Professional Documents
Culture Documents
Routing v1.0 Main
Routing v1.0 Main
Cloud Edge
Catalyst 8000V
SRIOV
Hypervisor/Cloud
SD-WAN
(Viptela OS)
vEdge 2000 vEdge 5000 vEdge Cloud
Catalyst 8000V
Virtualization SRIOV
Hypervisor/Cloud
(NFVIS)
Catalyst 8200 uCPE ENCS 5400 CSP 5000 Catalyst 8000V
LTE 10 Cisco
Advanced Wireless 802.11ac IPSec @ SD-
Pro PoE+ Domains Wave 2 480Mbps Quad Core 100 VLANs IOS XE SDWAN
ISR 860/880/890
Connectivity & Scale Next-gen WAN Faster connectivity with LTE Advanced
w/High Performance
Costs & Business Ability to buy what you need today and upgrade
Pay-as-you-grow
Agility anytime with no equipment upgrades
Internal antenna
Scales up 50 APs & 1000 clients Simple yet
sophisticated deployment
Supports WLAN controller features and High Availability Enterprise Class HA
with no price premium
SESSION ID
© 2020 Cisco and/or its affiliates. All rights reserved. 9
Next
Generation
DSL
WLAN
Архитектура Innovation
Controller-less
Maximum
Throughput
ISR1100
Multicore CPU
Design
и обзор моделей
LTE
SD-WAN
Advanced
Ready
Pro
SESSION ID
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
ISR 1100 Обзор аппаратной части
Две основные платформы на базе которых доступны все остальные
модификации
1. C1100-4: 2 WAN + 4 LAN Ports
2. C1100-8: 2 WAN + 8 LAN Ports – бОльшая производительность (выше
частота CPU)
Все модели имеют одинаковую внутреннюю архитектуру - 4-х ядерный
CPU
• Выделенные ядра для Data Plane и Control Plane
• Отдельный Crypto Engine для шифрования и хэширования
PoE (доступно для всех с дополнительной картой, кроме компактных
C1101 и C1109)
• C1100-4P: 2 PoE or 1 PoE+ (ISR-1100-POE2(=) 1100-4P with 115W PSU)
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
Архитектура семейства
Cisco ISR1100
SESSION ID
© 2020 Cisco and/or its affiliates. All rights reserved. 12
For your refererence
C1100-8P
Ethernet + LTE + WLAN
LTE LTE
Antenna Antenna
GPS Console/
Antenna uSIM*2 Micro USB
8xGE LAN
KENSINGTON
SLOT
Micro USB
2xGE RJ45 SFP USB3.0 LTE Debug
SESSION ID
© 2020 Cisco and/or its affiliates. All rights reserved. 13
For your refererence
C1110-4P
Ethernet + DSL + LTE
LTE LTE
Antenna Antenna
GPS Console/
4xGE LAN Antenna uSIM*2 Micro USB
KENSINGTON
SLOT
Micro USB
1xGE RJ45 SFP USB3.0 LTE Debug DSL
SESSION ID
© 2020 Cisco and/or its affiliates. All rights reserved. 14
C1101-4P
SKU Detail
SESSION ID
© 2020 Cisco and/or its affiliates. All rights reserved. 15
C1109 – Hardened Platform
LTE Antennas
SESSION ID
© 2020 Cisco and/or its affiliates. All rights reserved. 17
SD-WAN Ready, New, C1120 & C1160
DSL
SESSION ID
© 2020 Cisco and/or its affiliates. All rights reserved. 18
For your refererence
Crypto
(CPU 480 Mbps 350 Mbps 250 Mbps 200 Mbps
clock (1,6GHz) (1,2GHz) (800Mhz) (600Mhz)
rate)
Cisco
SD-WAN Yes
SD-WAN Yes No
Security 8G DRAM 4G DRAM
PoE Yes No
* 4GB DRAM/FLASH variants available – Supports only Ent. FW App aware, DNS/web-layer security on SD-WAN
SESSION ID
© 2020 Cisco and/or its affiliates. All rights reserved. 19
For your refererence
R Russia C 1 1 2 1 X – 8P L T E P WR
SESSION ID
© 2020 Cisco and/or its affiliates. All rights reserved. 20
Wireless WAN Overview
LTE-Advanced Pro
Maximum Data Rate
Region Modem
(DL/UL) Mbps
• 1.2 Gbps Download
• Carrier aggregation AT&T, T-Mobile
• 4x4 MIMO
SESSION ID
© 2020 Cisco and/or its affiliates. All rights reserved. 21
LTE Category 4 с использованием USB Dongle
Single Micro SIM
CAT 4 LTE
North Bands
D-LTE-NA
America 2,4,5,12,13,14,17
SESSION ID
© 2020 Cisco and/or its affiliates. All rights reserved. 22
Производительность Cisco 1100 Series
1100 Non-crypto throughput is unshaped
• Unencrypted throughput from 800Mbps to 1.8 Gps
• Depending on 1100 model
1100 IPsec Crypto throughput is shaped
• 50 Mbps @ Factory default
Activating IPsec Performance license
• Up to 250 Mbps with IPSec - 256 AES (C1100-8P)
• Up to 150 Mbps with IPSec - 256 AES (C1100-4P)
SESSION ID
© 2020 Cisco and/or its affiliates. All rights reserved. 23
ISR 1100 Non SD-WAN
Licensing and packaging model
IP Security Performance
HSEC* (Optional Add-on License)
Removes Performance Security License Mandatory
shaper & tunnel count
for IPSec 1100 Series 4 Port: 100 Mbps upgrade
1100 Series 8 Port: 200 Mbps upgrade
IP Base
(Default)
Routing Protocols, ACL, NAT, QoS, BFD…
* Available with IOS XE 16.7.1
SESSION ID
© 2020 Cisco and/or its affiliates. All rights reserved. 24
ISR 1100
SDWAN Security
Возможности и
требования к
аппаратной
платформе
SESSION ID
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
Cisco SD-WAN Security – Platform Support
All Services
URL-Filtering
ISR 4000 Onboard, using 82+ web categories
CSR 1000v
Adv. Malware Protection
File Reputation and Sandboxing
DNS/web-layer security
Simplified Cloud Security
ASR 1000 Cisco Umbrella
vEdge & ISR1100-4/6G
SESSION ID
© 2020 Cisco and/or its affiliates. All rights reserved. 26
Поддержка функций безопасности в SD-WAN
Ent FW App URL DNS/Web-layer
Platforms/Features IPS/IDS AMP/TG SIG*
Aware Filtering Monitoring *
Viptela - (100, 1000, 2000, 5000,
1100-4G/6G и vEdge Cloud) Y** N/A N/A N/A Y Y
Cisco - CSR1000v
Y Y Y Y Y Y
Cisco – ENCS (ISRv)
Y Y Y Y Y Y
Cisco – ISR4K (4461, 4451, 4431,
Y Y Y Y Y Y
4351, 4331, 4321, 4221-X)
Cisco – ISR1K (1111X-8P, 1121X,
Y Y^ Y^ Y^ Y Y
1126X, 1127X, 1161X)
Cisco - ASR1K 1001-HX, 1002-HX,
Y N/A N/A NA Y Y
1001-X, 1002-X)***
ASR1006-X
Высокопроизводительн
ые маршрутизаторы
для центрального Catalyst 8500/8500L
офиса/ЦОД
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
Cisco ASR1000 Series Routers
ASR1009-X ASR1013
Software
200 Gbps
Redundancy
Performance, Scalability, Availability
40 to 200
ASR1006-X
Gbps
40 to 200
ASR1002-HX Gbps
100
Gbps
Hardware
ASR1001-HX 44 to 100 40 to 100 Redundancy
Gbps Gbps
40 ASR1004
Gbps ASR1002-X
44 to 60
Gbps
ASR1001-X
20 5 to 36 10 to 40
Gbps Gbps Gbps
2.5 to 20
Gbps Optimized Application and User Experience
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
ESP slots
Chassis ASR1009-X (ESP40 / 100 / 100X / 200 / 200X)
RP slots
Linecard slots
(SIP40 / MIP100 / Fixed Ethernet)
3 fan trays
6 power supply modules BRKARC-2013 © 2020 Cisco and/or its affiliates. All rights reserved. 33
Слоты для линейных карт в ASR1000-X
• Каждый слот для линейных карт поддерживает до
100 Gb/sec Full duplex (т.е. туда и обратно) с текущими ESP
• Аппаратно шасси может обеспечить 200 Gb/sec Full duplex на
каждый слот с будущими потенциальными ESP, которые смогут
поддерживать такую скорость.
• Дополнительно поддерживаются линейные карты 40 Gb/sec Full
duplex
• SIP-40
• ASR1000-2T+20X1GE
• ASR1000-6TGE
BRKARC-2013 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
Control Plane Hardware
Built-in
2GB 8GB
Boot flash
80GB HDD, 100 – 400 GB SSD,
Storage External USB External USB
ASR1004
ASR1006 ASR1006-X
Chassis Support ASR1006-X ASR1009-X
ASR1009-X ASR1013
ASR1013
DRAM
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
RP3 block diagram GE, 1Gbps
I2C
SPA Control
SPA Bus
ESI, 11.2-40 Gbps
SPA-SPI,11.2Gbps
Hypertransport, 10Gbps
No forwarded traffic Other
Route Processor
Manages all System Logging
chassis functions Core Dumps
Management
and runs IOS Ethernet BITS
(input & output)
Card Infrastructure Console
USB
RIB, FIB & other & Aux SSD
processes Runs IOS, Linux OS
Boot Flash
Determines BGP (OBFL,…)
Manages boards and chassis
routing table size
RP3: 8/16/32/64 NVRAM 32MB
GB
CPU Memory
CPU Bootdisk 8GB
2.2 GHz qua-core Stratum-3 Network
clock circuit
I2C Chassis
Management Bus Interconnect EOBC Switch
For punt path traffic
Interconnect ASIC
Control processor
QFP resource
memory
QFP1
QFP0
** Crypto BW is measured using 1 sVTI in IMIX with ESP-GCM256 in post encryption data.
41
ESP100-X Block Diagram
• Forwarding table . Counters
• NAT sessions . IPsec SA
• Class/Policy Maps: Qos, PfR, AVC • FW hash table . FNF cache
• ACL/Route map: NAT, FW, IPsec,
PBR
QFP complex
Memory
16GB FECP Processor Array Crypto TM
Intel Broadwell- Cipher Cipher
DE Dual core
eUSB PPE1 PPE2 PPE3 PPE4 Engine 0 Engine 15
2.2GHz GE, 1Gbps
1GB
…
Digest
Engine 0 … Digest
Engine 15
I2C
ESI
PPE5 PPE6 PPE224 Checksum Checksum Hypertransport, 10Gbps
DGTL-BRKARC-2013 42
Input Output Hardware
фиксированные ELC
модульные SIP/SPA и MIP/EPA
ASR1000-2T+20X1GE ASR1000-6TGE
Bandwidth to backplane
40 G 100 G *
(full duplex)
4 half height SPAs,
2 EPAs, Ethernet Port Adaptor,
Installable cards ethernet and / or ”legacy” WAN
Ethernet interfaces only
interfaces (E1, E3, serial, STM)
Buffering 128 MB Approximately 128 MB
Egress Buffering 8 MB 8 MB
ASR1004, ASR1006, ASR1006-X, ASR1009-X,
Chassis support
ASR1006-X, ASR1009-X, ASR1013 ASR1013 *
Basic ingress classification for high and low priority forwarding path to ESP.
Features
Egress high and low priority paths. All other features implemented on ESP.
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
Возможность SD-WAN на модульной платформе
ASR1006-X
April
2021
Защита инвестиций
Поддержка с релиза IOS XE 17.5.1
47
© 2020 Cisco and/or its affiliates. All rights reserved.
Cisco’s Highest Performance SD-WAN Headend
Highest Performance What’s Supported1
• Up to 2 X SD-WAN performance A,B
Cisco’s Highest Performance
SD-WAN Headend SKUs Quantity
• High 10/40/100GE port density (40 / 8 / 4)
ASR1006-X 1
Investment Protection
ASR1000-RP3 1
• Common hardware across all use cases
ASR1000-ESP200-X 1
• Based on latest QFP3.0
ASR1000-MIP100 Up to 2
A. Estimate only, actual performance numbers 1. Only modules with specified type and quantity are
based on test result supported in each ASR1006-X chassis
B. Relative to 1X QFP3.0 system SD-WAN • No RP or ESP HA, no ISSU, no OIR
performance • Other EPAs/SPAs/LCs not supported
Optimized for high-performance SD-WAN in DC/Hub © 2020 Cisco and/or its affiliates. All rights reserved.
Catalyst 8000
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 49
Семейство Cisco Catalyst 8000
Пополнение в текущем портфолио маршрутизаторов
Catalyst 8500/8500L Catalyst 8300/8200 Catalyst 8000V Edge
Up to 200 Gbps CEF Up to 12 Gbps CEF Software
& 33 Gbps SDWAN & 5 Gbps SDWAN Catalyst 8200 Edge uCPE
C8500-12X (22Gbps)
C8500L-8S4X (8Gbp)
Performance and Rich Services
C8300-2N2S-4T2X (6Gbps)
C8300-1N1S-4T2X (4Gbps)
C8300-2N2S-6T (2Gbps)
C8300-1N1S-6T (2Gbps)
C8200-1N1S-4T (1Gbps)
C8200L-1N1S-4T (500Mbps)
C8200-uCPE-1N8 (500Mbps)
QFP
10G, 1G 12 SFP+
‘X’
C8500-12X
10G, 1G 8 SFP,
‘X’ ‘S’ 4 SFP+
C8500L-8S4X
CEF: up to 20 Gbps
IPsec: up to 12 Gbps IMIX traffic
SD-WAN IPsec: up to 6.6 Gbps CEF: Autonomous mode
IPsec: Autonomous/Controller mode
Product ID
PID version ID
CLEI
TAN
MAC and
Hardware version number
1+1
Отказоустойчивость
(по-умолчанию 2 БП)
BRKARC-3002 © 2020 Cisco and/or its affiliates. All rights reserved. 57
Field Replaceable FAN Module
Out-of-band Management
External Storage
PKT / xBAF
• Flow queues for complex stateful features
Ingress Classification, Egress Buffering, Scheduling
Accounting, Policing and and Flow Control, Time Stamp
Oversubscription Buffer and 1588*
Layer-2 Aggregation
L2 MACs w/MACsec / Interlaken & Mesh
• 240Gbps of aggregation
• Per Port Classification and Accounting
QFP 3.0
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 61
Развитие Cisco QFP QFP
Continuing Investment in Network Processor Technology
3rd Gen QFP
Up to 200G
Up to 2x NBAR # Cores: 64
# Threads: 256
# Cores: 40
Up to 2x NAT # Threads: 160
Bay 1: 4xSFP+/1xQSFP
4x 1/10G SFP+ Ports
1x 40/100GE QSFP28 Port
0/1
DDR4
Control Plane
Packet Buffer Resource Memory sTCAM I/F
Processor
4 Core 3rd Generation QFP
Crypto
EP0 EP1
120Gbps 120Gbps
Chassis
Bay 2 Bay 1 Bay 0
Mgmt.
CPLD/FPGA
Reset Ctrl
QE/HE QE QE QE/HE TE TE TE TE TE TE
0/2/0 0/2/4 0/2/8 0/1/0 0/1/0 0/1/2 0/0/0 0/0/2 0/0/4 0/0/6
0/0
C8500-12X Block Diagram
sTCAM
sTCAM
5Mbx2
SDRAM SDRAM SDRAM 5Mbx2
DDR4
Control Plane
Packet Buffer Resource Memory sTCAM I/F
Processor
4 Core 3rd Generation QFP
Crypto
EP0 EP1
120Gbps
Chassis
Bay 0
Mgmt.
CPLD/FPGA
Reset Ctrl
TE TE TE TE TE TE
0/0/0 0/0/2 0/0/4 0/0/6 0/0/8 0/0/10
TE TE TE TE TE TE
0/0/1 0/0/3 0/0/5 0/0/7 0/0/9 0/0/11
47,000 200,000
25,000
Note: 1/10GE port’s speed is detected based on SFP/SFP+ used in the port, *breakout cable support in autonomous mode only
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 69
100GE, 40GE Connectivity Options (i)
C8500-12X4QC
Port Enabled
Port Disabled
Option 1 2 x 100GE
100G 100G
Note: For port speed change on any bay; there is an expected 1 sec traffic disruption due to backplane reset
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 70
100GE, 40GE Connectivity Options (ii)
C8500-12x4QC
Port Enabled
Port Disabled
Option 3 1 x 100GE + 12 x 10GE
Note: For port speed change on any bay; there is an expected 1 sec traffic disruption due to backplane reset
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 71
100GE, 40GE Connectivity Options (iii)
C8500-12x4QC
Port Enabled
Port Disabled
Option 5 3 x 40GE + 12 x 10GE
Note: For port speed change on any bay; there is an expected 1 sec traffic disruption due to backplane reset
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 72
C8500-12X4QC, Bay Speed Configuration
Autonomous Mode
Port Disabled
Option 7, 8 C8500-12X: 12 x 1/10GE
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 75
x86
Архитектура
Catalyst 8500L
C8500L-8S4X
Chassis
Bay 1 Bay 0
Mgmt.
CPLD/FPGA
Reset Ctrl
TE TE GE GE GE GE
0/1/0 0/1/2 0/0/0 0/0/2 0/0/4 0/0/6
TE TE GE GE GE GE
0/1/1 0/1/3 0/0/1 0/0/3 0/0/5 0/0/7
BRKARC-3002 77
Advanced Flow-based Forwarding x86
Ingress
Flow
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 78
Data Plane vs Service Plane Heavy x86
i e
Data
Plane o d
Heavy
Control I/O & Data Crypto
Plane queuing Plane
i e
o d
Service
Plane
Heavy
Control Service I/O & Data Crypto
Plane Plane queuing Plane
CLI configuration and reboot required to change modes. Roadmap for future software to not require reboot.
Ports: 8x 1G, 8x 10G, One EPA Slot Ports: 12x 1/10G, 2x 40/100G, 2x 40G
QFP 2.0, 124 Cores, extra Crypto HW QFP 3.0, 224 Cores, Inbuilt Crypto, L2
QFP 2.0, 124 Cores, extra. Crypto HW QFP 3.0, 224 Cores, Inbuilt Crypto, L2
189.4
189.3
141.1
113.9
113.6
97.1
96.8
85.2
85.2
78.9
72.2
71.0
66.3
56.8
22.0
19.0
18.9
18.9
18.6
17.7
16.7
16.3
IPv4 CEF IPv6 CEF ACL PBR NAT HQoS GRE Firewall
All numbers are for aggregate IMIX traffic in Gbps
IMIX Profile: 64B:7, 594B:4, 1418B:1
IOS XE IPsec Throughput Performance
C8500-12XQC
C8500-12X
C8500L-8S4X
46.3
40.3
35.9
32.4
31.4
27.9
24.7
13.6
21.0
3.6
9.7
7.1
IPSec IPv4: Multi- IPSec IPv4: Single- IPSec IPv6: Multi- IPSec IPv6: Single- IPSec + QoS + ACL +
tunnel tunnel tunnel tunnel NAT + AVC PerfMon
All numbers are for aggregate IMIX traffic in Gbps
IMIX Profile: 64B:7, 594B:4, 1418B:1
SD-WAN Throughput Performance
C8500-12XQC
C8500-12X
C8500L-8S4X
31.9
29.8
22.6
20.6
15.8
14.2
8.6
8.4
12.5
11.6
10.7
10.4
4.0
4.0
9.2
3.4
3.1
8.0
IPSec IPSec + QoS IQDF* IQDF* + ZBFW IQDF* + NAT IQDF* + NAT +
ZBFW
All numbers are for aggregate IMIX traffic in Gbps
*IQDF: IPsec + QoS + DPI + FNF
SD-WAN 1D-Scale
Feature C8500-12X4QC C8500-12X C8500L-8S4X
IPsec Overlay Tunnels
8,000 8,000 8,000
(Viptela)
GRE Overlay Tunnels
8,000 8,000
(Viptela)
DPI Flows 2,000,000 2,000,000 500,000
cFlow Flows 2,000,000 2,000,000
OMP Routes (Overlay) 2,000,000 2,000,000 300,000
IPv4 Routes 2,000,000 2,000,000
NAT Sessions 6,000,000 6,000,000
Firewall Sessions 6,000,000 6,000,000
ARP Entries 500,000 500,000
IOS XE 1D-Scale
Feature C8500-12X4QC C8500-12X C8500L-8S4X
ARP Entries 1,000,000 1,000,000
IPv4 Routes 4,000,000 4,000,000 3,500,000
IPv6 Routes 4,000,000 4,000,000 3,000,000
IPsec Tunnels 8,000 8,000 4,000
FlexVPN Tunnels 10,000 10,000
NAT/PAT Sessions 16,000,000 12,000,000 2,000,000
CGN Sessions 32,000,000 24,000,000 3,200,000
Firewall Sessions 6,000,000 6,000,000 2,000,000
IPv4 ACE 380,000 47,000 50,000
IPv6 ACE 200,000 25,000 25,000
Проверка знаний 1 (Poll 1)
Modular Access
C8300-2N2S-6T
Up to 2 Gbps SD-WAN
C8300-1N1S-6T Up to 10 Gbps traditional
Up to 2 Gbps SD-WAN
Up to 10 Gbps traditional
C8200-1N-4T
Up to 1Gbps SD-WAN
Up to 3.8 Gbps traditional
C8200L-1N-4T
Up to 500Mbps SD-WAN
Up to 3.8 Gbps traditional
Agg. throughput SD-WAN IPsec IMIX ~352 Bytes Packet Size
Agg. throughput traditional routing: no IPsec, IMIX ~352 bytes packet size
BRKARC-3003 94
Cisco Catalyst 8300 Series Edge Platforms
Introducing 10G in Access with higher port density
C8300-2N2S-4T2X
C8300-1N1S-4T2X
10G WAN Ports ‘X’ 4 RJ45
& 5G IPsec 2 SFP+
C8300-2N2S-6T
C8300-1N1S-6T
1G WAN Ports ‘T’ 4 RJ45
& 2G IPsec 2 SFP
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 95
C8300 Storage Options
External M.2 storage
Logging local
Guest Shell/Python
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 96
C8300 Power Supply
Dual AC, DC, POE PSUs
C8300-2N2S-6T Internal
C8300-2N2S-4T2X Internal
Front-to-Back Airflow
Front-to-Back Airflow
L3 1x10G
Ethernet WAN
WAN Module
Voice
Serial/Async/DSL Legacy WAN
*ISR 4K Modules Not Supported: UCS-E M1/M2, Ethernet SM, Ethernet WAN, SM-NIM Carrier
**5G Roadmap
5G sub-6GHz PIM
BRKARC-3003 101
Модуль Catalyst 8300 SM Based Layer 2 Switch
4 x mGig (2.5G Ethernet)
L2 Switch Module
Layer 2 Features compatible
2 x 10G ports 2 x 10G ports 1 with Cat switch
(SFP+) (SFP+)
8 x mGig
LAN MACSec for switch to
(2.5G Ethernet)
2 host communication
16 x 1Gig (w/ 128-bit
LAN MACSec)
2.5 mGig to connect to future
C-SM-16P4M2X 3 Access Point/ 5G
Port Speed and Diversity LAN MACSec Power Over Ethernet Cisco UADP ASIC
(1G, 2.5G mGig, 10G Fiber) (128-bit/ 256-bit***) (PoE/ PoE+/ UPOE) (UADP 2.0)
Модуль Catalyst 8300 10G WAN NIM (C-NIM-1X)
L3 10G WAN Module
1 x 10Gig Layer 3 Features compatible
1 w/ Router FPGE
3 SDWAN support
C-NIM-1X
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Wireless WAN: Эволюция технологий
LTE Advanced
LTE LTE Advanced
Pro
CAT 4 CAT 6 CAT 11 CAT 18 5G
150 Mbps 300 Mbps 600 Mbps 1.2 Gbps 3.3 Gbps
Integrated
Higher Solutions
traffic volumes and speed Cellular
Services at scale Gateways
Host more applications and
Catalyst
Low latency and energy consumption services at the branch
Network Modules
8000/ISR4K/ISR1K Shipping Shipping
Targeting
Customer Benefits
2H CY2
High reliability
More flexibility at the branch Lower TCO and operational costs High performance & reliability
© 2020 Cisco and/or its affiliates. All rights reserved.
Гибкий, безопасный и мультигигабиный WAN
CG522-E CG418-E
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco 112
Архитектура Сatalyst 8300
Service Plane Optimized Data Plane Optimized PPE Data Plane Core
SD-WAN IOS XE
C8300-2N2S-4T2X
C8300-2N2S-6T
C8300-1N1S-4T2X
8Core CP-1, DP-4, SP-3
C8300-1N1S-6T
5 5
4 5 4
Number of Cores
Number of Cores
2 3 2
1 2 2 1 2
1 1
0
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 117
Dynamic Core CPU Allocation
Platform Service Plane Heavy Data Plane Heavy
C8500L-8S4X 2CP + 6DP (1 IO, 1Crypto+ 4PPE) + 4SP 2CP + 10DP (2 IO, 2 Crypto, 6PPE)
C8300-2N2S-4T2X 1CP + 6DP (2 IO, 4PPE) + 5SP 1CP + 7DP (2 IO, 5PPE) + 4SP
C8300-2N2S-6T 1CP + 4DP (2 IO, 2PPE) + 3SP 1CP + 7DP (2 IO, 5PPE)
C8300-1N1S-4T2X 1CP + 4DP (2 IO, 2PPE) + 3SP 1CP + 7DP (2 IO, 5PPE)
C8300-1N1S-6T 1CP + 4DP (2 IO, 2PPE) + 3SP 1CP + 7DP (2 IO, 5PPE)
C8200-1N-4T 1CP + 4DP (2 IO, 2PPE) + 3SP 1CP + 7DP (2 IO, 5PPE)
ISR1100X-4G 1CP + 2DP (1 IO, 1PPE) + 1SP 1CP + 2DP (1 IO, 1PPE)
ISR1100X-6G 1CP + 2DP (1 IO, 1PPE) + 1SP 1CP + 3DP (1 IO, 2PPE)
2 x 1G(6T)
SM0 SM1 NIM0 NIM1 PIM 4 x1GE
2x 10G (4T2X)
BRKARC-3003 © 2020 Cisco and/or its affiliates. All rights reserved. 119
C8300-1N1S Block Diagram
2 x 1G(6T)
SM NIM PIM 4 x1GE
2x 10G (4T2X)
BRKARC-3003 © 2020 Cisco and/or its affiliates. All rights reserved. 120
Performance
19.9
20
14.4
15
Gbps
11.8 11.6
10
0
C8300-2N2S-4T2X C8300-1N1S-4T2X C8300-2N2S-6T C8300-1N1S-6T
IP CEF
6
5.1
5
Gbps
4 3.5
3
2.1
1.8 1.6 1.8 1.6
2
0
C8300-2N2S-4T2X C8300-1N1S-4T2X C8300-2N2S-6T C8300-1N1S-6T
IPSEC IPSEC+QoS+FNF+NBAR2
7 6.8
5
4.34
Gbps
3
2.34
2 1.75 1.75
1.37
1 1
1
0
C8300-2N2S-4T2X C8300-1N1S-4T2X C8300-2N2S-6T C8300-1N1S-6T
IPSEC IPSEC+QoS+DPI+FNF
Number of IPv4 VRF Routes (MPLS VPN) - per vrf label 700K 2M 2M
Number of IPv6 VRF Routes (MPLS VPN) - per prefix
label 700K 2M 2M
Number of IPv6 VRF Routes (MPLS VPN) - per vrf label 700K 2M 2M
ISR 4451
(3.8 Gbps CEF, 1.6 Gbps IPsec)
C8300-2N2S-6T
(10 Gbps CEF, 2 Gbps IPsec)
Performance
C8300-1N1S-4T2X
(12 Gbps CEF, 5 Gbps IPsec)
ISR 4431
(3.4 Gbps CEF, 900 Mbps IPsec)
C8300-1N1S-6T
(10 Gbps CEF, 2 Gbps IPsec)
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 129
ISR 4431 vs C8300-1N1S
Product Comparison
Up to 3500 IPsec Tunnels Up to 6000 IPsec Tunnels
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 130
ISR 4400 vs Catalyst 8300 – доступные слоты
ISR 4400 Catalyst 8300
4431 4451 1N1S-6T 1N1S-4T2X 2N2S-6T 2N2S-4T2X
CPU 12 core
4 + 6 core 4 + 10 core 8 core multithread
Architecture multithread
Form Factor 1 RU 2 RU 1 RU 2 RU
Number of
3 NIM 3 NIM, 2 SM 1 SM, 1 NIM, 1 PIM 2 SM, 2 NIM, 1 PIM
Slots
Default - 2 GB (Data) + 4 GB (Control) Default - 8 GB
DRAM
Max – 2 GB (Data) + 16 GB (Control) Max - 32 GB
Default - 8 GB
FLASH 8 GB Fixed
Max - 32 GB
C8300-2N2S-6T
C8300-1N1S-6T (up to 2Gbps SD-WAN)
(up to 2Gbps SD-WAN)
C8200-1N-4T
(up to 1Gbps SD-WAN)
Power supply
AC Power Supply
Power ON/OFF switch
50+
varieties of
Slot type Module type Modules
Pluggable Interface
Module (PIM)
LTE and
Interfaces
Network Interface LAN, WAN, LTE, VOICE,
Module (NIM) DSL, ASYNC
Backward Module Compatibility
ISR 4300 Modules* New Modules
SD-WAN Perf. MACsec
L3 1 MGig,2Gig
Ethernet WAN
WAN Modules**
4P/8P/8P PoE
Ethernet LAN
NIM Modules
5G
P-5GS6-GL
(Roadmap)
CG522-EE
3.5
2.5
Gbps 2 1.8
1.6
1.5
1
1 0.8
0.5 0.45 0.48 0.45
0.5 0.3 0.21
0
IP CEF IPSEC IPSEC+QoS+FNF+NBAR2
C8200-1N-4T C8200L-1N-4T ISR4331 ISR4321
1
1
0.79
0.8
Gbps
0.6
0.5 0.485
0.4 0.31
0.297 0.27
0.2 0.14
0
IPSEC IPSEC+QoS+DPI+FNF
C8200-1N-4T C8200L-1N-4T ISR4331 ISR4321
*SD-WAN numbers are in Data-plane heavy mode
Catalyst 8200/8200L Series Platforms Scale
IOS XE
C8200-1N-4T C8200L-1N-4T
Features
8G Default DRAM 4G Default DRAM
Number of IPv4 routes (BGP) 1.5M 280K
Number of IPv6 routes (BGP) 1.5M 270K
Number of IPv4 VRF Routes (MPLS VPN) - per prefix label 700K 200K
Number of IPv4 VRF Routes (MPLS VPN) - per vrf label 700K 200K
Number of IPv6 VRF Routes (MPLS VPN) - per prefix label 700K 200K
Number of IPv6 VRF Routes (MPLS VPN) - per vrf label 700K 200K
Max NAT44 static entries 10K 1K
Max NAT44 static networks 2K 1K
Max number of Firewall sessions 512K 512K
Max number of NAT+FW sessions 340K 280K
IPv4 ACLs per System 4K 4K
IPv6 ACLs per System 4K 4K
VPNs (VRF) 64 64
C8200-1N-4T
ISR 4331 (3.8 Gbps CEF, 1 Gbps IPsec)
(1.8 Gbps CEF, 500 Mbps IPsec)
Performance
Up to 250 SD-WAN & 2000 Traditional Up to 2000 SD-WAN & 4000 Traditional
IPsec Tunnels IPsec Tunnels
Up to 300Mbps SD-WAN IPsec Up to 500Mbps SD-WAN IPsec
Переход от ISR G2
(2900/3900) на
Catalyst 8000
Catalyst 8000
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Переход к единому имиджу IOS-XE &
упрощенное лицензирование
ISR G2 (2900/3900) Catalyst 8000
IOS Classic (M&T) IOS XE
Single CPU Multicore CPU
ISR 3925E
(3.6 Gbps CEF, 650 Mbps IPsec)
Performance
ISR 3925
(2 Gbps CEF, 200 Mbps IPsec)
System Status
• Status LED LTE WAN PIM Slot Physical Security
Network Modules • Kensington lock
• FAN LED USB Storage • CAT 4/6/18 PIM • NIM slot
• Power LED • USB 3.0
Catalyst 8200 Series Edge uCPE ENCS 5400 Series CSP 5200 & 5400 Series
8 cores 6 to 12 cores 16 to 56 cores
Catalyst 8000v
OVS DPDK
OVS DPDK
Linux VM
Security
Security
NFVIS
NFVIS
1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8
Cores
Cores
8-core CPU 8-core CPU
(No Hyperthreading enabled) (No Hyperthreading enabled)
Catalyst 8000V
SRIOV
Hypervisor/Cloud
Catalyst 8000V
Future of Cloud
Консолидация предложения по виртуальным
маршрутизаторам
VNF Convergence Approach
Catalyst 8000V
Unified
SD-WAN on Google
Cloud
Azure Virtual WAN
Integration
10G* 2G*
Catalyst
8000V
SRIOV
Hypervisor/Cloud
up to up to
SD-WAN vHub
*Expected throughput, actual performance number is subject to change, will be published at FCS
Поддержка гипервизоров x86
Enterprise Linux 7.5 ESXi 6.5 Update 2 NFVIS on ENCS & Hyper-V
Enterprise Linux 7.7 ESXi 6.7 Update 3 CSP Platforms (roadmap)
Гибкое назначение ресурсов
Physical Hardware:
• CPU - Intel Nehalem or AMD
• CPU with clock frequency >= 2.0
• TenGigabit and Gigabit Ethernet interfaces
Greenfield Deployment Рекомендованный вариант для получения всех преимуществ Secure boot, Secure
C8kv C8kv object storage
Upgrades и downgrades поддерживаются на C8000v софты
Upgrade
CSR1kv/ISRv • Да, но вы не получите ключевых преимуществ С8000v.
C8kv • Структура разбиение диска останется прежней [ т.е. не будет зашифрованного
хранения блоков данных]
• При апгрейде с версий ранее 16.12 не будет так же функционала secure boot
• UUID при таком апгрейде не изменится [PID: <> Chassis Number<>]. Это позволит
сертификатам продолжать действовать.
• vManage будет распознавать устройство как CSR1Kv/ISRv [With Current SWv
C8000v]
• Могут применяться только темплейты для CSR1Kv/ISRv
• Текущая схема лицензирования CSR1Kv/ISRv будет продолжать действовать
Downgrade [appx, uck9, AX]
CSR1kv/ISRv • Если был переход с CSR1kv/ISRv 17.2 на C8000v 17.4. То, downgrade обратно
C8kv возможен.
• Если был установлен C8000v 17.4 заново, то downgrade на CSR1kv/ISRv не
возможен.
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco 167
Лицензирование
маршрутизаторов
Catalyst 8000
Catalyst 8000V
Cisco DNA Premier
Performance, Flexibility & Investment Protection * Only C8300, C8200, C8200-uCPE &
For more information read the Licensing FAQ on SalesConnect
© 2020 Cisco and/or its affiliates. All rights reserved.C8000V
Унификация в сравнении с ISR4K и ASR1K
ISR4K Catalyst 8000 ASR1K
(Multiple Licenses) (Essentials & Advantage) (Multiple Licenses)
Quoted platform Platform to replace it with Customer’s benefits in switching to Cat8k Pricing Delta
• 1.5-2x increase in performance
ISR 4331 C8200L-1N-4T • 1 additional Ethernet port TBD
• Increased Memory
• 2x increase in performance
ISR 4351 C8200-1N-4T • 1 additional Ethernet port Avg. -30%
• Higher default memory
• 5x increase in performance
• 2 additional Ethernet ports
ISR 4431 C8300-1N1S-6T Avg. -10%
• Higher default memory
• Dual Power Supply included
• 5x increase in performance
C8300-1N1S-6T • 2 additional Ethernet ports
ISR 4451 Avg. -30%
• Higher default memory
• Dual Power Supply included
Network Advantage
Network Essentials
Catalyst 8300 only
Network Advantage Perpetual
(Inclusive of Essentials)
Network Essentials Perpetual
https://www.cisco.com/c/m/en_
us/products/software/sd-wan-
routing-
matrix.html?oid=otren019258
SESSION ID © 2020 Cisco and/or its affiliates. All rights reserved. 175
Новый подход к выбору лицензии по полосе для
С8000 (включая виртуальный C8000v)
Current ALC New ALC Tiers for Catalyst 8000
25M
50M T1
Consistency of consumption models
(Similar Tiers as those in EA)
100M
250M
2.5G
Consolidated tiers applicable across Essentials,
5G T3
Advantage and Premier
10G
SESSION ID © 2020 Cisco and/or its affiliates. All rights reserved. 177
Выбор полосы пропускания при заказе
лицензии
What traffic do you need to include in your BW Tier calculation?
T3
Cisco DNA T2
BW Tier T1
T0
• IPsec between SD-WAN Sites • All IPsec encrypted traffic on the box • Non-IPsec traffic is not charged by the
License on Physical platforms. (Not
• IPsec to Umbrella SIG / ZScaler SIG or • Non-IPsec traffic is not charged by the Applicable for C8000V)
any other non-SD-WAN IPsec License.
• Choose the lowest (T0) BW Tier
• GRE / DIA traffic (no Crypto) regardless of total estimated traffic
• HSEC license ($1) required ( over • HSEC license($1) required ( over • Utilize the max forwarding capacity of
250Mbps in one or both directions). 250Mbps in one or both directions). the platform
Select HSEC option with T2 & T3 Select HSEC option with T2 & T3
Examples:
T1
C8300-2N2S-6T – Autonomous Mode
I’m running aggr. 200 Mbps IPsec + 9 Gbps unencrypted traffic
16 Mbps
DNA
Choose DNA License depending DNA DNA DNA DNA DNA
Essential
on required features Advantag Premier Essentials Advantag Premier
s
e e
T0 T1 T2 T3 T0 T1 T2 T3
Choose BW Tier
Perpetual License
After term expiry No Renewal Renewal
Required *7Y term in Advantage only
#Not applicable for C8000V
10M to 10G (non-Tiered BWs) 10M to 2.5G (non-Tiered BWs) Tier based Licenses
Tier based Licenses
(For all traffic – Crypto & Non (For all traffic – Crypto & Non (For all traffic – Crypto & Non
(For all traffic – Crypto & Non Crypto)
Crypto) Crypto) Crypto)
AppX
3Y 5Y 3Y 5Y 3Y 5Y 3Y 5Y
7Y* 7Y* 7Y* 7Y*
*7Y term in Advantage on
Subscription models of Software and Bandwidth Consumption for Virtual Routers © 2020 Cisco and/or its affiliates. All rights reserved.
Smart Licensing Using Policy или как
просто купить и начать
эксплуатировать маршрутизатор Cisco
Consume
In-use License
CSLU
Windows
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco 192
Итоги и выводы
Cloud Edge
Catalyst 8000V
SRIOV
Hypervisor/Cloud
SD-WAN
(Viptela OS)
vEdge 2000 vEdge 5000 vEdge Cloud
Catalyst 8000V
Virtualization SRIOV
Hypervisor/Cloud
(NFVIS)
Catalyst 8200 uCPE ENCS 5400 CSP 5000 Catalyst 8000V
Catalyst
Wireless Controller Core & Distribution Catalyst 8500
8200/8300
9800 Family 9500/9600 Family Series Edge
Series Edge
Platforms
Platforms
Catalys
Access t
Access Point 8000V
9200/9300/9400
9100 Family
Family
Inten
Polic Automatio Analytics
t
y n
Спасибо за внимание!