Posts with #cisco switches - cisco firewall tag
Modular and Fixed Configuration, these two are the main categories of Cisco Ethernet switches.
Modular switches, modular, as the name implies, allows you to add expansion modules into the switches as needed, thereby delivering the best flexibility to address changing networks. Examples of expansion modules are application-specific (such as Firewall, Wireless, or Network Analysis), modules for additional interfaces, power supplies, or cooling fans. Cisco Catalyst 4K and 6K (including Cisco Nexus 7000 Series Switches, Catalyst 6800 Series Switches, Catalyst 6500 Series Switches, Catalyst 4500-X Series Switches, Catalyst 3850 Fiber Switch Models) are good examples of Modular switches.
Fixed Configuration switches are switches with a fixed number of ports and are typically not expandable. This category is discussed in further detail below. Cisco Catalyst 2K, 3K (contains Catalyst 4500E Series Switches, Catalyst 3850 Series Switches, Catalyst 3650 Series Switches and Catalyst 2960-X Series Switches) and the Cisco300/500 series (Cisco 100 Series Unmanaged Switches, 200 Series Smart Switches, 220 Series Smart Plus Switches, 300 Series Managed Switches, 500 Series Stackable Managed Switches, and Catalyst 2960, 2960-C and 2960-S Series Switches) are good examples of Fixed Configuration switches.
The Fixed configuration switch category is further broken down into:
–Managed L2 and L3 Switches
This category of switch is the most cost effective for deployment scenarios that require only basic layer 2 switching and connectivity. As such, they fit best when you need a few extra ports on your desk, in a lab, in a conference room, or even at home.
With some unmanaged switches in the market, you can even get capabilities such as cable diagnostics, prioritization of traffic using default QoS settings, Energy savings capabilities using EEE (Energy Efficient Ethernet) and even PoE (Power over Ethernet). However, as the name implies, these switches generally cannot be modified/managed. You simply plug them in and they require no configuration at all.
Cisco 100 Series switches are good examples of this category.
Smart Switches (also known as Lightly Managed Switches):
This category of switches is the most blurred and fastest changing. The general rule here is that these switches offer certain levels of Management, QoS, Security, etc. but is “lighter” in capabilities and less scalable than the Managed switches. It therefore makes them a cost-effective alternative to Managed switches. As such, Smart switches fit best at the edge of a large network (with Managed Switches being used in the core), as the infrastructure for smaller deployments, or for low complexity networks in general.
The capabilities available for this Smart switch category vary widely. All of these devices have an interface for Management – historically a browser-based interface used to be the only way to configure these devices, though nowadays you can manage some of these devices with CLI and/or SNMP/RMON as well. Regardless, these capabilities are lighter than what you will find in their Managed switch counterparts. Smart switches tend to have a management interface that is more simplified than what Managed Switches offer.
Smart switches allow you to segment the network into workgroups by creating VLANs, though with a lower number of VLANs and nodes (MAC addresses) than you’d get with a Managed switch.
They also offer some levels of security, such as 802.1x endpoint authentication, and in some cases with limited numbers of ACLs (access control lists), though the levels of control and granularity would not be the same as a Managed switch.
In addition, Smart switches support basic quality-of-service (QoS) that facilitates prioritization of users and applications based on 802.1q/TOS/DSCP, thereby making it quite a versatile solution.
Cisco 200 Series switches are good examples of this category.
Fully Managed L2 and L3 switches
Managed Switches are designed to deliver the most comprehensive set of features to provide the best application experience, the highest levels of security, the most precise control and management of the network, and offer the greatest scalability in the Fixed Configuration category of Switches. As a result, they are usually deployed as aggregation/access switches in very large networks or as core switches in relatively smaller networks. Managed switches should support both L2 switching and L3 IP routing though you’ll find some with only L2 switching support.
From a Security perspective, Managed switches provide protection of the data plane (User traffic being forwarded), control plane (traffic being communicated between networking devices to ensure user traffic goes to the right destination), and management plane (traffic used to manage the network or device itself). Managed switches also offer network storm control, denial-of-service protection, and much more.
The Access Control List capabilities allows for flexibly dropping, rate limiting, mirroring, or logging of traffic by L2 address, L3 address, TCP/UDP port numbers, Ethernet type, ICMP or TCP flags, etc.
Managed switches are rich in features that enable them to protect themselves and the network from deliberate or unintended Denial of Service attacks. It includes Dynamic ARP Inspection, IPv4 DHCP snooping, IPv6 First Hop Security with RA Guard, ND Inspection, Neighbor Binding Integrity, and much more.
Additional Security capabilities may include Private VLANs for securing communities of users or device isolation, Secure Management (downloads through SCP, Web-based Authentication, Radius/TACACS AAA, etc), Control Plane Policing (CoPP) for protecting the CPU of the switch, richer support for 802.1x (time-based, Dynamic VLAN Assignment, port/host-based, etc)
From a Scalability perspective, these devices have large table sizes so that you can create large numbers of VLANs (for workgroups), devices (MAC table size), IP routes, and ACL policies for flow-based security/QoS purposes, etc.
For highest network availability and uptime, Managed switches support L3 redundancy using VRRP (Virtual Router Redundancy Protocol), large numbers of Link Aggregation groups (which is used both for scalability and resiliency), and capabilities for protecting L2 such as Spanning Tree Root Guard and BPDU Guard.
When we talk about QoS and Multicast features, the richness of capabilities goes far beyond what you’d see in a Smart Switch. Here you’d see things such as IGMP and MLD Snooping with Querier functions for optimizing IPv4/v6 multicast traffic in the LAN, TCP Congestion Avoidance, 4 or 8 queues to treat traffic differently by importance, setting/tagging traffic by L2 (802.1p) or L3 (DSCP/TOS), and rate limiting traffic.
In terms of Management, things such as multiple ways to configure (using CLI, Web GUI, SNMP Management application), discovering of neighbor devices in the networks (using CDP, LLDP, Bonjour, etc), and troubleshooting capabilities (such as VLAN and Port Mirroring, Traceroute, Ping, Syslog, Cable Diagnostics, RMON, etc) are all included. What I highlighted is by no means exhaustive, but gives you a sense of what some of the differences may be between Managed and Smart Switches.
Cisco Catalyst and Cisco 300 Series and 500 Series switches are good examples of this category of products.
Managed Switches can go even further than what I’ve highlighted. For example, there’s even richer support for Dynamic Unicast and Multicast Routing protocols, deeper flow intelligence or macro flow statistics with Netflow/SFlow, non-Stop Forwarding capabilities, MPLS/VRF support, Policy enforcement, and many others.
Now, to take a deeper dive into these switch categories and talk about various options, you can select the switches based on:
– Number of ports
– POE versus non-POE
– Stackable versus Standalone
You can find Fixed Configuration switches in Fast Ethernet (10/100 Mbps), Gigabit Ethernet (10/100/1000 Mbps), Ten Gigabit (10/100/1000/10000 Mbps) and even some 40/100 Gbps speeds. These switches have a number of uplink ports and a number of downlink ports. Downlinks connect to end users – uplinks connect to other Switches or to the network infrastructure. Currently, Gigabit is the most popular interface speed though Fast Ethernet is still widely used, especially in price-sensitive environments. Ten Gigabit has been growing rapidly, especially in the datacenter and, as the cost comes down, it will continue to expand into more network applications. With 10GBase-T Ten Gigabit copper interfaces being integrated into LOM (LAN on the Motherboard) and 10G-Base-T switches becoming available now (see the new Cisco SG500XG-8F8T 16-port 10-Gigabit switch), building a Storage or Server farm with 10 Gigabit interfaces has never been easier or more cost-effective. 40G/100G is still emerging and will be mainstream in a few years.
Number of ports
Fixed Configuration Switches typically come in 5, 8, 10, 16, 24, 28, 48, and 52-port configurations. These ports may be a combination of SFP/SFP+ slots for fiber connectivity, but more commonly they are copper ports with RJ-45 connectors on the front, allowing for distances up to 100 meters. With Fiber SFP modules, you can go distances up to 40 kilometers
POE versus non-POE
Power over Ethernet is a capability that facilitates powering a device (such as an IP phone, IP Surveillance Camera, or Wireless Access Point) over the same cable as the data traffic. One of the advantages of PoE is the flexibility it provides in allowing you to easily place endpoints anywhere in the business, even places where it might be difficult to run a power outlet. One example is that you can place a Wireless Access Point inside a wall or ceiling.
Switches deliver power according to a few standards – IEEE 802.3af delivers power up to 15.4 Watts on a switch port whereas IEEE 802.3at (also known as POE+) delivers power up to 30 Watts on a switch port. For most endpoints, 802.3af is sufficient but there are devices, such as Video phones or Access Points with multiple radios, which have higher power needs. It’s important to point out that there are other PoE standards currently being developed that will deliver even high levels of power for future applications. Switches have a power budget set aside for running the switch itself, and also an amount of power dedicated for POE endpoints.
To find the switch that is right for you, all you need to do is choose a switch according to your power needs. When connecting to desktops or other types of devices which do not require POE, the non-POE switches are a more cost-effective option.
Stackable versus Standalone
As the network grows, you will need more switches to provide network connectivity to the growing number of devices in the network. When using Standalone switches, each switch is managed, troubleshot, and configured as an individual entity.
In contrast, Stackable switches provide a way to simplify and increase the availability of the network. Instead of configuring, managing, and troubleshooting eight 48-port switches individually, you can manage all eight like a single unit using a Stackable Switches. With a true Stackable Switch, those eight switches (total 384 ports) function as a single switch–there is a single SNMP/RMON agent, single Spanning Tree domain, single CLI or Web interface–i.e. single management plane. You can also create link aggregation groups spanning across multiple units in the stack, port mirror traffic from one unit in the stack to another, or setup ACLs/QoS spanning all the units. There are valuable operational advantages to be gained by this approach.
Here’s a word of warning. Be careful about products in the market which are sold as “Stackable” when they merely offer a single user interface, or central management interface, for getting to each individual switch unit. This approach is not stackable, but really “clustering”. You still have to configure every feature such as ACLs, QoS, Port mirroring, etc, individually on each switch. Use the following as a proof point – can I create a link aggregation group with one port in one unit of the stack and another port of that group in another unit of the stack? Can I select a port on one unit in the stack and mirror the traffic to a port on another unit of the stack? When I configure an ACL for Security purposes, can I apply that to any port on any unit in the stack? If the answer is “No” to any of these questions, you’re probably not working with a stackable switch.
There are other advantages of True Stacking as well. You can connect the stack members in a ring such that, if a port or cable fails, the stack will automatically route around that failure, many times at microsecond speeds. You can also add or subtract stack members and have it automatically recognized and added into the stack.
Cisco Catalyst 2K-X and 3K or Cisco 500 Series Switches are examples of Switches in this category.
As you can see there’s a multitude of switch options to choose from. So, have a close look at your current deployment and future needs to determine the right switch for your network.
More Related Cisco Switches Topics you can read here:
It’s so cool that Cisco Nexus 9000 series, through their dual-mode capabilities, allow you to deploy them as traditional switches within your existing data center network. Cisco Nexus 9000 Series Switches are ideal for small-to-medium-sized data centers, it makes the next generation of data center switching accessible to customers of any size. And what’s the data center? Why is it so important? The data center infrastructure is central to the overall IT architecture. It is where most business-critical applications are hosted and various types of services are provided to the business. A classic network is the typical three-tier architecture commonly deployed in many data center environments. It has distinct core, aggregation, and access layers, which together provide the foundation for any data center design.
Note: The figure above shows a classic design using the current Cisco Nexus product portfolio, including Cisco Nexus 7000 Series Switches and 2000 Series Fabric Extenders (FEXs). You can use this three-tier design to migrate to the new Cisco Nexus 9000 Series Switches.
Many types of services, primarily firewalls and load balancers, can be integrated into these designs. Careful planning is needed for a smooth migration from this type of hardware and topology combination to the new Cisco Nexus 9000 Series hardware and topology combination.
The main features of the new Cisco Nexus 9000 Series are support for FEX, virtual Port Channel (vPC), and Virtual Extensible LAN (VXLAN). The data center architecture can be deployed in a classic design in which existing designs variations are supported, such as the following:
● Data center pods
● Large-scale multitier designs
● VXLAN fabric
…More about data center design and Nexus switches including Nexus 7000, Nexus 9000 family you can read the full info page: http://www.cisco.com/c/en/us/products/collateral/switches/nexus-9000-series-switches/guide-c07-730115.pdf
More Related Cisco Nexus 9000 Topics
Do you know how to use nProbe as NetFlow-Lite Collector? What’s the problem of NetFlow-Lite? What’s the typical nProbe Deployment? And how does the NetFlow-Lite Support in nProbe? In this article, we will share the main info related to these questions.
• NetFlow-Lite brings visibility to switched networks.
• NetFlow-Lite are exports in v9/IPFIX format and contain packets sections.
• Legacy NetFlow collectors need additional support to understand and analyze NetFlowlite flows.
More Related NetFlow-Lite Topics
We discussed the Cisco Catalyst 4948E NetFlow-lite/NFLite before. What’s the difference between the NetFlow and Netflow-Lite? We knew that NetFlow-lite was first introduced with Catalyst 4948E, and it bridges the gap by providing a lightweight solution that allows capturing of important flow information through packet sampling mechanisms combined with the extensibility of NetFlow version 9 and IPFIX. NetFlow-Lite introduces traffic visibility on the Cisco Catalyst 2960-X, 2960-XR, 2960-CX, and 3560-CX Series Switches for the first time.
NetFlow-Lite collects packets randomly, classifies them into flows, and measures flow statistics as they pass through the switch. It is a true flow-based traffic-monitoring mechanism that conserves valuable forwarding bandwidth when exporting flow-based data for analysis and reporting.
Firstly we can read what NetFlow-Lite is used for again
NetFlow-Lite offers network administrators and engineers the following capabilities:
● Unprecedented visibility: NetFlow-Lite provides real-time information about traffic flows from endpoints such as PCs, phones, IP cameras, etc. You can use this information for traffic monitoring of Layer 2 and Layer 3 traffic as well as capacity planning.
● Network planning: You can use NetFlow-Lite to capture data over a long period of time so that customers can understand traffic patterns, top talkers, top applications, etc. This feature provides accurate data to track and anticipate network growth and plan upgrades.
● Simplified troubleshooting: You can use NetFlow-Lite flow-based analysis techniques to understand traffic patterns, which can help in proactively detecting problems, troubleshooting efficiently, and resolving problems quickly.
NetFlow-Lite provides a granular packet-sampling mechanism that is adjustable up to 1:32 and available for all interfaces. The implication is that a subset of all packets passing through the switch is selected for reporting.
NetFlow-Lite on the Cisco Catalyst 2960-X, 2960-XR, 2960-CX, and 3560-CX Series Switches have the following capabilities:
- NetFlow-Lite is supported on all downlink and uplink ports.
- NetFlow-Lite is natively available with no additional hardware required.
- The sampling range is from 1:32 to 1:1022.
- The application measures 16,000 flows per switch.
- Physical ports and VLAN Interfaces (switched virtual interfaces [SVI]) are supported.
- NetFlow-Lite supports ingress flows only.
- Export using standards-based IP Information export (IPFIX) or Version 9 record format.
NetFlow-Lite Sampling Techniques
The sampling method of the traffic can be random or deterministic. Random sampling chooses one packet randomly out of a configured sample size, whereas deterministic sampling chooses the first packet out of a configured sample size. For example, for 1:32 sampling, deterministic mode would choose the 1st, 33rd, 65th, 97th, and so on packet coming into an interface, and random mode can choose the 5th, 39th, 72nd, 103rd, and so on packet coming into an interface. Random packet sampling is statistically more accurate than deterministic packet sampling.
NetFlow-Lite Solution-NetFlow-Lite configuration on the Cisco Catalyst 2960-X, 2960-XR, 2960-CX, and 3560-CX Series Switches
Steps-Only 5 Steps
Step1. Configure a Flow Record, which defines the data collection. You can customize it for specific requirements. You can use the following example with most NetFlow collectors:
flow record v4 match ipv4 tos match ipv4 protocol match ipv4 source address match ipv4 destination address match transport source-port match transport destination-port collect transport tcp flags collect interface input collect flow sampler collect counter bytes long collect counter packets long collect timestamp sys-uptime first collect timestamp sys-uptime last
Step2. Configure a Flow Exporter, which defines where the collected data needs to be sent. Please refer to the NetFlow collector application user guides and manual for specific details such as port number, differentiated services code point (DSCP), and other options. The configuration follows:
flow exporter Replicator description Exporter to Cisco Prime 2.0 destination 10.2.44.12 source GigabitEthernet1/0/1 dscp 16 template data timeout 60 option interface-table
Step3. Configure a Flow Monitor, which binds the flow record and exporter along with options to configure the flow cache:
flow monitor v4 record v4 exporter Replicator cache timeout active 30
Step4. Configure a Flow Sampler. Define the sampling technique and sample size. The configuration follows:
sampler v4 mode random 1 out-of 32
Step5. Attach the Flow Monitor and Sampler to the interface:
interface GigabitEthernet1/0/1 ip flow monitor v4 sampler v4 input
Reference from http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-2960-x-series-switches/solution_overview_c22-728776.html
Like the 2960-S Series, the Catalyst 2960-X is line-rate nonblocking switches with the following added features:
● Dual-core CPU at 600 MHz
● Cisco FlexStack-Plus stacking
◦ 80 Gbps bandwidth
◦ 8-member stack
● Dual-FRU power supply with integrated fan (2960-XR only)
● NetFlow-Lite on all downlink and uplink ports
● Switch Hibernation mode integrated with Cisco EnergyWise
● Energy-Efficient Ethernet (EEE) downlink ports
● Signed Cisco IOS Software images
● Layer 3 features with IP Lite feature set (2960-XR only)
● 24 port fan less model with 2 SFP and 210/100/1000BT uplinks
Key Words for the New Cisco 2960-X Series: Simple, Smart, Scalable, Green, Highly Secure, and Cost-Effective
When C2960-X switches are mixed in a stack with C2960-S and C2960-SF switches, the following is true:
• A maximum of four switches can be stacked
• Any combination of C2960-X and C2960-S switches can be utilized
• The master switch can be a member of either the C2960-X or C2960-S series
• The functionality of FlexStack-Plus reverts back to FlexStack capability
Feature Sets Supported in 2960-X Series Refer to the Figure Compare Models: Cisco 2960-X vs. 2960-S
More about Cisco 2960-X Series
Multigigabit Ethernet Technology Supports New Intermediate Network Speeds
Benefits-Multigigabit Ethernet Technology
• Increase network bandwidth and speed without running multiple cables between switches and access points.
• Lower operational costs by getting more performance out of existing cabling infrastructure.
• Power devices that require up to 60W, at speeds over 1 Gbps, even at 10G Base-T rates.
Network needs are changing quickly. Thanks to evolving wireless standards and the rising number of wireless devices, keeping up with data rates and growing traffic can be a challenge. Your traditional Ethernet infrastructure can support speeds up to 1 Gigabit per second (Gbps), but competing today requires much more capacity. One option is completely replacing your legacy cabling infrastructure and upgrading your hardware. But wouldn’t it be better to increase network speed and traffic capacity in a way that’s quick, inexpensive, and efficient?
Cisco’s new Multigigabit Ethernet switches offer just that: an easy-to-deploy, budget-friendly solution that allows you to increase network speed and bandwidth using your existing cables. By partnering with other industry leaders to form the NBASE-T Alliance, Cisco uses NBASE-T technology to help you get more out of your existing infrastructure. Save time and money by avoiding upgrades and extending the life of your installed cable plants. And discover the benefits of meeting consumer demand for increased bandwidth and speeds without a large initial investment.
Multigigabit Ethernet technology uses capabilities in your existing cabling infrastructure to meet bandwidth requirements and provide up to five times the performance. The technology enables intermediate data rates of 2.5 and 5 Gbps to ease the jump between traditional rates of 1 Gbps and 10 Gbps. These intermediate rates run on the majority of installed cables and preserve legacy UTP wiring, which is good for 802.11ac wireless LAN applications.
The technology also supports Power over Ethernet (PoE) forms, including PoE+ and UPOE. Cisco Multigigabit Ethernet switches help you avoid having to run multiple cables between switches and access points and let your networks welcome next-generation traffic speeds and data rates.
As part of our next-generation architecture, Multigigabit Ethernet switches will be supported on multiple Cisco Catalyst platforms:
• Cisco Catalyst 4500E Series Switches: Multigigabit Ethernet technology will be introduced in the form of a new E-Series line card compatible with Supervisor Engine 8-E and beyond.
• Cisco Catalyst 3850 Series Switches: New 24-port and 48-port switches will support Multigigabit technology.
• Cisco Catalyst Compact Switches: A new 8-port switch will support Multigigabit technology.
More about Cisco’s New Compact Switch-Catalyst 3560-CX and 2960-CX Series
An effective work environment encourages collaboration. That often means tearing down office walls to create open workspaces. Doing that is now simpler and less costly, thanks to Cisco’s next generation of compact switches, the Cisco Catalyst 3560-CX and 2960-CX Series.
With their quiet, fan-less design, the switches create many possibilities for designing workspaces. They can reside nearly anywhere outside your wiring closet. Install them in carpeted areas such as offices, conference rooms, classrooms, and retail stores for quick, flexible connections. Rearrange rooms and floors without changing your cabling infrastructure.
Cisco Catalyst 3560-CX Compact Switch
Deploy in a Snap
• Transform your workspaces without cabling hassles and expenses
• Locate switches nearly anywhere, outside your wiring closet
• Deploy Internet of Things (IoT) devices in your enterprise
• Replace your hubs, simplify switch management, and enhance security
• Aggregate gigabit Wi-Fi traffic flows with 10-Gbps uplinks
Consolidate cabling for big savings. Rather than running multiple Ethernet cables from endpoints like IP phones and Wi-Fi access points to a wiring closet, you just connect devices over a few feet of cabling to a nearby 3560-CX or 2960-CX switch. Then connect the compact switch to the wiring closet with a single Ethernet or fiber cable. Using this setup, a 200-room hotel using compact switches in guest rooms can eliminate up to 30 kilometers of cables. And a five-story shopping complex can eliminate about 7.5 kilometers of cable.
Note: 4:1 consolidation of cables, cable reduction of 3x100m for each customer service station. Assume 10 customer service stations per floor. Assume average cable run is 50m across all customer service stations, leads to 300m * 50 * 0.5 = 7,500m total cable reduction.
The Cisco Catalyst 3560-CX and 2960-CX switches enable you to bring sensors, LED lights, building controllers, and other IoT devices onto the network using Power over Ethernet (PoE). The many features and controls offered by these PoE switches make them run more efficiently and reliably. For example, Cisco Perpetual PoE continues powering endpoints even during a switch boot, maximizing uptime. So there’s no need for backup power. The switches provide up to 240 watts of power for PoE devices − twice the capacity of current switches.
For simplified management, these switches have the option to run in Cisco Instant Access mode. Instant Access provides a single point of operation and management for your campus networks. And they support Cisco Plug and Play (PnP) technology, which automates network device deployments.
The Cisco Catalyst compact switches support the full suite of Cisco Catalyst feature set for enterprise-class security and reliability. Cisco TrustSec and other advanced access control features protect against man-in-the-middle attacks and keep your Cisco Catalyst environment secure.
More Related Cisco Multigigabit Ethernet Switch Topics
Cisco Catalyst 6800 Series Switch was introduced by Cisco for the next-generation campus. It is built on the rich DNA of the Cisco Catalyst 6500 Series Switch and provides high levels of scalability and performance. The Cisco 6800 Series provides unprecedented investment protection for migrations and upgrades from the Cisco Catalyst 6500-E Series Switch.
Evolution of Cisco Catalyst 6000 Series
The Cisco 6800 Series Switch has been designed to meet the requirements of the next-generation enterprise network and to simplify the deployment of emerging trends such as bring your own device (BYOD), mobility, pervasive video, collaboration, and resiliency and the resulting challenges of scale, security, and management, making it the ideal switch for all campus backbone deployments.
The Cisco Catalyst 6800 Series Switch provides unprecedented investment protection by supporting the Cisco Catalyst 6500 Series Supervisor Engine 2T and its family of line cards and service modules. This backward compatibility coupled with the use of the same Cisco IOS Software operating system as used on the Cisco Catalyst 6500 Series Switch not only eases the burden of upgrades and migration but also reduces the total cost of ownership of the Cisco Catalyst 6800 Series Switch.
The Cisco Catalyst 6807-XL chassis is the“modular” aspect of a new Cisco Catalyst 6800 Series family of multilayer switching products, which combine significant technological innovation with unparalleled investment protection, to support tomorrow’s campus backbone.
Module Support on the Cisco Catalyst 6807-X
The Cisco Catalyst 6807-XL chassis provides extremely high levels of system scalability and performance, coupled with unprecedented investment protection for migrations and upgrades from the current Cisco Catalyst 6500-E chassis:
It can deliver up to 11.4 Tbps of total system capacity, with up to 880 Gbps of per-slot bandwidth. In a VSS configuration, this level of support translates to a system capacity of up to 22.8 Tbps.
It is optimized for high-density 10, 40, and 100 Gigabit Ethernet, also providing superior customer investment protection by supporting the Cisco Catalyst 6500 Supervisor Engine 2T and associated LAN and service modules.
Cisco Catalyst 6807-XL Features and Benefits
The Cisco Catalyst 6800 Series chassis is capable of delivering up to 11.4 terabits per second (Tbps) of system bandwidth capacity and up to 880 gigabits per second (Gbps) of per-slot bandwidth. In a system configured for VSS, this translates to a system capacity of 22.8 Tbps. The Cisco Catalyst 6800 Series Switch is optimized for high-density 10 Gigabit Ethernet, 40 Gigabit Ethernet, and 100 Gigabit Ethernet.
Availability and Resiliency
The Cisco Catalyst 6800 Series Switch provides a mechanism for rapid supervisor engine failover by supporting Nonstop Forwarding with Stateful Switchover (NSF/SSO).
Moreover, with VSS Quad-Sup SSO (VS4O), the modular Cisco Catalyst 6800 Series Switch takes high availability to the next level. VS4O is the next generation of VSS technology and provides 99.999% availability, making the Cisco Catalyst 6800 Series Switch ideal for campus backbone deployments.
The Cisco Catalyst 6800 Series Switch helps simplify the operation of the network by providing support for features such as Cisco Catalyst Instant Access and Smart Install.
The Cisco Catalyst 6800 Series Switch can be configured as a parent for Cisco Catalyst Instant Access deployments. Cisco Catalyst Instant Access enables the deployment of access switches instantly through a single touch point with feature and configuration consistency.
The Cisco Catalyst 6800 Series Switch can serve as a director for Smart Install: a plug-and-play configuration and image-management feature that provides zero touch deployment for new switches. You can ship a switch to a location, place it in the network, and power it on with no configuration required on the device.
The Cisco Catalyst 6807-XL chassis with Cisco Catalyst 6500 Series Supervisor Engine 2T provides comprehensive security with features such as Cisco TrustSec. Cisco TrustSec builds security and intelligence into the network with policy-based access control, identity-aware networking, and data confidentiality and integrity. Because networks have no borders, Cisco TrustSec helps secure borderless networks with confidence, consistency, and efficiency.
The Cisco Catalyst 6807-XL chassis with the Cisco Catalyst 6500 Series Supervisor Engine 2T provides a comprehensive suite of virtualization features including L2/L3 VPN, full MPLS, EVN, VRF aware applications for NAT Netflow, GRE for v4/v6, L2 extensions with VPLS, etc to segment different user groups and serve the unique security/QoS policy requirements of each of these diverse user groups.
Application Visibility and Control
The Cisco Catalyst 6800 Series Switch allows IT professionals to meet or exceed business service-level agreements and user expectations through:
•Deep visibility and control for discovery, prioritization, monitoring, and control of applications — integrated into routing and switching with flexible NetFlow and QoS
•Application recognition with NBAR and precise performance analytics with 1588 time stamping with integrated NAM-3 service module
Ready for Software Defined Networking (SDN)
Cisco Catalyst 6807-XL with Cisco Catalyst Supervisor Engine 2T is SDN ready, with a flexible architecture and API framework with OnePk that allows developers to deliver custom services such as network slicing and traffic steering based on industry standards such as OpenFlow to work in conjunction with applications that make the network agile.
PDF File from http://www.cisco.com/c/dam/en/us/products/collateral/switches/catalyst-6807-xl-switch/at_a_glance_c45-728226.pdf
More info you can refer to http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-6807-xl-switch/white_paper_c11-728264.html
More Cisco 6800 Series Topics
Do you think that it’s not easy to select the very suitable network hardware for setting up your network, layer-3 switch or a router? What factors do you need to consider when you decide to buy network hardware? Generally, to choose a layer-3 switch or a router is not so complicated. Someone listed more differences between layer-3 switch and a router, which can help you make a smart decision. Let’s take a look.
In fact, a Layer 3 switch works much like a router. Why? Because it has the same IP routing table for lookups and it forms a broadcast domain. But pay attention, the “layer 3” feature makes the switch looks more like a “switch”.
The “switch” part of “Layer 3 switch” is there because:
- The layer 3 switch has 24+ Ethernet ports and no WAN interfaces.
- The layer 3 switch will act like a switch when it is connecting devices that are on the same network.
- The layer 3 switch is the same as a switch with the router’s IP routing intelligence built in.
- The switch works very quickly to switch or route the packets it is sent.
Layer 3 Switch is really like a High-Speed Router without the WAN connectivity. When it comes to Layer 3 Switching, there are two kinds: hardware and software. With a hardware-based solution, the device is using an ASIC (A Dedicated Chip) to perform the function. With the software implementation, the device is using a computer processor and software to perform the function. Generally, Layer 3 Switches and High-End Routers route packets using Hardware (Asics) and General-Purpose Routers Use Software to Perform Routing Functions.
In General, A Layer-3 Switch (Routing Switch) Is Primarily A Switch (A Layer-2 Device) That Has Been Enhanced Or Taught Some Routing (Layer 3) Capabilities. A Router Is A Layer-3 Device That Simply Do Routing Only. In The Case Of A Switching Router, It Is Primarily A Router That Uses Switching Technology (High-Speed Asics) For Speed And Performance (As Well As Also Supporting Layer-2 Bridging Functions).
Why we need a Layer 3 switch:
- Network with a lot of broadcasts that needs better performance.
- Subnets and/or VLANS that are currently connected Via a router.
- Higher Performance VLANS.
- Departments Need Their Own Broadcast Domains For Performance Or Security.
- Considering Implementing VLANS.
Difference between a Layer-3 switch and a Router:
- Performance versus Cost— Layer 3 switches are much more cost effective than routers for delivering high-speed inter-VLAN routing. High performance routers are typically much more expensive than Layer 3 switches.
- Port density— Layer 3 switches are enhanced Layer 2 switches and, hence, have the same high port densities that Layer 2 switches have. Routers on the other hand typically have a much lower port density.
- Flexibility— Layer 3 switches allow you to mix and match Layer 2 and Layer 3 switching, meaning you can configure a Layer 3 switch to operate as a normal Layer 2 switch, or enable Layer 3 switching as required.
- Layer 3 Switch is used to route traffic between Ethernet networks, without having to worry about the complexities of supporting WAN technologies such as Frame Relay or ATM. Routing over WAN networks, simply by plugging a traditional router that connects to the WAN networks into the LAN network.
- The key difference between Layer 3 switches and routers lies in the hardware technology used to build the unit. The hardware inside a Layer 3 switch merges that of traditional switches and routers, replacing some of a router’s software logic with hardware to offer better performance in some situations.
If we sum up the main features of a layer-3 switch, we can get some key points as follows:
Layer 3 Switch is used Primarily for Inter-VLAN Routing. It don’t Have WAN Connectivity. It Has 24+ Ethernet Ports And No WAN Interfaces. The Layer 3 Switch will act like a switch when it is connecting devices that are on the same network. It works very quickly to switch or route the packets it is sent. The Layer-3 switch is the same as a switch with the router’s IP Routing Intelligence built in.
More Related Network Hardware Topics
Cisco Nexus 5548P Switch, the first platform in the Cisco Nexus 5500 Switches, is a one-rack-unit (1RU), 1 and 10 Gigabit Ethernet and FCoE access-layer switch built to provide 960 Gbps of throughput with very low latency. It has 32 fixed 1 and 10 Gigabit Ethernet ports that accept modules and cables meeting the Small Form-Factor Pluggable Plus (SFP+) form factor. One expansion module slot can be configured to support up to 16 additional 1 and 10 Gigabit Ethernet ports or 8 Fibre Channel ports plus 8 1 and 10 Gigabit Ethernet ports. The switch has a single serial console port and a single out-of-band 10/100/1000-Mbps Ethernet management port. Two N+N redundant, hot-pluggable power supplies and two N+N redundant, hot-pluggable fan modules provide highly reliable front-to-back cooling.
All ports are at the rear of the switches, simplifying cabling and reducing cable length. Cooling is front-to-back, supporting hot- and cold-aisle configurations that help increase cooling efficiency. The front panel includes status indicators and hot swappable, N+N redundant power supplies and their power entry connections and cooling modules. All serviceable components are accessible from the front panel, allowing the switch to be serviced while in operation and without disturbing network cabling.
Cisco Nexus 5548P Rear Panel
Cisco Nexus 5548P Front Pane
The Cisco Nexus 5500 platform is equipped to support expansion modules that can be used to increase the number of 10 Gigabit Ethernet and FCoE ports or to connect to Fibre Channel SANs with 1/2/4/8-Gbps Fibre Channel switch ports, or both. The Cisco Nexus 5548P supports one expansion module from the following offerings:
Ethernet Expansion Module
• Fibre Channel plus Ethernet module that provides eight 1 and 10 Gigabit Ethernet and FCoE ports using the SFP+ interface, and 8 ports of 1/2/4/8-Gbps native Fibre Channel connectivity using the SFP interface
The Cisco Nexus 5548P control plane runs Cisco NX-OS Software on a dual-core 1.7-GHz Intel Xeon Processor C5500/C3500 Series with 8 GB of DRAM. The supervisor complex is connected to the data plane in-band through two internal ports running 1-Gbps Ethernet, and the system is managed in-band, or through the out-of-band 10/100/1000-Mbps management port. Table 1 summarizes the control-plane specifications.
The Cisco Nexus 5548P is equipped with seven UPCs: six to provide 48 ports at 10 Gbps, and one used for connectivity to the control plane. Figure 6 shows the connectivity between the control plane and the data plane.
More details about Cisco Nexus 5500 and Nexus 5548P you can read her http://www.cisco.com/c/en/us/products/collateral/switches/nexus-5548p-switch/white_paper_c11-622479.html
More Related Cisco Nexus 5500 Switch Review and Overview
The Nexus 9000 family of switches will operate in one of two modes:
NXOS Mode–If you’ve worked with Cisco’s DC switches like the Nexus 7K or 5K, this should be very familiar to you. In this mode, you essentially have a 10GbE or 40GbE switch, with the features that are baked into that
In NXOS Mode, all of the additional custom ASICs that are present on the switch fabric are used primarily for enhancing the functionality of the merchant silicon platform, such as increasing buffer space, etc.
ACI Mode–This is a completely different mode of operation for the Nexus 9000 switch. In this mode, the switch participates in a leaf-spine based architecture that is purely driven by application policy. It is in this mode that we are able to define application relationships, and imprint them onto the fabric.
ACI is meant to provide that translation service between apps and the network.
As mentioned before, also pointed out in the article ‘Cisco Nexus 9000 Series Switches Overview’, the second mode that the Nexus 9000 series operates in, is ACI mode. This mode allows for enhanced programmability across a complete fabric of Nexus 9000 switches. With ACI as the SDN solution on top, the fabric acts like one big switch–forwarding traffic using a myriad of policies that you can configure.
- 1/10G Access & 10/40G Aggregation (ACI)
48 1/10G-T & 4 40G QSFP+ (non blocking)–meant to replace end-of-rack 6500’s
36 40G QSFP+ (1.5:1 oversubscribed)–used as a leaf switch, think end of rack
- 40G Fabric Spine (ACI)
36 40G QSFP+ for Spine deployments (non blocking, ACI only)
1,152 10G ports per switch
- 36 spine ports x 8 line cards=288 leaf switches per spine
- Leaf switches require 40G links to the spine
The line cards that support ACI will not be released until next year.
Spine line cards
- 36x 40G ports per line card and no blocking
- Redundant half-width supervisor engine
- Common for 4, 8 and 16 slot chassis (9504, 9508, and 9516)
- Sandy bridge quad core 1.8 GHz
- 16GB RAM
- 64GB SSD
- Offloads supervisor from switch device management tasks
- Increased system resilience & scale
- Dual core ARM 1.3GHz
- EoBC switch between Sups and line cards
- Power supplies via SMB (system management bus)
- Supports 2248TP, 2248TP-E, 2232PP-10G, 2232TM-10G , B22-HP, B22-Dell
More Cisco ACI Mode Topics