One Combined Software Release for switches Cisco SE René … · June 2015 One Combined Software...

IOS and IOS-XE releases

June 2015

One Combined Software Release for switches

Cisco SE René Andersen / Søren Dulong Andreasen

Cisco Confidential 2 © 2013-2014 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential – For NDA use only, not for further disclosure or distribution

Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 CY2015

CY2012 CY2013 CY2014

Catalyst Access Switching - Software Roadmap

EM Release

EM: Extended Maintenance Release

Darya rebuild

3.3.2SE

C3850 Fiber

Catalyst 4500E/X

Release

Catalyst 2K/3K Feature

Release

IOS-XE NG3K Releases

2K/3K/4K One Release

Amur

XE 3.6.0E/15.2(2)E Beni

XE 3.7.0/15.2(3)E

One Combined

Release for

Cat2K/3K/4K/5760

Yap XE 3.3.0SG/ IOS 15.1.(1)SG

Texel XE 3.4.0SG/ IOS 15.1(2)SG

Indus XE 3.5.0E/IOS 15.2(1)E

4K Release

Nile

15.0(2)SE

2960-SF

Launch

XE 3.2.0SE Darya

3.3.0SE

3K-X UPOE

Launch

C3850 Launch

2K/3K Release

C3850/5760 FCS

Release

Sup-8E Launch

15.0(2)EX

2960X/XR

Launch

IOS XE 3.3.0XO

EM Release

EM Release

C3650 C3850 Fiber


Customer benefits of combined release ?

• One release to Qualify, Deploy and Maintain for Cat2K/3K/4K

• Lower TCO

What combined release does not provide ?

• Merging of IOS to IOS-XE or vice-versa

• Change in existing platform behavior

4 © 2014 Cisco and/or its affiliates. All rights reserved. BRKARC-3438 Cisco Public

IOS

IOS XE 3 .x

Management Interface

Module Drivers

Common Infrastructure / HA

IOS-XE

• Modern IOS to enable multi-core CPU

• Easy customer migration

• While maintaining IOS functionality and look and feel

• Allow hosted applications like Wireshark

Management Interface

Module Drivers

Linux Kernel

Common Infrastructure / HA

IOSd

Features Components

Hosted Apps

Features Components

WCM

Kernel

IOS XE Evolution

Wireshark

IOS 15.x


SM Rebuilds EM Rebuilds

• Total 3 rebuilds spanned over 18 months.

• Last rebuild is PSIRT only.

• Total 9 rebuilds spanned over 44 months.

• Last 2 rebuilds are PSIRTS only.

• Extended Maintenance (EM) and Standard Maintenance (SM)

• Two feature releases every year, alternating between SM and EM

3.x/15.x SM SM EM SM EM EM

Release Guidelines


IOS-XE 3.6.0E/ IOS15.2(2)E Release

Wired Features Infrastructure • Active and Passive CX1 SFP, Active CX1 SFP+,

• Sup8-E wired feature parity w/ SUP7E (except IPv6 PBR)

• Migration enablers for 3850 & 3650* (See next slide for details)

• TDR in Lan Base (4K,parity with 3K), WCCP in IP-base (3K), IPv6 PIM in IP-lite(2960XR)

Layer 3 • IPv6 VRF (Sup8E, 3850/3650)

• IPv6 uRPF, IPv6 PBR (3850/3650)

• IPv4 & IPv6 SDM Templates (3850/3650)

• VRRPv3 (Sup8E, 3850/3650)

IT Simplicity • PnP Agent, PnP Smart Install Proxy

• Smart Install Client (4K)

• Auto Conf and Interface Templates

• Easy VSS, Auto Secure

Services • Device Sensor w/ISE – Wired & Wireless

• Service Discovery Gateway Ph II (Location, Static service,,HA)

• IP4 FQDN ACL, Secure CDP, IPv6 CTS, Bidir SXP

Application Experience • Medianet on 3850 & 3650 (Perf Mon, Mediatrace, Metadata)

Wireless Features

Infrastructure • New AP Support: AP700I, AP700W, AP2700

• Outdoor AP1530 series (Centralized Mode Only)

Mobility Services • AVC-Wireless Ph II ( QoS tie-in with Policy) • Service Discovery Gateway Ph II (location static

service) • Device Sensor (Policy Classification Engine)

Interop • Prime 2.1, ISE 1.2/1.3, MSE 8.0

Compliance for Wired and Wireless

• Wired & Wireless FIPS 140-2, CC, UCAPL

Shipping

Last Release for Sup6E/L-E, 2960S/SF,

2K/3K Gig compact


Compliance & Certifications


Compliance - Catalyst 2K, Compact, 3K-X, 3850, 3650, 5760 Certified In Progress with 3.6.0E

2960S/SF, 2960X/XR 2960S/SF All

2960C, 3560C All All

3K-X, 3K-X UPoE 3K-X All

Wired & Wireless

3850, 3650, 3850-UPoE, 5760 All

2960S/SF, 2960X/XR 2960S/SF All

2960C, 3560C 2960C, 3560C All

3K-X, 3K-X PoE 3K-X All

Wired & Wireless

3850, 3650, 3850-UPoE, 5760 All

2960S/SF, 2960X/XR 2960S/SF All

2960C, 3560C 3560C All

3K-X, 3K-X PoE 3K-X All

Wired & Wireless

3850, 3650, 3850-UPoE, 5760 All

2960S/SF, 2960X/XR 2960S/SF 2960X/R

2960C, 3650C All

3K-X, 3K-X PoE All

Wired & Wireless

3850, 3650, 3850-UPoE, 5760 3850, 3850-UPoE 3650

NA

Certified NA

Not Applicable Not Certified

NA

Products


Compliance - Catalyst 4500E/X,49xx Series Switches Currently Certified In Progress with 3.6.0E

Sup2, Sup4, Sup5, Sup6E, Sup6LE Sup2, Sup4, Sup5

Sup7E, Sup7LE, 4500X Sup7E,7LE,4500X All

Sup8E Sup8E (Wired)

49xx 4900M, 4948E, 4948EF

Sup2, Sup4, Sup5, Sup6E, Sup6LE

Sup7E, Sup7LE, 4500X Sup7E,7LE, 4500X All

Sup8E Sup8E (Wired)

49xx

Sup2, Sup4, Sup5, Sup6E, Sup6LE Sup6E, Sup6LE

Sup7E, Sup7LE, 4500X Sup7E,7LE,4500X All

Sup8E Sup8E (Wired)

49xx

Sup2, Sup4, Sup5, Sup6E, Sup6LE Sup6E, Sup6LE

Sup7E, Sup7LE, 4500X Sup7E,7LE,4500X

Sup8E Sup8E (Wired)

49xx 4900M, 4948E, 4948EF

Certified NA Not Applicable

Product

NA

NA

NA

Not Certified


Feature Details: SIMPLICITY!


Easy VSS


Easy VSS Configuration

1 Line – ‘switch convert mode easy-vss’

Zero touch on Standby (No Config Needed)

Mismatch Discovery & Fix

Needs an L3 Reachability to the pair for communication

Option to choose VSL Link

Easy VSS

Access Switch

Multi-Chassis Etherchannel

Access Switch

#(easy-vss)#VSL ?

Local Interface Remote Interface Hostname Standby-IP

GigabitEthernet3/5 TenGigabitEthernet1/1 4K-DEMO 2.2.2.4

GigabitEthernet3/6 TenGigabitEthernet1/2 4K-DEMO 2.2.2.4

GigabitEthernet3/7 TenGigabitEthernet1/1 4K-DEMO2 2.2.2.5


AutoSecure


Auto Secure

Generally Applied Security Configuration

• 3 Simple Security Features

• DHCP Snooping

• Dynamic ARP Inspection

• Port Security

• Several Lines of Configuration

• Difficult to Validate


Auto Secure

Auto Security Config

• 1 Line – ‘auto security’

• Uplinks & Downlinks

• Global & Per Port Option

• Global Config enables on all ports as well

• Based on port mode – access OR trunk, it applies host config or uplink config


Interface Templates


Auto Conf and Interface Template

Port based only Usability/Bloated config Inflexible

• Simplified running-config

• Parsed at definition time

• Built-in templates

Lower TCO

• Config rollback

• Precedence management

• Integrated with session aware networking

Easy to use &

Intuitive

Next Gen Auto Smart Port

Current Challenges


Interface Templates: Built-in Templates

11 Built-in Templates based on common end devices

3750X# show template interface brief

Template-Name Source Bound-to-Interface

------------- ------ ------------------

AP_INTERFACE_TEMPLATE Built-in No

DMP_INTERFACE_TEMPLATE Built-in No

IP_CAMERA_INTERFACE_TEMPLATE Built-in No

IP_PHONE_INTERFACE_TEMPLATE Built-in No

LAP_INTERFACE_TEMPLATE Built-in No

MSP_CAMERA_INTERFACE_TEMPLATE Built-in No

MSP_VC_INTERFACE_TEMPLATE Built-in No

PRINTER_INTERFACE_TEMPLATE Built-in No

ROUTER_INTERFACE_TEMPLATE Built-in No

SWITCH_INTERFACE_TEMPLATE Built-in No

TP_INTERFACE_TEMPLATE Built-in No

Good Defaults


BUILTIN_AUTOCONF_POLICY - AutoConf policy

that identifies parameter map

AutoConf: default Hierarchy

AutoConf Policy

Parameter Map

Container relationship

Mapping Device type A to

interface template X

Mapping Device type B to

interface template Y

Mapping Device type C to

interface template Z

3750X# show parameter-map type subscriber attribute-to-service all

Parameter-map name: BUILTIN_DEVICE_TO_TEMPLATE

Map: 10 map device-type regex "Cisco-IP-Phone"

Action(s):

20 interface-template IP_PHONE_INTERFACE_TEMPLATE

Map: 20 map device-type regex "Cisco-IP-Camera"

Action(s):

20 interface-template IP_CAMERA_INTERFACE_TEMPLATE

Map: 30 map device-type regex "Cisco-DMP"

Action(s):

20 interface-template DMP_INTERFACE_TEMPLATE

All builtin by default

3750X# show policy-map type control subscriber BUILTIN_AUTOCONF_POLICY

BUILTIN_AUTOCONF_POLICY

event identity-update match-all

10 class always do-until-failure

10 map attribute-to-service table BUILTIN_DEVICE_TO_TEMPLATE


Parameter Map: Brains behind autoconf

Parameter Map role

Maps device-type to interface template

BUILTIN_DEVICE_TO_TEMPLATE

Automatically created when autoconf enabled

Not shown in running-config unless modified

Easy to modify

Ways to map device to template

device-type specify device-type

mac-address specify mac-address

oui specify oui

user-role specify user-role

username specify username

AutoConf: default parameter map

3750X# show parameter-map type subscriber attribute-to-service all

Parameter-map name: BUILTIN_DEVICE_TO_TEMPLATE

Map: 10 map device-type regex "Cisco-IP-Phone"

Action(s):

20 interface-template IP_PHONE_INTERFACE_TEMPLATE

Map: 20 map device-type regex "Cisco-IP-Camera"

Action(s):

20 interface-template IP_CAMERA_INTERFACE_TEMPLATE

Map: 30 map device-type regex "Cisco-DMP"

Action(s):


Map: 40 map oui eq 00.0f.44

Action(s):


Map: 50 map oui eq 00.23.ac

Action(s):


Map: 60 map device-type regex "Cisco-AIR-AP"

Action(s):

20 interface-template AP_INTERFACE_TEMPLATE

Map: 70 map device-type regex "Cisco-AIR-LAP"

Action(s):

20 interface-template LAP_INTERFACE_TEMPLATE

Map: 80 map device-type regex "Cisco-TelePresence"

Action(s):

20 interface-template TP_INTERFACE_TEMPLATE

Map: 90 map device-type regex "Surveillance-Camera"

Action(s):

10 interface-template MSP_CAMERA_INTERFACE_TEMPLATE

Map: 100 map device-type regex "Video-Conference"

Action(s):

10 interface-template MSP_VC_INTERFACE_TEMPLATE


What template is bound to interface? Show template interface

binding

show template binding

AutoConf In Action: Dynamic Binding to Interface (3) 3750X# show template interface binding all

Template-Name Source Method Interface

------------- ------ ------ ---------

IP_PHONE_INTERFACE_TEMPLATE Built-in dynamic Gi1/0/2

3750X# show template binding target gi1/0/2

Interface Templates

===================

Interface: Gi1/0/2

Method Source Template-Name

------ ------ -------------

dynamic Built-in IP_PHONE_INTERFACE_TEMPLATE

Service Templates

=================

Interface: Gi1/0/2

Session Source Template-Name

------- ------ -------------

Gig1/0/2


Simplicity

Plug-N-Play– Simplified Day 0/ Day 1 Provisioning

Pre Provision Projects/Sites • Policies • Match Rules • Configs/Image • IP Addressing

Network Admin

1

Campus-

Bldg-2

Smart Install Proxy

PnP Agent

Smart Install-Client

PnP Agent

PnP Agent

PnP Agent

PnP Server

Installer

Remote Installer • Mount and cable devices • Power-on

2

APIC EM

3

• Network Admin remotely monitors status of install while in progress.

• Booting devices call out to PnP Server, requesting instructions

XE 3.7 IOS 15.2.(3)

Enterprise Networking Group


3.7.0E/15.2(3)E - Platform Support

Wired 4K: Catalyst 4500E - Sup7-E/7L-E, Sup8-E, 4500X-16, 4500X-32, 4900M, 4948E, 4948E-F 3K: 3850, 3850 SFP, 3650, 3750-X, 3560-X 2K: 2960-X, 2960-XR, 2960-Plus Compact: 2960-C IE: IE2000, IE3000, IE 3010, CGS 2520, GRWICDES, IE2000U

Wireless Controllers: WLC 5760 APs: 700, 1040, 1140, 1260, 1530 (local mode), 1600, 2600, 2700, 3500, 3600, 3700

Interoperability Cisco Prime 2.2, ISE 1.2/1.3, MSE 8.0

Platforms not supported Sup6L-E, Sup6-E, 2960 S/SF/CG, 3560 C/CG NOTE: 2960C is still supported!

New Platforms NG Compact - 2K-CX, 3K-CX (Q4CY14) 3850 mGig (H1CY15) 4K mGig Line Card (H1CY15) AP 1570 (local mode), AP 1700


Private

VLANs

IPv6 FHS:

Source/Prefix

Guard

IEEE 802.1AE MACsec (SAP)

IPv6 FHS: Destination

Guard

3.7.0E

Q4CY14

3.7E

Rebuild

H1CY15

XPS

Support

IEEE 802.1AE MACsec (MKA)

3.7E – Catalyst 3850/3650 New Features


3.7.0E - Catalyst 4K New Features

• IPv6 FHS on EtherChannel (also on 3K/2K)

• VRF-aware IPv6 PBR

• TrustSec on WS-X47xx (1G Fiber Line Cards) Core

• Q in Q

• L2PT

• VLAN Translation (1:1 and Selective)

• WCCP*

VSS

• Wired and Wireless Convergence

• Support on 7 & 10 Slot R-E Chassis

• Sup7-E Uplink Mode to enable WS-X46xx LCs (K5 ASIC) in Slot10

• IPv6 PBR (Parity with Sup7-E)

Sup8-E

* Targeted in 3.7E Rebuild


MAC Security on 3850/3650

• Switch-to-Switch MACSec supported with 3.7.0E

• Downlink and Uplink ports support Switch-to-Switch encryption

• 128-bit AES-GCM,10Gb line-rate encryption

• Manual (SAP) + Dot1x (NDAC+SAP) modes

• Switch-to-Host MACSec (MKA) currently NOT supported, targeted for 3.7E rebuild (H1CY15)

Switch-to-Host Switch-to-Switch

MACSec MACSec MACSec

Switch-to-Switch

Encrypt Encrypt Encrypt

Decrypt Decrypt Decrypt

&^*RT&*J%^*&*sd#J &^*RT&*J%^*%#&*sd#J &^*RT&*J%^*&*sd#J

Switches have visibility

Encrypted Data Encrypted Data Encrypted Data


Wireless with Supervisor 8-E

NEW

IOS-XE 3.7.0E

4503-E, 4506-E, 4507R+E, 4507R-E,

4510R+E, 4510R-E

700, 1040, 1140, 1260, 1530, 1570, 1600, 1700, 2600, 2700, 3500, 3600, 3700

Wireless not supported in

VSS mode

* MC Managing MA targeted for 3.7.0E Rebuild

Sup-8E Rommon Version: 15.1(r)SG4

IP Base license

Standard AP licenses required if running as MC

Requirements

20G Wireless Termination

50 APs as MA or MC

2000 clients

Feature Parity with 3850/3650*

CoPP for Wireless


MC

MAs

Configuration push

(MC MA)

Troubleshooting scripts

output gathering

(MA MC)

MC Managing MA Prime CA Templates

Internet

5760-GA-1

DC

CPI ISE

5760-GA-2

MC/MA MC/MA MC/MA

Branch – 1

3850

Branch – 2

3650-StackWise

Branch – 3

SiSiSiSiSiSi

4500E-Sup8E

Addressing & Mobility

WLANs

Security

Bandwidth (%)

App Visibility

Available

starting from CPI 2.2.1 with Wireless TechPack 1.0

LAN

Only

Simplified CA Management Available on Cat 3850/3650 starting from IOS-XE 3.7.0

Cat 4500/Sup-8E

availability coming in IOS-XE 3.7.1

Dec 2014 H1 2015


3.6 features & hardware needed (Improved Web-UI, AVC, AP2700, AP1530, AP700, CleanAir on AP1600 etc)

Shipping Recommended release is 3.6.2

Converged Access

Software recommendations for Converged Access

3.3.5 If your Network runs IOS-XE 3.3.x Shipping Recommended release is 3.3.5

3.6.2 3.6.3

Maximum stability needed

Recommended release is 3.6.3*

*availability planned for Q3 CY15

Recommendations for April 2015 / subject to change

3.7.0

3.7 features & hardware needed

(CA on Cat4K/Sup-8E, 1700AP, 1570AP,

D/F/Z/S/M and World reg domains, AP Pass-through auto, MC manages MA)

Shipping Recommended

release is 3.7.0


IOS XE 3.6 (Amur) – Extended Release New releases and roadmap items

November CY14

3.6.1 – MR1

Support for Device Sensor (LAN Base)

Support for Cisco Aironet 1700 Series Access Points

MAC Authentication per WLAN

Support for Cisco Prime Infrastructure 2.1.2

March CY15

3.6.2 – MR2

Improved Web-UI

AVC

Support for: AP2700, AP1530, AP700

Support for CleanAir on AP1600

August CY15

3.6.3 – MR3

Code Hardening Only

This will be the new default image when shipping new

products

Shipping Shipping Plan


What Release to use? TAC Recommended Guidelines MD vs ED Releases

Best Practices – Recommended Release

http://www.cisco.com/c/en/us/products/collateral/wireless/5700-series-wireless-lan-

controllers/bulletin-c25-733697.html

Software Release Upcoming Releases Recommended Release

Release 3.2 No more MRs planned 3.3 release train

Release 3.3.5 (MD Release Train) No more MRs planned

3.3 release train for 802.11n/11ac deployments(safe harbor release)

Release 3.6.2 3.6 MR3 – July/August 802.11ac deployments to 3.6 ED

Release 3.7 3.7 MR1 (April CY15) 802.11ac deployments to 3.7 ED

http://www.cisco.com/c/en/us/products/collateral/wireless/5700-series-wireless-lan-controllers/bulletin-c25-733697.html














Converged Access Workflow Matrix

Platform System Mode IOS-XE

S/W Version

Agent

(MA)

Controller

(MC)

Guest Anchor

(GA)

Catalyst

3650/3850

Standalone and

StackWise

3.6.0 and

above ✔ ✔

Catalyst

3850 Fiber (1GE)

Standalone and

StackWise

3.6.0 and

above ✔

Catalyst

4500E – Sup8E

Single and Dual-Sup

(Non-VSS Mode)

3.7.0 and

above ✔ ✔

CT5760 Standalone and

StackWise

3.6.0 and

above ✔ ✔

IOS-XE Supported Platforms


IOS-XE Solution Interoperability

5760 3850 3650 4K 5508 MSE ISE ACS Prime

3.2.0SE 3.2.0SE - - 7.3.112 - 1.1.1MR 5.2 -

3.2.1SE 3.2.1SE - - 7.3.112 - 1.1.3,1.1.2 5.2, 5.3 -

3.2.2SE 3.2.2SE - - 7.3.112/7.5+ - 1.1.3,1.1.2 5.2,5.3 -

3.2.3SE 3.2.3SE - - 7.3.112/7.5+ 7.4 1.1.3,1.1.2 5.2, 5.3 2.0

3.3.0SE 3.3.0SE 3.3.0SE - 7.3.112/7.5+ 7.5 1.2 2.1

3.3.xSE 3.3.xSE 3.3.xSE - 7.3.112/7.5+ 7.5 1.2 2.1

3.6.xSE 3.6.xSE 3.6.xSE - 7.6/8.0 8.0 1.2/1.3 2.1

3.7.xSE 3.7.xSE 3.7.xSE 3.7.xSE 8.0 8.0 1.2/1.3 2.2

PI/MSE/ISE needs to be aligned with correspondent IOS-XE Releases


IOS XE 3.7 (Beni) – Standard Release New releases and roadmap items

December CY14

3.7.0

New AP: Access Point 1700(2 SS 802.11ac),

Outdoor AP1570/11ac (Centralized Mode) Cat4K/Sup-8E wireless support

Regulatory domains:

India(D), Indonesia(F), Brazil(-Z mapping T to

Z), Singapore & HongKong (-S mapping N to S),

Iraq(-M for outdoor) World Regulatory Domain

WebAuth Sleeping Client

Wireless AVCTop N AP Pass-through Automation

MC Management of MA (3650,3850)

AutoQoS for Wireless

AFD visibility

Prime CA Templates

MACSec SW-to-SW (3850/3650) - SAP

Prime 2.2, MSE 8.0

April CY15

3.7.1 – MR1

SGT and Destination SGT for Flexible Net Flow2

XPS for 3850

SFP BiDirectional (BiDi) Optics (40/80 KM)

SFP+ BiDirectional (BiDi) Optics

Converged Access Scale

MC mgmt of MA on 4500 Sup8E

July CY15

3.7.2 – MR2

Auto-LAG for APs

MACSec SW-to-Host (3850/3650)

DAI with Static Host

HW GRE for 3650 and 3850



Converged Access Scalability Guidelines

3650 3850 Cat4500/Sup-8E CT5760 CT5508 WiSM2

3.3.x SE

(Supported /

Recommended)

3.3.x SE

(Supported /

Recommended)

3.7.0 SE

(Supported /

Recommended)

3.3.x SE

(Supported /

Recommended)

AireOS 7.6.x

& 8.0.x

AireOS 7.6.x

& 8.0.x

Mobility Controller Mode Yes Yes Yes Yes Yes Yes

AP number supported today 25 50 50 1,000 / 600 500 1,000

AP number will be supported

from 3.7.1 release 50 100 100 1,000 / 600 - -

Clients Supported 1,000 2,000 2,000 12,000 / 7,000 7,000 15,000

Mobility Agent Mode Yes Yes Yes N/A N/A N/A

Number of MC in Mobility

Domain 8 / 2 8 / 2 8 / 2 72 / 2 72 72

Number of MAs in Sub-

domain (per MC) 16 / 8 16 / 8 16 / 8 350 / 32 350 350

AP Scale (Per-Domain) 200 / 50 (100) 250 / 100 (200) 250 / 100 (200) 72,000/1,200 36,000 72,000

Converged Access Design Recommendation Summary

CT5760 is the preferred appliance to operate as External MC

MC functionality on AireOS WLC will be deprecated starting from AireOS 8.1 (New Mobility will continue to work)

AireOS devices IOS-XE devices


Catalyst 4500(E & X) Software Roadmap New releases and roadmap items

Q2CY2014

IOS XE 3.6.0E (Amur)

Sup8E : Feature Parity with SUP7-E

Active Optics Cable

FnF Export over IPv6

IPFIX flow export for SUP8-E

Plug n Play (PnP)

Auto Configuration

Interface Templates

Easy VSS

Service Discovery Gateway Phase II (Location aware)

Govt Certifications: FIPS, Common Criteria, UCAPL, USGv6

ISE 1.2/1.3

Prime 2.1 & MSE 8.0

Q4CY2014

IOS XE 3.7.0E (Beni)

Sup8E Converged Access Support

mGig Line card*

R-E chassis support for Sup8-E

100FX support* (4500X)

AVC Wireless on SUP8-E

IPv6 ACL Masking

IPv6 PBR on Sup8E

BFD for ISIS v4 & v6

SDN - OpenFlow1.3*

VSS: QinQ, VLAN Translation, L2PT, WCCP*

AP Pass through

MC Management of MA*

Increased AP scale (50->100)*

Trustsec on 47xx1G Fiber cards

Object Group ACL*

HW GRE*, NHRP*

Govt Certifications for Wireless SUP8-E

Prime 2.2


* 3.7.1E release in 1HCY15 ** Rebuild releases in 1HCY16


Catalyst 2K Software Roadmap New releases and roadmap items

June CY14

15.2(2)EX (Amur)

USGv6

FIPS/CC (Dec certificate)

IPv6 FHS PH II

VRF-aware IPv6 (OSPFv3, EIGRPv6,BGPv6)

PnP Agent

Auto Security

Auto Config

IPv6 PBR (2960-XR)

EIGRPv6-Stub (2960-XR)

WCCP

SFP Active Optics

8 Queues (2960-X)

December CY14

15.2(3) (Beni)

FNF O/P Interface Map

IPv6 FHS support on Etherchannels

PnP Server

CDP Bypass

VLAN Name Extensions (32 chars -> 128 chars)



The New Catalyst 3850 10G Fiber Switches

# 10G Ports 12 16 24 32 48 Future

Total Capacity 160G 160G 320G 320G 640G

Network

Modules

Supported

C3850-NM-4-10G Slot Used

C3850-NM-4-10G

C3850-NM-8-10G

C3850-NM-2-40G

Slot Used 4x40G fixed

(No FRU Network

Module)

Key Features Stacks with C3850 family – Stackwise and StackPower

Availability Q4FY15 Q1FY16

NOW!

Cisco Brings Entire Portfolio of Multi-Gigabit Access Switches

Catalyst 3850 48 / 24 port Multi-

Gigabit Switch

24 / 12 ports Multi-Gigabit Capable

Also Introducing: 40G Uplinks

Stackable

Converged Wired & Wireless

Catalyst 3560-CX 8 port Multi-Gigabit

Switch

2 ports Multi-Gigabit Capable

Compact

Wired

Catalyst 4500E 48 port Multi-Gigabit

Line Card

12 ports Multi-Gigabit Capable

Modular

Converged Wired & Wireless

June/July15


IP Services

Full OSPF, BGP, IS-IS, IPv6 PBR, VRFs…

Cat3k SW Packages

LAN Base

ACL, L2, StackPower, 802.1X, DHCP Server, SXP, PnP, Static Routes, IGMP…

IP Base

PVLAN, SGT, SGACL, Converged Access, EEM, Wireshark, Flexible NetFlow, Service Discovery Gateway, Device Sensor, HSRP, VRRP, WCCPv2, PBR, RIP, OSPF for Routed

Access, PIM, EIGRP Stub…

This is a starting point, not an exhaustive list.

42 © 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential


The Journey of 6800 New Hardware Releases Every 3–4 Months

Continuous

HW and SW

innovation

Dec’14

15.2(1)SY

6800

10G LC

Dec’14

15.2(1)SY

6800

1G LC

Dec’14

15.2(1)SY

IA Compact

Consistent

and Effective

Execution

Mar’14

15.1(2)SY2

6880-X

Multirate

Port Card Aug’14

15.1(2)SY3

C6800IA-

48FPDR

2013

15.1(2)SY

15.1(2)SY1

6807-XL

6880-X

6800IA

The MONSTER

Switch

Embarks

on its Journey


Instant Access Scale Update

15.1(2)SY (Shipping) 15.2(1)SY (December 2014) Feature 15.2(1)SY1 (April 2015)

Port Scale

Fabric Link

Stacking

Supervisor 2T

15.1(2)SY (Shipping) 15.2(1)SY (December 2014) Feature

Port Scale

Fabric Link

Stacking

6880-X

1,000

12

3

2,000

42

5

1,000

12

3

1,200

25

5

1,500

32

5


Catalyst Instant Access Client Portfolio

C6800IA-48TD C6800IA-48FPD C6800IA-48FPDR C6800IA-48TD C3560-CX

PoE/PoE+

48 ports, 740W

48 ports, 740W

12 ports, 240W

Down Link Ports 48x1G Cu 48x1G Cu 48x1G Cu 12x1G

Uplink Ports 2x10G SFP+ 2x10G SFP+ 2x10G SFP+ 2x10G SFP+ (for IA mode) ,

2x1G Cu

FEX ID 1242/32* 1242/32* 1242/32* 42/32*

Access Ports

Scalability 10002000/1500* 10002000/1500* 10002000/1500* 300-500**

Stack 35 35 35 0

Dual Power Supply

Standalone Mode

FCS December

2014

*see previous slide as accurate reference for scalability ** Depending on the platform, 300 for sup2T, 500 for 6880

Cisco Confidential 46 © 2013-2014 Cisco and/or its affiliates. All rights reserved. Investment Protection • All E-Series Chassis and 6807-XL

• DFC4 Upgrade Option for 67xx Line Cards Fortifying Enterprise Backbones with the Catalyst 6500 & Catalyst 6800

15.2(1)SY Release – Highlights

Compact IA

Interface template and

autoconf

IPv6 First Hop Security

8, 16, and 32p

10G/1G cards

10/1G mixed mode

48p 1 Gig line card

40G adapter*

OF1.0 and 1.3

Includes topology, IPv4/v6

tables, QoS marking, flow

stats, multiple controllers,

interfaces (routed and

switched)

PnP Agent

OSPFv3 area filter

DHCPv6 LDRA

LDP inbound label filter

VRF-aware DHCP relay

VRF-aware DNS

VRRPv3

Instant Access

New Hardware

Innovative Features

200 New

BACKBONE

Features Customer Solutions

FCS

Q4CY14


Simplicity with Auto Conf and Interface Template

Configuration Challenges for Catalyst 6K Instant Access

Easy to Use and Intuitive

Up to 2,000 ports to configure and manage

Huge Running-configuration to maintain

Manual configuration of Access ports is complex and

error prone

AUTO

CONFIGURATION

Simplified

Running

Configuration

Parsed at

Definition Time

Build-in

Templates

Configuration

Rollback

Precendence

Management

Integrated with

Session Aware

Networking


Catalyst 6K Software Roadmap

15.2(1)SY Q4CY2014

• WS-C3560CX-8XPD-S (mGig Switch)

as IA Client

• IA scale to 1500 for Sup2T

• Mode Change (FEX to Normal) for

C3560CX Switches

• Easy FEX/ Auto FEX/ Easy VSS

• NEAT for IA (Compact Switches)

• IP Fast ReRoute (OSPF/ EIGRP)

• MoFRR

• Multicast Flow based MoFRR

15.2(1)SY Q4CY2014

• REP Support for 6500/ 6800/ 6880

Hardware

Application Experience &

Security

IT Simplicity

Mobility

Layer3 Leadership

• 32x10G

• 16x10G

• 8x10G

• NG Compact IA (12x GE)

• C6800 1G copper/fiber cards

• IA Hi Scale (2K ports/ 42-FEX ID/ 5-Stack)

• IA Phase 2 – AutoConf,

• IBNS Phase 2.0: • Service/ Interface Templates • Critical ACL/ MAB • Concurrent/ Differentiated Auth

• OSPFv3 GR/ NSSA/ Area Filter

• BGP GR/ Local AS

• Netflow for COPP and full MPLS support

• IPv6 support for Trustsec

• mDNS Service Delivery Gateway Ph 2 • Location Awareness • Service Enumeration • Static Service Definition • High Availability

• LISP ASM

• VRF Aware DHCP Relay(v4 and v6) /

DNS

• MPLS LDP local label filtering

• IPv6 FHS

15.2(1)SY1 Q2CY2015

15.2(1)SY2 & 15.2(2)SY Q3CY2015

• 10G to 40G adapter

Shipping Coming

soon

1H’CY2016+ 15.2(1)SY Q4CY2014


C6800IA-48FPDR C6800IA-48TD C6800IA-48TD C3560-CX-12PD-S

PoE/PoE+ ✗ 48 ports, 740W

48 ports, 740W

12 ports, 240W

12 ports, 240W

Down Link Ports 48 x 1G RJ45 48 x 1G RJ45 48 x 1G RJ45 12 x 1G RJ45 6 x 1G RJ45 + 2 x mGig

Uplink Ports 2 x 10G SFP+ 2 x 10G SFP+ 2 x 10G SFP+ 2 x 10G SFP+ 2 x 10G SFP+

Stack 3 5 3 5 3 5 ✗ ✗ Dual Power

Supply ✗ ✗ ✗ ✗

Stand-Alone

Mode ✗ ✗ ✗

*will be released with 15.2(1)SY1

Catalyst Instant Access Client Portfolio

C3560CX-8XPD-S* C6800IA-48FPD


Cisco Active Advisor- Coming NOW (June 2015)

www.ciscoactiveadvisor.com

Troubleshooting - CAA

http://www.ciscoactiveadvisor.com/

Date post:	21-Sep-2020
Category:	Documents
Upload:	others
View:	0 times
Download:	0 times

One Combined Software Release for switches Cisco SE René … · June 2015 One Combined Software...

Documents