Brkarc 3437 PDF

Cisco Catalyst 3750/3560 and 2960 Series
Switching Architecture
BRKARC-3437
BRKCRS-3437 © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public
Agenda
Fixed Switching Portfolio

Software and Licensing
Architecture Overview
Packet Walks
Stacking Switches
QoS
Cisco Smart Operations
Summary
BRKCRS-3437 © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
Agenda

Packet Walks
Stacking Switches
QoS
Summary
Catalyst Fixed Switching Portfolio
Stackable 3000 Series Standalone 3000 Catalyst 2900 Series Catalyst Compact
Switches Series Switches Switches Switches
FAMILIES FAMILIES FAMILIES FAMILIES

Current: Current: Stackable: Layer 3:
3750-X Series 3560-X Series 2960-S Series 3560C Series
3750V2 Series 3560V2 Series Standalone: Layer 2 only:
EoS: EoS: 2960 Series 2960C Series
3750-E Series 3560-E Series
3750G Series EoS: Prev Gen:
3560G Series 2975 Series 3560-E 8 and 12 port
3750V1 Series 3560V1 Series Series
Modules Modules Wall Mountable
C3KX-NM-1G C3KX-NM-10GT C3KX-SM-10G C2960S-STACK
Enterprise Class Catalyst 3750-X and 3560-X
INNOVATION OPERATIONAL SIMPLICITY

StackWise Plus and StackPower
Automation
Modular Uplinks
Investment protection
Hot-swappable dual power supplies & fans
Enhanced Limited Lifetime Warranty
Industry’s highest density PoE+
USB for storage and console
Flexible NetFlow
MACsec
WORLD’S MOST ¼ BILLION OVER 7 MILLION INDUSTRY LOWER

POPULAR STACKABLE PORTS UNITS LEADERSHIP TCO
Leading Stackable Unified Access Platform
Dual Redundant Power Supplies & Fans
 Four PS options
‒ 1100W AC
‒ 715W AC
‒ 350W AC
‒ 440W DC
 Dual, redundant, high efficiency PS
 Redundant fan modules
Models Default Power Supply Available PoE Power
24 Port Data Switch C3KX-PWR-350WAC –

48 Port Data Switch
24 Port PoE Switch C3KX-PWR-715WAC 370W
48 Port PoE Switch
48 Port Full PoE Switch C3KX-PWR-1100WAC 740W
Service Module – 3750X/3560X
Services module for the Catalyst 3750x and 3560x models
‒ Hot swappable, Plug-and-play
Capable of Flexible Netflow (FNF)
‒ Done in hardware
Capable of Switch-to-Switch MACSec (802.1ae)
‒ First time in the access layer (3750x/3560x)
• Powered using the switch-based power supply
• Two Uplinks
C3KX-SM-10G
Catalyst 2960-S
KEY FEATURES OPERATIONAL SIMPLICITY
FlexStack Enhanced Limited Lifetime
PoE on all 48 ports Warranty
PoE+ support Auto Smart Ports
10G uplinks available

Low power consumption
EASE-OF-USE 20M 500K+ ENERGY EFFICIENCY LOWER

PORTS UNITS TCO
Cisco Quality at Competitive Price
Catalyst Compact Switches
KEY FEATURES OPERATIONAL SIMPLICITY
Can be powered via PoE(+) or UPoE Zero-touch deployment
Pass through PoE for end devices Auto Smart Ports
Uplink & Downlink Data Enhanced Limited Lifetime Warranty
Encryption
12 models to choose
from
8 & 12 PORT QUIET EXTEND THE CISCO FULL-SIZE LOWER

MODELS (FANLESS) NETWORK CAPABILITIES TCO
Ideal for Retail Check Stands, Classrooms,

Conference Rooms, Hotel Suites, and More
Agenda

Packet Walks
Stacking Switches
QoS
Summary
Software Feature Set Flavors
Tailored to Meet
Business Needs
Evolves With Your
Intelligent Business
Services Catalyst 3K-X w/ IP
Converged Services
Catalyst 3K-X w/ IP
Business Continuity
Basic Services Services Base

Catalyst 3K-X w/ LAN
Base
Catalyst 2960-S Catalyst 2960-S
w/ LAN Lite w/ LAN Base
Threat Intelligence Role-based Access, Secure Traffic

Automated Smart Operations Non Stop, Self Preserving
Reliable Voice, Video Scalable Medianet
Cisco EnergyWise
Business Agility
12
For Your
Key LAN Lite vs LAN Base Highlights Reference
Catalyst 2960, 2960-S
Functionality LAN Lite LAN Base

• Entry-level Access Layer 2 • Enterprise Access Layer 2
Basic L2 access features including 802.1Q trunking, (M)STP, Wide range of L2 access features for enterprise deployments,
Layer 2 STP extensions, CDP, DTP, UDLD, VTPv2, PAGP/LACP, LLDP, including FlexLinks, VTPv3, LLDP MED
Storm control
• No Routing Support • 16 static IPv4 routes on SVIs

Layer 3 Support for L3 management interface
• Entry-level Manageability • Basic Manageability

Express Setup, Cisco Device Manager, SNMPv3 (w/crypto), Support for a wider range of MIBs, IPSLA Responder, RSPAN
Manageability RMON, SPAN, TDR, Auto Smart Ports, Smart Install client
• Entry-level Access Security • Enterprise Access Security

SSH v2 server, SSL, HTTPS, SCP, TACACS+, RADIUS, Port IPSG, DAI, PACLs, Cisco Identity 4.0, NAC and 802.1x features
Security Security, 802.1x (w/ Guest VLAN), MAB, Private VLAN Edge,
DHCP Snooping
• Entry-level Access QOS • Enterprise Access QOS

QoS Ingress and egress queuing, Scheduling, Priority queuing, SRR Ingress policing, Trust Boundary, AutoQOS, DSCP mapping
Note: LAN Base feature set includes all LAN Lite features.
For Your
LAN Base vs. IP Base and IP Services Reference
Highlights
Catalyst® 3750-X Catalyst 3750v2 and Catalyst
and Catalyst 3560-X 3560v2
Functions LAN Base IP Base IP Services
• Enterprise access Layer 2 • Complete Access Layer 2
Wide range of Layer 2 access features for Supports all Cisco Catalyst 2000 and Catalyst 3000 Layer 2 features, including hot standby
Layer 2+ enterprise deployments protocols; supports Cisco StackPower™ technology (Cisco Catalyst 3750-X)
•16 IPv4 static routes on SVI • Enterprise access Layer 3 • Complete access Layer 3
RIP, static and stub PIM, and EIGRP, OSPF EIGRP, BGP, IS-IS
Layer 3 for routed access VRF-lite, WCCP, and PBR
• Basic manageability • Enterprise access Layer 3 • Complete access Layer 3

Manageability Support for a wide range of MIBs, IPSLA Gold-Lite and Smart Install Director, EEM IPSLA Initiator
Responder, and RSPAN
• Enterprise access security • Complete access security
DHCP Snooping, IPSG, DAI, PACLs, Cisco Identity Router and VLAN ACLs, private VLANs, complete identity and security, TrustSec SXP, and
Security 4.0, NAC and 802.1x features IEEE 802.1AE (Cisco Catalyst 3560-X and Catalyst 3750-X)
• Enterprise access QoS • Complete access QoS

QoS Ingress policing, Trust Boundary, AutoQoS, and Support for all Cisco Catalyst 2000 and Catalyst 3000 QoS features, including per-VLAN
DSCP mapping policies
Note: IP Services feature set includes all IP Base features. IP Base feature set includes all LAN Base features.
Updating the IOS Code
 Switch IOS can be updated using .bin or .tar files
 Recommendation: .tar files
 archive download-sw <IOS Image path>.tar (Switch only)
 archive download-sw <IOS Image path>.tar <SM Image path>.tar (In case of 3750x with Service
Module)
Types of Software Licenses
License based feature-set upgrades
Available in E and X series as part of the Universal Image
Permanent Temporary
License License
 Node-locked – based on UDI  Limited Usage period (60 days)

 Can come pre-installed  Types
 Works with Cisco License • Embedded evaluation
Manager license
 RMA’s handled as like-to-like • Extension License
replacements • Grace Period License
After the usage period expires, the switch continues to use the
temporary software license until it is restarted.
Managing Licenses
 Show commands to administer software licensing:
‒ Displaying the file
‒ Detailed display of license type
‒ Showing the Unique Device Identifier
‒ Enabling debug mode
show license file [switch <switch_id>]
show license status [switch <switch_id>]
show license detail <feature_name> [switch <switch_id>]
show license udi
debug license <events | all | errors>
Create Your Own Evaluation License!
Minimum IOS 12.2(46)SE
Switch# license boot level ipservices
Supported license levels are:
ipservices
ipbase
PLEASE READ THE FOLLOWING TERMS CAREFULLY. INSTALLING THE LICENSE OR
LICENSE KEY PROVIDED FOR ANY CISCO PRODUCT FEATURE OR USING SUCH
PRODUCT FEATURE CONSTITUTES YOUR FULL ACCEPTANCE OF THE FOLLOWING
TERMS. YOU MUST NOT PROCEED FURTHER IF YOU ARE NOT WILLING TO BE BOUND
BY ALL THE TERMS SET FORTH HEREIN.
You hereby acknowledge and agree that the product feature license is terminable and that the product feature enabled by such license may be shut down or terminated by Cisco after
expiration of the applicable term of the license (e.g., 30-day trial period). Cisco reserves the right to terminate or shut down any such product feature electronically or by any other means
available. While alerts or such messages may be provided, it is your sole responsibility to monitor your terminable usage of any product feature enabled by the license and to ensure that your
systems and networks are prepared for the shut down of the product feature. You acknowledge and agree that Cisco will not have any liability whatsoever for any damages, including, but not limited
to, direct, indirect, special, or consequential damages related to any product feature being shutdown or terminated. By clicking the "accept" button or typing "yes" you are indicating you have read
and agree to be bound by all the terms provided herein.
ACCEPT? (yes/[no]):
*Apr 2 02:04:08.604: %IOS_LICENSE_IMAGE_APPLICATION-6-LICENSE_LEVEL: Module name = c3750e Next

reboot level = ipservices and License = ipservices
Agenda

Packet Walks
Stacking Switches
QoS
Summary
Switch Components
Two Stack
Cables
Switch Fabric Stack PHY
Port ASIC Port ASIC Port ASIC

CPU
SDRAM
8 Port 8 Port 8 Port 8 Port 8 Port 8 Port Dual Mode PHY Flash
PHY PHY PHY PHY PHY PHY
Serial
10/100
24X1G POE 24X1G POE
StackWise,
2X10G or 4X1G
12X1G 12X1G 12X1G 12X1G StackWise
Plus
 Fixed switches have a very simple design
 Key components are the ASICs, the CPU and the Phys
 Switch Fabric in some families
 Stacking in some families
Port ASICs
Switch Fabric Stack PHY Two Stack
Cables

CPU
SDRAM
Serial
10/100
24X1G POE 24X1G POE
StackWise,
2X10G or 4X1G
Plus
The Port ASIC performs:

Pre-pend a 24-byte header for internal use
Traffic forwarding
QoS
ACL lookup
The number of Port ASICs varies, depending on media speed and type of ports.
I.e., Gig ports, SFP ports, 10Gig ports
TCAM/SRAM
Cables
TCAM TCAM TCAM
SRAM SRAM SRAM
CPU
SDRAM
8 Port 8 Port 8 Port 8 Port
8 Port 8 Port
PHY
Dual Mode PHY Flash
PHY PHY PHY PHY PHY
Serial
10/100
24X1G POE 24X1G POE
StackWise,
2X10G or 4X1G
Plus
 Storesvital information including IPv4, IPv6 and MAC addresses, ACES etc
 The 3750-X TCAM/SRAM is incorporated into the Port ASIC
 Hardware Merge process to pack entries into TCAM
Switch Fabric
Cables

CPU
SDRAM
Serial
10/100
24X1G POE 24X1G POE
StackWise,
2X10G or 4X1G
Plus
128Gbps switching Fabric
Provides line rate and local switching within a switch and stack connectivity
‒ 48G + 2X10G + 32 Stack-ports (100Gbps FDX)
64 Gbps Ring Stackwise Plus
1 Gbps Ring Inter-connect control path to the Port ASICs to the CPU
Point-to-Point, 32 Gbps ring connecting each Port ASIC
Jumbo frame switching and routing
CPU
Two Stack
Switch Fabric Stack PHY Cables

CPU
SDRAM
Serial
10/100
24X1G POE 24X1G POE
StackWise,
2X10G or 4X1G
Plus
 Switch-to-Switch communication and synchronization
 Updates the MAC and Routing caches attached to each port ASIC
 Performs CPU Software-based forwarding when the TCAM is over its limits for MACs, Routes, ACL
entries etc.
 The CPU communicates with the Port ASICs via a dedicated management ring (the yellow ring in the
diagram)
PHY – Includes Link Encryption
Two Stack
Cables

CPU
SDRAM
8 Port 8 Port 8 Port 8 Port 8 Port
8 Port
PHY
Dual Mode PHY Flash
PHY PHY PHY PHY PHY
Serial
10/100
24X1G POE 24X1G POE
StackWise,
2X10G or 4X1G
Plus
MACsec link encryption in hardware – Line rate (3750X/3560X)

All media conversion
10/100/1000 Mbps
FX, LX/LH, SX, ZX, BX (1490 & 1310Nm), CWDM, DWDM
10G, Supported:
LR (SMF 10km), LRM, SR (MMF), CX1, CX3, CX5
Ring View of the Switch Fabric
Cables

CPU
SDRAM
Serial
10/100
24X1G POE 24X1G POE
StackWise,
2X10G or 4X1G
Plus
Physically, the ring is a series of switch fabrics strung together by stack cables
The switch fabric performs token generation and ring control

Service Module Architectural Overview
Mem CPU
To Switch ASIC SFP+

FPGA MACSec Phy
SFP+
Mem
3KX-SM-10G : 3750X Service Module

 FPGA : Contains logic to implement Netflow engine. Supports 32K flows
 Phy : Helps perform switch to switch MACSec in H/W. Also supports tagging
 CPU : Quad Core Processor with 600 Mhz Frequency. Runs a Linux based environment over
IOS
 Upgrades : Separate image that can be downloaded from cisco.com
Catalyst 3750v2 Overview
Fast Ethernet Models
TCAM TCAM TCAM 2 Stack
SRAM SRAM SRAM Stack PHY Cables

CPU
8 Port 8 Port 8 Port 8 Port 8 Port 8 Port 8 Port 8 Port SDRAM

8 Port
PHY PHY PHY PHY PHY PHY PHY PHY
PHY
Flash
POE POE POE Serial
Ports Ports Ports
• 3750 and 3750-X Main Architectural Differences:

• 3750 Does not have a second tier switch fabric like the 3750-X
and can not locally switch without sending packets on the ring
• 3750 has external TCAMs
• All port-ASIC are part of the Stackwise internal ring!
• 3750 only runs in StackWise mode – 32G
2960S Architectural Overview
CPU
Single Port ASIC
SDRAM
Flash
Serial
USB 2 Stack
8 Port 8 Port 8 Port 8 Port 8 Port 8 Port
X2 X2
Serial PHY PHY PHY PHY PHY PHY X2 X2
Cables
10G 10G
48 Port Switch with 2 X 10G uplink
2960S Key Facts

 Single ASIC with capacity of 88Gigs. Most energy efficient design
 All Gig downlinks and 2 10-gig Uplinks
 FlexStack
 TCAM – embedded in ASIC
Compact Switches Architectural Overview
Port ASIC Port ASIC CPU

CPU
SDRAM
SDRAM
System DC/DC Flash
System DC/DC Flash
Serial
Serial 8 Port 12V GE GE
8 Port 12V GE GE PHY PHY 10/100
PHY
PHY PHY PHY 10/100
PoE PSE
PoE PD/PSE
PoE \ PoE+ \UPoE
module module
8XPOE 1G 1G
8XPOE External Power 1G 1G
AC / DC Aux Power
Compact Switch model Comparison

 Power : Models that are PoE/PoE+/UPoE powered and AC Powered
 Speeds :10/100 or 10/100/1000.MACSec Phys on the 3K
 Capability : 3560c runs IPBase Only. No IPServices
 ASICs: Two types of ASICs – Choice depends on speed and capability
 TCAM – embedded in ASIC
Agenda

Packet Walks
Stacking Switches
QoS
Summary
Within the ASIC
To
CPU MAC MAC MAC MAC MAC MAC
Port 1 Port 2 Port 3 Port 4 Port 5 Port 16
TXT Forwarding RCV

FIFO Controller FIFO
TXT
Queues
TXT
Buffer Ingress Path RCV
Buffer
Egress Path TCAM SRAM
From To
Ring/Fabric Ring/Fabric
Within the ASIC
To
These spaces can

TXT Forwarding RCV re-allocated using
SDM templates.
TXT TXT RCV

Queues Buffer Buffer
L2 SRAM
L3
From To
Ring/Fabric QOS ACES Ring/Fabric
SEC ACES
IPv6
Packet Walk - Ingress
On the Way In 1
To
1 Packets enter the

TXT Forwarding RCV
switch and is
received by the
Receive FIFO
TXT TXT RCV
TCAM SRAM
From To
On the Way In
To
2 The whole packet

2
TXT Forwarding RCV
is sent to the
Receive Buffer
TXT TXT RCV

Copy of the first
200 bytes is sent
TCAM SRAM
into the
Forwarding
From
Ring/Fabric
To
Ring/Fabric
Controller for
processing
(forwarding, ACL,
QOS lookups)
On the Way In
To
3 Submit packet to
TXT Forwarding RCV
VLAN
decap/parsing/pro
3 4 cessing in the
4 forwarding
TXT TXT RCV
Queues Buffer Buffer controller and the
TCAM SRAM native frame is
obtained
From To
On the Way In 5 Search Engine in
the Forwarding
To
CPU MAC MAC MAC MAC MAC MAC Controller sends
the packet to the
TCAM for L2
lookup and
TXT Forwarding RCV
FIFO Controller FIFO receives the index
5 6
6 The Forwarding
TXT TXT RCV
Controller queries
TCAM SRAM
the SRAM with the
index to get the
From To
Ring/Fabric Ring/Fabric desired look up.
On the Way In Search Engine
7 Forwarding
To
CPU MAC
Port 1
MAC
Port 2
MAC
Port 3
MAC
Port 4
MAC
Port 5
MAC
Port 16
Controller sends
QOS and ACL
Look up sent to
TXT Forwarding RCV
the TCAM. Index
FIFO Controller FIFO returned
7 8
8 Forwarding
TXT TXT RCV
Controller queries
TCAM SRAM
the SRAM for the
respective Ingress
From
Ring/Fabric
To
Ring/Fabric
ACL and QOS
response
On the Way In
To
9 Look up to the
TXT Forwarding RCV
policer. How much
FIFO
9
Controller
10
FIFO
policing to do?
10 Policing
TXT TXT RCV
information
TCAM SRAM
returned
From To
On the Way In Search Engine in
11
Forwarding
To
CPU MAC MAC MAC MAC MAC MAC Controller sends
the L2/L3
Forwarding Look
up to the TCAM.
TXT
FIFO
Forwarding
Controller
RCV
FIFO
Index returned
11 12
12 Forwarding
TXT TXT RCV
Queues Buffer Buffer Controller sends
TCAM SRAM Index to the SRAM
for destination
From To details.
Destination
information
returned
On the Way In
To
14 24 byte descriptor
sent to the
Receive buffer.
TXT Forwarding RCV Appended to the
14 original packet.
Descriptor
TXT TXT RCV Descriptor

TCAM SRAM
Native
Packet
From To
On the Way In
To
15 Packet with the

TXT Forwarding RCV
extra 24 byte
descriptor is sent
to the Switching
Fabric/Ring
TXT TXT RCV
TCAM SRAM
15
From To
Ring/Fabric Ring/Fabric Descriptor
Native
Packet
Within the ASIC
To
TXT Forwarding RCV

TXT TXT RCV

Egress Path TCAM SRAM
From To
Packet Walk - Egress
On the Way Out
To
1 Packet with the

TXT Forwarding RCV
extra 24 byte
descriptor is sent
to the Switching
Fabric/Ring
TXT TXT RCV
TCAM SRAM
Descriptor
From To
Native
Packet
1
On the Way Out
To
2 Packet is stored in
TXT Forwarding RCV
the Transmit
buffer.
Packet location
TXT TXT RCV
Queues Buffer Buffer stored in the TXT
TCAM SRAM Queue
2 From To
On the Way Out
To
3 Packets egresses
TXT Forwarding RCV
and is stored in
the Transmit FIFO
for egress
3 processing
TXT TXT RCV
TCAM SRAM
From To
On the Way Out
To
4 First 200 bytes

TXT Forwarding RCV
sent to the
FIFO
4 Controller FIFO
Forwarding
Controller for
egress processing
TXT TXT RCV
TCAM SRAM
From To
On the Way Out
5 Search Engine in
To
CPU MAC MAC MAC MAC MAC MAC Forwarding
Controller sends
egress ACL lookup
query to TCAM.
TXT Forwarding RCV
FIFO Controller FIFO TCAM returns
index
5 6 6
TXT
Queues
TXT
Buffer
RCV
Buffer
Forwarding
TCAM SRAM Controller uses
index to get the
From To
ACL info
On the Way Out
5 Search Engine in
To
CPU MAC MAC MAC MAC MAC MAC Forwarding
Controller sends
Destination
Lookup to TCAM.
TXT Forwarding RCV
FIFO Controller FIFO Index returned.
5 6 6
TXT
Queues
TXT
Buffer
RCV
Buffer
Forwarding
TCAM SRAM Controller uses
index to get the
From To
L2/L3 forwarding
info
On the Way Out
7 Packet Header
To
CPU MAC MAC MAC MAC MAC MAC prepared in the
Forwarding
Controller
7
TXT 8 Forwarding RCV
8
TXT
Queues
TXT
Buffer
RCV
Buffer
Forwarding
TCAM SRAM Controller sends
the header info to
From To
the TXT FIFO
where the final
packet is
assembled
On the Way Out
9 Final packet sent
To
CPU MAC MAC MAC MAC MAC MAC to the egress port.
9
TXT Forwarding RCV
TXT TXT RCV

TCAM SRAM
From To
3750v2 Unicast Packet Walk
Source Strip
4. Original Packet
rotates around the 2. Copy Packet by
ring Dest. Port-ASIC
Port ASIC Port ASIC 3. Pass Port ASIC

Packet to
Dest. port
5. Src Removes
Packet off the ring 1. Forward
To the Stack
 All types of packets are passed all the way around the ring, copied Source
at the destination(s) and returned to the sender for stripping Destination
 All packets are sent to the stack ring, the Port ASICs can not Packet
locally switch traffic
3750X Unicast Packet Walk
Locally Switched (Stacked or Standalone Switch)
Packet is locally
switched. Never get
forwarded to
Stackwise rings
Switch Fabric
Source
 The packet is sent to the switch Fabric and locally switched to Destination
the destination Port ASIC Packet
 Simple switching with, no ACK necessary

 Does not disrupt the Stack rings
3750X Unicast Packet Walk
Destination Across the Stack – Destination Strip
3. Removes 4. Send 2. Copies packet
packet off the 16 bits – sends it to port-
stack ring ACK ASIC
Switch Fabric
Switch Fabric
Port ASIC
5. Remove
Port ASIC 1. Forward Port ASIC
the ACK To the Stack
ring
Switch Fabric
 The Source Port ASIC sends the packet to the Source Switch Source
Fabric and it is switched to the Destination Switch Fabric Destination

Packet
 The Destination Switch Fabric removes the packet and sends a ACK
16 bit ACK
 The Originating Switch Fabric receives and removes the ACK
Smart Multicast Packet Walk
All Catalyst 3K Models 3. Replicate Packet
5. Original Multicast Packet and forward to the
continues on the ring in case port-ASICs that have
there are more listeners inFabric
Switch the listeners
stack. 4. Replicate in
Port ASIC Port ASIC case of multiple Port ASIC
listeners
Source
Switch Fabric
Destination
1. Multicast Packet 2. Copy Multicast
Must forward to the Packet: forward to Packet
6. Remove Packet stack ring! the stack ring and to
off the ring.
Switch Fabric local port-ASICs
Dest. Strip. – Port ASIC
Port ASIC Port ASIC
 The Switch Fabrics with multicast ports in that group copy the packet
 The originating Switch Fabric removes the packet from the ring
 Note: There is only one packet on the ring per multicast flow, replication only
occurs at the local level
 Note: if the sender and all of the receivers are on the same switch no packets
are sent to the ring
Agenda

Packet Walks
Stacking Switches
QoS
Summary
Agenda

Packet Walks
Stacking Switches – StackWise and StackWise Plus
QoS
Summary
What is a Stackable Switch?
 Allows access to all switches with a single IP address
 Provides the means to manage the stack via CLI or MIB
 Can connect all switches in a physical ring topology
 Traffic flows in either direction of the ring, some Resiliency

 Automatic Master selection & backup 1:N
 Automatic IOS versioning and Update!
 Automatic configuration of new members
 Automatic unit replacement (configuration of old switch retained)
 Stateful switch over in case of master failures
 Ring resiliency similar to FDDI, provides HA and Resiliency
 Sub-millisecond Master failover
 Smart Multicast
 Cross-stack features (Etherchannel and QoS)
Cisco StackWise (Plus)
Logical and physical ring architecture of the Catalyst 3k
StackWise
Comprises two 16 Gbps counter-rotating rings Rings/Cable
‒ Data on both rings when fully connected:

Stackwise - 32 Gbps
Stackwise Plus - 64 Gbps
 Internal Connection:
 On 3750v2, 3750G : The Stack Ring is the switching
fabric
 3750E, 3750X : The Stack Ring only interconnects the
individual Switch Fabrics
Understanding the Stack Cable Cable
TX
Pair Trace
Eight TX/RCV pairs per ring
That is 16 pairs (8 channels per ring)
Each TX/RCV pair has 2 traces that use

differential signaling.
That is 32 traces in total
Each TX/RCV pair runs at 2.5 Gbps

8B/10B encoding is used. RCV
Pair
(for every ten bits sent, eight bits are data and two bits are overhead)
Understanding the Stack Ring Speed
16 Channels x 2.5 Gbps x 8B/10B = 32Gbps
Or bidirectional 16 Gbps per cable = 32Gbps
Or Two Rings running at 16Gpbs each = 32Gbps
Trace
16 Gbps 16 Gbps 16 Gbps 16 Gbps
TXT/RCV
Pairs
Stack Cable Stack Cable

1 2
Stackwise Vs. Stackwise Plus
Spatial Reuse
No Spatial Reuse Spatial Reuse
(Source Strip) (Destination Strip)
3750v2 StackWise 3750-X StackWise Plus
Only 2 Flows Up to N by 2 Simultaneous Flows
Access-based tokens Credit-based Tokens
Stackwise Stackwise Plus

32 Gbps N by 32 Gpbs
Note: These are packets not tokens. There is only 1 token per ring.
Ring Healing
Switch Fabric Port ASIC Port ASIC Port ASIC

Loops Loop
3750-X 3750v2
 The Switch Fabric or Port ASIC closest to cable detects link down
‒ Criteria is coding violations in a period of time
‒ Loss of at most one packet that was being transmitted when ring broke
‒ Just microseconds for hardware to detect failure
 Each switch signals a bad link to stack its partner
 Both ends of the cable loop back on themselves
Agenda

Packet Walks
Stacking Switches – Cisco StackPower
QoS
Summary
StackPower Overview
 Aggregates and shares available input power capacity in a
Stack
 Flexible arrangement of power supplies in a stack
‒ Up to 8.8Kw in a power stack of 4 switches (ring topology)
‒ Up to 22Kw in a power stack of 9 switches (Star topology
using an XPS(eXpandable Power System) 2200)
 Stackpower decouples a Power supply from its physical
location in a switch/stack!
 Provides RPS functionality (Zero-footprint RPS)
 Intelligent Load shedding
StackPower Modes of Operation
Power Share and Redundant Modes
 StackPower operates in two modes:
Power share
‒ Loose or Strict mode
Redundant
‒ Loose or Strict mode
 Up to four switches can be participate in a power stack
 More than one power stack within one Data stack (Stackwise Plus)
Loose and Strict modes
Control the behavior of Load shed
 Loose mode allows for a negative power budget
 Strict mode sheds load as soon as the power budget goes below the Allocated
power level
Power-sharing Loose mode Default Power-sharing Strict mode
ALLOCATED
ALLOCATED
BUDGET Available Committed ACTUAL Drawn
BUDGET Available Committed ACTUAL Drawn
Power Pool Power Power
Power Pool Power Power
Lost PS or Lost PS or
Power source Power source
Shed Load
Lost Shed Load
another PS
Dropped PD Dropped PD
Best Practice
Balance Power supplies across theTotalstack
Input Power = 5,400w
1,100w
A B
X 500w
1,100w 200w A B Total Output Power = 4,400w

30 A 2,000w The right half generates only 20A but
1,100w 30 A
A B 500w
consumes 80A
200w A B
1,100w
2,000w
Stackpower rated for ~40A
In failure scenario, Stackpower could be
60 A
oversubscribed; console messages will
warn about the condition and Intelligent
Recommendation: load shed will occur.
1. Balance PS across all systems, and
2. insist on filling up PS slot A on every switch in the
stack, before using slot B on any switch!
Agenda

Packet Walks
Stacking Switches – FlexStack
QoS
Summary
Flexstack on the Catalyst 2960-S
New Stacking Mechanism
 Stack Bandwidth – 20 Gbps

 Up to 4 members in a stack
 Not a ring Architecture – Hop by Hop
 Local switching support for unicast packets
 All members of the stack see the unknown
Unicast, Broadcast, and Multicast packets
FlexStack Vs. StackWise Plus
3750-X StackWise Plus
2960-S FlexStack
Ease of Use and
Ease of Use
High Availability
Device Limit 4 units 9 units
Stack Bandwidth 20G 64G
Architecture HW Drop Table Ring (Destination stripping)
Dynamic Ring Load Balancing No Yes
Stack Convergence 1-2 seconds Few milliseconds

Stack QoS Applied hop by hop Applied on ingress
Management Single IP address, SNMP, SYSLOG Single IP address, SNMP, SYSLOG
Configuration Single config and CLI, auto image and config update Single config and CLI, auto image and config update
Show and Debug Commands Unified Unified
Synchronize ARP, MAC Address, IGMP, VLAN, Routing

Single Forwarding and Control Plane Synchronize ARP, MAC Address, IGMP, VLAN tables
tables
Cross-Stack Features Yes Yes
Single Bridge-ID Yes Yes
Preprovison members Yes Yes
Redundancy Stack master 1:N redundancy Stack master 1:N redundancy
Easy member replacement Yes Yes
Agenda

Packet Walks
Stacking Switches – Stack functions and operations
QoS
Summary
The Stack Master
78
Stack Master Election Criteria
1) The stack (or switch) whose master has the
higher user configurable mastership priority 1–15
2) The stack (or switch) whose master is not using
the default configuration
3) The stack (or switch) whose master has the higher software
priority
Cryptographic IP Services
Cryptographic IP Base
Cryptographic LAN Base
4) The stack (or switch) whose master has the longest uptime
5) The switch or stack whose master has the lowest
MAC address
Switch Priority for Master Role
Default Is 1, Don‘t Participate Is 0
Switch (config)# switch 3 priority 10
Switch (config)# switch 4 priority 9
Switch (config)# exit
Switch# show switch
Switch# Role Mac Address Priority State

--------------------------------------------------------------
1 Member 000a.fdfd.0100 1 Ready Master
2 Member 000a.fdab.0100 1 Ready
3 Master 000a.fd22.0100 10 Ready
4 Member 0003.fd63.9c00 9 Ready
Back-up Master
When Does the Stack Master Change?
A Stack Master Can Change If:
 The stack master fails or reboots
 The stack master is removed from the switch
stack
 The stack master is power cycled or powered off
 There is a Stack Merge
‒ Stack merge occurs when a new switch is powered
up before being connected to the stack cables, or
when two cables are disconnected from the stack
Functions of the Stack Master
The Stack Master:

 Controls all centralized functions Config
FIB
 Builds and propagates the L3 FIB IOS
 Manages and Propagates the Config

FIB
configuration file to the stack IOS
 Controls the console
Config
 Controls the CDP neighbor table FIB
IOS
 Controls the VLAN database
 Upgrades the stack
Centralized and Distributed Functions
 Centralized functions
Those that are reside on the
master node
Those that are forwarded to the Master
master node
Those that are controlled or synchronized by
the master node
Ex: CDP, VLAN Database mgmt,Routing
 Distributed functions
Those that are performed locally
by each node Master
These functions are synchronized or updated
between the nodes
Ex: MAC address management, STP
Stack Configuration Management
 Master:
‒ Copies of the startup and running config files
are kept on all members in the stack
‒ The current running-config is synched from Config
the master to all members
‒ On a switchover, the new master
re-applies the running-config so Config
that all switches are in sync
 Member: Config
‒ Keeps a copy of startup and
running config at all times
‒ On boot-up waits for config file
from master and parses it
Stack Members – Addition, Removal,
Pre-provisioning
85
Adding a New Switch
Example
 The stack has three members - 1, 2, 3
 A new switch with #3 is added to the stack
 Conflict detected, number changes based Master #1
on the rules used for numbering (ID).
Switch #2
 It is assigned the #4 and
Switch #3
reloads switch #4
 Configuration commands in the config file Switch #4
which apply to interfaces 4/0/* apply to the
new switch
Switch Pre-provisioning
Example
1) Pre-provision Switch #4 in advance

Switch(config)#switch 4 provision WS-C3750x-48P
2) Enter the port configuration for Switch #4. Master #1

Config
3) Add Switch #4 when required Switch #2
Switch #3
Switch #4
Switch Removal
 The stack has three members — 1, 2, 3
 Member #3 is removed or powered down
‒ Neighbor loss is detected by Switch
#1 and Switch #2
‒ Layer 2 and Layer 3 convergence may need Master #1
‒ to happen Master #2
Switch #2
‒ Now there is a stack of two switches—Switch #1 and
Switch #2 Switch #3
‒ Switch#1 is still the master
 Master #1 is removed or powered down
‒ Switch #2 takes over as master
‒ Layer 2 and Layer 3 convergence may need
to happen
‒ Now there is a stack of one switch—#2 which
is the master
Replacing a Switch
 In this case, the failed switch
is a Cisco Catalyst WS-C3750X-48TD
 If replaced by another Cisco Catalyst WS-
C3750X-48TD, the new switch will receive the
port-level configuration of the original unit Config
 If replaced by a different switch, the original
configuration is lost and the new switch
receives all stack global configuration
Resolving Stack Mismatches
Types of Stack Mismatch
Homogeneous Stack: 3750 or 3750E/X:
 Version Mismatch: 3750-X
level and feature IOS revision set
i.e. LAN Base, IP Base, and IP Services 3750-E
 SDM Mismatch: 3750-E

All members of the stack must run the
same SDM template as the master
 Version Mismatch has priority over
SDM mismatch
3750-X
Hardware Mixed Stack: 3750 and 3750E/X:
 Same as above 3750-E
 Feature Mismatch 3750-E
Hardware features (POE, Jumbo 3750

frame routing)
Stack IOS Upgrade Process
 Automatic Upgrade involves two processes:
Auto-Upgrade and Auto-Advise
 The auto-upgrade processes runs first and it consists of:

auto-copy process and auto-extract process
Auto-copy copies a running image of any stack member into a switch if this process fails, then:
Auto-extract searches through all FLASH devices for a TAR file suitable for the switch in VM mode
 If auto-extract fails, Auto-Advice provides a recommendation on how to upgrade manually!
 Recommend:
Store Universal and Reformation TAR images in the master and a backup master for auto-extract to work
Configure a url for last resort: (point to the image repository)
boot auto-download-sw tftp://10.1.1.15/images/fall06/c3750-universal-tar
‒ Use to upgrade a mixed hardware stack:
‒ archive download-sw /directory tftp://10.1.1.10/ c3750-ipservices-tar.122-35.SE.tar c3750e-universal-tar.122-35.SE2.tar
LAN Base Stack
Exception: No Mixed IOS Feature Set
 A form of Feature mismatch in a mixed Hardware stack

No HW Encryption, no Stackpower support
 No mixed IOS feature set support for LAN Base
 Catalyst 3750X models running LAN Base feature set can only stack
among themselves
Common mistake…Don‘t call TAC..!

‒ Stacking LAN Base models with IP Base / IP Services
Agenda

Packet Walks
QoS
Summary
Cisco Catalyst 3750 Family - QoS Model
Applies to Both 3750v2 and 3750X
Policer Marker
Queue 1
Policer Marker
StackWise
Queue 2
Classify Queue 1
Input
Traffic
SRR SRR
Queue 2 Queue 3
Policer Marker
Queue 4
Policer Marker
Ingress Queue/ Egress Queue/

Schedule Schedule
Classification Policing Marking Congestion Congestion
Control Control
• Inspect incoming • Compares incoming • Act on policer • Two queues/port ASIC • Four SRR queues/port shared
packets traffic rate w/ decision shared servicing or shaped servicing
• Assign QOS Label to configured policer and • Reclass or drop • One queue is configurable • One queue is configurable
grouped packet determine if packet is out-of-profile for strict priority servicing for strict priority servicing
• Use ACL, or other IN or Out of Profile. • WTD for congestion • WTD for congestion
configuration to • Either aggregate or control (three thresholds control (three thresholds
determine QOS labels individual flow basis per queue) per queue)
• 256 policers/ASIC • SRR is performed • Egress queue shaping
• Egress port rate limiting
Ingress Queuing and Scheduling
 Two user-configurable ingress queues/ ASIC
‒Two more queues reserved for the system
‒One queue is an expedite queue – by default maps to voice
traffic
 Queues can be shared but not shaped
 Shaped Round Robin is used to service these queues
 WTD with 3 thresholds is used for congestion avoidance
Egress Queuing, Scheduling & Shaping
 Four egress queues per port

 SRR used to manage the queues
 WTD used for congestion avoidance
 Strict Priority
 NULL Queue used for rate limiting
Shaped between 10-90%, in increments of 6%
 Egress Queues are shaped, but not policed (better)
 srr-queue bandwidth shape <queue-1 weight> <queue-2 weight> ….
Buffer Allocation – Egress
CPU Pool
140Kb  Four Egress Queues
‒ Fixed:
Each queue has 1/4 of per port fixed buffers.
Common Pool ‒ Flexible:
1Mb Common pool provides extra buffers to all queues.
‒ Buffer re-allocation and common pool usage is
configurable – ‗Queue-set‘
Port 1 Queue 4
Port 1 Queue 1
Port 1 Queue 2
Port 2 Queue 1
Port 1 Queue 3
Reserved Pool
Min. Guaranteed Can

Not be Borrowed nor
 Total 2Mb= 8192 256-byte Buffer units
shared
Cisco Catalyst 3750 Weighted Tail Drop
Four Egress Qs Identify 12 Services
 WTD is a congestion-avoidance mechanism

for managing the queue lengths and providing
drop precedence for different traffic CoS 6-7
100% 1000
classifications
 WTD is used at both, the Ingress queues or the CoS 4-5
Egress queues 60% 600
CoS 0-3
 User configurable thresholds determine when 40% 400
to drop certain types of packets
 As a queue fills up, lower priority packets are 0
dropped first Queue 1
Only one Q is Displayed.
 In this example, when the queue is 60% full, All 4 Egress or 2 Ingress Queues
arriving packets marked with CoS 0-5 are Can Be Configured Independently
dropped
 Thresholds can be set with DSCP or COS
labels.
What is an Egress Queue-set? All values in Percentages of 100
Switch#show mls qos queue-set 1

Queueset: 1
 4 Egress Queues per port Queue : 1 2 3 4
----------------------------------------------
buffers : 10 10 26 54
 3 drop thresholds per Queue threshold1: 33 33 33 33
threshold2: 66 66 77 50
 Each port has a queue-set defined reserved : 92 92 100 67
maximum : 138 400 400 400
 Threshold values over 100% dip into
common pool (MAX). MAX
 Threshold defines drop precedence for a
class of traffic T2
 Queue-set does not define bandwidth T1 33%
LEVERAGE BOTH THE QUEUE SETS

Q1 Q2 Q3 Q4
BRKCRS-3437 © 2012 Cisco and/or its affiliates. All rights reserved.

Egress port
Cisco Public 100
Mapping Classes to Egress Queues
 Using ―maps‖, traffic classes mapped to Queue and threshold
 Maps available for DSCP and COS.
 64 DSCP values shown.
 Each DSCP value maps to an egress Queue, and threshold
 Queues range: 1-4, Threshold range:01-03 DSCP:0
Queue 4:
Threshold 3
Switch#show mls qos maps dscp-output-q

Dscp-outputq-threshold map:
d1 :d2 0 1 2 3 4 5 6 7 8 9
------------------------------------------------------------
0 : 04-03 04-03 04-03 04-03 04-03 04-03 04-03 04-03 04-01 04-02 DSCP:46
Queue 1
1 : 04-02 04-02 04-02 04-02 04-02 04-02 03-03 03-03 03-03 03-03
Threshold 3
2 : 03-03 03-03 03-03 03-03 02-03 02-03 02-03 02-03 02-03 02-03
3 : 02-03 02-03 03-03 03-03 03-03 03-03 03-03 03-03 03-03 03-03
4 : 01-03 01-03 01-03 01-03 01-03 01-03 01-03 01-03 02-03 02-03
5 : 02-03 02-03 02-03 02-03 02-03 02-03 02-03 02-03 02-03 02-03 DSCP:63
6 : 02-03 02-03 02-03 02-03 Queue 2
Threshold 3
Troubleshooting QoS Issues
Command Summary
Troubleshooting Steps Commands
Check for Errors/drops Ingress and Egress ports

show mls qos interface <> stats
Check Queue mapping show mls qos maps dscp-output-q
Check Egress Queue details show platform port-asic stats drop <>
Check and tune buffers show mls qos queue-set

Show mls qos maps dscp-output-q
mls qos queue-set output <> threshold
Agenda

Packet Walks
QoS
Summary
Cisco Catalyst Smart Operations
Intelligence—Health Assessment, Best Practice
ISR or 3K (“Director”), 4K, 6K

Roadmap
Smart Install Auto Smart Ports Smart Call Home

Zero Touch Deployments Plug and Play for End Devices Quickly Identify and
and Maintenance Resolve Network Issues
New Switch is Connected New Device Attached Anomaly Detected
Software image downloaded; Configuration Port Configuration: Applied Proactive diagnostics
automatically applied QoS Policy: Enforced Alert created in real-time
Security Policy: Enforced Web-based reports
Routed to correct TAC team
Remediation initiated
Cost Savings: $15,000 (or 230 Hours) per 100 Switches*

Smart Install – The Nuts and Bolts
Step 1 – ENABLE THE DIRECTOR
Director# configure terminal
vstack director 10.0.0.33
ISR or 3K Newbasic
vstack switch is connected
(―Director‖)
Software image is downloaded
Step 2 – Specify IMAGE & CONFIG using built-in group (uses external TFTP server)
Access
Configuration automatically
vstack group built-in 2960 24
Switches applied
image tftp://10.0.0.10/c2960-universal-tar.122-52.SE.tar
config tftp://10.0.0.10/2960-24-built-in config.txt
exit
Step 3 – Specify external DHCP server

interface Vlan1
ip address 10.0.0.33
ip helper-address 10.0.0.10 (points to existing external DHCP server)
ip helper-address 10.0.0.11
ALTERNATIVELY … Enable DHCP server on the Director

vstack dhcp-localserver pool1
address-pool 10.0.1.0 255.255.0.0
SCALABLE AND ZERO TOUCH default-router 10.0.0.33 Quickly Identify
file-server 10.0.0.33 and Resolve
Exit Network Issues
ip dhcp remember
end
Before Enabling Auto Smartports
When ASP is enabled with default settings?
Router ISR
 Enabling ASP by default enables detection for ALL Si
device type
 PROBLEM : Disturbs existing switch-to-switch, switch-
router connections
 Changes the port configuration
 MAY affect connectivity Ports go down
 SOLUTION :
 Disable detection of devices like Switches and ASP enabled
Native vlan changes to vlan 1
Routers by default causing VLAN
 Disable ASP on uplink ports and ports connecting to mismatch
routers
ASP: configuration
1) Stub configuration on all ports – Access vlan 10
2960s(config)#int range GigabitEthernet 1/0/1 – 48

2960s(config-if-range)#switchport access vlan 11
2960s(config-if-range)#switchport mode access
2) In this example, ASP is enabled for only Lightweight Access Points

and IP Phones
2960s(config)#macro auto global control device phone lightweight -ap
ASP will not take any action for any other Cisco device if detected
configuration Contd..
3) Set vlan parameters for the AP and IP phone

2960s(config)#macro auto device phone ACCESS_VLAN=11 VOICE_VLAN=10
2960s(config)#macro auto device lightweight-ap ACCESS_VLAN=11
4) Enable ASP
2960s(config)#macro auto global processing
Sample Macro Configuration
interface $INTERFACE
macro description $TRIGGER
switchport access vlan $ACCESS_VLAN
switchport mode access
switchport block unicast
if [[ $AUTH_ENABLED -eq NO ]]; then
switchport voice vlan $VOICE_VLAN
fi
switchport port-security maximum 3
switchport port-security maximum 2 vlan access
switchport port-security
switchport port-security aging time 1
switchport port-security violation restrict
switchport port-security aging type inactivity
load-interval 30
auto qos voip cisco-phone
storm-control broadcast level pps 1k
storm-control multicast level pps 2k
storm-control action trap
spanning-tree portfast
spanning-tree bpduguard enable
ip dhcp snooping limit rate 15
Agenda

Packet Walks
QoS
Summary
Call Out for Other Sessions
BRKCRS-3141 Troubleshooting Cisco Catalyst 3750 3560 and

2960 Series Switches Technical Breakout
BRKCRS-4381 Smart Operations - Power Tools for Catalyst

switching network operations
Q&A
Complete Your Online
Session Evaluation
 Give us your feedback and you
could win fabulous prizes.
Winners announced daily.
 Receive 20 Passport points for each
session evaluation you complete.
 Complete your session evaluation
online now (open a browser through
our wireless network to access our Don‘t forget to activate your
portal) or visit one of the Internet Cisco Live Virtual account for access to
stations throughout the Convention all session material, communities, and
on-demand and live activities throughout
Center. the year. Activate your account at the
Cisco booth in the World of Solutions or visit
www.ciscolive.com.
Final Thoughts
 Get hands-on experience with the Walk-in Labs located in World of

Solutions, booth 1042
 Come see demos of many key solutions and products in the main Cisco
booth 2924
 Visit www.ciscoLive365.com after the event for updated PDFs, on-
demand session videos, networking, and more!
 Follow Cisco Live! using social media:
‒ Facebook: https://www.facebook.com/ciscoliveus
‒ Twitter: https://twitter.com/#!/CiscoLive
‒ LinkedIn Group: http://linkd.in/CiscoLI

Brkarc 3437 PDF

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Brkarc 3437 PDF

Hochgeladen von

Copyright:

Verfügbare Formate

Cisco Catalyst 3750/3560 and 2960 Series

Fixed Switching Portfolio

Fixed Switching Portfolio

FAMILIES FAMILIES FAMILIES FAMILIES

Modules Modules Wall Mountable

C3KX-NM-1G C3KX-NM-10GT C3KX-SM-10G C2960S-STACK

INNOVATION OPERATIONAL SIMPLICITY

WORLD’S MOST ¼ BILLION OVER 7 MILLION INDUSTRY LOWER

Leading Stackable Unified Access Platform

24 Port Data Switch C3KX-PWR-350WAC –

PoE+ support Auto Smart Ports

10G uplinks available

EASE-OF-USE 20M 500K+ ENERGY EFFICIENCY LOWER

Cisco Quality at Competitive Price

8 & 12 PORT QUIET EXTEND THE CISCO FULL-SIZE LOWER

Ideal for Retail Check Stands, Classrooms,

Fixed Switching Portfolio

Basic Services Services Base

Threat Intelligence Role-based Access, Secure Traffic

Functionality LAN Lite LAN Base

• No Routing Support • 16 static IPv4 routes on SVIs

• Entry-level Manageability • Basic Manageability

• Entry-level Access Security • Enterprise Access Security

• Entry-level Access QOS • Enterprise Access QOS

• Basic manageability • Enterprise access Layer 3 • Complete access Layer 3

• Enterprise access QoS • Complete access QoS

 Node-locked – based on UDI  Limited Usage period (60 days)

show license file [switch <switch_id>]

show license status [switch <switch_id>]

show license detail <feature_name> [switch <switch_id>]

show license udi

debug license <events | all | errors>

*Apr 2 02:04:08.604: %IOS_LICENSE_IMAGE_APPLICATION-6-LICENSE_LEVEL: Module name = c3750e Next

Fixed Switching Portfolio

Port ASIC Port ASIC Port ASIC

 Switch Fabric in some families

 Stacking in some families

Port ASIC Port ASIC Port ASIC

The Port ASIC performs:

Port ASIC Port ASIC Port ASIC

Port ASIC Port ASIC Port ASIC

Port ASIC Port ASIC Port ASIC

MACsec link encryption in hardware – Line rate (3750X/3560X)

Port ASIC Port ASIC Port ASIC

Switch Fabric Stack PHY

The switch fabric performs token generation and ring control

To Switch ASIC SFP+

3KX-SM-10G : 3750X Service Module

Port ASIC Port ASIC Port ASIC

8 Port 8 Port 8 Port 8 Port 8 Port 8 Port 8 Port 8 Port SDRAM

Ports Ports Ports

• 3750 and 3750-X Main Architectural Differences:

2960S Key Facts

Port ASIC Port ASIC CPU

Compact Switch model Comparison

Fixed Switching Portfolio

TXT Forwarding RCV

Egress Path TCAM SRAM

These spaces can

TXT TXT RCV

1 Packets enter the

2 The whole packet

TXT TXT RCV