© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Connect 1 1 © 2013 Cisco and/or its affiliates. All rights reserved.

What’s New in Campus Switching

Scott Hodgdon

Technical Marketing Engineer

Enterprise Backbone Business Unit

Dubrovnik, Croatia, South East Europe

20-22 May, 2013

AGENDA

Catalyst 4500-E / 4500-X Overview

Catalyst 6500 Overview

Catalyst 3850 Overview

Next-Generation Campus Architecture

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Connect 3

Next-Generation Campus Architecture

MDM Manager

Cisco Catalyst Switches

Wired Network

AnyConnect VPN

Cisco WLAN Controller

Wireless Network

One Network

Next-Generation Campus Architecture One Policy, One Management, One Network

Good

Identity Services Engine and TrustSec

One Policy

Cisco Prime Infrastructure

One Management

Dis

trib

ution

A

ccess

Core

Security Group Access

Simple, smart segmentation

Control Plane Protection

Protect critical system resources

What

You

Need to

Deploy

Flexible NetFlow Unprecedented

network Visibility

Medianet Makes high quality

Collaboration / Video plug ‘n play easy

Smart Install Zero-touch

deployments

EEM Automate your

network

Quad Sup VSS SSO

99.999% uptime

ISSU / EFSU Guarantees availability

Resilience Security

Smart

Operations

Application Visibility

and Control

What Features Enable It ? Next-Generation Converged Campus Architecture

Lead with Catalyst 6500 Sup2T

Backbone

Lead with Catalyst 6500 Sup 2T

Distribution

Lead with Catalyst 4K / 3K

Access

Campus

Positioning the Correct Solution Cisco Catalyst in the Campus to Support BYOD and Collaboration

Engineering Investments and Roadmap Follows Positioning

Data Center

Lead with Nexus 7000

Backbone

Lead with Nexus 7000

Aggregation

Lead with Nexus 5000/2000

Access

Cisco Catalyst

or Nexus?

Mobility/

BYOD

Security

Video Workload

Mobility VM

10G/

Virtualizatio

n

Energy

Efficiency

Switching Requirements Difference Between Campus and Data Center

Campus Catalyst Family - IOS

User Access Control / Segmentation 802.1X / Easy Virtual Networks (EVN)

Video Intelligence Medianet

Wired / Wireless Convergence Wireless Controller Integration

Application Visibility Flexible NetFlow, NAM-3 (NBAR2)

Power over Ethernet

UPOE, EnergyWise

Data Center / Cloud Nexus Family – NX-OS

Cloud Security and VM Awareness

Nexus 1000v, VSG, ASA, 1000v

VM Mobility

LISP, VXLAN, OTV

LAN / SAN Convergence

Unified Ports, FCoE

Fabric Scale & Resilience

FabricPath, vPC, Wire Speed 10/40/100G

Data Center Consolidation

VDC, FEX, DCNM

Your Requirements / Needs the Deciding Factor

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Connect 8

Catalyst 3850 Overview

NEW Catalyst 3850 Switch

Bui l t on C isco ’s Innova t ive “UADP” ASIC

The In te l l i gen t Swi tch fo r the Wor ld Connec ted

* Roadmap

Wireless CAPWAP Termination

Up to 2000 Clients per

Stack

40 Gbps Uplink Bandwidth

Line Rate on All Ports

FRU Fans, Power Supplies

Granular

QoS/Flexible NetFlow

Up to 50 APs/2000 clients per stack, and 40G per switch

480 Gbps Stacking Bandwidth

Stackpower

SGT/SGACL*

Full POE+

B e n e f i t s

• Built on UADP ASIC – Cisco’s Innovative Flexparser ASIC technology

• Eliminates operational complexity

• Single Operating System for wired and wireless

• 802.11n

• CleanAir

• VideoStream

• Radio Resource Management (RRM)

• Wireless Intrusion Prevention System (WiPS)

• 802.11ac Ready

Features

:

• Stacking

• Stackpower

• Flexible Netflow

• Granular QoS

• Trustsec*/Identity

• AVC/Medianet*

• Smart Operations

• EnergyWise*

Features

:

Single Platform for Wired and Wireless a • 2 0 + Ye a r s o f I O S R i c h n e s s – N o w o n W i r e l e s s

WIRELESS WIRED

Note: All features may not be

available on new platforms at

introduction but are expected to

be added within 12-18 months

Converged Access Deployment

Network Wide Visibility for Faster Troubleshooting

AP AP

Device Identification - Device Profiling*

Employee iPhone

connected

• Application level visibility – Flexible NetFlow, Wireshark*

• Media Troubleshooting – Medianet*

Employee joins webex

call on iPhone

Benefits

• Track applications at every hop - CAPWAP Tunnel terminated at the access switch

• Root cause issues quickly

AP CAPWAP Tunnel

* - Software Roadmap - within 12-18

months after FCS

Traditional Deployments Guest SSID can hog the bandwidth

Hierarchical Bandwidth Management • per SSID Bandwidth

Guest

BW allocation

AP

Guest

Enterprise

Single user can hog bandwidth

BW allocation

AP

Heavy Hitter

Fair Sharing

Heavy Hitter

(BW hog)

Usage based fair bandwidth allocation

Enterprise

Fair BW allocation

Heavy Hitter

Heavy Hitter

(BW hog)

Converged Access Deterministic SSID bandwidth

Enterprise

BW allocation

Guest

Enterprise

Guest

10% min BW 90% min BW

Catalyst 3850 - StackWise-480

1

3

• Improved Stack Bandwidth:

• 240 Gbps bi-direction

• 480 Gbps with spatial reuse

• Stateful Switch Over (SSO):

• Faster Convergence (vs 3750-X)

• Active-Standby model

• Improved Central synchronization on Active Switch for Wired+Wireless

• Tunnel SSO ensures AP, MA-MC connectivity during failover

• No Backward Compatibility with 3750 series

StackWise-480 Functionality a

StackPower on the Catalyst 3850 Series Delivering Unprecedented Power Availability and Flexibility

• Power Resiliency - Adaptable “pool of power” available to all stack members

• Provides “Zero-footprint” RPS i.e. power supply redundancy without an RPS

• Intelligent power shedding—turn off low priority PoE end devices in the event of a power supply failure

StackPower

Resiliency

StackWise-480 Role Designation a

Plug-and-play stack deployment

No need to configure the switch

New stack members are detected and included automatically

Known Deployment Model

Understanding Current Deployment Model The Wireless LAN Controller

• Wireless is an Overlay Network

• Software components within the

WLC today:

• Mobility Agent (MA) is responsible

for: – AP CAPWAP termination

– Maintaining client database

– Policy enforcement

• Mobility Controller (MC) is

responsible for: – Client Mobility

– Radio Resource Management (RRM)

– WiPS, Spectrum Management Access Points

5508 5508

Inter--Controller EoIP/CAPWAP tunnel

AP-Contoller CAPWAP tunnel

ISE Prim

e

MC MA

ISE Prime

Access Points

Better Scale and Bandwidth with Converged Access Separation of MA and MC

• Traditional Controllers continue to play

MA and MC

• Catalyst 3850 can play the role of both

MA and MC • Valid for Branch and small-medium campus

type deployments

• Moving the MA only to the Catalyst

3850 (typically in large campus) helps

with: • Improved Scalability – larger mobility

domains

• Increased wireless bandwidth

• Uniform wired/wireless policy enforcement

AP Capwap Tunnels Mobility Tunnels

Catalyst 3750

5508 or WISM2 with SW Upgrade or new 5760

New Catalyst 3850

MC

MA

MC

MA

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Connect 19

Catalyst 4500-E / 4500-X Overview

Catalyst 4500E – Lead Modular Access Building BYOD, Collaboration Ready Networks !

Dual Supervisor <200ms ISSU

Single Supervisor

4503-E

4507R+E

4510R+E

4506-E

2

LineCards

5

LineCards

5

LineCards

8

LineCards

POE, POE+ and Cisco UPOE Dual Core CPU for 3rd Party Apps (Wireshark)

1+1 Power Redundancy N+1 Fan Redundancy Scales up to 384p POE/PoEP & 192p of UPOE

Supervisor Engine 7-E

848Gbps Switching Capacity

4 x SFP+/SFP uplinks

384 10/100/1000 Ports

Supervisor Engine 7L-E

520Gbps Switching Capacity

2 x 10G SFP+/SFP uplink

240 10/100/1000 Ports

UNDISPUTED MARKET LEADERSHIP

110M+ Ports, 800K+ Systems

70% PoE/PoEP Port share

80% Adoption by Cisco Top Customers

48

G

24

G

Data PoE

WS-X4748-UPOE+E WS-X4748-RJ45-E

WS-X4648-RJ45V+E WS-X4648-RJ45-E

• UPOE 60W, IEEE

• 30W/port on all 48 ports

• 30W/port on 24 ports

3rd party validation

“Powerful stuff: New Cisco

switch delivers 60 watts to

the desktop”

• Two SKUs: 16/32p

• One 8p expansion module

• 1 RU form factor

• Redundant PS and fans

• AC/DC PS options

• Dual Airflows

Versatile Design

Cisco Catalyst 4500-X Portfolio At-a-Glance Designed for 10G Space Constrained Campus Aggregation

Shipping

• Best for Video

• Best for Network Telemetry

• Best for Network Virtualization

• Best for IPv6/IPv4 routing

• Best for Multicast

Best In Its Class

8p expansion module

1624p 1G/10G 3240p 1G/10G

8p expansion module

Traditional Design

Catalyst 4500-X Virtual Switching System (VSS) a

Available in IP Base

VSS Design

Catalyst 4500-X Virtual Switching System (VSS) a

Available in IP Base

VSS Feature Comparison Catalyst 4500 E/X vs Catalyst 6500

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Connect 25

Catalyst 6500 Overview

Items in PURPLE are BYOD, Collaboration and Video enablers.

SUP720 SUP2T

L2 MAC Table 96K 128K

Bridge Domains 4K 16K

TrustSec / SGT – Yes

VNET Trunk (EVN) – Yes

40G Interfaces – Yes

System Bandwidth 720 Gbps 2 Tbps

L3 Interfaces 4K 128K

NetFlow Table 128K/256K 512K/1M

Flexible NetFlow – Yes

Hitless ACL Updates 32K Yes

Medianet 2.2 – Yes

VPLS / A-VPLS Requires WAN

Module

Yes (Native

on PFC4)

VSS Quad Sup SSO – Yes

Sup2T Overiew

Scalability Enhancements Next-Gen Campus with Supervisor 2T

4X Scalability 3X Performance

Cisco Prime

New PFC4 Featuring

Improved Levels of

Performance and

Scalability Along

with New Enhanced

Hardware Features

USB-Based

Console Support

Connectivity

Management Processor

(CMP)

New MSFC5

Supporting

Dual Core CUP and

Single IOS Image

Improved Switch Fabric

Providing 80G/Slot

40G Fiber – Sup2T

6904

FourX LR4 SR4

1G Fiber and Copper – Sup2T

Fiber

High-Perf.

Access

6824

6848

6848

6148 45AT

Copper

Access

Sup2T

Services Modules – Sup2T and Sup720-10G

WiSM2

NAM-3

ASA-SM

What to Deploy for Next-Gen Campus Catalyst 6500 Portfolio

10G Fiber and Copper – Sup2T

40G/Slot

80G/Slot

6816 6816

6908

6904

Sup720-10G

6716 6716

6704 6708

10G Fiber and Copper 40G/Slot for Sup720-10G

Fiber 6724

6748

High-Perf

Access. 6748

6148 45AT

Copper

Access

1G Fiber and Copper for Sup720-10G

Scalability Enhancements Next-Gen Campus with Supervisor 2T

6800 Series with DFC4

• 40G/slot with integrated DFC4 • 1GB DRAM on all modules • 24 and 48 ports 1GbE fiber • 48 ports 10/100/1000 copper • 16 ports 10GbE fiber and 10GBASE-T • Available in standard and XL sizes

Distributed Forwarding Performance, at Central Forwarding Price

6900 Series with DFC4

• Non-blocking 80G/slot performance • Wire rate MACsec • Virtual switching link (VSL) • Large packet buffers (256 MB/port) • X2 transceiver or SFP+ with adapter • Available in standard and XL sizes • LISP-ready

Doubled System Performance, with Distributed Forwarding

CFP-40G-SR4 FourX

CFP-40G-LR4

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Connect 29

Sup2T Sup720

Supported 6704, 6724, 6748 with CFC

Special TMP Program for Upgrade 6708-10G Fiber

WS-F6K-DFC4-E 6716-10G/10T with DFC3

WS-F6K-DFC4-A 6704, 6724, 6748 with DFC3

6148E, 6148A, 6148-SFP, 6196 61xx Series

NAM/-1/2/3, ACE20/30, WiSM-1/2

FWSM, ASA-SM Service Modules

Not Supported (Use Sup720-10G or ASR for WAN)

WAN Modules

Not Supported (ASA-SM to get IPSEC VPN)

VPN SPA

Not Supported 6000, 6200, 6300, 6400, 6500, 6600

Series of Ethernet Modules

VSS Quad SUP SSO

10GE

Si Si

LACP or PagP LACP

Monitoring Server

Access Switch or ToR or Blades

Traditional VSS

10GE

Si Si

LACP or PagP LACP

Monitoring Server

Access Switch or ToR or Blades

Simplified Network Design • Spanning Tree and First-Hop

redundancy protocols eliminated

• Single touchpoint manageability

Double

Bandwidth Utilization • With Active-Active

Multichassis EtherChannel

(LACP/ PagP)

• 1+1 Supervisor

redundancy for dual-

attached devices

SSO Sync SSO Sync

SS

O S

yn

c

SS

O S

yn

c

Deterministic and

Automated Recovery

• Maximize network throughput

with VSS Quad Sup SSO

• 1:1 (active/standby) supervisor

redundancy for single and

dual attached devices

Quad Sup VSS SSO with Sup2T Provides Optimal Continuity BYOD Infrastructure Resiliency

VSL

SSO Sync

VSS Active VSS Hot Standby VSS Active

VSS In-chassis

Hot Standby VSS In-chassis

Hot Standby

SSO

Sync

SSO

Sync

VSS Hot Standby

Automated and Deterministic

Sub-second Recovery

Quad Sup VSS SSO with Sup2T : A Closer Look BYOD Infrastructure Resiliency

• Targeting Enterprise and Service Provider customers

Where routing neighbor is managed by a different organization

Prevent OSPFv2 reconvergence after a Supervisor switchover event

Routing neighbors are not informed of the switchover event protocols state is maintained

• Alternative to Non-Stop Forwarding or Graceful Restart

SiSi

SiSi

Sup2T & Sup720 ✔

15.1(1)SY

router ospf 1

router-id 1.1.1.1

nsr

network 192.168.0.0 0.0.255.255 area 0 !

OSPFv2 Non-Stop Routing (NSR) a

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Connect 33

Director discovers client via CDP 1.

New switch issues DHCP discover 2.

Director adds options to DHCP offer 3.

Client retrieves image, config via TFTP

4.

Client reboots with new configuration and image

5.

Client group 2 Client group 1

Director

LAN/WAN

TFTP, DHCP servers

TFTP

CDP

DHCP

~20

Minutes

Smart Install Simplified Operations

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Connect 34

Thank you.