Cisco Catalyst 3750/3560 and 2960 Series Switching ... · Cisco Catalyst 3750/3560 and 2960 Series...
Transcript of Cisco Catalyst 3750/3560 and 2960 Series Switching ... · Cisco Catalyst 3750/3560 and 2960 Series...
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Cisco Catalyst 3750/3560 and 2960 Series
Switching Architecture BRKARC-3437
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Agenda
Fixed Switching Portfolio
Software and Licensing
Architecture Overview
Packet Walks
Stacking Switches
QoS
Cisco Smart Operations
Summary
3
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Agenda
Fixed Switching Portfolio
Software and Licensing
Architecture Overview
Packet Walks
Stacking Switches
QoS
Cisco Smart Operations
Summary
4
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Catalyst Fixed Switching Portfolio
Catalyst Compact
Switches
Stackable 3000 Series
Switches
Standalone 3000
Series Switches
FAMILIES Current:
3750-X Series 3750V2 Series
Modules
C3KX-NM-1G C3KX-NM-10GT C3KX-SM-10G
EoS: 3750-E Series 3750G Series
3750V1 Series
FAMILIES Current:
3560-X Series 3560V2 Series
EoS: 3560-E Series 3560G Series
3560V1 Series
FAMILIES Layer 3: 3560C Series
Layer 2 only: 2960C Series
Catalyst 2900 Series
Switches
Modules
FAMILIES Stackable:
2960-S Series Standalone: 2960 Series
C2960S-STACK
EoS: 2975 Series
Prev Gen: 3560-E 8 and 12 port
Series
Wall Mountable
5
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Enterprise Class Catalyst 3750-X and 3560-X
Leading Stackable Unified Access Platform
WORLD’S MOST POPULAR STACKABLE
¼ BILLION PORTS
OVER 7 MILLION UNITS
INDUSTRY LEADERSHIP
LOWER TCO
StackWise Plus and StackPower
Modular Uplinks
Hot-swappable dual power supplies & fans
Industry’s highest density PoE+
USB for storage and console
Flexible NetFlow
MACsec
INNOVATION OPERATIONAL SIMPLICITY
Automation
Investment protection
Enhanced Limited Lifetime Warranty
6
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Dual Redundant Power Supplies & Fans
Four PS options
‒ 1100W AC
‒ 715W AC
‒ 350W AC
‒ 440W DC
Dual, redundant, high efficiency PS
Redundant fan modules
Models Default Power Supply Available PoE Power
24 Port Data Switch C3KX-PWR-350WAC –
48 Port Data Switch
24 Port PoE Switch C3KX-PWR-715WAC 370W
48 Port PoE Switch
48 Port Full PoE Switch C3KX-PWR-1100WAC 740W
7
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Service Module – 3750X/3560X
Services module for the Catalyst 3750x and 3560x models
‒ Hot swappable, Plug-and-play
Capable of Flexible Netflow (FNF)
‒ Done in hardware
Capable of Switch-to-Switch MACSec (802.1ae)
‒ First time in the access layer (3750x/3560x)
• Powered using the switch-based power supply
• Two Uplinks
C3KX-SM-10G
8
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Catalyst 2960-S
Cisco Quality at Competitive Price
FlexStack
PoE on all 48 ports
PoE+ support
10G uplinks available
Low power consumption
KEY FEATURES OPERATIONAL SIMPLICITY
Enhanced Limited Lifetime Warranty
Auto Smart Ports
EASE-OF-USE 20M PORTS
500K+ UNITS
ENERGY EFFICIENCY LOWER TCO
9
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Catalyst Compact Switches
Can be powered via PoE(+) or UPoE
Pass through PoE for end devices
Uplink & Downlink Data Encryption
12 models to choose from
KEY FEATURES OPERATIONAL SIMPLICITY
Zero-touch deployment
Auto Smart Ports
Enhanced Limited Lifetime Warranty
8 & 12 PORT MODELS
QUIET (FANLESS)
EXTEND THE CISCO NETWORK
FULL-SIZE CAPABILITIES
LOWER TCO
Ideal for Retail Check Stands, Classrooms, Conference Rooms, Hotel Suites, and More
10
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Agenda
Fixed Switching Portfolio
Software and Licensing
Architecture Overview
Packet Walks
Stacking Switches
QoS
Cisco Smart Operations
Summary
11
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Software Feature Set Flavors
Bu
sin
ess C
on
tinu
ity
Business Agility
Converged Services
Intelligent Services
Evolves With Your Business
Catalyst 2960-S w/ LAN Base
Catalyst 3K-X w/ IP Base Catalyst 3K-X w/ LAN
Base
Catalyst 3K-X w/ IP Services
Cisco EnergyWise
Reliable Voice, Video Scalable Medianet
Automated Smart Operations Non Stop, Self Preserving
Tailored to Meet Business Needs
Threat Intelligence Role-based Access, Secure Traffic
12
Basic Services
Catalyst 2960-S w/ LAN Lite
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Key LAN Lite vs LAN Base Highlights Catalyst 2960, 2960-S
Functionality LAN Lite LAN Base
Layer 2
• Entry-level Access Layer 2
Basic L2 access features including 802.1Q trunking, (M)STP,
STP extensions, CDP, DTP, UDLD, VTPv2, PAGP/LACP, LLDP,
Storm control
• Enterprise Access Layer 2
Wide range of L2 access features for enterprise deployments,
including FlexLinks, VTPv3, LLDP MED
Layer 3 • No Routing Support
Support for L3 management interface
• 16 static IPv4 routes on SVIs
Manageability
• Entry-level Manageability
Express Setup, Cisco Device Manager, SNMPv3 (w/crypto),
RMON, SPAN, TDR, Auto Smart Ports, Smart Install client
• Basic Manageability
Support for a wider range of MIBs, IPSLA Responder, RSPAN
Security
• Entry-level Access Security
SSH v2 server, SSL, HTTPS, SCP, TACACS+, RADIUS, Port
Security, 802.1x (w/ Guest VLAN), MAB, Private VLAN Edge,
DHCP Snooping
• Enterprise Access Security
IPSG, DAI, PACLs, Cisco Identity 4.0, NAC and 802.1x features
QoS • Entry-level Access QOS
Ingress and egress queuing, Scheduling, Priority queuing, SRR
• Enterprise Access QOS
Ingress policing, Trust Boundary, AutoQOS, DSCP mapping
Note: LAN Base feature set includes all LAN Lite features.
For Your Reference
13
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Catalyst 3750v2 and Catalyst 3560v2
Catalyst® 3750-X and Catalyst 3560-X
LAN Base vs. IP Base and IP Services
Highlights
Functions LAN Base IP Base IP Services
Layer 2+
• Enterprise access Layer 2
Wide range of Layer 2 access features for enterprise deployments
• Complete Access Layer 2
Supports all Cisco Catalyst 2000 and Catalyst 3000 Layer 2 features, including hot standby protocols; supports Cisco StackPower™ technology (Cisco Catalyst 3750-X)
Layer 3
•16 IPv4 static routes on SVI • Enterprise access Layer 3
RIP, static and stub PIM, and EIGRP, OSPF for routed access
• Complete access Layer 3
EIGRP, BGP, IS-IS
VRF-lite, WCCP, and PBR
Manageability
• Basic manageability
Support for a wide range of MIBs, IPSLA Responder, and RSPAN
• Enterprise access Layer 3
Gold-Lite and Smart Install Director, EEM
• Complete access Layer 3
IPSLA Initiator
Security
• Enterprise access security
DHCP Snooping, IPSG, DAI, PACLs, Cisco Identity 4.0, NAC and 802.1x features
• Complete access security
Router and VLAN ACLs, private VLANs, complete identity and security, TrustSec SXP, and IEEE 802.1AE (Cisco Catalyst 3560-X and Catalyst 3750-X)
QoS
• Enterprise access QoS
Ingress policing, Trust Boundary, AutoQoS, and DSCP mapping
• Complete access QoS
Support for all Cisco Catalyst 2000 and Catalyst 3000 QoS features, including per-VLAN policies
Note: IP Services feature set includes all IP Base features. IP Base feature set includes all LAN Base features.
For Your Reference
14
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Updating the IOS Code
15
Switch IOS can be updated using .bin or .tar files
Recommendation: .tar files archive download-sw <IOS Image path>.tar (Switch only)
archive download-sw <IOS Image path>.tar <SM Image path>.tar (In case of 3750x with Service
Module)
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Types of Software Licenses License based feature-set upgrades
After the usage period expires, the switch continues to use the temporary software license until it is restarted.
16
Permanent
License
Node-locked – based on UDI Can come pre-installed Works with Cisco License
Manager RMA’s handled as like-to-like
replacements
Temporary
License
Limited Usage period (60 days) Types
• Embedded evaluation license
• Extension License • Grace Period License
Available in E and X series as part of the Universal Image
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Managing Licenses
Show commands to administer software licensing:
‒ Displaying the file
‒ Detailed display of license type
‒ Showing the Unique Device Identifier
‒ Enabling debug mode
show license file [switch <switch_id>]
show license status [switch <switch_id>]
show license detail <feature_name> [switch <switch_id>]
show license udi
debug license <events | all | errors>
17
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Create Your Own Evaluation License! Minimum IOS 12.2(46)SE
Switch# license boot level ipservices Supported license levels are:
ipservices ipbase
PLEASE READ THE FOLLOWING TERMS CAREFULLY. INSTALLING THE LICENSE OR LICENSE KEY PROVIDED FOR ANY CISCO PRODUCT FEATURE OR USING SUCH PRODUCT FEATURE CONSTITUTES YOUR FULL ACCEPTANCE OF THE FOLLOWING TERMS. YOU MUST NOT PROCEED FURTHER IF YOU ARE NOT WILLING TO BE BOUND BY ALL THE TERMS SET FORTH HEREIN. You hereby acknowledge and agree that the product feature license is terminable and that the product feature enabled by such license may be shut down or terminated by Cisco after expiration of the applicable term of the license (e.g., 30-day trial period). Cisco reserves the right to terminate or shut down any such product feature electronically or by any other means available. While alerts or such messages may be provided, it is your sole responsibility to monitor your terminable usage of any product feature enabled by the license and to ensure that your systems and networks are prepared for the shut down of the product feature. You acknowledge and agree that Cisco will not have any liability whatsoever for any damages, including, but not limited to, direct, indirect, special, or consequential damages related to any product feature being shutdown or terminated. By clicking the "accept" button or typing "yes" you are indicating you have read and agree to be bound by all the terms provided herein.
ACCEPT? (yes/[no]):
*Apr 2 02:04:08.604: %IOS_LICENSE_IMAGE_APPLICATION-6-LICENSE_LEVEL: Module name = c3750e Next reboot level = ipservices and License = ipservices
19
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Agenda
Fixed Switching Portfolio
Software and Licensing
Architecture Overview
Packet Walks
Stacking Switches
QoS
Cisco Smart Operations
Summary
20
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Switch Components
SDRAM
CPU
Stack PHY
Flash
Serial
Port ASIC Port ASIC Port ASIC
Switch Fabric
Dual Mode PHY
10/100
2X10G or 4X1G 12X1G 12X1G 12X1G 12X1G
StackWise,
StackWise
Plus
24X1G POE 24X1G POE
Two Stack
Cables
8 Port
PHY
8 Port
PHY
8 Port
PHY 8 Port
PHY
8 Port
PHY
8 Port
PHY
Fixed switches have a very simple design
Key components are the ASICs, the CPU and the Phys
Switch Fabric in some families
Stacking in some families
21
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Two Stack
Cables
SDRAM
CPU
Stack PHY
Flash
Serial
Port ASIC Port ASIC Port ASIC
Switch Fabric
Dual Mode PHY
10/100
2X10G or 4X1G 12X1G 12X1G 12X1G 12X1G
StackWise,
StackWise
Plus
24X1G POE 24X1G POE
8 Port
PHY
8 Port
PHY
8 Port
PHY 8 Port
PHY
8 Port
PHY
8 Port
PHY
Port ASICs
The Port ASIC performs:
Pre-pend a 24-byte header for internal use
Traffic forwarding
QoS
ACL lookup
The number of Port ASICs varies, depending on media speed and type of ports.
I.e., Gig ports, SFP ports, 10Gig ports
22
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
TCAM/SRAM
Stores vital information including IPv4, IPv6 and MAC addresses, ACES etc
The 3750-X TCAM/SRAM is incorporated into the Port ASIC Hardware Merge process to pack entries into TCAM
Two Stack
Cables
SDRAM
CPU
Stack PHY
Flash
Serial
Port ASIC Port ASIC Port ASIC
Switch Fabric
Dual Mode PHY
10/100
2X10G or 4X1G 12X1G 12X1G 12X1G 12X1G
StackWise,
StackWise
Plus
24X1G POE 24X1G POE
TCAM
SRAM
TCAM
SRAM
TCAM
SRAM
8 Port
PHY
8 Port
PHY
8 Port
PHY 8 Port
PHY
8 Port
PHY
8 Port
PHY
23
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Switch Fabric
128Gbps switching Fabric
Provides line rate and local switching within a switch and stack connectivity
‒ 48G + 2X10G + 32 Stack-ports (100Gbps FDX)
64 Gbps Ring Stackwise Plus
1 Gbps Ring Inter-connect control path to the Port ASICs to the CPU
Point-to-Point, 32 Gbps ring connecting each Port ASIC
Jumbo frame switching and routing
Two Stack
Cables
SDRAM
CPU
Stack PHY
Flash
Serial
Port ASIC Port ASIC Port ASIC
Switch Fabric
Dual Mode PHY
10/100
2X10G or 4X1G 12X1G 12X1G 12X1G 12X1G
StackWise,
StackWise
Plus
24X1G POE 24X1G POE
8 Port
PHY
8 Port
PHY
8 Port
PHY 8 Port
PHY
8 Port
PHY
8 Port
PHY
24
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
CPU
Switch-to-Switch communication and synchronization
Updates the MAC and Routing caches attached to each port ASIC
Performs CPU Software-based forwarding when the TCAM is over its limits for MACs, Routes, ACL entries etc.
The CPU communicates with the Port ASICs via a dedicated management ring (the yellow ring in the diagram)
Two Stack
Cables
SDRAM
CPU
Stack PHY
Flash
Serial
Port ASIC Port ASIC Port ASIC
Switch Fabric
Dual Mode PHY
10/100
2X10G or 4X1G 12X1G 12X1G 12X1G 12X1G
StackWise,
StackWise
Plus
24X1G POE 24X1G POE
8 Port
PHY
8 Port
PHY
8 Port
PHY 8 Port
PHY
8 Port
PHY
8 Port
PHY
25
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
PHY – Includes Link Encryption
MACsec link encryption in hardware – Line rate (3750X/3560X)
All media conversion
10/100/1000 Mbps
FX, LX/LH, SX, ZX, BX (1490 & 1310Nm), CWDM, DWDM
10G, Supported:
LR (SMF 10km), LRM, SR (MMF), CX1, CX3, CX5
Two Stack
Cables
SDRAM
CPU
Stack PHY
Flash
Serial
Port ASIC Port ASIC Port ASIC
Switch Fabric
Dual Mode PHY
10/100
2X10G or 4X1G 12X1G 12X1G 12X1G 12X1G
StackWise,
StackWise
Plus
24X1G POE 24X1G POE
8 Port
PHY
8 Port
PHY
8 Port
PHY 8 Port
PHY
8 Port
PHY
8 Port
PHY
26
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Ring View of the Switch Fabric
Physically, the ring is a series of switch fabrics strung together by stack cables
The switch fabric performs token generation and ring control
Two Stack
Cables
Stack PHY Switch Fabric
Stack PHY Switch Fabric
SDRAM
CPU
Stack PHY
Flash
Serial
Port ASIC Port ASIC Port ASIC
Switch Fabric
Dual Mode PHY
10/100
2X10G or 4X1G 12X1G 12X1G 12X1G 12X1G
StackWise,
StackWise
Plus
24X1G POE 24X1G POE
8 Port
PHY
8 Port
PHY
8 Port
PHY 8 Port
PHY
8 Port
PHY
8 Port
PHY
27
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Service Module Architectural Overview
CPU
FPGA MACSec Phy SFP+
SFP+
Mem
Mem
To Switch ASIC
3KX-SM-10G : 3750X Service Module
FPGA : Contains logic to implement Netflow engine. Supports 32K flows
Phy : Helps perform switch to switch MACSec in H/W. Also supports tagging
CPU : Quad Core Processor with 600 Mhz Frequency. Runs a Linux based environment over IOS
Upgrades : Separate image that can be downloaded from cisco.com
28
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Catalyst 3750v2 Overview Fast Ethernet Models
• 3750 and 3750-X Main Architectural Differences:
• 3750 Does not have a second tier switch fabric like the 3750-X and can not locally switch without sending packets on the ring
• 3750 has external TCAMs
• All port-ASIC are part of the Stackwise internal ring!
• 3750 only runs in StackWise mode – 32G
2 Stack
Cables
Ports
Port ASIC
TCAM
SRAM
SDRAM
CPU
Stack PHY
Flash
Serial
Port ASIC
TCAM
SRAM
Port ASIC
TCAM
SRAM
POE POE POE
Ports Ports
8 Port
PHY
8 Port
PHY
8 Port
PHY 8 Port
PHY
8 Port
PHY
8 Port
PHY
8 Port
PHY
8 Port
PHY
8 Port
PHY
29
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
2960S Architectural Overview
2960S Key Facts
Single ASIC with capacity of 88Gigs. Most energy efficient design
All Gig downlinks and 2 10-gig Uplinks
FlexStack
TCAM – embedded in ASIC
Single Port ASIC
SDRAM
CPU
Flash
Serial
USB
Serial 8 Port
PHY
8 Port
PHY 8 Port
PHY
8 Port
PHY 8 Port
PHY
8 Port
PHY
X2
X2
X2
X2
48 Port Switch with 2 X 10G uplink
10G 10G
2 Stack
Cables
30
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Compact Switches Architectural Overview
SDRAM
CPU
Flash
Serial
Port ASIC
10/100 8 Port
PHY
PSE
module
8XPOE 1G 1G
GE
PHY
GE
PHY
PoE
System DC/DC
12V
SDRAM
CPU
Flash
Serial
Port ASIC
10/100 8 Port
PHY
PD/PSE
module
8XPOE 1G 1G
GE
PHY
GE
PHY
PoE \ PoE+ \UPoE
PoE
System DC/DC
12V
Aux Power External Power
AC / DC
Compact Switch model Comparison
Power : Models that are PoE/PoE+/UPoE powered and AC Powered
Speeds :10/100 or 10/100/1000.MACSec Phys on the 3K
Capability : 3560c runs IPBase Only. No IPServices
ASICs: Two types of ASICs – Choice depends on speed and capability
TCAM – embedded in ASIC
31
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Agenda
Fixed Switching Portfolio
Software and Licensing
Architecture Overview
Packet Walks
Stacking Switches
QoS
Cisco Smart Operations
Summary
32
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Within the ASIC
MAC Port 1
MAC Port 2
MAC Port 4
MAC Port 3
MAC Port 16
TXT Queues
Forwarding Controller
RCV FIFO
TXT FIFO
RCV Buffer
TXT Buffer
To CPU
From Ring/Fabric
MAC Port 5
TCAM SRAM
To Ring/Fabric
Ingress Path Egress Path
34
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Within the ASIC
MAC Port 1
MAC Port 2
MAC Port 4
MAC Port 3
MAC Port 16
TXT Queues
Forwarding Controller
RCV FIFO
TXT FIFO
RCV Buffer
TXT Buffer
To CPU
From Ring/Fabric
MAC Port 5
SRAM
To Ring/Fabric
L2
L3
QOS ACES
SEC ACES
IPv6
These spaces can
re-allocated using
SDM templates.
35
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Packet Walk - Ingress On the Way In
MAC Port 1
MAC Port 2
MAC Port 4
MAC Port 3
MAC Port 16
TXT Queues
Forwarding Controller
RCV FIFO
TXT FIFO
RCV Buffer
TXT Buffer
To CPU
From Ring/Fabric
MAC Port 5
TCAM SRAM
To Ring/Fabric
1
1 Packets enter the
switch and is
received by the
Receive FIFO
36
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
MAC Port 1
MAC Port 2
MAC Port 4
MAC Port 3
MAC Port 16
TXT Queues
Forwarding Controller
RCV FIFO
TXT FIFO
RCV Buffer
TXT Buffer
To CPU
From Ring/Fabric
MAC Port 5
TCAM SRAM
To Ring/Fabric
2 2 The whole packet
is sent to the
Receive Buffer
Copy of the first
200 bytes is sent
into the
Forwarding
Controller for
processing
(forwarding, ACL,
QOS lookups)
Packet Walk - Ingress On the Way In
37
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
MAC Port 1
MAC Port 2
MAC Port 4
MAC Port 3
MAC Port 16
TXT Queues
Forwarding Controller
RCV FIFO
TXT FIFO
RCV Buffer
TXT Buffer
To CPU
From Ring/Fabric
MAC Port 5
TCAM SRAM
To Ring/Fabric
3
3 Submit packet to
VLAN
decap/parsing/pro
cessing in the
forwarding
controller and the
native frame is
obtained
4
4
Packet Walk - Ingress On the Way In
38
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
MAC Port 1
MAC Port 2
MAC Port 4
MAC Port 3
MAC Port 16
TXT Queues
Forwarding Controller
RCV FIFO
TXT FIFO
RCV Buffer
TXT Buffer
To CPU
From Ring/Fabric
MAC Port 5
TCAM SRAM
To Ring/Fabric
5
5 Search Engine in
the Forwarding
Controller sends
the packet to the
TCAM for L2
lookup and
receives the index
The Forwarding
Controller queries
the SRAM with the
index to get the
desired look up.
6 6
Packet Walk - Ingress On the Way In
39
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
MAC Port 1
MAC Port 2
MAC Port 4
MAC Port 3
MAC Port 16
TXT Queues
Forwarding Controller
RCV FIFO
TXT FIFO
RCV Buffer
TXT Buffer
To CPU
From Ring/Fabric
MAC Port 5
TCAM SRAM
To Ring/Fabric
7
7
Search Engine
Forwarding
Controller sends
QOS and ACL
Look up sent to
the TCAM. Index
returned
Forwarding
Controller queries
the SRAM for the
respective Ingress
ACL and QOS
response
8 8
Packet Walk - Ingress On the Way In
40
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
MAC Port 1
MAC Port 2
MAC Port 4
MAC Port 3
MAC Port 16
TXT Queues
Forwarding Controller
RCV FIFO
TXT FIFO
RCV Buffer
TXT Buffer
To CPU
From Ring/Fabric
MAC Port 5
TCAM SRAM
To Ring/Fabric
9
9 Look up to the
policer. How much
policing to do?
Policing
information
returned
10
10
Packet Walk - Ingress On the Way In
41
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
MAC Port 1
MAC Port 2
MAC Port 4
MAC Port 3
MAC Port 16
TXT Queues
Forwarding Controller
RCV FIFO
TXT FIFO
RCV Buffer
TXT Buffer
To CPU
From Ring/Fabric
MAC Port 5
TCAM SRAM
To Ring/Fabric
11
11 Search Engine in
Forwarding
Controller sends
the L2/L3
Forwarding Look
up to the TCAM.
Index returned
Forwarding
Controller sends
Index to the SRAM
for destination
details.
Destination
information
returned
12 12
Packet Walk - Ingress On the Way In
42
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
MAC Port 1
MAC Port 2
MAC Port 4
MAC Port 3
MAC Port 16
TXT Queues
Forwarding Controller
RCV FIFO
TXT FIFO
RCV Buffer
TXT Buffer
To CPU
From Ring/Fabric
MAC Port 5
TCAM SRAM
To Ring/Fabric
14 24 byte descriptor
sent to the
Receive buffer.
Appended to the
original packet. 14
Native
Packet
Descriptor
Descriptor
Packet Walk - Ingress On the Way In
43
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
MAC Port 1
MAC Port 2
MAC Port 4
MAC Port 3
MAC Port 16
TXT Queues
Forwarding Controller
RCV FIFO
TXT FIFO
RCV Buffer
TXT Buffer
To CPU
From Ring/Fabric
MAC Port 5
TCAM SRAM
To Ring/Fabric
15 Packet with the
extra 24 byte
descriptor is sent
to the Switching
Fabric/Ring
15
Native
Packet
Descriptor
Packet Walk - Ingress On the Way In
44
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Within the ASIC
MAC Port 1
MAC Port 2
MAC Port 4
MAC Port 3
MAC Port 16
TXT Queues
Forwarding Controller
RCV FIFO
TXT FIFO
RCV Buffer
TXT Buffer
To CPU
From Ring/Fabric
MAC Port 5
TCAM SRAM
To Ring/Fabric
Egress Path
45
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
MAC Port 1
MAC Port 2
MAC Port 4
MAC Port 3
MAC Port 16
TXT Queues
Forwarding Controller
RCV FIFO
TXT FIFO
RCV Buffer
TXT Buffer
To CPU
From Ring/Fabric
MAC Port 5
TCAM SRAM
To Ring/Fabric
1 Packet with the
extra 24 byte
descriptor is sent
to the Switching
Fabric/Ring
1 Native
Packet
Descriptor
Packet Walk - Egress On the Way Out
46
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
MAC Port 1
MAC Port 2
MAC Port 4
MAC Port 3
MAC Port 16
TXT Queues
Forwarding Controller
RCV FIFO
TXT FIFO
RCV Buffer
TXT Buffer
To CPU
From Ring/Fabric
MAC Port 5
TCAM SRAM
To Ring/Fabric
2 Packet is stored in
the Transmit
buffer.
Packet location
stored in the TXT
Queue
2
Packet Walk - Egress On the Way Out
47
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
MAC Port 1
MAC Port 2
MAC Port 4
MAC Port 3
MAC Port 16
TXT Queues
Forwarding Controller
RCV FIFO
TXT FIFO
RCV Buffer
TXT Buffer
To CPU
From Ring/Fabric
MAC Port 5
TCAM SRAM
To Ring/Fabric
3 Packets egresses
and is stored in
the Transmit FIFO
for egress
processing 3
Packet Walk - Egress On the Way Out
48
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
MAC Port 1
MAC Port 2
MAC Port 4
MAC Port 3
MAC Port 16
TXT Queues
Forwarding Controller
RCV FIFO
TXT FIFO
RCV Buffer
TXT Buffer
To CPU
From Ring/Fabric
MAC Port 5
TCAM SRAM
To Ring/Fabric
4 First 200 bytes
sent to the
Forwarding
Controller for
egress processing
4
Packet Walk - Egress On the Way Out
49
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
MAC Port 1
MAC Port 2
MAC Port 4
MAC Port 3
MAC Port 16
TXT Queues
Forwarding Controller
RCV FIFO
TXT FIFO
RCV Buffer
TXT Buffer
To CPU
From Ring/Fabric
MAC Port 5
TCAM SRAM
To Ring/Fabric
5 Search Engine in
Forwarding
Controller sends
egress ACL lookup
query to TCAM.
TCAM returns
index
5 6 6
Forwarding
Controller uses
index to get the
ACL info
Packet Walk - Egress On the Way Out
50
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
MAC Port 1
MAC Port 2
MAC Port 4
MAC Port 3
MAC Port 16
TXT Queues
Forwarding Controller
RCV FIFO
TXT FIFO
RCV Buffer
TXT Buffer
To CPU
From Ring/Fabric
MAC Port 5
TCAM SRAM
To Ring/Fabric
5 Search Engine in
Forwarding
Controller sends
Destination
Lookup to TCAM.
Index returned.
5 6 6
Forwarding
Controller uses
index to get the
L2/L3 forwarding
info
Packet Walk - Egress On the Way Out
51
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
MAC Port 1
MAC Port 2
MAC Port 4
MAC Port 3
MAC Port 16
TXT Queues
Forwarding Controller
RCV FIFO
TXT FIFO
RCV Buffer
TXT Buffer
To CPU
From Ring/Fabric
MAC Port 5
TCAM SRAM
To Ring/Fabric
7 Packet Header
prepared in the
Forwarding
Controller 7
8
8
Forwarding
Controller sends
the header info to
the TXT FIFO
where the final
packet is
assembled
Packet Walk - Egress On the Way Out
52
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
MAC Port 1
MAC Port 2
MAC Port 4
MAC Port 3
MAC Port 16
TXT Queues
Forwarding Controller
RCV FIFO
TXT FIFO
RCV Buffer
TXT Buffer
To CPU
From Ring/Fabric
MAC Port 5
TCAM SRAM
To Ring/Fabric
9 Final packet sent
to the egress port.
9
Packet Walk - Egress On the Way Out
53
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
3750v2 Unicast Packet Walk Source Strip
All types of packets are passed all the way around the ring, copied
at the destination(s) and returned to the sender for stripping
All packets are sent to the stack ring, the Port ASICs can not
locally switch traffic
Source
Destination
Source
Destination
Packet
Port ASIC Port ASIC Port ASIC
Port ASIC Port ASIC Port ASIC
Port ASIC Port ASIC Port ASIC
1. Forward To the Stack
2. Copy Packet by Dest. Port-ASIC
3. Pass Packet to Dest. port
4. Original Packet rotates around the
ring
5. Src Removes Packet off the ring
54
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Port ASIC Port ASIC Port ASIC
Switch Fabric
3750X Unicast Packet Walk Locally Switched (Stacked or Standalone Switch)
The packet is sent to the switch Fabric and locally switched to
the destination Port ASIC
Simple switching with, no ACK necessary
Does not disrupt the Stack rings
Source
Destination
Packet
Packet is locally switched. Never get
forwarded to Stackwise rings
55
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Switch Fabric
3750X Unicast Packet Walk Destination Across the Stack – Destination Strip
The Source Port ASIC sends the packet to the Source Switch
Fabric and it is switched to the Destination Switch Fabric
The Destination Switch Fabric removes the packet and sends a
16 bit ACK
The Originating Switch Fabric receives and removes the ACK
Port ASIC Port ASIC Port ASIC
Switch Fabric
Port ASIC Port ASIC Port ASIC
Switch Fabric
Port ASIC Port ASIC Port ASIC
Source
Destination
Packet
ACK
1. Forward To the Stack
ring
2. Copies packet – sends it to port-
ASIC
3. Removes packet off the
stack ring
4. Send 16 bits ACK
5. Remove the ACK
56
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Smart Multicast Packet Walk All Catalyst 3K Models
The Switch Fabrics with multicast ports in that group copy the packet
The originating Switch Fabric removes the packet from the ring
Note: There is only one packet on the ring per multicast flow, replication only
occurs at the local level
Note: if the sender and all of the receivers are on the same switch no packets
are sent to the ring
Source
Destination
Source
Destination
Packet
Port ASIC Port ASIC Port ASIC
Port ASIC Port ASIC Port ASIC
Port ASIC Port ASIC Port ASIC
Switch Fabric
Switch Fabric
Switch Fabric
1. Multicast Packet Must forward to the
stack ring!
2. Copy Multicast Packet: forward to
the stack ring and to local port-ASICs
3. Replicate Packet and forward to the
port-ASICs that have listeners
5. Original Multicast Packet continues on the ring in case there are more listeners in the
stack. 4. Replicate in case of multiple
listeners
6. Remove Packet off the ring. Dest. Strip. – –
57
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Agenda
Fixed Switching Portfolio
Software and Licensing
Architecture Overview
Packet Walks
Stacking Switches
QoS
Cisco Smart Operations
Summary
58
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Agenda
Fixed Switching Portfolio
Software and Licensing
Architecture Overview
Packet Walks
Stacking Switches – StackWise and StackWise Plus
QoS
Cisco Smart Operations
Summary
59
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
What is a Stackable Switch? Allows access to all switches with a single IP address
Provides the means to manage the stack via CLI or MIB
Can connect all switches in a physical ring topology
Traffic flows in either direction of the ring, some Resiliency
Automatic Master selection & backup 1:N
Automatic IOS versioning and Update!
Automatic configuration of new members
Automatic unit replacement (configuration of old switch retained)
Stateful switch over in case of master failures
Ring resiliency similar to FDDI, provides HA and Resiliency
Sub-millisecond Master failover
Smart Multicast
Cross-stack features (Etherchannel and QoS)
60
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Cisco StackWise (Plus)
Logical and physical ring architecture of the Catalyst 3k
Comprises two 16 Gbps counter-rotating rings
‒ Data on both rings when fully connected:
Stackwise - 32 Gbps
Stackwise Plus - 64 Gbps
Internal Connection:
On 3750v2, 3750G : The Stack Ring is the switching
fabric
3750E, 3750X : The Stack Ring only interconnects the
individual Switch Fabrics
StackWise
Rings/Cable
61
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Understanding the Stack Cable
Eight TX/RCV pairs per ring
That is 16 pairs (8 channels per ring)
Each TX/RCV pair has 2 traces that use
differential signaling.
That is 32 traces in total
Each TX/RCV pair runs at 2.5 Gbps
8B/10B encoding is used.
(for every ten bits sent, eight bits are data and two bits are overhead)
Cable
RCV Pair
TX Pair Trace
62
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Stack Cable 1
TXT/RCV Pairs
Trace
Stack Cable 2
16 Gbps 16 Gbps 16 Gbps 16 Gbps
Understanding the Stack Ring Speed
16 Channels x 2.5 Gbps x 8B/10B = 32Gbps
Or bidirectional 16 Gbps per cable = 32Gbps
Or Two Rings running at 16Gpbs each = 32Gbps
63
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Stackwise Vs. Stackwise Plus Spatial Reuse
No Spatial Reuse
(Source Strip)
3750v2 StackWise Only 2 Flows
Access-based tokens
Spatial Reuse
(Destination Strip)
3750-X StackWise Plus Up to N by 2 Simultaneous Flows
Credit-based Tokens
Note: These are packets not tokens. There is only 1 token per ring.
Stackwise
32 Gbps
Stackwise Plus
N by 32 Gpbs
64
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Port ASIC Port ASIC Port ASIC
Port ASIC Port ASIC Port ASIC
Port ASIC Port ASIC Port ASIC
Switch Fabric
Switch Fabric
Switch Fabric
Loops
3750v2 3750-X
Ring Healing
The Switch Fabric or Port ASIC closest to cable detects link down ‒ Criteria is coding violations in a period of time ‒ Loss of at most one packet that was being transmitted when ring broke ‒ Just microseconds for hardware to detect failure
Each switch signals a bad link to stack its partner Both ends of the cable loop back on themselves
Loop
65
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Agenda
Fixed Switching Portfolio
Software and Licensing
Architecture Overview
Packet Walks
Stacking Switches – Cisco StackPower
QoS
Cisco Smart Operations
Summary
67
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
StackPower Overview
Aggregates and shares available input power capacity in a Stack
Flexible arrangement of power supplies in a stack
‒ Up to 8.8Kw in a power stack of 4 switches (ring topology)
‒ Up to 22Kw in a power stack of 9 switches (Star topology using an XPS(eXpandable Power System) 2200)
Stackpower decouples a Power supply from its physical location in a switch/stack!
Provides RPS functionality (Zero-footprint RPS)
Intelligent Load shedding
68
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
StackPower Modes of Operation
Power Share and Redundant Modes StackPower operates in two modes:
Power share
‒ Loose or Strict mode
Redundant
‒ Loose or Strict mode
Up to four switches can be participate in a power stack
More than one power stack within one Data stack (Stackwise Plus)
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Lost PS or
Power source
Shed Load
Dropped PD
Lost PS or
Power source
Lost Shed Load
another PS
Dropped PD
Loose and Strict modes Control the behavior of Load shed
Loose mode allows for a negative power budget
Strict mode sheds load as soon as the power budget goes below the Allocated
power level
BUDGET Available Power Pool
ALLOCATED Committed Power
ACTUAL Drawn Power
BUDGET Available Power Pool
ALLOCATED Committed Power
ACTUAL Drawn Power
Power-sharing Strict mode Power-sharing Loose mode Default
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Best Practice
Balance Power supplies across the stack Total Input Power = 5,400w
Total Output Power = 4,400w
The right half generates only 20A but
consumes 80A
Stackpower rated for ~40A
In failure scenario, Stackpower could be
oversubscribed; console messages will
warn about the condition and Intelligent
load shed will occur.
500w
500w
A B
1,100w
1,100w
A B
1,100w
1,100w
A B
2,000w
A B
2,000w
200w
200w
X
30 A
60 A
30 A
Recommendation:
1. Balance PS across all systems, and
2. insist on filling up PS slot A on every switch in the
stack, before using slot B on any switch!
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Agenda
Fixed Switching Portfolio
Software and Licensing
Architecture Overview
Packet Walks
Stacking Switches – FlexStack
QoS
Cisco Smart Operations
Summary
72
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Stack Bandwidth – 20 Gbps
Up to 4 members in a stack
Not a ring Architecture – Hop by Hop
Local switching support for unicast packets
All members of the stack see the unknown
Unicast, Broadcast, and Multicast packets
Flexstack on the Catalyst 2960-S New Stacking Mechanism
73
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
2960-S FlexStack Ease of Use
3750-X StackWise Plus Ease of Use and High Availability
Device Limit 4 units 9 units
Stack Bandwidth 20G 64G
Architecture HW Drop Table Ring (Destination stripping)
Dynamic Ring Load Balancing No Yes
Stack Convergence 1-2 seconds Few milliseconds
Stack QoS Applied hop by hop Applied on ingress
Management Single IP address, SNMP, SYSLOG Single IP address, SNMP, SYSLOG
Configuration Single config and CLI, auto image and config update Single config and CLI, auto image and config update
Show and Debug Commands Unified Unified
Single Forwarding and Control Plane Synchronize ARP, MAC Address, IGMP, VLAN tables Synchronize ARP, MAC Address, IGMP, VLAN, Routing
tables
Cross-Stack Features Yes Yes
Single Bridge-ID Yes Yes
Preprovison members Yes Yes
Redundancy Stack master 1:N redundancy Stack master 1:N redundancy
Easy member replacement Yes Yes
FlexStack Vs. StackWise Plus
76
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Agenda
Fixed Switching Portfolio
Software and Licensing
Architecture Overview
Packet Walks
Stacking Switches – Stack functions and operations
QoS
Cisco Smart Operations
Summary
77
The Stack Master
78
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Stack Master Election Criteria
1) The stack (or switch) whose master has the
higher user configurable mastership priority 1–15
2) The stack (or switch) whose master is not using
the default configuration
3) The stack (or switch) whose master has the higher software
priority
Cryptographic IP Services
Cryptographic IP Base
Cryptographic LAN Base
4) The stack (or switch) whose master has the longest uptime
5) The switch or stack whose master has the lowest
MAC address 79
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Switch Priority for Master Role Default Is 1, Don‘t Participate Is 0
Switch (config)# switch 3 priority 10
Switch (config)# switch 4 priority 9
Switch (config)# exit
Switch# show switch
Switch# Role Mac Address Priority State
--------------------------------------------------------------
1 Member 000a.fdfd.0100 1 Ready
2 Member 000a.fdab.0100 1 Ready
3 Master 000a.fd22.0100 10 Ready
4 Member 0003.fd63.9c00 9 Ready
Master
Back-up Master
80
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
When Does the Stack Master Change?
A Stack Master Can Change If:
The stack master fails or reboots
The stack master is removed from the switch
stack
The stack master is power cycled or powered off
There is a Stack Merge
‒ Stack merge occurs when a new switch is powered
up before being connected to the stack cables, or
when two cables are disconnected from the stack
81
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Functions of the Stack Master
The Stack Master:
Controls all centralized functions
Builds and propagates the L3 FIB
Manages and Propagates the configuration file to the stack
Controls the console
Controls the CDP neighbor table
Controls the VLAN database
Upgrades the stack
Config FIB IOS
Config
FIB
IOS
Config
FIB
IOS
82
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Centralized and Distributed Functions
Centralized functions Those that are reside on the
master node
Those that are forwarded to the master node
Those that are controlled or synchronized by the master node
Ex: CDP, VLAN Database mgmt,Routing
Distributed functions Those that are performed locally
by each node
These functions are synchronized or updated between the nodes
Ex: MAC address management, STP
Master
Master
83
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Stack Configuration Management
Master:
‒ Copies of the startup and running config files
are kept on all members in the stack
‒ The current running-config is synched from
the master to all members
‒ On a switchover, the new master
re-applies the running-config so
that all switches are in sync
Member:
‒ Keeps a copy of startup and
running config at all times
‒ On boot-up waits for config file
from master and parses it
Config
Config
Config
84
Stack Members – Addition, Removal,
Pre-provisioning
85
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Adding a New Switch Example
The stack has three members - 1, 2, 3
A new switch with #3 is added to the stack
Conflict detected, number changes based
on the rules used for numbering (ID).
It is assigned the #4 and
reloads switch #4
Configuration commands in the config file
which apply to interfaces 4/0/* apply to the
new switch
Switch #2
Switch #3
Master #1
Switch #4
86
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Switch Pre-provisioning Example
1) Pre-provision Switch #4 in advance
Switch(config)#switch 4 provision WS-C3750x-48P
2) Enter the port configuration for Switch #4.
3) Add Switch #4 when required
Master #1
Switch #2
Switch #3
Config Config
Switch #4
87
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Switch Removal
The stack has three members — 1, 2, 3
Member #3 is removed or powered down
‒ Neighbor loss is detected by Switch #1 and Switch #2
‒ Layer 2 and Layer 3 convergence may need
‒ to happen
‒ Now there is a stack of two switches—Switch #1 and Switch #2
‒ Switch#1 is still the master
Master #1 is removed or powered down
‒ Switch #2 takes over as master
‒ Layer 2 and Layer 3 convergence may need to happen
‒ Now there is a stack of one switch—#2 which is the master
Master #2
Master #1
Switch #2
Switch #3
88
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Replacing a Switch
In this case, the failed switch is a Cisco Catalyst WS-C3750X-48TD
If replaced by another Cisco Catalyst WS-C3750X-48TD, the new switch will receive the port-level configuration of the original unit
If replaced by a different switch, the original configuration is lost and the new switch receives all stack global configuration
Config Config
89
Resolving Stack Mismatches
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Types of Stack Mismatch
Homogeneous Stack: 3750 or 3750E/X:
Version Mismatch: level and feature IOS revision set
i.e. LAN Base, IP Base, and IP Services
SDM Mismatch: All members of the stack must run the
same SDM template as the master
Version Mismatch has priority over SDM mismatch
Hardware Mixed Stack: 3750 and 3750E/X:
Same as above
Feature Mismatch
Hardware features (POE, Jumbo frame routing) 3750
3750-X
3750-E
3750-E
3750-X
3750-E
3750-E
91
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Stack IOS Upgrade Process
Automatic Upgrade involves two processes:
Auto-Upgrade and Auto-Advise
The auto-upgrade processes runs first and it consists of:
auto-copy process and auto-extract process
Auto-copy copies a running image of any stack member into a switch if this process fails, then:
Auto-extract searches through all FLASH devices for a TAR file suitable for the switch in VM mode
If auto-extract fails, Auto-Advice provides a recommendation on how to upgrade manually!
Recommend:
Store Universal and Reformation TAR images in the master and a backup master for auto-extract to work
Configure a url for last resort: (point to the image repository)
boot auto-download-sw tftp://10.1.1.15/images/fall06/c3750-universal-tar
‒ Use to upgrade a mixed hardware stack:
‒ archive download-sw /directory tftp://10.1.1.10/ c3750-ipservices-tar.122-35.SE.tar c3750e-universal-tar.122-35.SE2.tar
92
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
LAN Base Stack Exception: No Mixed IOS Feature Set
A form of Feature mismatch in a mixed Hardware stack
No HW Encryption, no Stackpower support
No mixed IOS feature set support for LAN Base
Catalyst 3750X models running LAN Base feature set can only stack
among themselves
Common mistake…Don‘t call TAC..!
‒ Stacking LAN Base models with IP Base / IP Services
93
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Agenda
Fixed Switching Portfolio
Software and Licensing
Architecture Overview
Packet Walks
Stacking Switches – Stack functions and operations
QoS
Cisco Smart Operations
Summary
94
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Cisco Catalyst 3750 Family - QoS Model Applies to Both 3750v2 and 3750X
Classification
• Inspect incoming
packets
•Assign QOS Label to
grouped packet
•Use ACL, or other
configuration to
determine QOS labels
Policing
•Compares incoming
traffic rate w/
configured policer and
determine if packet is
IN or Out of Profile.
•Either aggregate or
individual flow basis
•256 policers/ASIC
Marking
•Act on policer
decision
•Reclass or drop
out-of-profile
Egress Queue/ Schedule
Congestion Control
•Four SRR queues/port shared
or shaped servicing
•One queue is configurable
for strict priority servicing
•WTD for congestion
control (three thresholds
per queue)
•Egress queue shaping
•Egress port rate limiting
Ingress Queue/ Schedule
Congestion Control
•Two queues/port ASIC
shared servicing
•One queue is configurable
for strict priority servicing
•WTD for congestion
control (three thresholds
per queue)
•SRR is performed
Policer
Policer
Policer
Policer
Marker
Marker
Marker
Marker
Classify
Input
Traffic
Queue 1
Queue 2
SRR
StackWise
Queue 1
Queue 2
Queue 3
Queue 4
SRR
95
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Ingress Queuing and Scheduling
Two user-configurable ingress queues/ ASIC
‒Two more queues reserved for the system
‒One queue is an expedite queue – by default maps to voice
traffic
Queues can be shared but not shaped
Shaped Round Robin is used to service these queues
WTD with 3 thresholds is used for congestion avoidance
96
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Egress Queuing, Scheduling & Shaping
Four egress queues per port
SRR used to manage the queues
WTD used for congestion avoidance
Strict Priority
NULL Queue used for rate limiting
Shaped between 10-90%, in increments of 6%
Egress Queues are shaped, but not policed (better)
srr-queue bandwidth shape <queue-1 weight> <queue-2 weight> ….
97
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Buffer Allocation – Egress
Four Egress Queues
‒ Fixed:
Each queue has 1/4 of per port fixed buffers.
‒ Flexible:
Common pool provides extra buffers to all queues.
‒ Buffer re-allocation and common pool usage is
configurable – ‗Queue-set‘
Total 2Mb= 8192 256-byte Buffer units
CPU Pool 140Kb
Common Pool 1Mb
Po
rt 1
Qu
eu
e 1
P
ort
1 Q
ue
ue
2
Po
rt 1
Qu
eu
e 3
P
ort
1 Q
ue
ue
4
Po
rt 2
Qu
eu
e 1
Reserved Pool Min. Guaranteed Can Not be Borrowed nor shared
98
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Cisco Catalyst 3750 Weighted Tail Drop Four Egress Qs Identify 12 Services
WTD is a congestion-avoidance mechanism for managing the queue lengths and providing drop precedence for different traffic classifications
WTD is used at both, the Ingress queues or the Egress queues
User configurable thresholds determine when to drop certain types of packets
As a queue fills up, lower priority packets are dropped first
In this example, when the queue is 60% full, arriving packets marked with CoS 0-5 are dropped
Thresholds can be set with DSCP or COS labels.
Only one Q is Displayed. All 4 Egress or 2 Ingress Queues Can Be Configured Independently
100%
60%
40%
1000
600
400
0
CoS 6-7
CoS 4-5
CoS 0-3
Queue 1
99
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
What is an Egress Queue-set?
4 Egress Queues per port
3 drop thresholds per Queue
Each port has a queue-set defined
Threshold values over 100% dip into
common pool (MAX).
Threshold defines drop precedence for a
class of traffic
Queue-set does not define bandwidth
Switch#show mls qos queue-set 1
Queueset: 1
Queue : 1 2 3 4
----------------------------------------------
buffers : 10 10 26 54
threshold1: 33 33 33 33
threshold2: 66 66 77 50
reserved : 92 92 100 67
maximum : 138 400 400 400
33%
All values in Percentages of 100
Egress port
MAX
T1
Q1 Q2 Q3 Q4
T2
LEVERAGE BOTH THE QUEUE SETS
100
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Mapping Classes to Egress Queues
Using ―maps‖, traffic classes mapped to Queue and threshold
Maps available for DSCP and COS.
64 DSCP values shown.
Each DSCP value maps to an egress Queue, and threshold
Queues range: 1-4, Threshold range:01-03
DSCP:63
Queue 2
Threshold 3
DSCP:0
Queue 4:
Threshold 3
DSCP:46
Queue 1
Threshold 3
Switch#show mls qos maps dscp-output-q
Dscp-outputq-threshold map:
d1 :d2 0 1 2 3 4 5 6 7 8 9
------------------------------------------------------------
0 : 04-03 04-03 04-03 04-03 04-03 04-03 04-03 04-03 04-01 04-02
1 : 04-02 04-02 04-02 04-02 04-02 04-02 03-03 03-03 03-03 03-03
2 : 03-03 03-03 03-03 03-03 02-03 02-03 02-03 02-03 02-03 02-03
3 : 02-03 02-03 03-03 03-03 03-03 03-03 03-03 03-03 03-03 03-03
4 : 01-03 01-03 01-03 01-03 01-03 01-03 01-03 01-03 02-03 02-03
5 : 02-03 02-03 02-03 02-03 02-03 02-03 02-03 02-03 02-03 02-03
6 : 02-03 02-03 02-03 02-03
101
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Troubleshooting QoS Issues
Troubleshooting Steps Commands
Check for Errors/drops Ingress and Egress ports
show mls qos interface <> stats
Check Queue mapping show mls qos maps dscp-output-q
Check Egress Queue details show platform port-asic stats drop <>
Check and tune buffers show mls qos queue-set
Show mls qos maps dscp-output-q
mls qos queue-set output <> threshold
Command Summary
103
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Agenda
Fixed Switching Portfolio
Software and Licensing
Architecture Overview
Packet Walks
Stacking Switches – Stack functions and operations
QoS
Cisco Smart Operations
Summary
104
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Cisco Catalyst Smart Operations Intelligence—Health Assessment, Best Practice
Cost Savings: $15,000 (or 230 Hours) per 100 Switches*
ISR or 3K (“Director”), 4K, 6K Roadmap
Zero Touch Deployments and Maintenance
New Switch is Connected Software image downloaded; Configuration automatically applied
Smart Install
New Device Attached Port Configuration: Applied QoS Policy: Enforced Security Policy: Enforced
Plug and Play for End Devices Auto Smart Ports
Anomaly Detected Proactive diagnostics Alert created in real-time Web-based reports Routed to correct TAC team Remediation initiated
Quickly Identify and Resolve Network Issues
Smart Call Home
105
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Smart Install – The Nuts and Bolts
ISR or 3K (―Director‖)
Access Switches
SCALABLE AND ZERO TOUCH Quickly Identify
and Resolve Network Issues
New switch is connected
Software image is downloaded Configuration automatically applied
Step 1 – ENABLE THE DIRECTOR
Director# configure terminal
vstack director 10.0.0.33
vstack basic
Step 2 – Specify IMAGE & CONFIG using built-in group (uses external TFTP server)
vstack group built-in 2960 24
image tftp://10.0.0.10/c2960-universal-tar.122-52.SE.tar
config tftp://10.0.0.10/2960-24-built-in config.txt
exit
Step 3 – Specify external DHCP server
interface Vlan1
ip address 10.0.0.33
ip helper-address 10.0.0.10 (points to existing external DHCP server)
ip helper-address 10.0.0.11
ALTERNATIVELY … Enable DHCP server on the Director
vstack dhcp-localserver pool1
address-pool 10.0.1.0 255.255.0.0
default-router 10.0.0.33
file-server 10.0.0.33
Exit
ip dhcp remember
end
106
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Before Enabling Auto Smartports When ASP is enabled with default settings?
Enabling ASP by default enables detection for ALL device type
PROBLEM : Disturbs existing switch-to-switch, switch-
router connections
Changes the port configuration MAY affect connectivity
SOLUTION : Disable detection of devices like Switches and
Routers Disable ASP on uplink ports and ports connecting to
routers
Router ISR
SiSiSiSiSiSi
ASP enabled
Native vlan changes to vlan 1 by default causing VLAN mismatch
Ports go down
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
ASP: configuration
1) Stub configuration on all ports – Access vlan 10
2960s(config)#int range GigabitEthernet 1/0/1 – 48
2960s(config-if-range)#switchport access vlan 11
2960s(config-if-range)#switchport mode access
2) In this example, ASP is enabled for only Lightweight Access Points and IP Phones
2960s(config)#macro auto global control device phone lightweight -ap
ASP will not take any action for any other Cisco device if detected
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
configuration Contd..
4) Enable ASP
2960s(config)#macro auto global processing
3) Set vlan parameters for the AP and IP phone
2960s(config)#macro auto device phone ACCESS_VLAN=11 VOICE_VLAN=10
2960s(config)#macro auto device lightweight-ap ACCESS_VLAN=11
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Sample Macro Configuration
110
interface $INTERFACE
macro description $TRIGGER
switchport access vlan $ACCESS_VLAN
switchport mode access
switchport block unicast
if [[ $AUTH_ENABLED -eq NO ]]; then
switchport voice vlan $VOICE_VLAN
fi
switchport port-security maximum 3
switchport port-security maximum 2 vlan access
switchport port-security
switchport port-security aging time 1
switchport port-security violation restrict
switchport port-security aging type inactivity
load-interval 30
auto qos voip cisco-phone
storm-control broadcast level pps 1k
storm-control multicast level pps 2k
storm-control action trap
spanning-tree portfast
spanning-tree bpduguard enable
ip dhcp snooping limit rate 15
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Agenda
Fixed Switching Portfolio
Software and Licensing
Architecture Overview
Packet Walks
Stacking Switches – Stack functions and operations
QoS
Cisco Smart Operations
Summary
111
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Call Out for Other Sessions
112
BRKCRS-3141 Troubleshooting Cisco Catalyst 3750 3560 and 2960 Series Switches Technical Breakout
BRKCRS-4381 Smart Operations - Power Tools for Catalyst switching network operations
Q & A
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Complete Your Online
Session Evaluation Give us your feedback and you
could win fabulous prizes.
Winners announced daily.
Receive 20 Passport points for each
session evaluation you complete.
Complete your session evaluation
online now (open a browser through
our wireless network to access our
portal) or visit one of the Internet
stations throughout the Convention
Center.
Don‘t forget to activate your
Cisco Live Virtual account for access to
all session material, communities, and
on-demand and live activities throughout
the year. Activate your account at the
Cisco booth in the World of Solutions or visit
www.ciscolive.com.
114
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public
Final Thoughts
Get hands-on experience with the Walk-in Labs located in World of
Solutions, booth 1042
Come see demos of many key solutions and products in the main Cisco
booth 2924
Visit www.ciscoLive365.com after the event for updated PDFs, on-
demand session videos, networking, and more!
Follow Cisco Live! using social media:
‒ Facebook: https://www.facebook.com/ciscoliveus
‒ Twitter: https://twitter.com/#!/CiscoLive
‒ LinkedIn Group: http://linkd.in/CiscoLI
115
© 2012 Cisco and/or its affiliates. All rights reserved. BRKCRS-3437 Cisco Public