![Page 1: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/1.jpg)
SouthernCaliforniaCiscoUsersGroupCatalyst9000and
SoftwareDefinedAccessMatthewTaite,SystemsEngineer
![Page 2: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/2.jpg)
Agenda
• Programmability– 20minutes• Catalyst9000– 10minutes• SoftwareDefinedAccess(SDA)– 20minutes• Demo– 20minutes• Licensing– 10minutes
![Page 3: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/3.jpg)
Programmability“NoMoreMiddleClassIT”™
![Page 4: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/4.jpg)
http://blog.hackerearth.com/2016/11/top-programming-language-2017.html
![Page 5: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/5.jpg)
MustHaveTools
• Postman• https://www.getpostman.com
![Page 6: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/6.jpg)
• CiscoConfParse• https://github.com/mpenning/ciscoconfparse
MustHaveTools
![Page 7: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/7.jpg)
• NAPALM
MustHaveTools
![Page 8: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/8.jpg)
• Catalyst w/Py2.7.11*
• ISRw/Py2.7.5
GuestShell onIOSXE
*GuestShell liteonC3650/C3850
![Page 9: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/9.jpg)
Catalysteria™IntroducingtheCatalyst9000
![Page 10: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/10.jpg)
CataLust ™
![Page 11: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/11.jpg)
• HARDWARE• UADP2.0- NextGenerationofASICInnovation• ExternalStorageupto1TBSATA/SSDforLocalLogging– 3rdPartyAppHosting– Containers• PerpetualUPOE(HWreadyfor100W)• FastUPOE(PDrestorewithin30seconds)• POE2-eventclassificationfor1-2secondpowernegotiation• DedicatedX86CPUandexpandedmemoryforon-boxcontainer/NFVsupport• Built-inRFID• BluetoothConnectivityforfiletransferanddevicemanagement
• SOFTWARE• OpenIOS-XEallowsformodel-drivenprogrammability(i.e NETCONForPython),streamingtelemetry,andprocesspatching• Single.binImageacrossallC9Kplatforms• EmbeddedWireshark• GIRw/SystemSnapshots
Catalyst9KInnovations
![Page 12: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/12.jpg)
SoftwareDefinedAccess
![Page 13: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/13.jpg)
WhySDA
![Page 14: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/14.jpg)
UniqueDevice/UserIdentification
LogicalSegmentation
SecureControlbetweenSegments
UnifiedPolicyacrossNetwork
![Page 15: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/15.jpg)
LittleSwitch,BigSwitch™
![Page 16: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/16.jpg)
• GRE / mGRE
• MPLS / VPLS
• GETVPN / DMVPN
• CAPWAP
• LISP
• OTV
• DFA
• ACI
Examples of Network Overlays
What exactly is a Fabric?
A “Fabric” is an “Overlay”An “Overlay” is a logical topology used to virtually connect devices,
built on top of an arbitrary “Underlay” physical topology.
An “Overlay” network often uses alternate forwarding attributes to
provide additional services, not provided by the “Underlay”.
![Page 17: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/17.jpg)
What exactly is a Fabric?Types of Overlays
Layer 2 Overlays• Emulates a LAN segment
• Transport Ethernet Frames (IP & non-IP)
• Single subnet mobility (L2 domain)
• Exposure to open L2 flooding
• Useful in emulating physical topologies
Layer 3 Overlays• Abstract IP-based connectivity
• Transport IP Packets (IPv4 & IPv6)
• Full mobility regardless of Gateway
• Contain network related failures (floods)
• Useful to abstract connectivity and policy
Hybrid (L2 + L3) Overlays offer the Best of Both Worlds
![Page 18: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/18.jpg)
Switch1(config)# cts sxp mapping network-map 10000Switch1(config)# cts role-based sgt-map 10.10.10.0/30 sgt 101Switch1(config)# cts role-based sgt-map 11.11.11.0/29 sgt11111Switch1(config)# cts role-based sgt-map 192.168.1.0/28 sgt65000
![Page 19: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/19.jpg)
• https://tools.ietf.org/html/draft-smith-vxlan-group-policy-03
![Page 20: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/20.jpg)
• IncreasecampusLANdefaultnetworkMTU(9100recommended)
• Layer3totheaccesslayerwithoutneedforloopavoidanceprotocols
• Point-to-pointlinksforquickestconvergenceandstability
• SingleAreaIGPprocessforthefabricfromedgetoborder
• Loopbackpropagationoutsidefabric(/32)
Underlayrequirements
![Page 21: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/21.jpg)
• DHCP/TFTP
• ISE/AAA
• IPAM
• NTP
• Netflow Collector
• Syslog
• FabricandNon-FabricWLC
• ActiveDirectory/DomainController
• DNAC/APIC-EM/NDP
• CUCM/CME/CUBE
• Etc…
SharedServicesStack
![Page 22: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/22.jpg)
APIC-EM
ISE NDP
§ Control-PlaneNodes– MapSystemthatmanagesEndpointIDtoDevicerelationships
§ EdgeNodes– AFabricdevice(e.g.AccessorDistribution)thatconnectsWiredEndpointstotheSDAFabric
§ IdentityServices– ExternalIDSystems(e.g.ISE)areleveragedfordynamicUserorDevicetoGroupmappingandPolicydefinition
§ BorderNodes– AFabricdevice(e.g.Core)thatconnectsExternalL3network(s)totheSDAFabric
IdentityServices
IntermediateNodes(Underlay)
FabricBorderNodes
FabricEdgeNodes
§ DNAController– EnterpriseSDNControllerprovidesGUImanagementandabstractionviamultipleServiceApps,thatshareinformation
DNACenter
§ AnalyticsEngine– ExternalDataCollectors(e.g.NDP)areleveragedtoanalyzeUserorDevicetoAppflowsandmonitorfabricstatus
AnalyticsEngine
This image cannot currently be displayed.
CControl-Plane
Nodes
B
WhatisSD-Access?Roles&Terminology
B
§ FabricWirelessController– AFabricdevice(WLC)thatconnectsWirelessEndpointstotheSDAFabric
This image cannot currently be displayed.
22
FabricWirelessLANController
![Page 23: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/23.jpg)
EdgeNode providesfirst-hopservicesforUsers&DevicesconnectedtotheFabric
SD-AccessFabricEdgeNodes– ACloserLook
• ResponsibleforIdentifyingandAuthenticatingEndpoints(e.g.Static,802.1X,ActiveDirectory)
• RegisterthespecificEndpointIDinfo(e.g./32or/128)withtheControl-PlaneNode(s)
• ProvidetheAnycast L3GatewayforconnectedEndpoints(sameIPaddressonallEdgenodes)
• Performsencapsulation/de-encapsulationofdatatraffictoandfromallconnectedEndpoints
23
UnknownNetworks
KnownNetworks
C
B B
FabricEdgeNodes
![Page 24: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/24.jpg)
Control-PlaneNoderunsaHostTrackingDatabasetomaplocationinformation
SD-AccessFabricControlPlaneNodes– ACloserLook
• AsimpleHostDatabase,thattracksEndpointIDtoLocationmappings,alongwithotherattributes
• HostDatabasesupportsmultipletypesofEndpointIDlookupkeys(IPv4,IPv6orMAC)
• ReceivesEndpointIDmapregistrationsfromEdgeandBorderNodesfor“known”IPprefixes
• ResolveslookuprequestsfromEdgeandBorderNodes,tolocatedestinationEndpointIDs
24
UnknownNetworks
KnownNetworks
C
B B
FabricEdgeNodes
![Page 25: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/25.jpg)
FabricBorder,AnyandalltrafficenteringorleavingtheFabricgoesthroughthistypeofnode
SD-AccessFabricBorderNodes– ACloserLook
25
• ConnectstraditionalL3networksand/ordifferentFabricdomainstothelocaldomain
• WheretwodomainsexchangeEndpointreachabilityandpolicyinformation
• Responsiblefortranslationofcontext(VRF&SGT)fromonedomaintoanother
• ProvidesadomainexitpointforallEdgeNodes
UnknownNetworks
KnownNetworks
C
B B
FabricEdgeNodes
![Page 26: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/26.jpg)
BorderNode isanentry&exitpointforalldatatrafficgoingin&outoftheFabric
Thereare2TypesofBorderNode!
• FabricBorder• Usedfor“Known”Routesinyourcompany
• DefaultBorder• Usedfor“Unknown”Routesoutsideyourcompany
26
UnknownNetworks
KnownNetworks
BB
C
SD-AccessBorderBorderNodes– ACloserLook
FabricEdgeNodes
![Page 27: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/27.jpg)
SD-AccessBorderBorderNodes– BorderandDefaultBorder
Border• ConnectstheCampusFabrictoKnownnetworks.(Usecase2.1and2.2)• partofyourcompanynetwork
• KnownnetworksaregenerallyWAN,DC,SharedServices,etc.
• Responsibleforadvertisingprefixesto(import)andfrom(export)thelocalfabricandexternaldomain.
DefaultBorder
• ConnectstheCampusFabrictoUn-Knownnetworks(Usecase1)• notpartofthecompanynetwork
• Un-knownnetworksaregenerallytheInternetand/orPublicCloud.
• Responsibleforadvertisingprefixesonlyfrom(export)thelocalfabrictoexternaldomain.
KnownNetworks
BUnknownNetworks
B
![Page 28: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/28.jpg)
SD-Access– BorderNodePlatformSupport
Nexus7K
• Nexus7700• Sup2E• M3Cards• NXOS7.3.2+
Catalyst3K
• Catalyst3850• 1/10GSFP+• 10/40GNMCards• IOS-XE16.6.1+
ASR1K&ISR4K
• ASR1000-X/HX• ISR4451/4431• 1/10G/40G• IOS-XE16.6.1+
Catalyst9K
• Catalyst9300• Catalyst9400• Catalyst9500• 40GQSFP• 10/40GNMCards• IOS-XE16.6.1+
Catalyst6K
• Catalyst6800• Catalyst6500• Sup2T/6T• 6880-Xor6840-X• IOS15.5.1SY+
![Page 29: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/29.jpg)
Nexus7KCatalyst3K
§ VirtualNetworks:64§ SGT’sinFabric:4K§ SGTACL’s:1350§ SecurityACL’s:3K§ IPv4TCAM: 16K/8K
ASR1K&ISR4K
§ VirtualNetworks:4K§ SGT’sinFabric:64K§ SGTACL’s:64K§ SecurityACL’s:4K§ IPv4TCAM: 1M
Catalyst9500
§ VirtualNetworks:256§ SGT’sinFabric:32K§ SGTACL’s:32K§ SecurityACL’s:18K§ IPv4TCAM:96K/48K
Catalyst6K
§ VirtualNetworks:512§ SGT’sinFabric:30K§ SGTACL’s:30K§ SecurityACL’s:32K§ IPv4TCAM:256K
§ VirtualNetworks:500§ SGT’sinFabric:64K§ SGTACL’s:64K§ SecurityACL’s:128K§ IPv4TCAM:1M
SD-Access– BorderNodeScalePlatformScale
• NumberslistedareHWscalelimits,SWnumbersmightbedifferent
Catalyst3850 Catalyst9500 Catalyst6K ASR1K&ISR4K Nexus7K
![Page 30: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/30.jpg)
Catalyst3K
• Catalyst3850• 1/10GSFP+• 10/40GNMCards• IOS-XE16.6.1+
ASR1K/ISR4KandCSR1Kv
• ASR1000-X/HX• ISR4430/4450• 1/10G/40G• IOS-XE16.6.1+
SD-Access– Control-PlanePlatformSupport
Catalyst6K
• Catalyst6800/6500• Sup2T/6T• 6880-Xor6840-X• IOS15.5.1SY+
Catalyst9K
• Catalyst9300• Catalyst9500• 40GQSFP• 1/10GNMCards• IOS-XE16.6.1+
TECCRS-3810
![Page 31: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/31.jpg)
Catalyst3850
• 4KHostentries
ASR1K/ISR4KandCSR1Kv
• 200KHostentries
SD-Access– Control-PlaneNodeScalePlatformScale
Catalyst6K
• 25KHostentries
Catalyst9500
• 96KHostentries
![Page 32: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/32.jpg)
DNACenterLimitations
![Page 33: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/33.jpg)
Demo
![Page 34: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/34.jpg)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Catalyst 9K: Advantage vs. Essentials
Full Routing Functionality BGP, HSRP, OSPF, ISIS, HSRP,GLBP
Flexible Network SegmentationVRF, VXLAN, LISP, Trustsec, Wireless Client and Guest, MPLS L3VPN
Enhanced Security ControlsMACSEC-256
IoT & MobilityCoAP
Optimize Bandwidth Utilization with Multicast MSDP, mVPN, AutoRP, PIM-BIDIR
Software-defined AccessPolicy-based Automation and Assurance, SD-Wireless
Security & IoTEncrypted Traffic Analytics,mDNS GW, NAT/PAT
Telemetry & VisibilityERSPAN, AVC, NBAR2
Network Advantage (Inclusive of Network Essentials)
DNA Advantage (Inclusive of DNA Essentials)
Assurance & AnalyticsNetwork insights from analytics and machine learning, clients and applications covering on-boarding, connectivity and performance
Essential Switch CapabilitiesLayer 2, Routed Access (RIP, EIGRP Stub, OSPF (1000 routes) ,PBR, PIM Stub Multicast (up to 1000 routes)), PIM Stub, PVLAN, VRRP, PBR, CDP, QoS, FHS, 802.1x, Macsec-128, CoPP, Trustsec SXP, IP SLA Responder, SSO
DevOps IntegrationProgrammability with Open Models and Netconf/Restconf, PnP Agent, ZTP
Telemetry & VisibilitySampled NetFlow, SPAN,RSPAN
Basic AutomationPlug and Play,EasyQOS Configuration*
Basic Monitoring CapabilitiesEasyQOS Monitoring*, Client and Device 360, PSIRT Compliance*
Element ManagementImage Management, Topology and Discovery
Cisco DifferentiatorsContainers, Python, EEM, ANI,Full FNF, Wireshark
DNA Essentials
Network Essentials
Perp
etua
l
Perp
etua
l
3,5,
7 Ye
ar T
erm
s
3,5,
7 Ye
ar T
erm
s
Advantage Essentials
High Availability & ResiliencyNSF, GIR, Stackwise Virtual, ISSU
* Future
Element ManagementPatch Management
SDA Ready
§ C9K HW includes the Perpetual Network OS (Essentials or Advantage) § Mandatory to attach DNA License when ordering C9K§ DNA License includes Switch and DNA Center Features
![Page 35: Southern California Cisco Users Group Catalyst 9000 and ...€¦ · Hybrid (L2 + L3) Overlays offer the Best of Both Worlds. Switch1(config)#ctssxpmapping network-map 10000 ... •](https://reader033.vdocument.in/reader033/viewer/2022060707/60733c3b2a5cc008b9017aac/html5/thumbnails/35.jpg)
2© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Catalyst 9K: Switch vs. DNA-C FeaturesFeatures Network
EssentialsNetwork
AdvantageDNA
EssentialsDNA
AdvantageSwitch Features
Switch fundamentalsLayer 2, Routed Access (RIP, EIGRP Stub, OSPF (1000 routes) ,PBR, PIM Stub Multicast (up to 1000 routes)), PVLAN, VRRP, PBR, CDP, QoS, FHS, 802.1x, Macsec-128, CoPP, Trustsec SXP, IP SLA Responder, SSO
� � � �
Advanced switch capabilities and scaleBGP, EIGRP, HSRP, IS-IS, BSR, MSDP, PIM-BIDIR, LSM, IP SLA, Full OSPF � � � �
Network segmentationVRF, VXLAN, LISP, Trustsec, Wireless Client and Guest, MPLS, L3VPN, mVPN � � � �
Optimized network deployments mDNS gateway* � � � �
AutomationNetconf/YANG, PnP Agent, ZTP/Open PnP � � � �
Advanced automationContainers, Python, Guest Shell, EEM, ANI � � � �
Telemetry and visibilityStreaming telemetry, sampled NetFlow, SPAN, RSPAN � � � �
Advanced telemetry and visibilityFull Flexible NetFlow, Wireshark � � � �
Optimized telemetry a visibilityERSPAN, AVC, NBAR2 � � � �
High availability and resiliency NSF, GIR, ISSU, StackWise Virtual � � � �
High availability and resiliency Patching � � � �
SecurityMACsec-256 � � � �
Advanced securityEncrypted Traffic Analytics (ETA) � � � �
IOT integrationAVB, PTP, CoAP � � � �
Cisco DNA Center FeaturesDay 0 network bring-up automation Cisco Network Plug-n-Play application, network settings, device credentials � � � �
Element management Discovery, inventory, topology, software image, licensing, and configuration management � � � �
Element management Patch Management � � � �
Network monitoringEasyQoS Configuration and Monitoring*, Client and Device 360, PSIRT Compliance* � � � �
SD-AccessPolicy-based Automation and Assurance, SD-Access Wireless � � � �
Network assurance and analyticsInsights driven from analytics and machine learning for the network, clients and applications that cover onboarding, connectivity, and performance � � � �
Perpetual 3,5,7-yr Terms* FutureSDA Ready