Switching und Routing Cisco ImPuls
Tobias Hülsdau, Systems Engineer
17. Januar 2017 Agenda
• Intro / DNA Strategy • Enterprise Switching • Enterprise Routing • Enterprise Management Introduction Cisco Digital Network Architecture
Network-enabled Applications Cloud Service Management Policy | Orchestration Insights & Open APIs | Developers Environment Experiences Automation Analytics Automation Principles Abstraction & Policy Control Network Data, from Core to Edge Contextual Insights & Assurance
Open & Programmable | Standards-Based Security & Virtualization Compliance Physical & Virtual Infrastructure | App Hosting
Cloud-enabled | Software-delivered Enterprise Switching Overview Switching
• Transitions to Higher Speeds & Positioning • Modular Campus Core – N7K • Fixed Core & Aggregation – Catalyst 3K • Campus Access – Catalyst 3K
• Catalyst 4K, 2K News
• Catalyst Digital Building (CDB) Switch Simplified Positioning for FY17
Lead with Catalyst 3K for Lead with Catalyst 3K for Lead with Nexus 7K for SDA, Campus Access Campus Aggregation and MPLS, Deep buffers Fixed Core Lead with N9K for Packet Pushing Core
. Catalyst 4500E for modular . Catalyst 6800 for specific agg access . Catalyst 6800 for customer features stickiness with Cat6K, and . Catalyst 2960X/L for low-end 1G/10G access Modular Campus Core Nexus 7K Nexus 7K Modular Series In EFT
NEW Q2’CY16 Nexus7700 M3 10G & Nexus 7700 M3 100G Target FCS Modules 2H’CY16 40G Modules Roadmap . Large Table Size & Packet Buffers - 2HCY17* . 2M FIB (1M @ FCS), 128K ACL/QoS . 384K MAC (128K @ FCS) Next Generation . MACSEC 256-bit AES . Nexus 7700 F4 . 12x 100G QSFP28 Ports . Superset of all Features on previous M & F Cards Modules: 36x40GE . 375MB per 100G port and 30x100GE Nexus7000 48p 10G, . Fabric Modules – Fab3, recommended . 24x 40G QSFP Ports & 24p 40G M3 Line Cards + for F4 Modules . 125MB Buffer per 40G/port
. 48x 1/10G SFP+ Ports . 48x 1/10G SFP+ Ports . 31.25MB Buffer per 10G port . 31.25MB Buffer per 10G port . 24x 40G QSFP Ports . 125MB Buffer per 40G/port
* Concept Commit Catalyst 6k Cisco Catalyst 6800 Family
6807-XL 6880-X 6840-X
• 7 slots 10RU • Up to 80x10G ports in • Up to 40x10G ports in 2RU • Up to 880G/slot capable 4.5RU • 4 models starting • Tremendous investment • Built-in sup with extensible 16x10GE ports protection slots • Compact aggregation • Optimized for 10/40/100G • Catalyst 6500 DNA with rich services • Built for scalability and • Optimized for 10G density, performance price, and rich services Reinventing Your Backbone Experience Supervisor 6T April 2016 Taking Catalyst 6800 to a New Level
1M IPv4 Route High-Scale Control 1M NetFlow Plane 256K QoS / ACL with 2.5GHz CPU
2 x 40G QSFP and 8 x 10G SFP+ uplinks
Improved Fabric Provides 440G/Slot in the 6807-XL SDA Ready Fiber & Copper VSS, Instant Access, Management and LISP, SGT, MACSEC, Console Ports HQoS, on all Ports * No CFC or Service Module Support
Feature Parity with Sup2T from Day 1: 3500+ Features © 2014 Cisco and/or its affiliates. All rights reserved. 11 Now Shipping Catalyst 6800 10G Portfolio 15.2(1)SY Providing Deployment Options C6800-32P10G C6800-16P10G C6800-8P10G
Common ASIC Architecture
Throughput in 6807 160G 80G 80G Native Optics: SFP / SFP+ SFP / SFP+ SFP / SFP+ Egress Buffer/port: 250 - 500 MB 250 - 500 MB 500 MB
Full-feature L2 / L3 IPv4 / IPv6, Full-feature L2 / L3 IPv4 / IPv6, Full-feature L2 / L3 IPv4 / IPv6, MPLS / VPLS capabilities. MPLS / VPLS capabilities. MPLS / VPLS capabilities. Hardware Features: 1M IPv4 Routes, 2M NetFlow, 1M IPv4 Routes, 1M NetFlow, 1M IPv4 Routes, 1M NetFlow, Performance mode Performance mode No Oversubscription
Large Buffers, 2 Level Shaping Large Buffers, 2 Level Shaping Large Buffers, 2 Level Shaping Additional (HQoS), Dual Priority Queues, (HQoS), Dual Priority Queues, (HQoS), Dual Priority Queues, Hardware Features: SGT, MACSEC, LISP, VSS, SGT, MACSEC, LISP, VSS, SGT, MACSEC, LISP, VSS, Instant Access Instant Access Instant Access
Global List Price $35,000 (45,000 for XL) $25,000 (35,000 for XL) $25,000 (35,000 for XL) Catalyst Access Switching 480 Gbps, 928 Gbps 100 AP WLC 100 AP WLC Redundant PSUs Redundant PSUs Stateful Switchover Stateful Switchover Flexible NetFlow Flexible NetFlow Wireshark Wireshark TrustSec TrustSec 160 Gbps StackPower Cisco UPOE 5025 AP WLC Cisco UPOE VSS Redundant PSUs Modular Uplinks ISSU Stateful Switchover mGIG mGIG Flexible NetFlow Mixed Stacking Fiber, Linecards Investment Wireshark Copper, 10G-T ** Protection TrustSec
Catalyst 3850 Catalyst 4500E Catalyst Catalyst 3650 Catalyst 2960-X Stackable access, Modular access, Stackable access, Stackable access, wired-wireless wired-wireless 2960-L PoE+ wired-wireless convergence, convergence, 1G Basic Access convergence, PoE+ UPOE / PoE+ UPOE / PoE+
*Software Update Middle CY2014 **Roadmap Catalyst 3K Fixed Core&Agg Access NOW NOW Catalyst DNA Innovations Shipping Shipping
AVC Plug N Play APIC-EM SD Access NEW NEW NOW NOW Q1CY17 Shipping Shipping on 3650 on 3650
Catalyst 3850 Enhanced Threat & PoE+/UPOE/Data UPoE Telemetry Analytics mGig Catalyst 3850 Q3CY16 NOW NOW 10G/40G NMs mGig Shipping Shipping NEW NEW
NEW Network as Sensor MPLS for campus 256 Bit MACSEC on 2K Catalyst 3850 Catalyst 4500- Sup 8LE 9000W Power NOW NOW 12/24p/48p 10G Fiber Supply Shipping Shipping
NEW Programmability EasyQOS One Policy with Identity Phase 1 Services Engine NEW NOW Q2CY 3650 mini 12” SKU Shipping 16
Catalyst 3650 mGig 3650 AVB Stack Wise Virtual High Availability with VSS, ISSU NOW and SSO Shipping
Lighting Enablers - CoAP Catalyst 2960X GE Layer-2 Stackable Switches 16.5.1
Core Stackwise SW-1 SW-2
40G/10G Virtual WS-C3850-48XS WS-C3850-48XS
Distributed Stacking Previously Dual Active EFT Starting 40G/10G Detection 16.3.2 VSL Link Fast Hello ePAgP* Cisco Multigigabit
Cisco Blog: Network World: http://blogs.cisco.com/enterprise/nbase-t-alliance-achieving-a-new- http://www.networkworld.com/article/3124948/lan-wan/ieee-sets- industry-standard new-ethernet-standard-that-brings-5x-the-speed-without-disruptive- 802.3bz cable-changes.html
Multigigabit Speeds are now Standard!
Ethernet Alliance EEE Post: http://www.ethernetalliance.org/wp- http://standards.ieee.org/findstds/standard/802.3bz-2016.html content/uploads/2016/09/EA_IEEE802bz_FINAL_26Sep16.pdf Cisco MultiGigabit Ethernet Key Differentiators
Maintain Switch to AP Reach at Higher Speeds Adaptive Rate Technology (FE, 1G, 2.5G, 5G, and 10G) Future proofed for higher speeds
Infrastructure Investment Protection Supports 100m distance with Cat5e cabling up to 5G speeds for Brownfield Supports Cat6a cabling for Greenfield deployments for higher speeds
POE/POE+/UPOE Cisco Innovation over 10GT Standard to support high end point power needs
Standards Compliant 1G and 10G BaseT IEEE standards, intermediate speeds work in progress in IEEE What Speeds Are Supported on MultiGigabit Ports?
10 M MultiGigabit Phys Are Different than 1Gigabit Phys
MultiGigabit Ports Are Capable of the Following Speeds 100 M 100M / 1Gig / 2.5Gig / 5Gig / 10Gig No 10M on MultiGigabit Ports 1000 M 2.5Gig and 5Gig Are Not Standard Yet – NBase-T Alliance working towards an IEEE standard 2.5 G The Non-MultiGigabit Ports Are the Same as Previous Line Cards / Products – Support 10M/100M/1Gig Speeds 5 G MultiGigabit Phys Are Same on Across our MultiGigabit Switch Family 10 G MultiGigabit Cabling Investment Protection
Cable 1G 2.5G 5G 10G Auto-negotiable Speeds – Interoperates with Type legacy ports at 100 Mbps and higher
Cat5e ✓ ✓ ✓ NA Brownfield Deployments can leverage existing Cat5e cables, extending ROI, and supporting speeds at 2.5G and 5G at a Distance of 100m Cat6 ✓ ✓ ✓ 55 m
Greenfield Deployments with Cat6a Will Support 10G – They can also support speeds at Cat6a ✓ ✓ ✓ ✓ 2.5G and 5G at a distance of 100m Programmability & Automation
Shipping YANG Shipping Python Models Bootstrap Model Driven Agent (PnP) ZTP Telemetry Shipping NET REST gRPC CONF CONF
Device Monitoring Provisioning Configuration
Day 0: Day 1: Day 2: Programmable Programmable Telemetry Bootstrap Interfaces Catalyst 4K And Catalyst 2K Base NaaS on Catalyst 2960-X/XR NEW!!
StealthWatch
Cisco Unique Solution for Network Security
. Reduce Threat Attack Surface . Full NetFlow with Network Sensing
. Improved Protection for . DNS-AS 50+ Apps Customers and Employees . 25 FPS/Switch License . Implementing NaaS brings 1 over 200% ROI 2 C1-based License Only (New) . Physical or Virtual Appliance
Forrester Report for StealthWatch1 2Purchase Separately Introducing Catalyst 2960-L Series Shipping Entry-Level Fixed Access in Most Compact Form Factor
ELLW 800MHz Fanless Persistent Up to CPU Operation PoE (FCS+1) 370W PoE+ EnergyWise™ Cisco Management IOS® Software Image
2 x 1G or Bluetooth 4 x 1G Console Access
EEE downlinks Type-A USB for 8x/16x/24x/4 1.5 MB per Shallow depth storage and 8x 1Gbps ASIC Up to 11.5” Bluetooth dongle ports at the price of 100mbps
Versatile Fanless & Quiet Award Winning Simplified Energy Efficiency Form Factor Operation Cisco® TAC Support Management Cisco Internal & Partner Only Initial installation and Manageability of 2960-L
Web UI Auto Recovery OTA Provisioning*
• Simple 4-step wizard for • Auto load image from • OTA Provisioning over consoleless initial USB file system if flash Bluetooth installation. is corrupted. • WEB UI access over • Auto configure the switch Bluetooth from configuration file in USB file system.
Type A USB slot for storage
• UI for monitoring and configuring the individual switch Introducing the Cisco Catalyst Digital Building Series 0.5W/Port Plenum Standby Perpetual Fanless Mobile Certified Power PoE App
IPV6 ready Long MTBF
Bluetooth ready Flexible and Modular mounting EEE options
8 Ux10/100M Switch 90% power 30-45 sec COAP POE/POE+ Hibernate reboot efficiency mode Optimized for Light and Building Deployments PoE Innovations for IOT in the enterprise
2-event classification Perpetual UPOE Fast UPOE
• Super Fast power • Uninterrupted POE • Bypasses IOS negotiation without power during control control plane boot up LLDP plane reboot • Restores power to • Physical layer Powered Device negotiation < 1s based within 30sec of power on Class/Type resumption
• Gets you to 30W fast • Gets you to 60W fast Immense interest at both Cisco Live and GSX - Thank you, lets keep the momentum going Enterprise Routing ISR Evolution
Time for migration to ISR4k is now!
ISR G2 ISR G2 ISR G1 ISR4221 1800 / 2800 / 3800 2900 / 3900 2900 / 3900
Timeline*
You are here December 2017 October 2016 Aug 2016 December 2016 End of Sale
End of Support Price increase New! * Not to scale. to Not * Important Note: No changes for the 1900 series DNA Offers: Secure WAN What to Sell NEW! 1-Year Limited Time Offer! Even More Value
QuickStart More Value, Same Price Vouchers3 • 1 Yr Umbrella Branch subscription1 • (OpenDNS) Cisco ONE Foundation • WAAS Central Manager On with ISR 4K • Akamai Connect2 Free APIC EM Premise 4 • 8GB DRAM | 8GB FLASH Appliance Up to 135% More Value
Easy Pay
Leverage the Cisco one Foundation Bundle to enable Container New C860VAE Series C866VAE-K9 ($575) Integrated Services Router
Memory • Desktop chassis with external power supply Flash • Cisco IOS feature set: C860VAE Default & Max: 128 MB • C860VAE: IP Base C860VAE-K9 Default & Max: 512 MB • C860VAE-K9: Advanced Security DRAM • Introduced with the 15.6(3)M release Default & Max: 256 MB • Embedded PnP Agent in IOS and Capability to load DSL FW
2-Port 10/100/1000 LAN Console Port/ Reset Virtual AUX Port Button
1-Port USB (2.0) WAN Ports: 866 = Multimode DSL (ISDN) OR GE 3-Port 10/100 Power Connector Security (Annex-B + Annex J) FE Switch & Switch Cable Lock 867 = Multimode DSL (POTS) OR GE FCS Target: Nov 2016 List Price: $1,195 ISR 4221 IOS Release: XE: 16.4
2 NIM slots 1 RU Desktop 4 GB RAM IOS-XE 35 – 75 Mbps 4G, DSL, Serial, 8 GB Flash Snort IPS T1, 13.5” wide GE LAN + WAN
• USB file storage • External AC Power • 1 RJ45 GE WAN • RJ45 Console & Aux • Rack & Wall mounts • 1 RJ45 + 1 SFP combo Shipping New UCS E-Series Portfolio
UCS-E180D
UCS-E160D
Scalability UCS-E160S 8-core, 1.8 GHz, 96 GB RAM UCS-E140S 6-core, 2.0 GHz, 96 GB RAM
UCS-EN120S 6-core, 1.9 GHz, 32 GB RAM UCS-EN140N 4-core, 1.8 GHz, 16 GB RAM
2-core, 2.0 GHz, 16 GB RAM 4-core, 1.0 GHz, 8 GB RAM M1 blades will be EOS by Q1 FY16 Performance ASR1000 Product Family Evolution RP3 EPA 40 - 200 Gb/sec ASR1013 Hardware redundancy 100 Gbps for slots 2 and 3
RP3 EPA 40 – 200+ Gb/sec Hardware redundancy ASR1009-X Support for up to 200 Gbps in every slot with ESP200-X and up More flexible power supply configuration Up to 78Gbps Crypto capacity RP3 EPA ESPX ASR1006-X 40 - 100 Gbps ESP100-X, ESP200-X and Hardware redundancy ESP400-X on roadmap with line 200 Gbps in every rate crypto More power flexibility ASR1002-HX RP3 EPA 40 – 100 Gbps Up to 39Gbps crypto High performance control plane with crypto assist. ASR1001-HX 60 Gbps 8 or 20Gbps crypto ASR1002-X 5 - 36 Gbps ASR1001-X 2.5 - 20 Gbps O365 and Single Sided SSL • Office 365 optimization support Branch • SMART-SSL acceleration for YouTube
• SMART-SSL HTTPS content caching from DIA the branch • Full SMBv3 optimization and prepositioning with signing and encryption WAN • Akamai Connect connection counts scale beyond 6,000 connections. DC • Prepositioning proxy and User Agent Support DIA Azure/Managed • Redhat/CentOS KVM Support Branch cloud WAAS is available on Azure Marketplace • Supported on release 6.2.x • Optimize IaaS and SaaS (O365) applications • Hourly licensing • 200,750,1300, 2500, 6000 and 12000 • D2_v2 and D3_v2 VM • Only routed and PBR redirection supported (Azure doesn’t support GRE) • One click solution template for easy deployment WebUI for ISR4K, ASR1K, CSR1000v
• First release is 16.2 (March 2016) • Come with the image - nothing needs to be installed • All is needed is to enable the http or https server • Access via http://
EoS Announcement for Cisco 2900 Series ISR EoS Announcement for Cisco 3900 Series ISR
www.cisco.com/go/860 www.cisco.com/go/isr4k www.cisco.com/go/asr1000 www.cisco.com/go/ucse www.cisco.com/go/waas
Performance page Partners http://www.cisco.com/c/en/us/products/collateral/routers/4000-series-integrated-services-routers- isr/white-paper-c11-734550.html UCS E - Performance http://www.cisco.com/c/en/us/products/servers-unified-computing/ucs-e-series-servers/datasheet- listing.html Automation & Orchestration APIC Application Policy Infrastructure Controller
Application Centric Infrastructure (ACI)
APIC
(DC) EM Data Center Enterprise Module (Nexus 9000) (Catalyst, ISR, ASR, Nexus 7k*, 6k*, 5k*, WLAN, NfV*)
*limited support Simplification Creates Agility
DO-IT-YOURSELF ASSEMBLY AND INTEGRATION READY TO GO
Faster Time to Market and Lower OpEx
Applications Are the Vehicle for Digital Business Cisco APIC-EM An Application Platform for Enterprise WAN and Access Networks
• Virtual (ISO VM) or appliance-based • Provides user policy abstraction and automation • Simplification of complex network configuration with Cisco® application best practices ® • Existing` and new installations (Catalyst , ISR, ASR, WLC)
Ready-to-deploy applications (March 2016): BENEFITS: IWAN (with a license) Brownfield support Plug-n-Play (free) Ready-to-use-applications Path Trace (free) Open, northbound API EasyQoS (free) Whats new in APIC-EM 1.3 Apps Independence Pluggable Service Architecture IWAN Path Trace
EasyQoS Lifecycle Mgmt.
• Better Footprint Alignment PnP Integrity Verification
• Improved Installation Experience
• Functional Scaling (PnP Only, IWAN Only Platform etc.)
• Better Patching Capabilities
• Faster Downloads Multi-Instance
As load increases…
• Dynamic Scaling based on Load Grapevine Appliance Grapevine Appliance Grapevine Appliance
• Faster Provisioning and Data Collection
• HA for select services with minimal disruption
• Enable Future Support for Seamless Cloud Upgrade and Near Zero downtime …Grapevine spins up more service instances in response…
* Future Support APIC-EM 1.x Footprint
As load increases…
• Lower Footprint (32GB) for smaller deployments
32 GB • Dynamic Sizing based on Scale 612 vCPU x vCPU • Horizontal and Vertical Performance Scaling
• Support for clustering of up to 3 nodes
• 32GB single node 250 wired/250wireless /6k hosts 32 GBx 6 vCPUx System Requirements
. Server: 64-bit x86 (Ubuntu 14.04 LTS) . vCPU: 6* . RAM: 32 or 64 GB (for single or Multi-host deployments) . Storage: 510 GB HDD ` . Browser: Google Chrome or Firefox . Hypervisor: VMware vSphere 5.1/5.5/6.0 (for Virtual Appliance)
* 12 vCPU for a single Node (32GB) Scale Numbers
` Network Access End Devices: Points: Hosts: 10000 10000 100,000
Note: These scale numbers are for the APIC-EM platform and the base applications. Some other APIC-EM applications might have different scale numbers. Single Node 32 GB 250/250/6k Topology
• Geo-Tagging (Mapbox) for easier management of network topology
• Tagging based on Civic Address or Zip code
• openStreemap support
• RBAC scope based topology view
• Improved UX
• Faster Topology Rendering
• Easier identification of collaboration endpoints such as Phones
• Ability to disaggregate multiple devices all at once Inventory
• API to pull LiveConfig, module and License Information from device Inventory
• Filters in Host Inventory for Faster Search
• Support for additional platforms (IE4k, IE3K )
• Auto Configuration of SNMP on devices
• Auto Configuration of IPDTBeta on devices
• Intuitive feedback on device failure status Discovery
• New Discovery UI for improved UX
• Easy identification of devices with failures for faster troubleshooting
• Editing of Existing Discovery Jobs
• Cloning of Discovery Jobs to quickly create new ones
• Discovery History to track changes RBAC – Scope Awareness
• Scope (Group) based awareness to allow user access to only select network resources
• Better alignment with Organizational structure and roles
• Supported for both Internal and External controller authentication
• Current Roles Supported: Admin, Policy Admin and Observer
Note: Installer Role cannot access the Cisco APIC-EM GUI. As such, they are not bound by an RBAC scope. EASYQoS What is New in EasyQoS GA+3 Release?
Moving App to General Availability Policy Configuration Preview Policy Rollback/Restore (…to brownfield QoS config) Policy Abort Advanced Consumer Policies Bidirectional Policies Extended Custom Application Options (Port Range, Subnets, DSCP) Custom Service Profiles (DSCP, BW, Class Models) UI Alerts about Pending Changes Faster Provisioning (1000 Devices in < 1hr) Improved User Experience APICAPIC--EMEM PnPPnP AppApp What’s new in PnP GA+3 Release?
Configuration Templates Template UI Text / Form / Preview Default variable substitution Device AAA Configuration Support Credential configuration (username & pwd) Global / device specific credentials Configuration Validation Syntax check Flag Non-ASCII & Control characters Per Device Management IP and Credentials PnP agent IPv6 Support Network Plug-n-Play Configuration Templates
Reduce configuration time required for deployment & bulk configuration updates
Option to define user created / system generated variables
Template backend support with global variables, scripting & CLI preview
Northbound REST API support Network Plug-n-Play Configuration Validation
. It is syntax checking, not semantics. . It does not check CLI command validity and` context. . It only checks if the uploaded configuration file contains non ASCII and control characters. Prime Infrastructure Search Driven Operations Search in Prime Infrastructure
• Network Devices
• Configuration Archive
• Client Session data
• Menu
• Alarms New Search in PI 3.1 Devices that Match the Search Criteria Operations Available: • Deploy Config Templates • Rollback Config to older version • Create group of devices that match criteria Deploy Config Changes to Select Devices Monitoring Simplified Next Custom Network Health Generation Reporting Maps
• Network • Visualize, • Easy to create troubleshooting Troubleshoot and consume made easy and make • Get any data in • Quickly visualize changes all from the desired network issues floor maps format Router/Switch AP Health Index Health Index
• Channel Utilization • Availability
• Noise • CPU
• Interference • Memory
• Interface Utilization • Temperature
• Client Count • Interface Availability
• Interface Utilization Site Health View for Network Devices
7 9 Next Generation Maps
• Seamless integration between floor maps and geo-maps
• Smoother zoom capabilities
• Faster loading of Maps
• Maps Import – Bulk import and placement
• Client clustering
• Client playback
• Flexible searching and filtering Custom Reporting
Drag and drop reports
Report Customize every sub report Creation
Detailed filtering & sorting
Highly visual – interactive graphs
Report Choose the graphs you Consumption want
HTML & PDF output http://www.ciscolive.com/emea/