Cisco Catalyst 6500/6800 Instant Access Fundamentals

Cisco Catalyst 6500/6800 Instant Access Fundamentals Vivek Baveja Technical Marketing Engineer August 28, 2013

Catalyst Instant Access Abstract Abstract Cisco Catalyst Instant Access brings fabric extension technology (similar to Data Center FEX) with operational simplicity to the Campus Catalyst Ethernet switching line tailor made to needs of campus/enterprise network deployments. It creates a single network touch point and single configuration across distribution and access layer switches, ultimately driving simplified operations, distribution layer (Catalyst 6500/6800) features at access layer, consistent CLI and lower total cost of ownership (TCO). This session will focus on Instant Access (IA) overview and value proposition, components, features, scale, packet walks, configuration and CLI look and feel, and Instant Access provisioning details. 2

Session Objectives At the end of this session participants should understand: Solution Overview, Value proposition, Components of Instant Access solution Internal Architecture of the solution including packet walks. Features and Functionality. Configuration, CLI Look and feel and how to provision Instant Access Solution. 3

Presentation Legend Reference Material Standalone Multilayer Switch Virtual Switching System Layer 2 Link Layer 3 Link Fabric Link Catalyst Instant Access 4

Catalyst Instant Access Fundamentals Agenda Solution Overview Architectural Details Features Recommended Topologies Configurations and Provisioning Key Takeaways 5

Cisco Catalyst Instant Access Standalone VSS Instant Access LACP or PAGP LACP or PAGP VSL LACP or PAGP VSL SDP SRP SCP Access Switch Access Switch Access Switch Access Switch Benefits of Instant Access mplifies Operations via ngle Point of Management, Configuration, Troubleshooting across Distribution & Access Block Catalyst 6500 features at Access Instant Access Client Instant Access Client Consistent Features and Agile Infrastructure across Access layer 6

Traditional L2 or L3 Campus Core 94 Total Devices for Image and Configuration Management 168 Access Trunks/Port-Channels 4032 User Ports Considerations: STP Loop Prevention FHRP Tuning CAM/ARP Tuning PIM Tuning/DR priority Routing Protocol Tuning Building 1 Building 2 Building 3 Building 4 94 Separate Configurations of SNMP, NTP, TACACS, Banner, vty, VLAN DB, Mgmt IP/GW, Hostname 7

Traditional L2 or L3 Campus with Stacking Core 34 Total Devices for Image and Configuration Management 48 Access Trunks/Port-Channels 4032 User Ports Considerations: STP Loop Prevention FHRP Tuning CAM/ARP Tuning PIM Tuning/DR priority Routing Protocol Tuning Building 1 Building 2 Building 3 Building 4 34 Separate Configurations of SNMP, NTP, TACACS, Banner, vty, VLAN DB, Mgmt IP/GW, Hostname 9

VSS Campus with Stacking VSS Core 29 Total Devices for Image and Configuration Management 48 Access Trunks/Port-Channels 4032 User Ports Considerations: STP Loop Prevention FHRP Tuning CAM/ARP Tuning PIM Tuning/DR priority Routing Protocol Tuning Building 1 Building 2 Building 3 Building 4 29 Separate Configurations of SNMP, NTP, TACACS, Banner, vty, VLAN DB, Mgmt IP/GW, Hostname 10

Catalyst Instant Access Instant Access Core 5 Total Devices for Image and Configuration Management Automated Trunk Configuration 4032 User Ports Considerations: STP Loop Prevention FHRP Tuning CAM/ARP Tuning PIM Tuning/DR priority Routing Protocol Tuning Building 1 Building 2 Building 3 Building 4 5 Separate Configurations of SNMP, NTP, TACACS, Banner, vty, VLAN DB, Mgmt IP/GW, Hostname 11

Catalyst Instant Access Instant Access Core NO Trunks to Configure from Access to Distribution NO Routing Protocols or Spanning-Tree configuration between Access and Distribution NO Configuration or Image Management at Access Building 1 Building 2 Building 3 Building 4 5 Total Devices for Image and Configuration Management Automated Trunk Configuration 4032 User Ports Considerations: STP Loop Prevention FHRP Tuning CAM/ARP Tuning PIM Tuning/DR priority Routing Protocol Tuning 5 Separate Configurations of SNMP, NTP, TACACS, Banner, vty, VLAN DB, Mgmt IP/GW, Hostname 12

Catalyst Instant Access Operational mplicity REDUCED TCO ISE Cisco Prime Managed Devices = 20+ Managed Devices = 1 Benefits ngle Point Of Management, Configuration and Troubleshooting Consistent Features at Access 1000 Port Campus Distribution POD Highly Fault Tolerance with Quad- Sup-VSS SSO Agile Infrastructure to add new features uniformly across Access Layer A ngle Image to deploy and manage across Distribution POD 14

Distributed Wired Centralized Wired Unified Access Architecture Unified Access One Cisco Prime Management Infrastructure Cisco ISE One Policy Centralized Wireless Distributed Wired and Wireless VSS VSS MA MA MA Traditional Campus Instant Access Campus One Network Wired & Wireless Converged Access

Catalyst Instant Access Solution Overview Key Takeaways ngle Point of Management for Distribution Block, One point of Management for 23 Switches (1008 Ports-Phase1) No Configuration at Access Layer No Image Management at Access Layer No STP and Routing Protocols between Access and Distribution Consistent Features at Access with single Image across Traditional Architecture, Converged Access and Instant Access co-exist 16

Catalyst Instant Access Fundamentals Agenda Solution Overview Architecture Components Control Plane Data Plane Features Recommended Topologies Configurations and Provisioning Key Takeaways 17

Cisco Catalyst Instant Access Components X6904-16x10G Virtual Switching System (VSS) X6904-16x10G Supervisor 2T Supervisor 2T IA Parent FEX-Fabric IA Client 18

Cisco Catalyst Instant Access Components X6904-16x10G Catalyst 6500E Catalyst 6807-XL Virtual Switching System (VSS) X6904-16x10G Supervisor 2T Catalyst 6880-X Supervisor 2T IA Parent FEX-Fabric IA Client 19

Catalyst Instant Access Components ngle Switch VSS Mode ngle Cat6500 Switch configured in VSS Mode switch virtual domain 100 switch mode virtual ngle Switch in VSS Mode as IA Parent Cat6500-VSS#show switch virtual slot-map Virtual Slot to Remote Switch/Physical Slot Mapping Table: Virtual Remote Physical Module Slot No Switch No Slot No Uptime ---------+-----------+----------+---------- 17 1 1 3w3d 18 1 2 3w3d 58 117 1 04:19:22 20

Cisco Catalyst Instant Access Parent Catalyst 6500 Supervisor 2T The Supervisor 2T (hardware & software features) is designed to Scale and Perform in the Core & Distribution Layers 256K - 1M FIB Entries Up to 16K Bridge Domains Up to 128K Logical Interfaces Up to 16K VRF instances Up to 128K IPv4/v6 Multicast routes Native VPLS in Hardware 512K - 1M Flexible Netflow Entries (FnF) SGT & SGACL for Cisco Trustsec (CTS) L2+L3+L4 ACL Support Improved CoPP in Hardware Per-protocol (LIF) Interface Statistics and more 21

WS-X6904-40G/10G/1G 16 ports SFP+ 10GE (with FourX) Supports integrated DFC4 / DFC4XL Supports VNTAG on all ports Support VSL on all ports Port 5,6, 7,8 Port 13,14, 15,16 CVR-4SFP10G FourX Port 9,10, 11,12 Port 17,18, 19,20 16 x 10G SFP+ adapter (FourX) SFP+ SR, LR, LRM and ER Optics 24

Catalyst Instant Access Client: 6848ia Two options: 48 Ports GigE PoE+, 48 Ports GigE 2 x 10G uplink SFP+ Ports Stackable up to 3 clients at FCS 80Gbps Bidirectional Stack Bandwidth ngle Fixed Power Supply and Fixed Fans Operates in Client Mode ONLY Full PoE (15W) across 48 ports Full PoE+ (30W) across 24 ports Includes Stack Module, no licensing required 26

Catalyst Instant Access Components Summary X6904-16x10G Virtual Switching System (VSS) X6904-16x10G Supervisor 2T Supervisor 2T IA Parent FEX-Fabric IA Client 27

Catalyst Instant Access Fundamentals Agenda Solution Overview Architecture Components Control Plane Data Plane Features Recommended Topologies Configurations and Provisioning Key Takeaways

Catalyst Instant Access Control Plane Behind the Scene 1. 1 Switch Discovery Protocol (SDP) Fabric Link Discovery switchport mode Fex-fabric Switch Discovery Fex associate <Fex-ID> EtherChannel Link Aggregation 2. 2 Switch Registration Protocol (SRP) Exchange Compatibility information IA Client Registration IA Client image management IA Client OIR Stack Member Identification & mgmt 3. 3 Switch Configuration Protocol Configuration Status Statistics 4 4. Inter Card Communication (ICC) for Syslog, QoS, Remote login. 3 Configuration Interface Stats 4 Remote Login Syslog QoS No User Configuration All Magically Happens in background Instantly Instant Access Parent 1 1 2 Client ID Image Check VIF ID 29

Catalyst Instant Access Fundamentals Agenda Solution Overview Architecture Components Control Plane Data Plane Features Recommended Topologies Configurations and Provisioning Key Takeaways

Catalyst Instant Access Data Plane Components Instant Access Parent IA Control Plane IA Client VIF association VNTAG Assignment IA Data Plane MAC Learning and Switching L2 & L3 Features Instant Access Parent IA Client Switch VNTAG Encapsulation QoS 32

VNTAG 802.1Qbh Unicast D=1 Unicast to FEX Host Port Multicast P=1 Pointer to Multicast Table on FEX Client DA[6] SA[6] VNTAG[6] 802.1Q[4] Frame Payload. CRC[4] VNTAG ETHER TYPE (0X8926) D[1] P[1] DVIF [12] L[1] R[1] R[1] R[1] SVIF[12] Destination VIF Source VIF Destination bit Pointer bit (multicast) Loopback bit Reserved 33

Catalyst Instant Access Local Processing of Remote Ports, How? Ingress Mapping TAG IA Client Interface IA Parent VIF 1 IF 1 VIF 2 IF 2 (VIF 1 ) (VIF 2 ) Automatically assigned One VIF to each host port One VIF to each Etherchannel One VIF to FEX CPU for Control Channel IA Parent VIF = 0 Multicast/Broadcast: Pointer to Replication Table in IA Client F101 Switch-3 IF 1 IF 2 Host-1 Host-2 IA Client Hosts TAG: Virtual NIC Tag VIF Virtual Interface 34

Catalyst Instant Access Packet Walk (IA Client Host Port to IA Parent) MAC + Payload IA Parent VNTAG SVIF = VIF 1 DVIF = 0 MAC + Payload VNTAG SVIF = VIF 1 DVIF = 0 MAC + Payload IF 1 (VIF 1 ) F101 Switch-3 IA Client Host-1 MAC + Payload VNTAG: Virtual NIC Tag VIF Virtual Interface 35

Catalyst Instant Access Packet Walk (IA Parent to IA Client Host Port) MAC + Payload VNTAG SVIF = 0, DVIF = VIF 1 IA Parent MAC + Payload VNTAG SVIF = 0, DVIF = VIF 1 MAC + Payload F101 Switch-3 IA Client IF 1 (VIF 1 ) MAC + Payload Host-1 VNTAG: Virtual NIC Tag VIF Virtual Interface 36

Catalyst Instant Access Packet Walk (Host 1 to Host 2) SA=MAC1, DA=MAC2+ Payload SA=MAC1, DA=MAC2+ Payload VNTAG SVIF = VIF 1 DVIF = 0 VNTAG SVIF = 0, DVIF = VIF 2 SA=MAC1, DA=MAC2+ Payload SA=MAC1, DA=MAC2+ Payload VNTAG SVIF = VIF 1 DVIF = 0 SA=MAC1, DA=MAC2+ Payload IF 1 (VIF 1 ) F101 Switch-3 IF 2 (VIF 2 ) VNTAG SVIF = 0, DVIF = VIF 2 SA=MAC1, DA=MAC2+ Payload SA=MAC1, DA=MAC2+ Payload Host-1 MAC1 Host-2 MAC2 SA=MAC1, DA=MAC2+ Payload VNTAG: Cisco Virtual Public NIC Tag 37

Catalyst Instant Access Packet Walk - Multicast / Broadcast 192.168.1.100, 224.0.255.1 Incoming Interface: FortyGig 5/1 RPF Neighbor 210.20.37.33 Outgoing interface list: Gigabitethernet 101/1/0/1, Forward/Dense, 0:57:31/0:02:52 Gigabitethernet 101/1/0/2, Forward/Dense, 0:56:55/0:01:28 MAC + Payload VNTAG, P=1 SVIF =0, DVIF = Group VIF MAC + Payload F101 Switch-3 IF 1 IF 2 (VIF 1 ) (VIF 2 ) IA Parent Group VIF Outgoing Interface IA Client IF1, IF2 MAC + Payload Host-1 Host-2 MAC + Payload Hosts VNTAG: Virtual NIC Tag VIF Virtual Interface 38

Catalyst Instant Access Architecture Key Takeaways Components Cat6500E & Cat6800 Series Supervisor 2T VSS WS-X6904-40G/10G/1G Catalyst Instant Access Client 6848ia Automatic Discovery (SDP), Registration (SRP) and Configuration (SCP) of IA Client VNTag encapsulation of packets on Fabric links between IA Parent and IA Client Local Multicast/Broadcast replication at IA Client 41

Catalyst Instant Access Fundamentals Agenda Solution Overview Architecture Features mplicity of Provisioning & Image Management mplification of Configuration QoS Capabilities High Availability Recommended Topologies Configurations and Provisioning Key Takeaways 42

Catalyst Instant Access mplicity of Provisioning Automatic-Provisioning on Connection A Client gets automatically discovered and provisioned using IA Control Protocol when connected. Automatic Discovery and Stack Member by Parent via Stack Master F 110 F 111 Pre-Provisioning Provision IA Client and interface Configurations before even physically connecting the IA Client mod provision create fex 111 type C6800IA-48FPD mod provision create fex 111 module 2 type C6800IA-TD 43

New Deployment of Instant Access mplicity of Image Management Across Distribution Block One IOS Image across Distribution / Access Block Cat6500 Image and Cat6800ia Image Bundled together as one Image. IA Client image is like a Line card image on Cat6k. Automatic Image Management at Access. Enhanced Fast Software Upgrade(eFSU) supported for Instant Access Rolling Upgrade for each FEX-ID Just Like a Line Card, The Cat6848ia image is managed by VSS System 44

New Deployment of Instant Access Automatic Image Provisioning IA Client Image bundled w/ Cat6k. (like a Line card image) VSS Cat6500-VSS#dir microcode: Directory of microcode:/ 0 dr-- <no size> <no date> 1 -r-- 19887634 <no date> C2LC 2 -r-- 21010982 <no date> C4LC 3 -r-- 16985926 <no date> TRIFECTA 4 -r-- 15144962 <no date> FEX_C2K 5 -r-- 333584 <no date> LCP_LX10100 6 -r-- 303510 <no date> LCP_LX1000 IF { IA Parent Image version IA Client image version } THEN {Client Upgrade to New Image by IA Parent automatically} Stacking: Stack Master ensures all stack members have correct images efsu Rolling Upgrades: Ability to upgrade IA Clients after ISSU Run Version on Standby slot issu runversion [fex[range] <num all >] 45

Catalyst Instant Access Fundamentals Agenda Solution Overview Architecture Features mplicity of Provisioning & Image Management mplification of Configuration QoS Capabilities High Availability Recommended Topologies Configurations and Provisioning Key Takeaways

Configuration mplicity Interface Numbering & ngle point of management L2, Trunk Port Fex Fabric interface gig 115/1/0/1 interface gig 115/1/0/2... interface gig 115/1/0/48! interface gig 116/1/0/1 interface gig 116/1/0/48... interface gig 116/2/0/1... interface gig 116/3/0/48 F 115 F 116 interface gig 0/1 interface gig 0/2... interface gig 0/48 interface gig 0/1 interface gig 0/2... interface gig 0/48 47

Catalyst Instant Access Features Cat6500 Features at Access Summary Category Switching Layer-2 IPv6 Instant Access POE, POE+, MEC, FlexStack Etherchannel, PAgP, LLDP, STP, GRE Tunneling, MPLS, MPLS-VPN IPv6 First Hop Security, Multicast Routing, QoS, Stateless Auto Config, Layer-3 PBR, EVN, VRF-Lite, PIM SM, WCCPv2, Inter VLAN Routing, ECMP, L3 Routing protocols Security QoS Medianet 802.1x Guest VLAN, ACL, SXP, SGT, SGACL, IP Source Guard, DHCP Snooping, VACL, RACL, PACL, FnF Policing, Marking, Rate Limiting, SRR Mediatrace, Perf-Monitoring 48

VLAN 10 Configuration mplicity L2 Across Distribution- Configuration VLAN 110 Configuration done once at Distribution only, No Configuration at Access Layer Hostname B2F2S2 Vlan 10 Hostname B2F2S2 Vlan 110 Vlan 20 Hostname B2F2S2 Vlan 1021 Vlan 120 Vlan 30 Hostname B2F2S2 Desc Mgmt Vlan 1021 Vlan 130 Vlan 40 Ip address Desc Mgmt Vlan 1021 Vlan 140 192.168.41.101! Ip address 192.168.41.102 Desc Mgmt Vlan 1021 interface! Ip address 192.168.41.103 Desc Mgmt Port-channel5 switchport interface trunk Port-channel5! Ip address 192.168.41.104 allowed vlan 10,110 switchport switchport mode trunk trunk allowed interface vlan Port-channel5! 20,120 Interface switchport range TenGigabitEthernet1/2/5-6 mode trunk switchport trunk interface allowed Port-channel5 vlan 30,130 channel-group Interface 4 range mode on TenGigabitEthernet1/2/5-6 switchport mode switchport trunk trunk allowed vlan 40-140 channel-group 4 mode Interface on range switchport TenGigabitEthernet1/2/5-6 mode trunk channel-group Interface 4 mode on range TenGigabitEthernet1/2/5-6 channel-group 4 mode on VLAN 20 VLAN 120 VLAN 30 L2 Trunk VLAN 130 VLAN 40 VLAN 140 F 116 VLAN 10 VLAN 110 VLAN 30 VLAN 130 F 115 VLAN 10 VLAN 110 VLAN 20 VLAN 120 Vlan 10 Vlan 40 Vlan 110 Vlan 140 VLAN 120 Vlan 20 1021 Desc Mgmt VLAN 140 Ip address 192.168.41.110! Interface Port-channel4 Fex associate 104 Switchport mode fex-fabric interface Port-channel Fabric 9 links Fex associate 109 Switchport mode fex-fabric! Interface range Gig 116/1/0/1-24, F 114115/1/0/1-24 Switchport F mode 113 access Span-tree port fast Swichport VLAN 30 access VLAN vlan 10 VLAN 40 VLAN 140 130 VLAN VLAN 40 Interface gig 1/1> Interface gig 1/3> Interface gig 1/4> Interface gig 1/5> Switchport mode Switchport access mode access Switchport mode access Switchport mode access Switchport access Switchport vlan 10 access vlan 20 Switchport access vlan30 Switchport access vlan40 Span-tree portfast Span-tree portfast Span-tree portfast Span-tree portfast Interface gig 1/2> Interface gig 1/2> Interface gig 1/2> Interface gig 1/2> Switchport mode Switchport access mode access Switchport mode access Switchport mode access Switchport access Switchport vlan 110 access vlan 120 Switchport access vlan Switchport 130 access vlan 140 Span-tree portfast Span-tree portfast Span-tree portfast Span-tree portfast 50

Configuration mplicity Flexibility of L2 Across Distribution IA Clients at Access with L2 Broadcast domain across Distribution VLAN 10 VLAN 110 VLAN 20 VLAN 120 VLAN 200 VLAN 30 VLAN 130 VLAN 40 VLAN 140 VLAN 10 VLAN 30 VLAN 110 VLAN 110 Fabric links Fabric links F 116 F 115 F 113 F 114 F 116 F 115 F 113 F 114 VLAN 10 VLAN 110 VLAN 20 VLAN 120 VLAN 30 VLAN 130 VLAN 40 VLAN 140 VLAN 10 VLAN 30 VLAN 110 VLAN 110 VLAN 200 51

Catalyst Instant Access Fundamentals Agenda Solution Overview Architecture Features mplicity of Provisioning & Image Management mplification of Configuration QoS Capabilities High Availability Recommended Topologies Configurations and Provisioning Key Takeaways

IA Client Fabric Link Subscription Ratios VSS Pair at Distribution IA Client Non Stacked VSS VSS Pair at Distribution IA Client Stacked VSS F101 F102 F103 Stack of 3 F101 F102 F103 48 IA Client Host Ports Two 10G Fex-Fabric links (MEC) to VSS Pair 2.4 : 1 Subscription Ratio 144 IA Client Host Ports Two 10G Fabric link (MEC) to VSS Pair 7.2: 1 Subscription Ratio Recommended Design 53

IA Client Fabric Link Subscription Ratios IA Parent nge Switch VSS Mode IA Client Non Stacked IA Parent ngle Switch VSS Mode IA Client Stacked F101 F102 F103 3 member F101 F102 F103 stack 48 IA Host Ports One 10G Fabric Link 4.8 : 1 Subscription Ratio 144 IA Host Ports One 10G Fabric link 14.4 : 1 Subscription Ratio Not Recommended Design Reduced Redundancy and Lower Bandwidth with ngle Uplinks 54

Catalyst Instant Access QoS IA Client Fabric Link IA Parent Trust DSCP/COS 4 Queues on Host Ports downstream 4 Queues on Fabric Upstream DSCP/COS Queue Map Classification Marking/Remarking Policing Aggregate Microflow 8 Queues Downlink Shaping & Queuing on Fabric Link not supported 56

Catalyst Instant Access QoS Ingress IA Client Host Port Over Fabric Link. IA Client Fabric Link IA Parent Data Data BPDU COS 5 COS 3 IA Control Traffic Queues (1P3Q3T) Priority (1) Standard Q (2) Standard Q (3) Standard Q (4) Trust DSCP at IA Host Port DSCP/COS to Output Q Map 1 Priority Queue 3 Standard Queue Shared Queue 1 30 35 5 Marking/Re-Marking at IA Parent Policing at IA Parent 57

Catalyst Instant Access QoS Egress IA Parent to IA Client over Fabric Link IA Client Fabric Link IA Parent Trust DSCP/COS Map Table at IA Parent Dscp-outputq-threshold map: DSCP = d1d2 d1 :d2 0 1 2 3 4 5 6 7 8 9 ------------------------------------------------------------ 0 : 08-03 08-03 07-03 07-03 06-03 06-03 06-03 06-03 05-01 05-02 1 : 05-02 05-02 04-02 04-02 04-02 04-02 03-03 03-03 03-03 03-03 2 : 03-03 03-03 03-03 03-03 02-03 02-03 02-03 02-03 02-03 02-03 3 : 02-03 02-03 03-03 03-03 03-03 03-03 03-03 03-03 03-03 03-03 4 : 01-03 01-03 01-03 01-03 01-03 01-03 01-03 01-03 02-03 02-03 5: 02-03 02-03 02-03 02-03 02-03 02-03 02-03 02-03 02-03 02-03 DSCP 40: d1 = 4, d2 = 0 6 : 02-03 02-03 02-03 02-03 DSCP 16: d1 = 1, d2 = 6 Queues 1P7Q4T Priority (1) Standard Q (2) Standard Q (3) Standard Q (4) Standard Q (5) Standard Q (6) Standard Q (7) IA Control Traffic Data Data BPDU DSCP 40 DSCP 16 58

Catalyst Instant Access QoS Egress IA Client Host Ports IA Client Fabric Link IA Parent Queues (1P3Q3T) Priority (1) Standard Q (2) Standard Q (3) Standard Q (4) Data Data DSCP 40 DSCP 16 Queues 1P7Q4T Priority (1) Standard Q (2) Standard Q (3) Standard Q (4) Trust DSCP/COS 1P3QT3 Egress Host Port Shared 1 30 35 5 Standard Q (5) Standard Q (6) Standard Q (7) 59

IA Client Port QOS with Fabric Link EtherChannels To Network VSS F101 ngle FEX Intf Multiple Physical paths End User Traffic From Network VSS F101 End User Traffic End user traffic for FEX port Gig 102/1/0/48 IA Client Default load balance: src-mac IA Parent Default load balance: src-dst-ip Global load-balance changes applied to IA Client module as well. IA Client port : Service Policies applied Controller distributes policies to all Fabric links Ingress and Egress policies Policy Statistics Aggregated by Controller 60

EtherChannel Load Balance at IA Parent Both ends of the FEX fabric Etherchannel will use the same port-channel distribution algorithm, to the extent this is supported by the FEX hardware. Cat6500-VSS(config)#port-channel load-balance? dst-ip Dst IP Addr dst-mac Dst Mac Addr dst-mixed-ip-port Dst IP Addr and TCP/UDP Port dst-port Dst TCP/UDP Port mpls Load Balancing for MPLS packets src-dst-ip Src XOR Dst IP Addr IA Client Port Channel Load Balance Hash src-dst-mac Src XOR Dst Mac Addr dst-ip Dst IP Addr src-dst-mixed-ip-port Src XOR Dst IP Addr and TCP/UDP Port dst-mac Dst Mac Addr src-dst-port Src XOR Dst TCP/UDP Port src-dst-ip Src XOR Dst IP Addr src-ip Src IP Addr src-dst-mac Src XOR Dst Mac Addr src-mac Src Mac Addr src-ip Src IP Addr src-mixed-ip-port Src IP Addr and TCP/UDP Port src-mac Src Mac Addr src-port Src TCP/UDP Port vlan-dst-ip Vlan, Dst IP Addr vlan-dst-mixed-ip-port Vlan, Dst IP Addr and TCP/UDP Port vlan-src-dst-ip Vlan, Src XOR Dst IP Addr vlan-src-dst-mixed-ip-port Vlan, Src XOR Dst IP Addr and TCP/UDP Port vlan-src-ip Vlan, Src IP Addr vlan-src-mixed-ip-port Vlan, Src IP Addr and TCP/UDP Port 61

Catalyst Instant Access Fundamentals Agenda Solution Overview Architecture Features mplicity of Provisioning & Image Management mplification of Configuration QoS Capabilities High Availability Recommended Topologies Configurations and Provisioning Key Takeaways

Catalyst Instant Access High Availability. L3 Fabric F 113 F 114 VSS / VSS Quad-Sup SSO EtherChannel Load Balancing Up to 6 10G in MEC Bundle Load Sharing Ca6k Hash Algorithms Up to 3 Stack Members 80G stack bandwidth between stack members EtherChannel Across Stack Members Up to 6 10G into One EtherChannels Dual Active detection on fabric links Upto 8 Host Port Etherchannels Host Port EtherChannel Across Stack Members Master Failure will not reset Etherchannel 63

Instant Access: VSS Dual Active Detection Enhanced PAgP Enhanced SDP (Fabric Link Discovery Protocol) Switch 1 Switch 2 Switch 1 Switch 2 Active Hot Standby Active Hot Standby Requires epagp capable neighbor : 3750: 12.2(46)SE 4500: 12.2(44)SE 6500: 12.2(33)SXH1 Sub-second convergence Cat6500-VSS#show fex dual-active FEX dual-active detection enabled: Yes Requires esdp Neighbor: Catalyst 6800ia: 15.1(2)SY Channel Group 16 (FEX 132) Dual Active detection capable: Yes switch 1 member port state: Te1/2/5 - Interface Up. state: bound Sub-second convergence Te1/2/13 - Interface Up. state: bound switch 2 member port state: Te2/2/5 - Interface Up. state: bound SDP Satellite Cisco Discover Public Protocol Te2/2/13 - Interface Up. state: bound 64 64

Catalyst Instant Access EFSU A = Active S=Standby LC=Line Card Old Code Newer Code A LC1 LC2 LC3 S LC1 LC2 LC3 issu load version A LC1 LC2 LC3 S LC1 LC2 LC3 issu run version S LC1 LC2 LC3 A LC1 LC2 LC3 issu run version fex 103 S A 101 F 102 F 103 F 101 F 102 F 103 F 101 F 102 F 103 LC1 LC1 LC2 LC2 LC3 LC3 S LC1 LC2 LC3 A LC1 LC2 LC3 issu commit version S LC1 LC2 LC3 A LC1 LC2 LC3 issu accept version S LC1 LC2 LC3 A LC1 LC2 LC3 F 101 F 102 F 103 issu run version fex 102, 101 F 101 F 102 F 103 F 101 F 102 F 103 F 101 F 102 F 103 Rolling upgrade across FEX-ID s 65

Catalyst Instant Access Capabilities Key Takeaways Auto Provisioning and Pre-Provisioning Support ngle Image across Distribution Block ngle Configuration for Distribution Block Catalyst 6500 Features at Access EFSU for IA Clients 67

Catalyst Instant Access Fundamentals Agenda Solution Overview Architecture Features Recommended Topologies Distribution VSS Stacking IDF Scenarios Fabric Link Connectivity Host Port Etherchannel Configurations and Provisioning Key Takeaways ACCESS DISTRIBUTION 68

Catalyst Instant Access VSS Pair as IA Parent Recommended Recommended ngle Switch VSS Mode VSS Pair VSS Quad-Sup SSO ngle Cat6500 Switch configured in VSS Mode with One Active and One Standby Supervisor FEX ID is mapped to a Virtual Slot High Availability with a Supervisor in each Chassis. MEC across VSS Pair HA with 2 Supervisors in each chassis in SSO Mode Hyper High Availability 69

Catalyst Instant Access Fundamentals Agenda Solution Overview Architecture Key Capabilities Recommended Topologies Distribution VSS Stacking IDF Scenarios Fabric Link Connectivity Host Port Etherchannel Configurations and Provisioning Key Takeaways ACCESS DISTRIBUTION 70

Catalyst Instant Access Phase 1 Scalability Maximum Client Node User Ports 1008 Maximum FEX ID s 12 Maximum Client Switches 21 Client Node ID is a single client or a stack. If using individual clients max of 12 switches supported. Maximum Clients in Stack 3 Maximum User Ports in Stack 144 Most optimum where IDF has 96 or greater ngle Client IDF s support fewer overall ports # of IDFs # of Ports/IDF # of Clients in a Stack # of Access Ports 7 144 3 1008 10 96 2 960 5 192 2 960 3 288 3 864 12 48 0 576 71

Catalyst Instant Access (Phase 1) Stacking Scenario s Stack of 3 (Phase 1) Max FEX-ID 12 7 Nodes of 144 ports each = 1008 FEX 101 FEX 102 FEX 103 FEX 104 FEX 105 FEX 106 FEX 107 10 Nodes of 96 ports each + 1 Node of 48 port = 1008 FEX 101 FEX 102 FEX 103 FEX 104 FEX 105 FEX 106 FEX 107 FEX 108 FEX 109 FEX 110 FEX 111 72

Catalyst Instant Access (Phase 1) Stacking Scenario s Stack of 3 (Phase 1) Max FEX-ID 12 12 Nodes of 48 ports each = 576 ports FEX 101 FEX 102 FEX 103 FEX 104 FEX 105 FEX 106 FEX 107 FEX 108 FEX 109 FEX 110 FEX 111 FEX 112 Max 21 Stacks Switches = 1008 ports. FEX 101 FEX 102 FEX 103 FEX 104 FEX 105 FEX 106 FEX 107 FEX 108 FEX 109 73

Catalyst Instant Access Fundamentals Agenda Solution Overview Architecture Key Capabilities Recommended Topologies Distribution VSS Stacking IDF Scenarios Fabric Link Connectivity Host Port Etherchannel Configurations and Provisioning Key Takeaways ACCESS DISTRIBUTION

Catalyst Instant Access Fabric Link Connectivity Scenarios Dual Homed to VSS Pair Recommended Design Dual Homed to VSS Pair Dual Homed across Stack Members Up to 6 uplinks(60g) MEC across Client to Parent 75

Catalyst Instant Access Fabric Link Connectivity Scenarios ngle Homed to VSS Pair Possible but Not Recommended ngle homed to VSS pair ngle Homed upto 6 links in MEC Across Stack members 76

Catalyst Instant Access Fabric Link Connectivity Scenarios ngle Switch VSS Mode Possible but Not Recommended ngle Homed to Switch 1 in VSS mode Dual Homed to ngle Switch in VSS mode Up to 6 links in MEC homed to ngle Switch in VSS Mode 77

Catalyst Instant Access Fundamentals Agenda Solution Overview Architecture Key Capabilities Recommended Topologies Distribution VSS Stacking IDF Scenarios Fabric Link Connectivity Host Port Etherchannel Configurations and Provisioning Key Takeaways ACCESS DISTRIBUTION

Catalyst Instant Access Host Port Connectivity Options. (Supported FCS +) Host ngle Homed End devices to IA Client dual homed to VSS Pair MEC at IA Ports across Stack Members 79

Catalyst Instant Access Recommended Topologies Key Takeaways VSS Pair at Distribution 21 Switches in Stacked mode to achieve 1008 port scale Upto 6 MEC (60Gbps) across from Stack to IA Parent Fabric Link MEC across Stack Members Host Port Ether Channel across Stack Members Host Port EtherChannel across FEX Stacks (FEX-ID) not supported. 82

Catalyst Instant Access Fundamentals Agenda Solution Overview Architecture Features Recommended Topologies Configuration and Provisioning Provisioning of IA CLI look and Feel: Configuration, Verification & Troubleshooting Key Takeaways

Catalyst Instant Access Cat6500 VSS Configuration Switch 1 Configuration redundancy mode sso! switch virtual domain 100 switch 1! interface Port-channel1 switch virtual link 1 interface ten 1/5/4 channel-group 1 mode on interface ten 1/1/1 channel-group 1 mode on! switch convert mode virtual Switch 1 Switch 2 Cat6500-VSS#show switch virtual Switch mode VSS Verification Virtual switch domain number : 100 Local switch number : 1 VSS Configurations Guide http://www.cisco.com/en/us/docs/switches/lan/ca talyst6500/ios/12.2sx/configuration/guide/vss.ht ml Switch 2 Configuration redundancy mode sso! : Virtual Switch switch virtual domain 100 Switch 2 Local switch operational role: Virtual Switch Active Peer switch number : 2 Peer switch operational role : Virtual Switch Standby! interface Port-channel2 switch virtual link 2 interface ten 2/5/4 Channel-group 2 mode on interface ten 2/1/1 channel-group 2 mode on! switch convert mode virtual 84

Catalyst Instant Access ngle Switch VSS Mode Switch 1 Configuration redundancy mode sso! switch virtual domain 100 switch 1! switch convert mode virtual Switch 1 VSS Configurations Guide http://www.cisco.com/en/us/docs/switches/lan/catalyst6500/ios/12.2sx/configuration/guide/vss.html 85

Catalyst Instant Access Provisioning Automatic Discovery of IA Client. Step 1 interface Port-channel20 switchport switchport mode fex-fabric fex associate 118 Step 2 interface range TenGig1/2/5, TenGig2/2/5 switchport channel-group 20 mode on The Discovery process starts automatically once the FEX-Fabric is configured on downlinks to IA Client No Console Access Required to Instant Access Client Provisioning 87

Catalyst Instant Access Provisioning Automatic Discovery and Provisioning of IA Client Cat6500-VSS#show fex 118 detail FEX: 118 Description: FEX0118 state: online FEX version: 15.0(2.0.51)UCP Extender Model: WS-C2960X-48FPD-L, Extender Serial: FHH1707P00S FCP ready: yes Image Version Check: overridden Fabric Portchannel Ports: 2 Fabric port for control traffic: Te1/2/5 Fabric interface state: Po20 - Interface Up. Te1/2/5 - Interface Up. state: bound Te2/2/5 - Interface Up. state: bound Cat6500-VSS#show run fex 118 Current configuration : 11123 bytes! interface GigabitEthernet118/1/0/1 88

Catalyst Instant Access Provisioning Pre-Provisioning of IA Client Pre-Provisioning Switch and host port configuration before the IA Switch is physically connected can be done very similar to a line card Pre Provisioning Pre-Provisioning of IA Client Cat6500-VSS#mod provision create fex 121 type C6800IA-48FPD FEX 121 slot 1 module provisioning entry added. Pre-Provisioning a Stack Member to Existing FEX-ID Cat6500-VSS#mod provision create fex 121 type C6800IA-48FPD slot 2 FEX 121 slot 2 module provisioning entry added. Cat6500-VSS#show switch virtual slot-map Virtual Slot to Remote Switch/Physical Slot Mapping Table: Virtual Remote Physical Module Slot No Switch No Slot No Uptime ---------+-----------+----------+---------- 68 121 1 69 121 2 89

Catalyst Instant Access Provisioning Pre Provisioning of Host Port Configuration Once the FEX-ID is provisioned, the Host Port Interface can be configured like Any regular interface in Cat6500 Cat6500-VSS#show run fex 121 Building configuration... Current configuration : 5564 bytes! interface GigabitEthernet121/1/0/1 switchport mode access... FEX 121 Pre Provision any IA Client Host Port like a regular port ahead. Cat6500-VSS#conf t Enter configuration commands, one per line. End with CNTL/Z. Cat6500-VSS(config)#int Gig 121/1/0/24 Cat6500-VSS(config-if)#description To Printer Bldg3,4th Floor. Cat6500-VSS(config-if)#switchport access vlan 110 90

Catalyst Instant Access Provisioning mplicity of adding a Stack Member Plug and Play Cat6500-VSS#show mod fex 118 Switch Number: 118 Role: FEX ---------------------- ----------------------------- Mod Ports Card Type Model Serial No. --- ----- -------------------------------------- ------------------ ----------- 1 48 C6800IA 48GFPwr 2SFP Fullers_48FullPwr FHH1707P00S Cat6500-VSS# *Apr 3 19:37:58.026: %SATMGR -SW1-5-FEX_MODULE_ONLINE: FEX 118, module 2 online Cat6500-VSS# *Apr 3 19:37:58.030: %OIR-SW1-6-INSREM: Switch 118 Physical Slot 2 - Module Type LINE_CARD inserted Fex 118 Module 2: Passed Online Diagnostics *Apr 3 19:38:12.178: %OIR-SW1-6-SP_INSCARD: Card inserted in Switch_number = 118, physical slot 2, interfaces are now online Cat6500-VSS#show mod fex 118 Switch Number: 118 Role: FEX ---------------------- ----------------------------- Mod Ports Card Type Model Serial No. --- ----- -------------------------------------- ------------------ ----------- 1 48 C6800IA 48GFPwr 2SFP Fullers_48FullPwr FHH1707P00S 2 48 C6800IA 48GFPwr 2SFP Fullers_48FullPwr FHH1707P010 Stack Member automatically Discovered and associated to FEX like a Line Card 91

Catalyst Instant Access Provisioning mplicity of Adding Additional Uplinks Cat6500-VSS#show fex 118 detail FEX: 118 Description: FEX0118 state: online <Snip> Fabric Portchannel Ports: 2 Fabric port for control traffic: Te1/2/5 Fabric interface state: Po20 - Interface Up. Te1/2/5 - Interface Up. state: bound Te2/2/5 - Interface Up. state: bound Cat6500-VSS(config)#int range TenGig1/2/13, TenGig2/2/13 Cat6500-VSS(config-if-range)#channel-group 20 mode on Cat6500-VSS#show fex 118 detail FEX: 118 Description: FEX0118 state: online <Snip> Fabric Portchannel Ports: 4 Fabric port for control traffic: Te1/2/5 Fabric interface state: Po20 - Interface Up. Te1/2/5 - Interface Up. state: bound Te1/2/13 - Interface Up. state: bound Te2/2/5 - Interface Up. state: bound Te2/2/13 - Interface Up. 2013 Cisco state: and/or its bound affiliates. All rights reserved. Just Bundling to fex-fabric Port Channel on Parent, No Configuration at IA Client 92

Catalyst Instant Access Fundamentals Agenda Solution Overview Architecture Features Recommended Topologies Configuration and Provisioning Provisioning of IA CLI look and Feel: Configuration, Verification & Troubleshooting Key Takeaways

Catalyst Instant Access Host Port: Interface Naming Convention <Interface-type>/<fex-id>/<module>/<submode>/<port> FEX ID 101-199 Stack Sub Module FEX Port interface GigabitEthernet 118/1/0/1 interface GigabitEthernet 118/2/0/1 94

CLI Look and Feel Configuration Ease Interface range command Cat6500-VSS(config)#int range Gig 132/1/0/1-48, Gig132/2/0/1-48 Cat6500-VSS(config-if-range)# Show run for IA Client Cat6500-VSS#show run fex 132 Building configuration... Current configuration : 11103 bytes! interface GigabitEthernet132/1/0/1 switchport access vlan 10! interface GigabitEthernet132/1/0/2 switchport access vlan 10 95

CLI Look and Feel Location Check FEX Status, Hardware Details, Location Cat6500-VSS#show fex FEX FEX FEX FEX Number Description State Model Serial --------------------------------------------------------------------------- 118 Bldg-3-Conf-R online WS-C2960X-48FPD-L FHH1707P02S 132 BLDG 3 IDF 2. online WS-C2960X-48FPD-L FHH1707P03S Cat6500-VSS(config)#fex 132 Cat6500-VSS(config-fex)#location? additional-location-information Set additional location, CA Type 22 civic-location-id Civic location information custom-location-id Custom location information geo-location-id Geo location information Cat6500-VSS(config-if)#location civic-location-id fex port-location? 96

CLI Look and Feel Verification Check FEX Status, Hardware Details, Location for specific FEX-ID, Fabric Links State. Cat6500-VSS#show fex 118 FEX: 118 Description: Bldg-3-Conf-Rm state: online FEX version: 15.0(2.0.51)UCP Extender Model: WS-C6800ia-48FPD-L, Extender Serial: FHH1707P00S FCP ready: no Image Version Check: overridden Fabric Portchannel Ports: 2 Fabric port for control traffic: Te2/2/5 Fabric interface state: Po12 - Interface Up. Te1/2/5 - Interface Up. state: bound Te2/2/5 - Interface Up. state: bound Cat6500-VSS#show interface fex-fabric Fabric Fabric Port FEX FEX FEX Port State Uplink Model Serial ----------------------------------------------------------------- 132 Te1/2/5 bound 0 WS -C6800ia-48FPD-L FHH1707P00S 117 Te1/2/13 bound 1 WS -C6800ia-48FPD-L FHH1707P01S 132 Te2/2/5 bound 0 WS -C6800ia-48FPD-L FHH1707P00S 118 Te2/2/13 bound 1 WS -C6800ia-48FPD-L FHH1707P03S 97

CLI Look and Feel Verification and Troubleshooting Cat6500-VSS#show module fex Switch Number: 132 Role: FEX ---------------------- ----------------------------- Mod Ports Card Type Model Serial No. --- ----- -------------------------------------- ------------------ ----------- 1 48 C6800IA 48GFPwr 2SFP Fullers_48FullPwr FHH1707P00S 2 48 C6800IA 48GFPwr 2SFP Fullers_48FullPwr FHH1707P010 Cat6500-VSS#show environment status fex all Fex 132 Fan 1 FEX 132 Fan 1 type: 33-0752-01 FEX 132 Fan 1 mode: Auto Fex 132 fan-tray 1 fan-fail: OK Fex 132 Fan 2 FEX 132 Fan 2 type: 33-0752-01 FEX 132 Fan 2 mode: Auto Fex 132 fan-tray 2 fan-fail: OK FEX 132 module 1 cooling requirement: 84 cfm FEX 132 module 2 cooling requirement: 84 cfm Fex 132 module 1 outlet temperature: 45C Fex 132 module 2 outlet temperature: 2013 Cisco and/or 52C its affiliates. All rights reserved. 98

CLI Look and Feel Host Port details Cat6500-VSS#show int gig 132/1/0/1 GigabitEthernet132/1/0/1 is up, line protocol is up (connected) Hardware is C6k 1000Mb 802.3, address is 0022.bdf4.6601 (bia 0022.bdf4.6601) MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Show interface Gig 132/1/0/1? Keepalive set (10 sec) Full-duplex, 1000Mb/s, media type is 10/100/1000BaseT accounting input flow-control is off, output flow-control is unsupported Counters Clock mode is auto description ARP type: ARPA, ARP Timeout 04:00:00 history Last input never, output never, output hang never Last clearing of "show interface" counters 1d17h precedence Input queue: 0/2000/0/0 (size/max/drops/flushes); Total output status drops: 0 Queueing strategy: fifo summary Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec Transceiver 5 minute output rate 1000 bits/sec, 1 packets/sec users 0 packets input, 0 bytes, 0 no buffer Vlan Received 0 broadcasts (0 multicasts) 0 runts, 0 giants, 0 throttles... 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 0 multicast, 0 pause input 99

CLI Look and Feel Troubleshooting Fabric UpLinks from IA Client Cat6500-VSS#attach fex 132... Open To troubleshoot on IA Client Uplink - interface stats, transceiver details- Attach to IA Client attach <fex-id> FEX-132# FEX-132#show int tengigabitethernet 1/0/1 TenGigabitEthernet1/0/1 is up, line protocol is up (connected) Hardware is Ten Gigabit Ethernet, address is 0022.bdf4.6633 (bia 0022.bdf4.6633) MTU 9198 bytes, BW 10000000 Kbit/sec, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive not set Full-duplex, 10Gb/s, link type is auto, media type is SFP-10GBase-SR input flow-control is off, output flow-control is unsupported ARP type: ARPA, ARP Timeout 04:00:00 Last input never, output never, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 4000 bits/sec, 3 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 13031 packets input, 2591153 bytes, 0 no buffer 100

CLI Look and Feel Troubleshooting Fabric Up Links from IA Client FEX-132#show int ten 1/0/2 transceiver ITU Channel not available (Wavelength not available), Transceiver is internally calibrated. If device is externally calibrated, only calibrated values are printed. ++ : high alarm, + : high warning, - : low warning, -- : low alarm. NA or N/A: not applicable, Tx: transmit, Rx: receive. ma: milliamperes, dbm: decibels (milliwatts). Optical Optical Temperature Voltage Tx Power Rx Power Port (Celsius) (Volts) (dbm) (dbm) --------- ----------- ------- -------- -------- Te1/0/2 40.7 3.32-2.0-1.1 101

Key Takeaways. Benefits ngle Point of Management mplified Operations Feature Consistency at Access Layer Components Cat 6500E / C6800 + Sup2T VSS/ VSS Quad-Sup SSO + X6904 10G mode, Cat6848ia Supports SR, LR, ER 10G SFP+ optics Configurations Consistent w/ Data Center FEX CLI Features Stacking, POE/POE+, All Cat6500 features available at Access Layer Layer 2, Layer 3, IPv6, MPLS, Centralized Application Visibility and Control w/ Flexible NetFlow, mplified Network Security, 2013 Cisco and/or Network its affiliates. All Virtualization rights reserved. deployment. 102

Cisco Catalyst Instant Access Summary mplified Configuration and Deployment ngle point of Management Plug and Play Provisioning No Image Management at Access Cat6500 Features consistent across Distribution and Access mplifying Networks Reducing TCO 103

Thank You

Comparison to Nexus FEX 105