Router Architecture Slots Install

1© 2004 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID

Cisco’s Integrated Services Routers

Thomas [email protected]

0664-4234611

222© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID

Agenda

• Market Trends and Momentum for Services

• Cisco Integrated Services Routing Architecture

• Cisco’s Integrated Services Routing Portfolio

• Wireless Services on the Cisco 2800 & 3800 Series Integrated Services Routers


MARKET TRENDS AND MOMENTUM FOR SERVICES

333© 2004, Cisco Systems, Inc. All rights reserved.Presentation_ID


Customer Priorities

Q. What functions that SHOULD be router-integrated?

Cisco-Sponsored Yankee Survey: June 03 n=3310 50 100 150 200 250

MulticastingStreaming

QoSCaching

Content FilteringCompressionIP Telephony

Anti-Virus SoftwareIntrusion Detection

VPNFirewall


New Router Portfolio That Extends Integrated Services to Businesses of All Sizes

• FIRST portfolio engineered for secure, wire-speed delivery of concurrent data, voice and video services

• Cisco’s integrated systems approach to embedded services speeds deployment and reduces operating costs and complexity

• Founded on more than 20 years of innovation and leadership—FIRST to embed security and voice services into a single routing system


Cisco’s New Integrated Services RoutersNew Systems Approach For Services

Up to… 5X service density, 7X performance,

4X memory!

Industry-leading network

availability and resilience

Backward compatibility with

existing router modules for solid

investment protection

Integrated Services Routers

Embedded Security tightly integrated with Voice Sustained wire-speed

performance with concurrent services3800 series

2800 series

1800 series


The Value of a Systems ApproachTightly Integrated Services

DMVPN(IPSec, NHRP, OSPF)Enables on-demand

and scalable full VPN mesh and easy to

manage.

V3PN(IPSec, QoS, GRE)

Deliver latency-sensitive data,

voice, video traffic across the VPN

Network Admission Control

(EAP, Radius ACLs)Limits network access

to compliant and trusted endpoints

Toll-Quality Secure Voice

(Voice, QoS, sRTP)Deliver toll quality IP Telephony over an IP

WANVoice Security

Routing Services


3800 Series

2800 Series

1800 Series

FCS Sept 04

FCS Sept 04

FCS Oct 04Highest Density and Performance for Concurrent ServicesEmbedded, Advanced Voice, Video, Data & Security Services

Integrated Security & Data

Scalable from Small Business to Large EnterprisesRight-Sized Router, Right-Sized Requirements

Perf

orm

ance

and

Ser

vice

s D

ensi

ty

Enterprise Branch SMBSM Branch


Investment Protection and Migration Path

Cross compatibility with existing router modulesIncreased default memoryAdditional DRAM, reduced costsNew feature development and additions until IOS 12(5) mainlineNo EOS for at least 18-24 monthsContinued software support for 5 years after last sale

FCS Sept 04FCS Oct 04

Cisco 3800

Series Cisco 2800

Series

Cisco 1800

SeriesCisco 3700

Series Cisco 2600XM Series Cisco

1721

Cisco 1751/1760

FCS Sept 04


CISCO 3845$13000

Cisco’s Integrated Services Routers

CISCO 3825$9500

CISCO 1841$1395

CISCO 2851$6495

CISCO 2811$2495

CISCO 2821$3895

CISCO 2801$1995


Wan Bandwidth

38451 T3/E3

CME:240SRST:720

3825½½ T3/E3CME:168SRST:336

28516 T1/E1CME:96SRST:96

28214 T1/E1CME:48SRST:48

28112 T1/E1CME:36SRST:36

18411 T1/E1

18/28/3800 Concurrent Services at Wire Speed

2801 1 T1/E1CME:24SRST:24

T1/E1/xDSL

Multiple T1/E1/xDSL

T3/E3


HWIC HWIC FEFEHWIC HWIC

NME USBUSB

2811 130-160kpps64F/256D DDR

NMEGEGE HWIC HWIC

HWIC HWIC EVMUSBUSB

2821180-210kpps64F/256D DDR

NME

GEGEHWIC HWICHWIC HWIC EVM USB

USB

2851200-250kpps64F/256D DDR

HWIC VWICFEFE HWIC VWICUSB

280170-100kpps64F/128D DDR

2800/3800 Platform Overview

GEGE

SFPHWIC HWIC HWIC HWIC

NME NMENME NME

USBUSB

3845400-500kpps64F/256D

GEGE

SFPNME HWIC HWICHWIC HWIC

NMEUSBUSB

3825280-350kpps64F/256D

• Complete New Line of Full Service Branch Access Routers• 2-5x Increased routing performance *• 2-10x services performance *• Concurrent Services running at Wire-Rate• Increased Memory• Integrated 10/100/1000 LAN, Security and Voice options• New Modules (GE, Switch, Voice)• New higher speed module technologies• NMEs, HWICs, EVMs• Supports most current 1700/2600 modules


CISCO’S INTEGRATED SERVICES ROUTING ARCHITECTURE



Time-of-day on system power up. Necessary for certificatesN/AReal Time

Clock

Up to 250MbpsUp to 40MbpsProcessor

Module Integration communication (HWIC, NM, AIM, DSPs,etc…)N/ACustom ASIC

256M EDO/48MCurrent

Up to 4X the density NEW

DRAM/Flash

CPU

ASIC

NEW Architecture-Core/Memory

CPU

PCI

DRAMFlash DRAMFlash

RTC


Up to 4 HWICs (800Mbps aggregate)Up to 3 WICs (8Mbps shared)External Device for Inline Power (exception 3700

Up to 4 NMs (400Mbps aggregate)Current

Internal Inline Power (up to 360W)

Up to 4-NME (up to 1.2Gbps aggregate)New

NEW Architecture-WICs/Network Modules

CPU

DRAMFlash WIC

WIC

AIM

PCI

In-line Power

FE

FE

DRAMFlash

NME

HWICHWIC

HWICHWIC

In-line Power

ASICGE

USBUSB

CPU

AIM

AIM

VPN

EVM

DSP

GE

NM

RTC


NEW Architecture-AIMs/USB/LAN Interfaces

CPU

DRAMFlash WIC

WIC

AIM

PCI

In-line Power

FE

FE

DRAMFlash

NME

HWICHWIC

HWICHWIC

In-line Power

ASICGE

USBUSB

CPU

AIM

AIM

VPN

EVM

DSP

GE

NM

1-2 AIMs – Higher speed1-2 AIMsNo USB ports

Single/Dual FECurrent

1-2 USB ports per chassis

Dual FE/GE, Optional GE SFP HWIC NEW

RTC


NEW Architecture-Security

CPU

DRAMFlash WIC

WIC

AIM

PCIFE

FE

DRAMFlash

NME

HWICHWIC

HWICHWIC

In-line Power

ASICGE

USBUSB

CPU

AIM

AIM

VPN

EVM

DSP

GE

NM

DES/3DES/AES128,192,256Requires AIM

CurrentBuilt-in VPN or AIM

NEW

RTC

In-line Power


NEW Architecture-Voice

CPU

DRAMFlash WIC

WIC

AIM

PCIFE

FE

DRAMFlash

NME

HWICHWIC

HWICHWIC

In-line Power

ASICGE

USBUSB

CPU

AIM

AIM

VPN

EVM

DSP

GE

NM

Shared DSP slots on MBDedicated DSPsTDM switching 3700 only

Requires Voice NMCurrent

TDM switching supported in 2800/3800 series

HWICs support VICs and EVM slotNEW

RTC

In-line Power


CISCO’S INTEGRATED SERVICES ROUTING PORTFOLIO



New Cisco 3845 Router

Power + 802.3af

Power + 802.3afVPN AIM AIM

USBUSB

NME XNME X

NME D XDNME D XD

GEGE SFP

HWICHWIC HWIC

HWIC

1-2 (AC, AC+IP, DC), RPS supportInternal Power Supplies2500 (AIM), or 700 (VPN on-board)VPN Tunnels

4Onboard DSP Slots

4 single-wides /4 single-widesCan accommodate up to 2 EVMs in any NME slotNME/HWIC Slots


New Network Module and WIC Slot Types

NME

NME-X

NMD

NME-XD

i.e EVM-HD-xxx

Future Use

i.e. 36ESW

Future Use

removable slot dividers

HWIC HWIC-D

NM i.e16ESW



Power + 802.3afVPN AIM AIM

NME X

NME X D XD

1 (AC, AC+IP, DC), RPS supportInternal Power Supplies2000 (AIM), or 500 (VPN on-board)VPN Tunnels

4Onboard DSP Slots

2 single-wides /4 single-wides Can accommodate up to 1 EVM in any NME slotNME/HWIC Slots

HWIC HWIC

HWIC HWIC GEGE

USBUSBSFP


New Cisco 2851/2821 Router

AIMAIM AIMAIMVPNPower + 802.3af

USBUSB

EVMHWICHWIC

HWICHWICGE GE

HWICHWIC

HWICHWICGE GE EVM USB

USB

NME X D XD

NME X


New Cisco 2811/2801 Router

HWICHWIC

HWICHWIC USB

USBNME FE

FE

Power + 802.3afVPN AIMAIM AIMAIM

USB FE FE HWIC VWIC HWIC VWIC


2800 Comparison

2 GE2 GE2 FE2 FEOnboard LAN

300/1800250/1800150/1800100/800VPN Tunnels (VPN on-board/AIM)

332 2 Onboard DSP Slots

1/Yes1/Yes1/Yes1/NoInternal Power Supply/RPS support

4442HWIC1/11/11/00/0NME / Dedicated EVM Slot

2851282128112801



AIMVPNPower

USB FE FE HWIC HWIC

1 (AC only), no RPS supportInternal Power Supply800 (AIM), or 100 (VPN on-board)VPN Tunnels

None, Data OnlyOnboard DSP Slots2 single-widesHWIC Slots

The only Desktop form factor model


Cisco Access Router Interface Cards and Modules

• Supports 90+ existing NM, WIC/VIC/VWIC, AIM

• Flexible expansion (HWIC NME, EVM), additional concurrent services

• Updated Cisco Access Router Quick Reference Guide


High-Speed WAN Interfaces

9 & 4 port Etherswitch HWICsNewNew

• Support in 1800/2800/3800• Low density L2 switching• Supports standards based POE (802.3af)

with optional inline power supply


High-Speed WAN Interfaces

• Offers Optical and Copper connectivity without NM occupancy

• Support in 2811, 2821, 2851 & 3800 only

Gigabit Ethernet HWICNewNew


RJ21 Connector

Extended Voice Module (EVM-HD)

• EVM (voice/fax expansion modules) supports high-density FXS, FXO, Analog-DID and BRI ports

• Baseboard: EVM-HD-8FXS/DID• Expansion Modules:

EM-HDA-8FXS EM-HDA-3FXS/4FXOEM-4BRI-NT/TE EM-HDA-6FXO

EM 0 EM 1 NewNew


Removing Compact Flash (CF)

• Storage of IOS image, SDM, CME files, VLAN, etc…• Do not remove CP from operating router

Removing CF1. Press ejector button and

arm extends2. Push ejector arm in and

CF comes out

Installing CF6. Ejector arm pushed in7. Insert CF into slot and

push in

1

2


Integrated Power Supply

Field Replaceable AC/DC and AC+POE


PVDM2 Installation

1. Angle PVDM into slot to seat


PVDM2 Installation

Installation order:Installation order: PVDM0PVDM0 PVDM1PVDM1 PVDM2PVDM2

2. Push up and snap into place

Removal order:Removal order:PVDM2PVDM2PVDM1PVDM1PVDM0PVDM0

To removeTo removePrey open tabs Prey open tabs on both sideson both sides


NME Slot

Align NME with groovesRemovable slot dividers


Wireless Services on the Cisco 2800 & 3800 Series Integrated Services Routers



Outline

• Wireless Services on RoutersCisco Integrated Services RoutersWireless Services for Branch OfficesFast, Secure MobilitySurvivable Local AuthenticationScalabilityFeature Sets

• Future Services – SWAN supportRogue DetectionAssisted Site Surveys


Wireless Services Integrated With Wired Infrastructure

LAN with site-widewireless VLANs

LAN access layer

Guest EmployeePhone

LAN access layer withper-switch wireless VLANs

WideArea

Network(Intranet)

LAN core & WAN

W

W

W

W

HQ / CAMPUS BRANCH 1

BRANCH 2

Catalyst 6500Series WLSM

Catalyst 6500Series WLSM

Cisco 3800 &2800 Routers

393939© 2004 Cisco Systems, Inc. All rights reserved.Presentation_IDLayer 2

Wireless Services –Fast Secure Mobility for Voice, Video, VPN


LAN access layer

WLSEACS


WideArea

Network(Intranet)

LAN core & WAN

W

W

W

W

Layer 3

Layer 3

Fast securemobility (aslittle as 50ms)maintainslatency-sensitiveconnections


Wireless Services –Fast Secure Mobility for Voice, Video, VPN

• Fast secure mobility enables wireless clients to maintain voice, video, VPN connections when moving between access points

• Mobility time is reduced from ~500ms to as low as 50ms through WDS-based authentication for the handoff

No need to go back to the ACS server across the WAN for authentication again (note that the initial authentication still requires access to the ACS server)

• Supported with:Cisco Aironet Access Points, andCisco Aironet or Cisco Compatible client devices that support the Cisco Centralized Key Management protocol and Cisco LEAP


Wireless Services –Survivable Local Authentication


LAN access layer

WLSEACS

Guest EmployeePhone


WideArea

Network(Intranet)

LAN core & WAN

W

W

W

W

ACSFailure

SurvivableLocalAuthentication



WANFailure

BackupSwitch &WLSM


Wireless Services –Survivable Local Authentication

• The wireless LAN can survive a variety of failures:WAN Link Failures – through dial backup & local authenticationACS Server Failures – through local authentication

• During a loss of connectivity to the ACS server:Clients already connected to the network maintain their WLAN accessNew clients trying to authenticate to the network are authenticated by the local authentication server

• Supported with:Cisco Aironet Access Points, andCisco Aironet or Cisco Compatible client devices that support the Cisco Centralized Key Management protocol and Cisco LEAP


Wireless Services –Scalable for Branch Offices of All Sizes

505Cisco 2600XM

50050Cisco 3825Cisco 3745

FutureCisco 2801

10

2025

100 APs

Access Points

Supported

200Cisco 2851

100Cisco 2821Cisco 2811Cisco 2691

250Cisco 3725

1000 clientsCisco 3845

Local Authentication

Client Database


Wireless Services –Feature Sets Supported

IOS Advanced IP Services feature set (K9)

IOS Advanced Enterprise Services feature set (K9)

WirelessServices

IOS Enterprise Services feature set (K9)

IOS SP Services feature set (K9)

IOS Advanced Security feature set (K9)

IOS 12.3(11)T or later

Note – The above feature sets include the wireless services – no additional feature License is required.


Outline

• Wireless Services on RoutersCisco Integrated Services RoutersWireless Services for Branch OfficesFast, Secure MobilitySurvivable Local AuthenticationScalabilityFeature Sets

• Future Services – SWAN supportRogue DetectionAssisted Site Surveys


Wireless Services –RM Aggregation for Rogue Detection


LAN access layer

WLSEACS

Guest EmployeePhone


WideArea

Network(Intranet)

LAN core & WAN

W

W

W

Rogue AccessPoint

RM RM

RM

RM

Rogue AP

RM Aggregation

W


1. CiscoWorks WLSE instructs APs to measure and report the Radio Frequency (RF) environment and pushes optimal RF configurations to APs2. CiscoWorks WLSE uses measurements from a client as it walks the perimeter of the coverage area to further fine-tune RF coverage

CiscoWorks WLSE controls the process

Wireless Services –Radio Management Aggregation for Site Surveys

WLSE

W


Wireless Services –Roadmap

AP-IOSFluorine

AP-IOS 12.3(11)JA

AP1100, AP1200 compatible

Access point support (minimum release)

Rogue Detection, Site Survey,

SWAN

High Availability

Security,Fast Mobility

Benefit

Spring’05 12.3(6th)T, WLSE 3.0

RM aggregationWLSE support

IEEE 802.1X (backup) local authentication for LEAP clients

WDS with fast, secure layer 2 roaming

Future Releases

Router-IOS 12.3(11)T


New IOS Software Architecture in 12.3IOS Software Architecture in 12.3Simplified Image SelectionSimplified Image Selection

• Simplifies options (from 44 to 8)• “Advanced Security” replaces:

IP/FW/IDS IP FWIP Plus IPSec IP/FW/IDS/IPSec

• Security featuresNetwork Admission ControlIOS FirewallIntrusion PreventionDMVPN, AESSSH and SNMPV3 (DES)

• As you step up, all features below are inherited

• www.cisco.com/go/fnIP Base

IP Voice

Advanced Security

Advanced IP Services

Enterprise Base

Enterprise Services

SP Services

Advanced Enterprise Services

NAC

NAC

NACSSH

SSH

SSH SSH

SSH

SSH


Cisco 1800/2800/3800 Release Plan

• 3800, 2800, 1800 Platforms Announcement:External Announcement – Sept 14, 2004

• For 1800/2800 Platforms:T train release – 12.3(8)T Target CCO date 9/13/2004Target Orderability date – 9/16/2004Target FCS date - End of Sept 2004

• For 3800 Platforms:T train release - 12.3(11)TTarget CCO date – Oct 2004Target FCS Oct 2004


Q and A


Router Architecture Slots Install

Documents

Transcript of Router Architecture Slots Install