The new Datapath Engines are out with the Catalyst 8000 Edge Platforms Family!
Do you want to know what differentiates these platforms from any other router out there in the WAN edge? How much horsepower these new machines can produce? What are the data path innovations under the hood?
Trust me, I was in the same boat and more excited when I started working on the Catalyst 8000 Edge Platforms to get ready for the big launch announcement.
With year 2020 showing its shades in multiple proportions, especially on the WAN front, all of us are feeling the Cloud-scale vibes of next generation Enterprise Edge Networks. This is an interesting phase. The deployment models are being redefined and planned for years to come. I feel it is a significant milestone in Wide Area Networking.
The Catalyst 8000 Edge Platforms Family is uniquely positioned to take this game to an entirely new level. Ready to beat the expectations and outfit new demands in the fast ramping SD-WAN world.
Hold on, let me open the hood for you and show what made the Cisco Catalyst 8000 Edge Platforms the powerful beasts they are!
Why the Catalyst 8000 Edge Platforms are different than any other WAN router?
The Catalyst 8000 Edge Platforms Family has 3 special products to aid variety of WAN edge use-cases.
We call them Edge Platforms for a reason. Yes, they are not just any other routers! Let's understand what is the locomotive that powers these machines.
Focusing on the overall portfolio,
for Aggregation edge, Catalyst 8500 Series Edge Platforms are powered by Cisco’s Third Generation QuantumFlow Processor ASIC (QFP 3.0),
for Branch edge, Catalyst 8300 Series Edge Platforms are powered by x86 multi-core System on Chip (SoC) architecture,
for Virtual/Cloud edge, Catalyst 8000V Edge Software runs on any given x86/VNF based host either on-prem or public cloud deployments.
What is new with Cisco QuantumFlow Processor, QFP 3.0?
Catalyst 8500 Series Edge Platforms have two variants C8500-12X4QC and C8500-12X. These are evolution of the ASR1000 'HX' Series platforms.
QFP uses multi-threaded parallel processing of packets. This helped us to offer all complex L4-L7 services in faster data path, efficiently served within nano-second processing speeds. All of this is achieved with modular software and hardware implementation to enable resourceful packet processing.
QuantumFlow Processors are the key data path ASIC behind the success story of the ASR1000 platforms for past twelve years.
Open the hood of Catalyst 8500 platform and you will be looking at QFP 3.0 ASIC hidden under the heatsink there!
In QFP 3.0, we have total 224 Packet Processing Engines (PPEs) each having 4 threads to process 896 packets at any given moment. It has 8 times more memory and 256K queues for comprehensive QoS capabilities.
This sheer raw power is readily available for your traffic processing with effective BQS (buffering, queuing & scheduling) mechanisms to avoid any packet reordering issues even when being processed in parallel.
Multicast packet replication has always been an uphill battle for data path engines. However, with higher recycle queues and more thread counts for parallel processing, we have seen remarkable multicast replication performance with QFP 3.0!
Why do we call QFP 3.0 as Hardware Accelerated Data Plane?
QFP 3.0 takes the aggregation data path to a whole new level by hosting following key components within same ASIC implementation:
Built-in L2 Sub-system,capable of 240Gbps of aggregation, per port L2/L3 classification, QoS features and efficient ingress, egress traffic management
Inline Cryptoblock that hosts 16 dedicated crypto engines to offer up to 137Gbps of traditional IPsec throughput for 1400B traffic. Each crypto engine gets its own memory, hardware compute resources to efficiently consume available resources in parallel path to boost performance at every stage
Hardware Assist, low level code blocks that help accelerate processing complex L4-L7 features
The QFP 3.0 is ready to offer hardware accelerated data plane performance with services in the small 1RU form factor on Catalyst 8500 Series Edge Platforms.
What is unique with x86 Multi-core SoC Architecture?
Catalyst 8300 Series Edge Platforms have four variants: C8300-2N2S-4T2X, C8300-1N1S-4T2X and C8300-2N2S-6T, C8300-1N1S-6T which are an evolution of the ISR4400 series platforms. Each of these offer different data path throughput capacities based on 12-core or 8-core SoC (System on Chip) implementations.
We wanted to offer flexibility in which the multi-core data plane can be consumed. Catalyst 8300 SoC architecture have *Dynamic Core Allocation capability - one of the key data path innovation in System on Chip architecture platforms.
By default, system boots up in Service Plane optimized core allocation mode, for example in a 8-core system, 1-core allocated to control plane, 2-cores allocated to packet input/output processing, 2-data plane cores for feature processing, 3-cores are allocated for service plane. The service plane cores can be used for security app hosting. The natively hosted SASE services can be effectively consumed for Cisco SD-WAN using service plane optimized mode.
For the use-cases where service plane operation is not needed, the user can simply re-allocate all service cores as packet processing engines. This will convert into Data Plane optimized core allocation mode, to optimize system for high data performance. This will be useful when the SASE implementation is done for example using an umbrella SIG termination for cloud hosted security; the cores can be repurposed for data throughput boost. In 12-core system, we can have maximum 7 cores allocated to data plane and we still get 4-cores available for service plane in data plane optimized mode.
Apart from core allocation flexibility, we have leveraged new DPDK (Data Path Development Kit) libraries to grant user process access the network interface controller I/O entities. The polling-mode drivers enable the feature execution without need of a system-call. This vital improvement in implementation has bumped up the IP CEF performance up to 20Gbps for 1400B packet payloads.
We also have enabled QuickAssist Technology (QAT) in the multi-core x86 implementation. It has dramatically boosted the security and compression acceleration to enable us to derive up to 18Gbps Crypto throughput for 1400B packet payloads.
The multi-core SoC architecture, and key data path innovations in Catalyst 8300 Series Edge Platforms are purpose-built to be able to deliver performance rich services to our customers in flexible manner on branch portfolios.
IOS XE, Single Image
On the software side, the open and extensible IOS XE is the key ingredient to supplement hardware data path innovation for Catalyst 8000 Edge Platforms Family. All the 3000+ IOS XE feature innovations on traditional routing for past twelve years and IOS XE SD-WAN features for past four+ years are readily available on Catalyst 8000 platforms on day-1.
The IOS XE Single Image capabilities effectively allows us to host traditional routing use-cases in ‘autonomous mode’ and SD-WAN use-cases in ‘controller mode’ operations. The Plug-and-play and programmability automation drives the provisioning and monitoring for day-0, day-1, day-2 and day-n operational tasks using Open, REST, NETCONF APIs available at feature level. Learn more about Single image in my previous blog here.
Catalyst 8000 Edge Platforms are purpose-built for Aggregation, Branch and Virtual/Cloud WAN edge deployments. With security at its core implementation, these are ready to serve SASE driven use-cases for the new era of the WAN edge networks.
Peek under the hood and you shall witness the heavily loaded Datapath Engines that are geared up to offer incredible performance boost for next generation cloud-scale SD-WAN use-cases!
Hi guys, I should help a friend of mine with a small project but now my packettracer memory is a bit out of date.He should create a small network in a building, there are 5 floors: 4 offices (one per floor) and a secretariat (on the ground floor), from ea...
Regarding the sizing of an SD-Access Transit Control Plane node, will a pair of Cisco 9300 switches be sufficient for a 3-site design (hospitals) where there would be anywhere between 4000 and 6000 active endpoints per site at any one time and approx 50 f...
Hi Allits been a long time since I looked at the basics :). Do switches use the cam table or tcam table for Mac learning ?also, if we were to add say 300 access list control entries and apply to a switch port, would this cause any negative impact to ...