ios-xe 3.6.0e/ios 15.2(2)e - cisco · ios-xe 3.6.0e/ios 15.2(2)e silje ingvoldstad systems engineer...
TRANSCRIPT
IOS-XE 3.6.0E/IOS 15.2(2)E
Silje Ingvoldstad
Systems Engineer
May 9th 2014
One Combined Software Release for Cat2K/3K/4K/WLC5760
Cisco Confidential 2 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
§ Introduction § Overview and benefits
§ Release features
§ Key Takeaways
Agenda
Cisco Confidential 3 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
IOS-XE3.6.0E/IOS15.2(2)E Software Release – Highlights
One Combined Release For newly introduced IOS-XE (Cat3850/3650/3850 Fiber, Sup8E & WLC5760) and Classic IOS Platforms (2960S, 2960X/R, 3750-X, 3560-X etc)
Software Service Innovations IT Simplicity, Mobility and Application Experience
Certifications Complete Govt. certifications for NG and Classic shipping platforms (Wired & Wireless)
Critical Feature Parity • For Cat3850/3650 with improved
manageability Extended Maintenance (Long Lived) Release
Cisco Confidential 4 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confiden+al – For NDA use only, not for further disclosure or distribu+on
Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 CY2015
CY2012 CY2013 CY2014
Catalyst Access Switching - Software Roadmap
EM Release
EM: Extended Maintenance Release
(Rebuild) 3.3.2SE
C3850 Fiber
Catalyst 4500E/X Release
Catalyst 2K/3K Feature Release
IOS-XE NG3K Releases
2K/3K/4K One Release
XE 3.6.0E 15.2(2)E
XE 3.7.0/ 15.3(1)E
One Combined Release for Cat2K/3K/4K/5760
XE 3.3.0SG/
IOS 15.1.(1)SG
XE 3.4.0SG/ IOS 15.1(2)SG
XE 3.5.0E/
IOS 15.2(1)E
4K Release
15.0(2)SE
2960-SF Launch
XE 3.2.0SE 3.3.0SE
3K-X UPOE Launch
C3850 Launch
2K/3K Release
C3850/5760 FCS Release
Sup-8E Launch
15.0(2)EX
2960X/XR Launch
IOS XE 3.3.0XO
EM Release
EM Release
C3650 C3850 Fiber
Cisco Confidential 5 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
Customer benefits of combined release ?
• One release to Qualify, Deploy and Maintain for Cat2K/3K/4K
• Lower TCO
What combined release does not provide ?
• Merging of IOS to IOS-XE or vice-versa
• Change in existing platform behavior
Cisco Confidential 6 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
SM Rebuilds EM Rebuilds
• Total 3 rebuilds spanned over 18 months. • Last rebuild is PSIRT only.
• Total 9 rebuilds spanned over 44 months. • Last 2 rebuilds are PSIRTS only.
• Extended Maintenance (EM) and Standard Maintenance (SM)
• Two feature releases every year, alternating between SM and EM
3.x/15.x SM SM EM SM EM EM
Release Guidelines
Cisco Confidential 7 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
1 Infrastructure
New APs- AP2700, AP700I, AP700W, AP1530 New Optics: Active/Passive SFPs CX1 , Active SFP+
2
IOS-XE3.6.0E/15.2(2)E Software Release 4K(SUP8,7,6,4500-X,49xx), 3K(3850,3650,X,C), 2K(2960S,FE,X,XR,C), WLC5760
IT Simplicity NG Plug & Play (PnP), Interface Template, Auto-
conf, Easy VSS, Auto Secure
Govt. Compliance Wired & Wireless: FIPS, Common Criteria, UCAPL,
USGv6
Application Experience AVC Wireless on AP Ph II (QoS tie-in with
Policy, Medianet on 3850/3650 (Wired)
Manageability Prime 2.1, ISE 1.3, MSE 8.0, WEBGUI 5 6
4 3
BYOD & Mobility Service Discovery Gateway Ph 2(Location/HA), Device Profiling & Policy classification
Engine for Wired/Wireless
Target CCO: July 2014
Cisco Confidential 8 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
3850/3650 Wired Feature Parity with 3750-X 3.3.0SE (Shipping)
Ø Core • HSRPv2 • 9 member stack • QoS Enh
Ø Core • VRRPv3, IPv6 VRFs • IPv6 Multicast Routing • QinQ/L2PT
Ø Software Services • Security: SGT/SGACL, Critical Voice VLAN, (SXP/
SXP2 Enhancements • BYOD: Service Discovery Gateway (wired &
wireless), Wired Guest Access • IT Simplicity : Wireshark (wired & wireless)
(
Ø Compliance • FIPS & Common Criteria • UCAPL (DoD/JITC)
Ø Other • 10G DWDM SFP+, ZR (3.3.3SE rebuild, Target
CCO: 4/30/14)
Ø Software Services
• Security: Device Sensor • AVC: Medianet (Perf Mon, Mediatrace, Metadata) • EW : Energywise Parity
Ø Compliance • FIPS & Common Criteria • UCAPL & USGv6
Ø Other • Extended Maint • Active/Passive SFP/SFP+ Optical Cables
3.6.0E (July 2014)
Cisco Confidential 9 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
IOS-XE 3.6.0E/ IOS15.2(2)E Release
Wired Features Infrastructure • Active and Passive CX1 SFP, Active CX1 SFP+, • Sup8-E wired feature parity w/ SUP7E (except IPv6 PBR) • Migration enablers for 3850 & 3650* (See next slide for details) • TDR in Lan Base (4K,parity with 3K), WCCP in IP-base (3K), IPv6
PIM in IP-lite(2960XR)
Layer 3 • IPv6 VRF (Sup8E, 3850/3650) • IPv6 uRPF, IPv6 PBR (3850/3650) • IPv4 & IPv6 SDM Templates (3850/3650) • VRRPv3 (Sup8E, 3850/3650) IT Simplicity • PnP Agent, PnP Smart Install Proxy • Smart Install Client (4K) • Auto Conf and Interface Templates • Easy VSS, Auto Secure Services • Device Sensor w/ISE – Wired & Wireless • Service Discovery Gateway Ph II (Location, Static service,,HA) • IP4 FQDN ACL, Secure CDP, IPv6 CTS, Bidir SXP Application Experience • Medianet on 3850 & 3650 (Perf Mon, Mediatrace, Metadata)
Wireless Features Infrastructure • New AP Support: AP700I, AP700W, AP2700 • Outdoor AP1530 series (Centralized Mode Only) Mobility Services • AVC-Wireless Ph II ( QoS tie-in with Policy) • Service Discovery Gateway Ph II (location static
service) • Device Sensor (Policy Classification Engine)
Interop • Prime 2.1, ISE 1.2/1.3, MSE 8.0
Compliance for Wired and Wireless • Wired & Wireless FIPS 140-2, CC, UCAPL
Target CCO: July 2014
Cisco Confidential 10 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
Next Gen Plug & Play Addressing Network deployment Challenges
Direct Costs • Costs for staging • Travel costs of skilled installers at every
locations
Complexity • Config errors • So many different products
Security • Configs sensitive info handled by 3rd party • Rouge devices joining the network
Time/Productivity • Manual process X number of devices X
locations • Longer lead time – shipping and staging
Today’s Process Business Challenges
Site-1
IT Admin Customer Staging facility • Install OS • Install base config
Installer
Ships equipment
Re-Ships equipment Reseller/Partner
Site-2 Site-3
Cisco Confidential © 2011 Cisco and/or its affiliates. All rights reserved. 11
Next Gen Plug & Play - Use Case
Pre Provision Sites • Policies • Match Rules • Configs/Image • IP Addressing
Network Admin
Installer
Day 0
PnP Server
Network Admin
Internet
Remote Installer • Mount and cable devices • Power-on
Phase-I: APIC-EM Target FCS: end of CY14
Options for PnP Server
Day 1
PnP Agent
PnP Agent
Pre version will use PnP Smart Install Proxy on uplink switch
Day 1 Remote Monitoring • Status • Install progress
Roadmap 3rd party application
Platform Supported: 4K/3K/2K/Compact
Cisco Confidential 12 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
NG Plug & Play – Comprehensive for Branch and Campus Day 0/1 Provisioning Tasks
Auto Install Smart Install
CNS/CE
Prime 2.0 PnP Gateway
Support unskilled installers (NO CLI) ✓ ✓ Partial ✓ Secure deployment X X Partial X Support any Place-in-Network (Campus/Branch)
Partial Partial ✓ Partial
GUI for admin & installer workflows X X Partial Partial
Consistent for all ENG devices Partial X Partial Partial
RMA Use Case X Partial X X Complete automation for branch deployments X X X X
NG PnP Solution
✓
✓
✓
✓
✓
✓
✓
Cisco Confidential 13 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
Auto Conf and Interface Template
Port based only Usability/Bloated config Inflexible
• Simplified running-config • Parsed at definition time • Built-in templates
Lower TCO
• Config rollback • Precedence management • Integrated with session
aware networking
Easy to use &
Intuitive
Next Gen Auto Smart Port
Current Challenges
Cisco Confidential 14 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
P1
P4
P2
Auto conf – Use case
Access Switch
switchport trunk encapsulation dot1q switchport trunk allowed vlan ALL switchport mode trunk switchport nonegotiate auto qos voip trust mls qos trust cos srr-queue bandwidth limit $LIMIT
S1, S2, S3
S4
auto qos voip trust switchport trunk encapsulation dot1q switchport trunk allowed vlan ALL switchport mode trunk
vlan 100 access-group corp inactivity 300
vlan 200 access-group corp service-policy corp
interface-template service-template
interface-template
service-template
Phone
Compact switch
Access point
Interface Templates • Activated on INTERFACES • Auto-conf one network device per port
e.g. Switch or AP • Impacts all the traffic exchanged via that
interface • Stays ON as long as activated
Service Templates • Activated on NETWORK SESSIONS • No impact on other session’s sharing
that port • Stays ON as long as the session exists
Platforms supported:4K/3K/2K/Compact
Cisco Confidential 15 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
3750X# show run interface Gig 1/0/10 Building configuration... Current configuration : 79 bytes ! interface GigabitEthernet1/0/10 source template DMP_INTERFACE_TEMPLATE end
3750X(config-if)#source template DMP_INTERFACE_TEMPLATE 3750X(config-if)# end 3750X# show derived-config interface Gig 1/0/10 Derived configuration : 249 bytes ! interface GigabitEthernet1/0/10 switchport mode access switchport block unicast switchport port-security srr-queue bandwidth share 1 30 35 5 priority-queue out mls qos trust dscp spanning-tree portfast spanning-tree bpduguard enable end
Interface Templates
• Easy to build, modify and troubleshoot • Simplify Running config BEFORE
AFTER
Cisco Confidential 16 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
• HSRP/VRRP • Designated Gateway
• Service Enumeration
• Hop Extension • Service Availability
• Civic Location (wired) • Proximity Awareness
(wireless) Location
Awareness Static
Service Definition
HA Awareness
Ease of Use
Bonjour Service Discovery Gateway – Phase 2 Platforms supported:4K/3K/5760
Cisco Confidential 17 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
VLAN 21
CAPWAP Tunnel
AirPlay
VLAN 40
VLAN 20
Apple TV (Wireless)
Apple TV WLAN (VLAN 40)
Filtered location aware ‘Service Discovery Gateway’
Neighboring AP Neighboring AP Apple TV
(Wireless)
1. Neighbor AP-list is formed using the client AP-MAC address 2. Controller uses AP-MAC address, look up RRM DB for Neighbor AP-list 3. Wireless services in the Bonjour database associated to those neighboring APs are
returned 4. Client device is sent a filtered list of Bonjour services in the vicinity of that neighbor
AP-list
Site B
Site A
Cisco Confidential 18 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
Static Service Definition
SiSi
SiSi
ZeroConf Enabled Clients
Static Service
Definition
Multiple Hops
Services
Benefits § Enables Non Bonjour enabled Devices
§ Extends Services to Multiple Hops
§ Eliminates needs for Active Query
§ Services made available and added in cache with config
Cisco Confidential 19 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
Service Discovery Gateway – HA Support HSRP/VRRP and Designated Gateway § HSRP/VRRP support
§ Active & Standby pair of the HSRP will build the cache
§ Standby will be in Listen Only mode § New Active will start announcing services
after failover
§ Designated Gateway
§ When multiple gateways in one domain, one will be configured as designated
§ Prevents duplicate responses § Minimize traffic flow
Cisco Confidential 20 © 2013-2014 Cisco and/or its affiliates. All rights reserved. ACTIONS
RADIUS
Auth
AD memberOf = cisco-av-pair
Device Profiling AVC
Wired Wireless Policy Classification Engine
• Integrated on 5760, 3850, 3650 • No separate server/license required
• Ability to classify 88 device profiles • Apple iPhone, Apple iPad, Windows XP, • Windows7/8, Samsung Galaxy S3, • iOS 5.1/6, Ice Cream Sandwich, Jelly Bean
• Policy Actions • Prioritize, Drop traffic DEVICE
TYPE USER ROLE CISCO-AV-
PAIR
Faculty Student
APPLICATION NAME
Voice
Video
BIND
Prioritize QoS
Drop ACL
Change VLAN VLAN
Cisco Confidential
WLC
Cisco Confidential 21 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
WEBGUI Enhancements
Areas 3.2.x 3.3.x 3.6
Features • Setup Wireless • Key FCS Features
Configuration • Monitoring Status
• Enhanced Dashboard • 11ac and AP platforms • 3650 Platform • QoS • Features from 3.3 (AV,
Bonjour, AP SSO)
• New AP Platforms • New Features (AVC, Native Profiling & Policy Engine, Bonjour)
Usability • Day 0 Config • SEVT Feedback • Improved Defaults • Drop down list • End to End flow
(BYOD, WebAuth)
• Dashboard Improvements • Field Feedback
Performance • Poor performance loading sites
• http improvements • https improvements
Cisco Confidential 22 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
Compliance - Catalyst 2K, Compact, 3K-X, 3850, 3650, 5760 Certified In Progress with 3.6.0E
2960S/SF, 2960X/XR 2960S/SF All
2960C, 3560C All All
3K-X, 3K-X UPoE 3K-X All
Wired & Wireless 3850, 3650, 3850-UPoE, 5760 All
2960S/SF, 2960X/XR 2960S/SF All
2960C, 3560C 2960C, 3560C All
3K-X, 3K-X PoE 3K-X All
Wired & Wireless 3850, 3650, 3850-UPoE, 5760 All
2960S/SF, 2960X/XR 2960S/SF All
2960C, 3560C 3560C All
3K-X, 3K-X PoE 3K-X All
Wired & Wireless 3850, 3650, 3850-UPoE, 5760 All
2960S/SF, 2960X/XR 2960S/SF 2960X/R
2960C, 3650C All
3K-X, 3K-X PoE All
Wired & Wireless 3850, 3650, 3850-UPoE, 5760 3850, 3850-UPoE 3650
NA
Certified NA Not Applicable Not Certified
NA
Products
Cisco Confidential 23 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
Compliance - Catalyst 4500E/X,49xx Series Switches Currently Certified In Progress with 3.6.0E
Sup2, Sup4, Sup5, Sup6E, Sup6LE Sup2, Sup4, Sup5
Sup7E, Sup7LE, 4500X Sup7E,7LE,4500X All
Sup8E Sup8E (Wired)
49xx 4900M, 4948E, 4948EF
Sup2, Sup4, Sup5, Sup6E, Sup6LE
Sup7E, Sup7LE, 4500X Sup7E,7LE, 4500X All
Sup8E Sup8E (Wired)
49xx
Sup2, Sup4, Sup5, Sup6E, Sup6LE Sup6E, Sup6LE
Sup7E, Sup7LE, 4500X Sup7E,7LE,4500X All
Sup8E Sup8E (Wired)
49xx
Sup2, Sup4, Sup5, Sup6E, Sup6LE Sup6E, Sup6LE
Sup7E, Sup7LE, 4500X Sup7E,7LE,4500X
Sup8E Sup8E (Wired)
49xx 4900M, 4948E, 4948EF
Certified NA Not Applicable
Product
NA
NA
NA
Not Certified
Cisco Confidential 24 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential 25 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
Key Takeaways
• One Combined and Extended maintenance for Cat2K/3K/4K/WLC5760 • Rich Software Services - IT simplicity, Mobility Application Experience • Critical Feature Parity for Cat3850/3650 • Complete Government Certifications (Wired & Wireless) • Improved Managebility
• Update notes in every slide
Thank you.