Cisco - Catalyst 8500 Configuration Guidelines 1106

1106 1034_05F9_c1

1

© 1999, Cisco Systems, Inc.

Catalyst 8500 Configuration and Guidelines Session 1106

1106 1034_05F9_c1

2

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

1

Agenda Catalyst 8500 Hardware • Components and Options • Architectural Overview • Packet Flows • Deployment Options 1106 1034_05F9_c1

3

© 1999, Cisco Systems, Inc.

Agenda Software • Feature Sets • CPU Software Interaction CPU bound traffic Control plane vs. data plane access-lists

• IDBs, BVIs, VLAN Interfaces, QOS • Miscellaneous Tips 1106 1034_05F9_c1

4

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

2

Agenda Catalyst 8500 Hardware • Components and Options • Architectural Overview • A “Day in the Life of a Packet” • Deployment Options

1106 1034_05F9_c1

5

© 1999, Cisco Systems, Inc.

Catalyst 8510 Power Supply 1

Power Supply 2

Interface Slot 1 F A N T R A Y

Interface Slot 2 Switch Route Processor Interface Slot 3 Interface Slot 4

1106 1034_05F9_c1

6

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

3

Catalyst 8540

F A N T R A Y

Interface Slot 0 Interface Slot 1 Interface Slot 2 Interface Slot 3 Primary Route Processor Slot 4 Primary Route Processor Slot 5 Redundant Switch Processor Slot 6 Primary Route Processor Slot 7 Redundant Switch Processor Slot 8 Interface Slot 9 Interface Slot 10 Interface Slot 11 Interface Slot 12 Power Supply 1

1106 1034_05F9_c1

Power Supply 2

7

© 1999, Cisco Systems, Inc.

Catalyst 85xx Components

• Chassis • Power supply • CPU / switch card options • Memory • Interface modules 1106 1034_05F9_c1

8

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

4

Catalyst 8500 Chassis • Catalyst 8510—five slots • Catalyst 8540—thirteen slots • Catalyst 8510 SRP -> slot 13 / C5500 • 8510 interface modules -> slot 9–12 • Same footprint as catalyst 5000/5500

1106 1034_05F9_c1

9

© 1999, Cisco Systems, Inc.

Catalyst 85xx Power Supply • Single AC, DC • Dual AC, DC (load-sharing and redundant) • No mixed AC and DC on same chassis • 8510—same P/S as catalyst 5000/5505 and LS1010 • 8540—20 amp service 1106 1034_05F9_c1

10

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

5

Catalyst 85xx SRP,RP CPU • 8510 CPU—RSP-2 based R4600 RISC processor at 100 MHz Software path to CPU

• 8540 CPU—RSP-4 based R5000 RISC processor at 200 MHz Hardware path to CPU

• Both CPUs support console, AUX, Ethernet for out of band management 1106 1034_05F9_c1

11

© 1999, Cisco Systems, Inc.

Catalyst 85xx Memory • DRAM fixed: 64MB 8510, 256MB 8540 • Flash: 4MB • Flash memory card: 8, 16, 20MB, and Flash disk • Two PCMCIA slots • DRAM used for local storage and routing table, Flash primarily used for image storage 1106 1034_05F9_c1

12

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

6

Catalyst 85xx Interface Modules L3 LAN Interfaces Catalyst 8510 • 8 port 10/100 TX • 8 port 100 FX—SC • 1 port GE with GBIC Catalyst 8540 • 16 port 10/100 TX • 16 port 100 FX—MTRJ NOTE: need adapter cables! • 2 port GE with GBIC 1106 1034_05F9_c1

13

© 1999, Cisco Systems, Inc.

Catalyst 85xx Interface Modules ATM • 16-port OC-3c line card MMF with mini-MT connectors

• 4-port OC-12c line card SMF-IR and MMF with SC connectors

• 1-port OC-48c line card SMF with SC connectors

• OC-3c

1106 1034_05F9_c1

MMF/SMF 3 x MMF + 1 x SMF UTP-5 SMF LR 14

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

7

Catalyst 85xx Interface Modules ATM • OC-12c

MMF/SMF SMF LR

• DS3 ATM

Coaxial

• E3 ATM

Coaxial

• T1/E1 ATM

TP—RJ-48 and coaxial for E1

• T1/E1 CES 1106 1034_05F9_c1

15

© 1999, Cisco Systems, Inc.

Agenda Catalyst 8500 Hardware • Components and Options • Architectural Overview • Packet Flows • Deployment Options

1106 1034_05F9_c1

16

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

8

Catalyst 8500 Layer 3 High-Level Overview Switch Route Processor

Central Switching Table 00-0e1-00-00-00-00 2/3

Line Card Switching Table Line Card Switching Table

1106 1034_05F9_c1

10 / 40 Gbps Shared Memory Fabric

SSii

SSii

SSii

SSii

Line Card Switching Table Line Card Switching Table

17

© 1999, Cisco Systems, Inc.

Catalyst 8500 ATM High-Level Overview Route Processor

Line Card

Line Card

1106 1034_05F9_c1

IISP PNNI

10 / 40 Gbps Shared Memory Fabric

SVC/PVC

Line Card

Line Card

18

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

9

Catalyst 8500 Route Processor Master FIB Table

Routing Table

R4x00 Adjacency Table Route Processor

Catalyst 8500 Ports

• RP processes all control traffic: RIP, OSPF, (E)IGRP, PIM, PNNI, IISP, layer 2 VLAN and spanning tree information • Computes routing table and populates FIB table; downloads FIB to line cards • Creates ATM SVCs and PVCs • Connects to all ports for management information 1106 1034_05F9_c1

19

© 1999, Cisco Systems, Inc.

Shared Memory 1.25 (8510) / 2.5 (8540) Gbps Half Duplex per Slot

10/40 Gbps Shared Memory Fabric 1.25/ 2.5 Gbps to Slot 0

1.25/ 2.5 Gbps to Slot 3

1.25/ 2.5 Gbps to Slot 1

1.25/ 2.5 Gbps to Slot 4, 7

1106 1034_05F9_c1

20

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

10

Line Cards support FIB-Based Switching Route Processor/

Forwarding Information Base 00-0e1-00-00-00-00 2/3

Frame Packet Network 132.86.39.0

1 Routing Table

2

Network 146.125.3.64 Frame

Packet

3

Adjacency Table 00-0e1-00-00-00-00 2/3

Line Cards

1 Forwarding Information Base (FIB) computed based on

routing table contents 2 Each FIB entry has one entry in Adjacency Table (AT) 3 Both FIB and AT synchronized to line cards 1106 1034_05F9_c1

21

© 1999, Cisco Systems, Inc.

FIB and Adjacency Tables

• FIB contains the next hop for a route, populated by routing updates • AT contains Mac address for adjacent routers and hosts • AT maps layer 2 to layer 3 addresses • AT is populated by ARP(IP),GNS (IPX), neighbors gleaned from routing updates (IP and IPX) 1106 1034_05F9_c1

22

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

11

Agenda Catalyst 8500 Hardware • Components and Options • Architectural Overview • Packet Flows • Deployment Options

1106 1034_05F9_c1

23

© 1999, Cisco Systems, Inc.

Catalyst 8500 Packet Flow: Layer 3 FIB Table A3 B C1 B

Fast E-net 0/1 Fast E-net 3/6 Fast E-net 5/8 ï

Routing Table

ï ï

R4600 Adjacency Table MAC Address 3215.2511.AFFC 0001.2345.6789 3005.6798.AA05

Output Interface Ethernet 1/1 Serial 1/1 Serial 1/2

Switch Route Processor

Slave FIB Adjacency Table Table CEF ASIC Catalyst 8510 Line Card

1106 1034_05F9_c1

10/40 Gbps Shared Memory Fabric Queue-0 Queue-1 Queue-2 Queue-3

Slave FIB Adjacency Table Table CEF ASIC Catalyst 8500 Line Card

24

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

12

Catalyst 8500 ATM Cell Flow Route Processor

Line Card

Line Card

1106 1034_05F9_c1

IISP PNNI OAM

10 / 40 Gbps Shared Memory Fabric

SVC/PVC

Line Card

Line Card

25

© 1999, Cisco Systems, Inc.

Agenda Catalyst 8500 Hardware • Components and Options • Architectural Overview • Packet Flows • Deployment Options

1106 1034_05F9_c1

26

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

13

Catalyst 8500 Deployment Options • Campus Switch Router (CSR) • Multi-Service Switch Router (MSR) • Deployment options based on CPU, Switch Card assemblies and Cisco IOS software image • MSR Interworking via ATM Route Module (ARM) 1106 1034_05F9_c1

27

© 1999, Cisco Systems, Inc.

L3 Interface Module Memory Options Master FIB Table

Routing Table

R4x00 Adjacency Table Switch Route Processor

Slave FIB Table

Adjacency Table

10 / 40 Gbps Shared Memory Fabric

FIB/ Adjacency Tables Can Be 16K or 64K Addresses

Slave FIB Table

Adjacency Table

CEF ASIC

CEF ASIC

Catalyst 8500 Line Card

Catalyst 8500 Line Card

1106 1034_05F9_c1

28

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

14

FIB/Adjacency Table Sizing • Usable range is 14K or 62K due to table overhead • IP efficiency ranges from 50% to 67% 64K line card = 31,000 to 41,540 max IP routes 16K line card = 7,000 to 9,380 max IP routes

• IPX and Bridging entries are 100% efficient • 256K route cards are in development and will be 100% efficient 1106 1034_05F9_c1

29

© 1999, Cisco Systems, Inc.

Agenda Software • Feature Sets • CPU Software Interaction CPU bound traffic Control plane vs. data plane access-lists

• IDBs, EtherChannel, BVIs, VLAN Interfaces, QOS • Miscellaneous Tips 1106 1034_05F9_c1

30

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

15

Catalyst 8500 Feature Sets Layer 3 • IP routing (12.0) is the default image Includes all IP routing protocols except interdomain routing

• IPX, AppleTalk feature license • Interdomain feature license • DECnet, VINES (future) ATM • IISP, PNNI • HPNNI • TAG 1106 1034_05F9_c1

31

© 1999, Cisco Systems, Inc.

Agenda Software • Feature Sets • CPU Software Interaction CPU bound traffic Control plane vs. data plane access-lists

• IDBs, EtherChannel, BVIs, VLAN Interfaces, QOS • Miscellaneous Tips 1106 1034_05F9_c1

32

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

16

CPU Traffic • For IP, packets are sent to the RP in the following situations Packets matching the router’s own IP address No route found on the line card and “ICMP unreachable” is enabled Packets with TTL = 0 after TTL decrement Packets with options Packets in/out on the same i/f and ICMP redirect is on ARP packets Certain multicast/broadcast packets (e.g. OSFP route updates) 1106 1034_05F9_c1

33

© 1999, Cisco Systems, Inc.

CPU Traffic • For IPX, packets are sent to the RP in the following situations Packets matching the router’s own IPX address Packets with TTL > 16 after TTL increment GNS packets Certain broadcast packets (e.g. RIP/EIGRP/SAP route updates) 1106 1034_05F9_c1

34

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

17

CPU Traffic

• For ATM, cells are sent to the RP in the following situations Cells matching the router’s own ATM address Signaling and control traffic ( IISP, PNNI ) OAM cells 1106 1034_05F9_c1

35

© 1999, Cisco Systems, Inc.

Network Sizing Guidelines 8510 EIGRP— <= 16 neighbours (2K routes) OSPF— <=16 neighbours (2K routes) 8540 EIGRP— <= 48 neighbours (2K routes) OSPF— <= 48 neighbours (2K routes)

Network design considerations: • Continue to use IPX SAP / route filtering • Use passive interfaces whenever possible 1106 1034_05F9_c1

36

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

18

Access-lists • Control plane ACLs Any packet sent to CPU can be filtered today i.e. deny / permit IP routes, IPX SAP filtering

• Data plane ACLs Packets that traverse the shared memory fabric without CPU intervention

• ACL daughter card—provides data plane ACLs Standard / extended IP access lists in hardware Standard IPX access lists—no source node L3 data switching continues at wirespeed Required for each interface module card implementing data plane ACLs Consider changing many input ACLs to 1 or 2 output ACL FE/GE channel, BVIs not supported phase 1 1106 1034_05F9_c1

37

© 1999, Cisco Systems, Inc.

Agenda Software • Feature Sets • CPU Software Interaction CPU bound traffic Control plane Vs. data plane access-lists

• IDBs, EtherChannel, BVIs, VLAN Interfaces, QOS • Miscellaneous tips 1106 1034_05F9_c1

38

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

19

Interfaces and IDB • Interface Descriptor Block (IDB) Cisco IOS software data structure Stores configuration and status of all interfaces

• Hardware IDB • Software IDB • 300 software IDBs per chassis 1106 1034_05F9_c1

39

© 1999, Cisco Systems, Inc.

IDB Allocation • Each physical interface consumes an IDB • Sub-interfaces One software IDB per sub-interface

• Example: Gigabit 802.1Q interface with 10 sub-interfaces = 11 IDBs • 10/100 ISL interface with 20 sub-interfaces also = 21 IDBs 1106 1034_05F9_c1

40

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

20

Agenda Software • Feature Sets • CPU Software Interaction CPU bound traffic Control plane Vs. data plane access-lists

• IDBs, EtherChannel, VLAN Interfaces, QOS • Miscellaneous Tips 1106 1034_05F9_c1

41

© 1999, Cisco Systems, Inc.

FastEther /Gig Channel • Can have 2 or 4 interfaces in the channel • Each port consumes an IDB • Ports within channel can be on different interface modules and be non-contiguous • Encapsulations: Native, ISL, 802.1Q • Routed interface: load sharing per IP address • Bridge group: load sharing per Mac address 1106 1034_05F9_c1

42

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

21

Agenda Software • Feature Sets • CPU Software Interaction CPU bound traffic Control plane vs. data plane access-lists

• IDBs, EtherChannel, BVIs, VLAN Interfaces, QOS • Miscellaneous Tips 1106 1034_05F9_c1

43

© 1999, Cisco Systems, Inc.

Bridge Group = Multiport VLAN Catalyst 8500

Bridge-Group 1

1106 1034_05F9_c1

Bridge-Group 2

44

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

22

Bridge Group = VLAN

• 85xx supports 64 Bridge Groups (VLANS) per chassis • Maximum of 32 ports in a single Bridge Group today • Each Bridge Group has its own Bridge MIB and runs a separate Spanning Tree 1106 1034_05F9_c1

45

© 1999, Cisco Systems, Inc.

Multiport VLANs and Bridged Virtual Interfaces (BVI) C7500 / C8500 Model

Bridge Group 1

Bridge Group 2

Bridge Group = VLAN BVI Interface 1106 1034_05F9_c1

46

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

23

Bridge Virtual Interfaces

• To route between Bridge Groups, BVIs are created and Integrated Routing and Bridging is used (IRB) • 85xx supports 64 BVIs per chassis

1106 1034_05F9_c1

47

© 1999, Cisco Systems, Inc.

Agenda Software • Feature Sets • CPU Software Iinteraction CPU bound traffic Control plane Vs. data plane access-lists

• IDBs, EtherChannel, BVIs, VLAN interfaces, QOS • Miscellaneous Tips 1106 1034_05F9_c1

48

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

24

VLAN Trunking

Routed Interface Subinterfaces

• Routing occurs between each subinterface (VLAN) 1106 1034_05F9_c1

49

© 1999, Cisco Systems, Inc.

VLAN Trunking with Bridge Groups Routed Interface

Bridged Interface

Subinterfaces

Bridge Group BVI (IRB) Interface 1106 1034_05F9_c1

50

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

25

VLAN Trunking • VLAN trunk encapsulations: ISL or 802.1Q on an interface by interface basis • Mixed configurations possible in chassis but not in same VLAN • Trunks may or may not be part of a Bridge Group • Routing occurs between VLANs 1106 1034_05F9_c1

51

© 1999, Cisco Systems, Inc.

Agenda Software • Feature Sets • CPU Software Interaction CPU bound traffic Control plane Vs. data plane access-lists

• IDBs, BVIs, EtherChannel, VLAN Interfaces, QOS • Miscellaneous Tips 1106 1034_05F9_c1

52

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

26

Quality of Service Queue 0 - HH Queue 1 - HL Queue 2 - LH Line Card

Si

Queue 3 - LL

Si

Line Card

FastE 0/0

FastE 4/0

Shared Memory Fabric 192.34.75.90 IP Prec=HH

192.34.75.80 IP Prec=LH

172.20.24.124

• Multiple queues per port • Fabric stores packet in appropriate queue based on lowest 2 bits of IP precedence field • Pointer table informs output port of packets stored in each of four queues 1106 1034_05F9_c1

53

© 1999, Cisco Systems, Inc.

Calculating Weight Assignments • User-defined weights per queue on outbound port determine how much bandwidth granted

Queue 0 Weight set = 8

53 Mbps

Queue 1 Weight set = 4

27 Mbps

• BW = Weight / ( Ó Weights Q0:3 ) 53 =(8/(8+4+2+1)) x 100

• Scheduler enforces weights 1106 1034_05F9_c1

Queue 2 Weight set = 2

13 Mbps

Queue 3 Weight set = 1

7 Mbps Link = 100 Mbps

54

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

27

Agenda Software • Feature Sets • CPU Software interaction CPU bound traffic Control plane Vs. data plane access-lists

• IDBs, BVIs, VLAN Interfaces, QOS • Miscellaneous Tips 1106 1034_05F9_c1

55

© 1999, Cisco Systems, Inc.

Additional Software Features

• RMON—first four groups • SPAN (port mirroring) TX, RX, both Up to 10 sources

• UDP turbo flooding • Mac address filtering See http://www.cisco.com/warp/customer/729/c8500/msr/859_pb.htm

1106 1034_05F9_c1

56

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

28

Some Helpful Commands

• ip classless—packets destined for unknown subnets from directly connected networks will follow default route • default route-populated on all line cards • no ip domain-lookup—disables DNS lookup on router, so config typos will not be treated as host names and sent for DNS lookup 1106 1034_05F9_c1

57

© 1999, Cisco Systems, Inc.

Some Commands Not to Use

• CEF tuning parameters (consult TAC) • Access-list commands without daughter card • NetFlow accounting

1106 1034_05F9_c1

58

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

29

Summary • Numerous options for line cards and deployment options depending upon network design • Catalyst 8510 and 8540 CPU capabilities should be considered when sizing network designs • Number of routes in the network determine the platform and line card(s) of choice • CPU utilization does not effect routing capacity of the line cards • Good network design practices still apply! 1106 1034_05F9_c1

59

© 1999, Cisco Systems, Inc.

Thank you !

1106 1034_05F9_c1

60

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

30

Please Complete Your Evaluation Form Session 1106

1106 1034_05F9_c1

© 1999, Cisco Systems, Inc.

61

1106 1034_05F9_c1

© 1999, Cisco Systems, Inc.

62

Catalyst Systems Confidential

31

Alphabet Soup ACL —Access Lists AUX — Auxiliary Port BVI—Bridged Virtual Interface CEF—Cisco Express Forwarding FIB— Forwarding Information Database GNS—Get Nearest Server IDB—Interface Descriptor Block MMF— Multimode Fiber SRP—Switch Route Processor SMF— Single Mode Fiber SMF— IR —Single Mode Fiber— Intermediate Reach SMF— LR —Single Mode Fiber— Long Reach SP—Switch Processor SPAN— Switched Port Analyzer PIM— Protocol Independent Multicast P/S— Power Supply RP—Route Processor 1106 1034_05F9_c1

63

© 1999, Cisco Systems, Inc.

Catalyst Systems Confidential

32