CELC - Архитектура коммутаторов Catalyst 4500

2,355 views
2,161 views

Published on

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,355
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
94
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

CELC - Архитектура коммутаторов Catalyst 4500

  1. 1. Cisco Expo Club 2011Архитектура коммутаторовCatalyst 4500 Денисов Павел, системный инженер
  2. 2. Agenda  Catalyst4500 chassis  Supervisor modules  Line cards  Line cards architecture  Sup7-E architecture  Unicast packet walk  Multicast packet walk  Catalyst4500 IOS XE  Flexible NetFlowPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 2
  3. 3. Catalyst4500 ChassisPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
  4. 4. Cisco Catalyst 4500E Series Chassis WS-C4507R-E 7 slot chassis WS-C4510R-E With Redundant 10 slot chassis with Redundant supervisors SupervisorsWS-C4503-E* WS-C4506-E*3 slot chassis 6 slot chassisWith single With SingleSupervisor supervisor • 3 and 6 slot chassis have supervisors in slot 1 and are non redundant chassis ( 1 supervisor only ) Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 4
  5. 5. New Cisco Catalyst 4500E Series ChassisWS-C4507R+E7 slot chassis WS-C4510R+EWith Redundant 10 slot chassis with Redundant supervisorsSupervisors WS-C4503-E WS-C4507R+E WS-C4510R+E WS-C4506-E Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 5
  6. 6. Catalyst 4507R+E WS-C4507R+E 2 Supervisors 5 Line Card Slots 240 Ports of 10/100/1000 11 RU Rack UnitsPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 6
  7. 7. Catalyst 4510R+E WS-C4510R+E 2 Supervisor 8 Line Card Slots 384 Ports of 10/100/1000 14 RU Rack Units Sup6L-E Not SupportedPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 7
  8. 8. Supervisor modulesPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
  9. 9. Cisco Catalyst 4500E Supervisor 7-E WS-X45-Sup7-EDual Core CPU USB 4 10G/1G Uplinks Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 9
  10. 10. Cisco Catalyst 4500E Supervisor 6-E WS-X45-Sup6-E 10 G Twin 1G ConverterPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 10
  11. 11. Cisco Catalyst 4500E Supervisor 6L-E WS-X45-Sup6L-E 10 G Twin 1G ConverterPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 11
  12. 12. Catalyst 4500E Supervisor Comparison Bandwidth: 848 Gbps Uplinks: 4x10G/4x1GPerformance CPU: Dual Core 1.5 GHz Bandwidth: 320 Gbps DRAM: 2 GB Uplinks: 2x10G/4x1G Max Routes: 256 K CPU: 1.3 GHz DRAM: 512 MB Bandwidth: 280 Gbps Max Routes: 256 K Uplinks: 2x10G/4x1G CPU: 1 GHz DRAM: 512 MB Max Routes: 57K Supervisor 6L-E Supervisor 6-E Supervisor 7-E Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 12
  13. 13. Catalyst 4500E Supervisor ComparisonPerformanceFeature Supervisor 6L-E Supervisor 6-E Supervisor 7-ESwitching Capacity 280 Gbps 320 Gbps 848GbpsThroughput 225 Mpps ( 125 Mpps 250 Mpps ( 125 Mpps for IPv6) 250 Mpps ( 125 Mpps for for IPv6 ) IPv6)Bandwidth / Slot Upto 24G Upto 24G Upto 48GCPU Single Core 1 GHz Single Core 1.3 GHz Dual Core 1.5 GHzDRAM 512 MB 512 MB ( Upgradable to 1G ) 2G ( Upgradable to 4G)Bootflash 128 MB 128 MB 1GScalabilityFeature Supervisor 6L-E Supervisor 6-E Supervisor 7-ENumber of 10/100/1000 ports Upto 240 access Upto 384 access Upto 384 access Upto 4 GE uplinks Upto 4 GE uplinks Upto 4 GE uplinksNumber of 10GE ports Upto 30 on Line cards Upto 30 on Line cards Upto 96 on Line cards Upto 2 on Supervisors Upto 4 on Supervisors Upto 4 on SupervisorsNetFlow No Support No Support Native support 128K Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 13
  14. 14. Catalyst 4500E Investment Protection 24G 24G 48G 24G 24G 48G 24G 24G 48G 24G 24G 48G Supervisor 6-E Supervisor 7-E Supervisor 7-E Supervisor 6-E Supervisor 7-E Supervisor 7-E 24G 24G 48G 6G 24G 48G 6G 24G 48G 6G 24G 48GWS-C4510R-E WS-C4510R-E WS-C4510R+E 24G 24G 48G 24G 24G 48GSupervisor 6/6L-E Supervisor 7-E Supervisor 7-ESupervisor 6/6L-E Supervisor 7-E Supervisor 7-E 24G 24G 48G 24G 24G 48G 24G 24G 48G WS-C4507R-E WS-C4507R-E WS-C4507R+E Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 14
  15. 15. Line cardsPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
  16. 16. Catalyst 4500E PoE Line Cards WS-X4748-RJ45V+E 1 Gbps per port 30W per port (IEEE802.3at) on 48 portsPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 16
  17. 17. Catalyst 4500E PoE Line Cards WS-X4648-RJ45V+E 1 Gbps per port (2:1 Oversubscribed) 30W per port (IEEE802.3at) on 24 portsPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 17
  18. 18. Catalyst 4500E Data Line Card WS-X4648-RJ45-E 1 Gbps per port (2:1 Oversubscribed) Data onlyPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 18
  19. 19. Catalyst 4500E 10G Fiber Line Card WS-X4712-SFP+E Flexibility of 10G/1G 2.5:1 Oversubscribed if all ports used for 10G LR, SR, CX1, and LRM OpticsPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 19
  20. 20. Catalyst 4500E 10G Fiber Line Card WS-X4606-X2-E Flexibility of 10G/1G 2.5:1 Oversubscribed if all ports used for 10G LR, SR, LX4, and LRM X2 OpticsPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 20
  21. 21. Catalyst 4500E 1G Fiber Line Card WS-X4612-SFP-E WS-X4624-SFP-E12 Port GigE 24 Port GigESX and LX Optics SX and LX Optics Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 21
  22. 22. Line cards architecturePresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
  23. 23. 46xx and 47xx Line Card Speeds Packet Processor Bandwidth per Slot with 46XX series line card3 Gbps 3 Gbps 3 Gbps 3 Gbps 3 Gbps 3 Gbps 3 Gbps 3 Gbps   8 dedicated lanes to Supervisor   Each lane operates at 3Gbps E-Series 46xx Line Card Packet Processor Bandwidth per Slot with 47xx series line cards6 Gbps 6 Gbps 6 Gbps 6 Gbps 6 Gbps 6 Gbps 6 Gbps 6 Gbps   8 dedicated lanes to Supervisor   Each lane runs at 6Gbps E-Series 47xx Line Card Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 23
  24. 24. 4606 Linecard Port Groups  Groups of 12: 10/100/1000 or 1000 Mbps  Groups of 3: 10 GE  Groups of 6: 1 GE ports (TwinGig) 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 Catalyst-4506-E# show hw-module module 3 port-group Module Port-group Active Inactive ---------------------------------------------- 3 1 Gi3/7-12 Te3/1-3 3 2 Te3/4-6 Gi3/13-18 DefaultPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 24
  25. 25. 4712 Line Card Port Group   Complete Flexibility of using 10G or 1G   The port will always be named TenGigabitEthernet x/y irrespective of optic being usedSUP7-E#show int status module 2Port Name Status Vlan Duplex Speed TypeTe2/1 connected routed full 10G 10GBase-SRTe2/2 connected 400 full auto 1000BaseSXTe2/3 disabled 1 full auto No XCVRTe2/4 disabled 1 full auto No XCVRTe2/3 disabled 1 full auto No XCVR<snip…..snip>Te2/11 disabled 1 full auto No XCVRTe2/12 disabled 1 full auto No XCVR Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 25
  26. 26. Sup7-E architecturePresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
  27. 27. Supervisor 7E Block Diagram - PhysicalPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 27
  28. 28. Catalyst 4500E Sup7-E Dual Core CPU  Sup 7-E has a dual-core (1.5GHz) CPU  Increased control plane scalability  Better routing , L2 convergence  2GB DRAM by default , upgradable to 4GB  Allows future Application hosting SUP7-E#show process cpu Core 0: CPU utilization for five seconds: 24%; one minute: 23%; five minutes: 23% Core 1: CPU utilization for five seconds: 24%; one minute: 19%; five minutes: 19% PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process 1 915 918 997366 0.00 0.00 0.00 0 init 2 0 79 10810 0.00 0.00 0.00 0 kthreadd 3 247 43563 5672 0.00 0.00 0.00 0 migration/0 4 57 5786 9923 0.00 0.00 0.00 0 ksoftirqd/0 5  236 41567 5700 0.00 0.00 0.00 0 migration/1 <SNIP> Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 28
  29. 29. Catalyst 4500E Sup7-E USB Support   Support Image, Configuration storage, booting   12 MB/s   Supported size 4G   Part number USB-X45-4GB-E SUP7-E#directory usb0: Directory of usb0:/ 38 drwx 16384 Nov 3 2009 13:43:32 +00:00 .rollback_timer 66 -rwx 257615 Nov 16 2009 12:46:52 +00:00 startup-config Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 29
  30. 30. Catalyst 4500E Sup7-E Secure Digital Card   External storage by SD card on Supervisor 7-E   Average speed of data transfer between 10 MB/s – 20 MB/s   Supported size 2G . PID MEM-X45-2GB-E   Accessed by “dir disk0” command Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 30
  31. 31. Supervisor 7-E Uplink Configurations  Supervisor 7-E uplinks can either operate in 10GE or 1GE mode  All modes are non-blocking  Any port can be used as 1GE or 10GE without any limitation  Speed selection is dynamic based on Optic type SFP / SFP+  Operationally simple 10GE 10GE 10GE 10GE 40G 1GE 1GE 1GE 1GE 4G 10GE 10GE 1GE 1GE 22G 1GE 10GE 10GE 1GE 22G Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 31
  32. 32. Redundant Supervisor Uplink Configurations  Supervisor 7-E uplinks can either operate in 10GE or 1GE mode  All modes are non-blocking  Different port speeds can be used on the same or across supervisors  Speed selection is dynamic based on optic type SFP/SFP+ Inactive  Operationally simple 10GE 10GE 40G 10GE 10GE 1GE 1GE 4G 1GE 1GE 10GE 1GE 22G 10GE 1GE Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 32
  33. 33. Supervisor 7E Packet ProcessorHeader Data Header Data Provides Throughput Shared Packet Memory (32 MB) Parses Header Data RMON Port Statistics Packet Processor Header Header 802.1q Tagging/Untagging Forwarding EnginePresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 33
  34. 34. Supervisor 7E Forwarding Engine Packet Lookup/Forward Classification Policing and Queuing ReplicationPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 34
  35. 35. Supervisor 7E Forwarding Engine Transmit Queue DMAC/SMACUsed for CPU, Drop Lookup, STP, Stateand Normal queues of VLANsUsed for Dynamic Input ACL/QoS Buffer LimitingStores VLAN Flood Creates NetFlow L2/L3 Multicast Entries and enables Receiver OIFs NetFlow features Output Stores FIB and adjacency, ACL/QoS Unicast and Multicast entries Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 35
  36. 36. Unicast packet walkPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36
  37. 37. Supervisor 7E Packet WalkLine Card Switch Backplane Line Card Packet Processor Forwarding Engine NetFlow EnginePresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 37
  38. 38. Supervisor 7E Unicast Packet Walk Header Data Shared Packet Memory (32 MB) Data Packet Processor Header Forwarding EnginePresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 38
  39. 39. Supervisor 7E Unicast Packet Walk Packet Processor Queue Memory STP Lookup HeaderDBL Hash Memory Input TCAM Forwarding EngineReplication NetFlow Table Engine Layer 2 Lookup Spanning Tree Lookup Forwarding Output TCAM Lookup Forwarding Source/Dest MAC Lookup Lookup Decision for Layer 3 Lookup Memory Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 39
  40. 40. Supervisor 7E Unicast Packet Walk Packet Processor Queue Memory STP LookupDBL Hash Header Memory Input TCAM Forwarding EngineReplication NetFlow Table Engine Ingress ACL Permit/Deny Forwarding Input QoS Policing Forwarding Output TCAM Lookup Input QoS Marking Lookup Memory Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 40
  41. 41. Supervisor 7E Unicast Packet Walk Packet Processor Queue Memory STP LookupDBL Hash Memory Input TCAM Forwarding EngineReplication NLD NetFlow Header Table Engine NRD NetFlow entries created/ updated Forwarding Output TCAM Lookup Forwarding Microflow Policing + Input Lookup Policing for the packet Memory Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 41
  42. 42. Supervisor 7E Unicast Packet Walk Packet Processor Queue Memory STP LookupDBL Hash Memory Input TCAM Forwarding EngineReplication NetFlow Table Engine Header Layer 3 Lookup Decision for replication Forwarding Output TCAM Lookup Forwarding (multicast) Lookup IPv4 and IPv6 FIB Memory Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 42
  43. 43. Supervisor 7E Unicast Packet Walk Packet Processor Queue Memory STP LookupDBL Hash Memory Input TCAM Forwarding EngineReplication NetFlow Table Engine Header Egress ACL permit/deny Forwarding Output policing Forwarding Output TCAM Lookup Marking Lookup Memory Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 43
  44. 44. Supervisor 7E Unicast Packet Walk Packet Processor Queue Memory STP LookupDBL Hash Header Memory Input TCAM Forwarding EngineReplication NetFlow Table Engine Dynamic Buffer Limiting Forwarding Avoid congestion in the Forwarding Output TCAM Lookup output queue Lookup Memory Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 44
  45. 45. Supervisor 7E Unicast Packet Walk Packet Processor Queue Header STP Lookup MemoryDBL Hash Memory Input TCAM Forwarding EngineReplication NetFlow Table Engine Forwarding Queued in queue memory Forwarding Output TCAM Lookup Lookup Memory Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 45
  46. 46. Supervisor 7E Unicast Packet Walk Packet Processor Queue Memory STP Lookup HeaderDBL Hash Memory Input TCAM Forwarding EngineReplication NetFlow NUD Table Engine New header sent out Forwarding Output TCAM Lookup Forwarding Counters incremented Lookup Memory Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 46
  47. 47. Supervisor 7E Unicast Packet Walk Header Data Shared Packet Memory (32 MB) Data Packet Processor Header Forwarding EnginePresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 47
  48. 48. Multicast packet walkPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 48
  49. 49. Supervisor 7E Unicast Packet Walk Header Data Shared Packet Memory (32 MB) Data Packet Processor Header Forwarding EnginePresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 49
  50. 50. Supervisor 7E Multicast Packet Walk Packet Processor Queue Memory STP Lookup Replication ModuleDBL Hash Memory Header Input TCAM ReplicationReplication Queue NetFlow Table Engine Forwarding Engine Ingress ACL Permit/Deny Forwarding Input Policing Forwarding Output TCAM Lookup Marking Lookup Memory Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 50
  51. 51. Supervisor 7E Multicast Packet Walk Packet Processor Queue Memory STP Lookup Replication ModuleDBL Hash Memory Input TCAM ReplicationReplication Queue NLD NetFlow Header Table Engine NRD Forwarding Engine NetFlow entries created/ updated Forwarding Output TCAM Lookup Forwarding Microflow Policing + Input Lookup Policing for the packet Memory Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 51
  52. 52. Supervisor 7E Multicast Packet Walk Packet Processor Queue Memory STP Lookup Replication ModuleDBL Hash Memory Input TCAM ReplicationReplication Queue NetFlow Table Header Engine Forwarding Engine Layer 3 Lookup Decision for replication Forwarding Output TCAM Lookup Forwarding (multicast) Lookup IPv4 and IPv6 FIB Memory Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 52
  53. 53. Supervisor 7E Multicast Packet Walk Packet Processor Queue Memory STP Lookup Replication ModuleDBL Hash Memory Input TCAM ReplicationReplication Queue Header NetFlow Table Engine Forwarding Engine Entry Created in the Replication Table which Forwarding Output TCAM Lookup Forwarding includes number of copies of Lookup the header Memory Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 53
  54. 54. Supervisor 7E Multicast Packet Walk Packet Processor Queue Memory STP Lookup Replication Header ModuleDBL Hash Memory Input TCAM ReplicationReplication Queue NetFlow Table Engine Forwarding Engine Replication Module checks Forwarding the Replication Table to make Forwarding Output TCAM Lookup header copies Lookup Memory Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 54
  55. 55. Supervisor 7E Multicast Packet Walk Packet Processor Queue Memory STP Lookup Replication ModuleDBL Hash Memory Input TCAM Replication HeaderReplication Queue NetFlow Table Engine Forwarding Engine Headers queued in Forwarding Replication Queue for Forwarding Output TCAM Lookup respective egress interfaces Lookup Memory Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 55
  56. 56. Supervisor 7E Multicast Packet Walk Packet Processor Queue Memory STP Lookup Replication ModuleDBL Hash Memory Input TCAM ReplicationReplication Queue NetFlow Header Table Engine Forwarding Engine Egress ACL permit/deny Forwarding Output policing Forwarding Output TCAM Lookup Marking Lookup Memory Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 56
  57. 57. Supervisor 7E Multicast Packet Walk Packet Processor Queue Memory STP Lookup Replication ModuleDBL Hash Header Input TCAM Memory ReplicationReplication Queue NetFlow Table Engine Forwarding Engine Dynamic Buffer Limiting Forwarding Avoid congestion in the Forwarding Output TCAM Lookup output queue Lookup Memory Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 57
  58. 58. Supervisor 7E Multicast Packet Walk Packet Processor Queue Header STP Lookup Memory Replication ModuleDBL Hash Memory Input TCAM ReplicationReplication Queue NetFlow Table Engine Forwarding Engine Forwarding Queued in queue memory Forwarding Output TCAM Lookup Lookup Memory Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 58
  59. 59. Supervisor 7E Multicast Packet Walk Packet Processor Queue Memory STP Lookup HeaderDBL Hash Memory Input TCAM Forwarding EngineReplication NetFlow NUD Table Engine New header sent out Forwarding Output TCAM Lookup Forwarding Counters incremented Lookup Memory Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 59
  60. 60. Supervisor 7E Multicast Packet Walk Header Data Shared Packet Memory (32 MB) Data Packet Processor Header Forwarding EnginePresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 60
  61. 61. Catalyst4500 IOS XEPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 61
  62. 62. Next-Gen OS Architecture IOS Classic IOS XE Hosted Apps / Features Service Components s Infra Mgmt Common Infrastructure / HA Drivers Management Interface Kernels Module Drivers Kernel   Modern IOS to enable multi-core CPU   Allows Lower TCO capabilities such as silent roll, single sup ISSU   Smooth migration and investment protection with consistent IOS look & feel   Fast adoption of latest Borderless Networks Services   Enables open application platformPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 62
  63. 63. Cisco Software Activation With 15.0 IOS Pre 15.0 IOS Cisco Software Activation IOS Reformation   Universal IOS image. Feature activation via license   Separate IOS Images for Each   Ease of Ordering Package   Services on Demand   Current Sup6/L-E series will remain on this model   Supported only on Sup7-E and future Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 63
  64. 64. Catalyst 4500 IOS Licensing Enterprise Services IP BASE IP BASE In Service Software LAN BASE BGPv4 Upgrade IS-IS Stateful Switchover Auto QoS EIGRP EIGRP Stub Energywise OSPF v2/v3 OSPF for Routed Access POE + IEEE 802.3at PBR QinQ Flexlink+ VRF-Lite IP SLA Responder IGMP/MLD Snooping IP-SLA Network Mobility Services Rapid-PVST+ NSF L2PT IEEE 802.1x Multicast VRF-Lite Multicast Routing Smartports Embedded Event Manager PACL/VACL HSRP/GLBP/VRRPPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 64
  65. 65. Flexible NetFlowPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 65
  66. 66. NetFlowNetwork Operation   Capacity Planning   Network Performance Analysis   Historic Performance and Trend AnalysisSecurity   Real Time anomaly detection   Eliminate network blind spotsCompliance   User Accountability   Enables Industry and Government regulations Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 66
  67. 67. Flexible NetFlow on Supervisor 7-E  High performance Next-gen ASIC enables scalable and high-performance NetFlow monitoring, supports up to 128K cached flows  Flexibility User-defined flow records reusable in different flow monitors for different applications with per-port, per-VLAN, or per-port-per-VLAN granularity  Extensibility In-depth traffic visibility allows monitoring extensive key and non-key fields, including Layer 2, Layer 3 (IPv4 or IPv6), Layer 4 header fields  Intelligent Customizable Event Policies  Integration with EEM faciliates highly customizable event-driven policies  Broad Partner Ecosystem  Version 9 (the most flexible) format exported to a wide range of industry netflow collectors Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 67
  68. 68. Traditional NetFlow vs. Flexible NetFlow Fixed definition of flow record globallyTraditional NetFlow Export only to one collector Fixed 7 keys Export NetFlow CacheFlexible NetFlow Flow cache 1 Flow Monitor 1 Export Destination 1 IT team#1 Flow cache 2 Flow Monitor 2 Export Destination 2 Security focused Flow cache 3 analyzer Flow Monitor 3 Destination 3 Export IT team#2 Flexible definition of flow records applied to Ability to export flow information to multiple selected interface or VLAN collectors/analyzers Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 68
  69. 69. Flexible NetFlow Record: Key Fields Interface IPv4 IPv6 Transport Input Source IP address Source IP address ICMP Code Destination IP address Destination IP address ICMP Type Layer 2 Protocol Protocol IGMP Type Dot1q priority Precedence Traffic Class TCP Source Port Dot1q Vlan ID DSCP Flow Label TCP Destination Port Source MAC address TTL Total Length UDP Source Port Destination MAC Total Length Extension Headers** UDP Destination Port address DSCP Next-header* Hop-Limit Is-multicast--- New Key Fields in FnF • Only first header is reported ** TBD Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 69
  70. 70. Flexible NetFlow Record: Non-Key FieldsCounters IPv4 IPv6Bytes TTL Minimum Total Length Minimum(32 bit counters) TTL Maximum Total Length MaximumBytes Long(64 bit counters) Fragmentation Flags* Option HeaderPackets ToS Hop-limit minimum(32 bit counters)Packets Long Hop-limit maximum Transport(64 bit counters) TCP Flags: ACK, FIN, Routing PSH, RST, SYN, URG Forwarding StatusInterfaceOutput Timestamp Is-multicast First Seen Last Seen --- New Non-Key Fields in FnF *more fragment fieldsPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 70
  71. 71. Enterprise Class Catalyst 4500E  Borderless Network Services  Flexible NetFlow   End-End Campus Platform  Power over Ethernet Plus   Open Application Platform  Energy Efficient Ethernet   Easy Upgrades  10ms Resiliency   Gig/10Gig upgrade flexibility  IPv6 functionality   Standard service across access 848Gbps 82M+ 650K+ Industry Lower System Ports Chassis Leadership TCO All specifications subject to change without notice Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 71
  72. 72. Вопросы и ОтветыPresentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 72
  73. 73. Мы хотели бы узнать Ваше мнениеПожалуйста,заполните анкету Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. 73

×