and Wireless a • 2 0 + Ye a r s o f I O S R i c h n e s s – N o w o n W i r e l e s s
WIRELESS WIRED
Note: All features may not be
available on new platforms at
introduction but are expected to
be added within 12-18 months
Converged Access Deployment
Network Wide Visibility for Faster Troubleshooting
AP AP
Device Identification - Device Profiling*
Employee iPhone
connected
• Application level visibility – Flexible NetFlow, Wireshark*
• Media Troubleshooting – Medianet*
Employee joins webex
call on iPhone
Benefits
• Track applications at every hop - CAPWAP Tunnel terminated at the access switch
• Root cause issues quickly
AP CAPWAP Tunnel
* - Software Roadmap - within 12-18
months after FCS
Traditional Deployments Guest SSID can hog the bandwidth
Hierarchical Bandwidth Management • per SSID Bandwidth
Guest
BW allocation
AP
Guest
Enterprise
Single user can hog bandwidth
BW allocation
AP
Heavy Hitter
Fair Sharing
Heavy Hitter
(BW hog)
Usage based fair bandwidth allocation
Enterprise
Fair BW allocation
Heavy Hitter
Heavy Hitter
(BW hog)
Converged Access Deterministic SSID bandwidth
Enterprise
BW allocation
Guest
Enterprise
Guest
10% min BW 90% min BW
Catalyst 3850 - StackWise-480
1
3
• Improved Stack Bandwidth:
• 240 Gbps bi-direction
• 480 Gbps with spatial reuse
• Stateful Switch Over (SSO):
• Faster Convergence (vs 3750-X)
• Active-Standby model
• Improved Central synchronization on Active Switch for Wired+Wireless
• Tunnel SSO ensures AP, MA-MC connectivity during failover
• No Backward Compatibility with 3750 series
StackWise-480 Functionality a
StackPower on the Catalyst 3850 Series Delivering Unprecedented Power Availability and Flexibility
• Power Resiliency - Adaptable “pool of power” available to all stack members
• Provides “Zero-footprint” RPS i.e. power supply redundancy without an RPS
• Intelligent power shedding—turn off low priority PoE end devices in the event of a power supply failure
StackPower
Resiliency
StackWise-480 Role Designation a
Plug-and-play stack deployment
No need to configure the switch
New stack members are detected and included automatically
Known Deployment Model
Understanding Current Deployment Model The Wireless LAN Controller
• Wireless is an Overlay Network
• Software components within the
WLC today:
• Mobility Agent (MA) is responsible
for: – AP CAPWAP termination
– Maintaining client database
– Policy enforcement
• Mobility Controller (MC) is
responsible for: – Client Mobility
– Radio Resource Management (RRM)
– WiPS, Spectrum Management Access Points
5508 5508
Inter--Controller EoIP/CAPWAP tunnel
AP-Contoller CAPWAP tunnel
ISE Prim
e
MC MA
ISE Prime
Access Points
Better Scale and Bandwidth with Converged Access Separation of MA and MC
• Traditional Controllers continue to play
MA and MC
• Catalyst 3850 can play the role of both
MA and MC • Valid for Branch and small-medium campus
type deployments
• Moving the MA only to the Catalyst
3850 (typically in large campus) helps
with: • Improved Scalability – larger mobility
domains
• Increased wireless bandwidth
• Uniform wired/wireless policy enforcement
AP Capwap Tunnels Mobility Tunnels
Catalyst 3750
5508 or WISM2 with SW Upgrade or new 5760
New Catalyst 3850
MC
MA
MC
MA
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Connect 19
Catalyst 4500-E / 4500-X Overview
Catalyst 4500E – Lead Modular Access Building BYOD, Collaboration Ready Networks !
Dual Supervisor <200ms ISSU
Single Supervisor
4503-E
4507R+E
4510R+E
4506-E
2
LineCards
5
LineCards
5
LineCards
8
LineCards
POE, POE+ and Cisco UPOE Dual Core CPU for 3rd Party Apps (Wireshark)
1+1 Power Redundancy N+1 Fan Redundancy Scales up to 384p POE/PoEP & 192p of UPOE
Supervisor Engine 7-E
848Gbps Switching Capacity
4 x SFP+/SFP uplinks
384 10/100/1000 Ports
Supervisor Engine 7L-E
520Gbps Switching Capacity
2 x 10G SFP+/SFP uplink
240 10/100/1000 Ports
UNDISPUTED MARKET LEADERSHIP
110M+ Ports, 800K+ Systems
70% PoE/PoEP Port share
80% Adoption by Cisco Top Customers
48
G
24
G
Data PoE
WS-X4748-UPOE+E WS-X4748-RJ45-E
WS-X4648-RJ45V+E WS-X4648-RJ45-E
• UPOE 60W, IEEE
• 30W/port on all 48 ports
• 30W/port on 24 ports
3rd party validation
“Powerful stuff: New Cisco
switch delivers 60 watts to
the desktop”
• Two SKUs: 16/32p
• One 8p expansion module
• 1 RU form factor
• Redundant PS and fans
• AC/DC PS options
• Dual Airflows
Versatile Design
Cisco Catalyst 4500-X Portfolio At-a-Glance Designed for 10G Space Constrained Campus Aggregation
Shipping
• Best for Video
• Best for Network Telemetry
• Best for Network Virtualization
• Best for IPv6/IPv4 routing
• Best for Multicast
Best In Its Class
8p expansion module
1624p 1G/10G 3240p 1G/10G
8p expansion module
Traditional Design
Catalyst 4500-X Virtual Switching System (VSS) a
Available in IP Base
VSS Design
Catalyst 4500-X Virtual Switching System (VSS) a
Available in IP Base
VSS Feature Comparison Catalyst 4500 E/X vs Catalyst 6500
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Connect 25
Catalyst 6500 Overview
Items in PURPLE are BYOD, Collaboration and Video enablers.
SUP720 SUP2T
L2 MAC Table 96K 128K
Bridge Domains 4K 16K
TrustSec / SGT – Yes
VNET Trunk (EVN) – Yes
40G Interfaces – Yes
System Bandwidth 720 Gbps 2 Tbps
L3 Interfaces 4K 128K
NetFlow Table 128K/256K 512K/1M
Flexible NetFlow – Yes
Hitless ACL Updates 32K Yes
Medianet 2.2 – Yes
VPLS / A-VPLS Requires WAN
Module
Yes (Native
on PFC4)
VSS Quad Sup SSO – Yes
Sup2T Overiew
Scalability Enhancements Next-Gen Campus with Supervisor 2T
4X Scalability 3X Performance
Cisco Prime
New PFC4 Featuring
Improved Levels of
Performance and
Scalability Along
with New Enhanced
Hardware Features
USB-Based
Console Support
Connectivity
Management Processor
(CMP)
New MSFC5
Supporting
Dual Core CUP and
Single IOS Image
Improved Switch Fabric
Providing 80G/Slot
40G Fiber – Sup2T
6904
FourX LR4 SR4
1G Fiber and Copper – Sup2T
Fiber
High-Perf.
Access
6824
6848
6848
6148 45AT
Copper
Access
Sup2T
Services Modules – Sup2T and Sup720-10G
WiSM2
NAM-3
ASA-SM
What to Deploy for Next-Gen Campus Catalyst 6500 Portfolio
10G Fiber and Copper – Sup2T
40G/Slot
80G/Slot
6816 6816
6908
6904
Sup720-10G
6716 6716
6704 6708
10G Fiber and Copper 40G/Slot for Sup720-10G
Fiber 6724
6748
High-Perf
Access. 6748
6148 45AT
Copper
Access
1G Fiber and Copper for Sup720-10G
Scalability Enhancements Next-Gen Campus with Supervisor 2T
6800 Series with DFC4
• 40G/slot with integrated DFC4 • 1GB DRAM on all modules • 24 and 48 ports 1GbE fiber • 48 ports 10/100/1000 copper • 16 ports 10GbE fiber and 10GBASE-T • Available in standard and XL sizes
Distributed Forwarding Performance, at Central Forwarding Price
6900 Series with DFC4
• Non-blocking 80G/slot performance • Wire rate MACsec • Virtual switching link (VSL) • Large packet buffers (256 MB/port) • X2 transceiver or SFP+ with adapter • Available in standard and XL sizes • LISP-ready
Doubled System Performance, with Distributed Forwarding
CFP-40G-SR4 FourX
CFP-40G-LR4
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Connect 29
Sup2T Sup720
Supported 6704, 6724, 6748 with CFC
Special TMP Program for Upgrade 6708-10G Fiber
WS-F6K-DFC4-E 6716-10G/10T with DFC3
WS-F6K-DFC4-A 6704, 6724, 6748 with DFC3
6148E, 6148A, 6148-SFP, 6196 61xx Series
NAM/-1/2/3, ACE20/30, WiSM-1/2
FWSM, ASA-SM Service Modules
Not Supported (Use Sup720-10G or ASR for WAN)
WAN Modules
Not Supported (ASA-SM to get IPSEC VPN)
VPN SPA
Not Supported 6000, 6200, 6300, 6400, 6500, 6600
Series of Ethernet Modules
VSS Quad SUP SSO
10GE
Si Si
LACP or PagP LACP
Monitoring Server
Access Switch or ToR or Blades
Traditional VSS
10GE
Si Si
LACP or PagP LACP
Monitoring Server
Access Switch or ToR or Blades
Simplified Network Design • Spanning Tree and First-Hop
redundancy protocols eliminated
• Single touchpoint manageability
Double
Bandwidth Utilization • With Active-Active
Multichassis EtherChannel
(LACP/ PagP)
• 1+1 Supervisor
redundancy for dual-
attached devices
SSO Sync SSO Sync
SS
O S
yn
c
SS
O S
yn
c
Deterministic and
Automated Recovery
• Maximize network throughput
with VSS Quad Sup SSO
• 1:1 (active/standby) supervisor
redundancy for single and
dual attached devices
Quad Sup VSS SSO with Sup2T Provides Optimal Continuity BYOD Infrastructure Resiliency
VSL
SSO Sync
VSS Active VSS Hot Standby VSS Active
VSS In-chassis
Hot Standby VSS In-chassis
Hot Standby
SSO
Sync
SSO
Sync
VSS Hot Standby
Automated and Deterministic
Sub-second Recovery
Quad Sup VSS SSO with Sup2T : A Closer Look BYOD Infrastructure Resiliency
• Targeting Enterprise and Service Provider customers
Where routing neighbor is managed by a different organization
Prevent OSPFv2 reconvergence after a Supervisor switchover event
Routing neighbors are not informed of the switchover event protocols state is maintained
• Alternative to Non-Stop Forwarding or Graceful Restart
SiSi
SiSi
Sup2T & Sup720 ✔
15.1(1)SY
router ospf 1
router-id 1.1.1.1
nsr
network 192.168.0.0 0.0.255.255 area 0 !
OSPFv2 Non-Stop Routing (NSR) a
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Connect 33
Director discovers client via CDP 1.
New switch issues DHCP discover 2.
Director adds options to DHCP offer 3.
Client retrieves image, config via TFTP
4.
Client reboots with new configuration and image
5.
Client group 2 Client group 1
Director
LAN/WAN
TFTP, DHCP servers
TFTP
CDP
DHCP
~20
Minutes
Smart Install Simplified Operations
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Connect 34
Thank you.