Looking for Cisco Catalyst switches that can...

joshhboss · ‎06-07-2022

Ive been working and still loving the dinosaurs 2960 and 3750.. There are just some features that I feel I just can't live without and Im very comfortable in crisis situations (event networks that need close to immediate solutions) troubleshooting in iOS.

What im finding thought is that I finding some of these switches with POE+ has been a challenge and also 10gig Networking. So I was wondering if there was still some switches out there that can do.

POE+

TDR

Ip device tracking (believe it or not this is probably one of my most used commands)

10 Gig

All on iOS.

Also ive been using these rate limiting commands that have just working perfectly and id like to be able to continue to use them.

policy-map 100Megs_in_policy
 class default_traffic
  police 100000000 1000000 exceed-action drop
policy-map 1Meg_in_policy
 class default_traffic
  police 1000000 1000000 exceed-action drop
policy-map 20Megs_in_policy
 class default_traffic
  police 20000000 1000000 exceed-action drop
policy-map 30Megs_in_policy
 class default_traffic
  police 30000000 1000000 exceed-action drop
policy-map 15Megs_in_policy
 class default_traffic
  police 15000000 1000000 exceed-action drop
policy-map 150Megs_in_policy
 class default_traffic
  police 150000000 1000000 exceed-action drop
policy-map 25Megs_in_policy
 class default_traffic
  police 25000000 1000000 exceed-action drop
policy-map 50Megs_in_policy
 class default_traffic
  police 50000000 1000000 exceed-action drop
policy-map 10Megs_in_policy
 class default_traffic

and then added to the interface like so. 

 switchport access vlan 30
 switchport mode access
 switchport protected
 description DHCP-Er4
 bandwidth 100000
 speed auto 10 100
 srr-queue bandwidth share 1 255 1 1
 srr-queue bandwidth limit 35
 queue-set 2
 storm-control broadcast level 1.00
 storm-control multicast level 10.00
 storm-control action shutdown
 storm-control action trap
 service-policy input 10Megs_in_policy

Any suggestions on some Cisco Switches that can handle this would be greatly appreciated.

Leo Laohoo · ‎06-07-2022

Please specify how much "PoE+" are is required. Generally, anyone looking for "PoE+" could be looking in the ranges of 30.0wac to 90wac.

Those QoS is not going to work in Catalyst 9k because they have their own set of QoS.

For consistency purposes, in IOS-XE IPDT is called "device-tracking database" or IPDT. Both commands are not interchangeable.

So far, the list can be done by a humble Catalyst 1000 switch.

MHM Cisco World · ‎06-07-2022

@Leo Laohoo just want to update you

C1000 dont support acl under svi.

MHM Cisco World · ‎06-07-2022

From my view 9k is good.

https://www.cisco.com/c/en/us/products/collateral/switches/catalyst-9000/nb-06-cat-9k-aag-cte-en.html

Jitendra Kumar · ‎06-07-2022

my point of view 9k best

Thanks,

Jitendra

Thanks,
Jitendra

Leo Laohoo · ‎07-12-2022

@Jitendra Kumar & @MHM Cisco World

Do not believe in the hype. Catalyst 9k is not just expensive to own but it is also expensive to operate because IOS-XE leaks like a sieve.

If the operator does not have the skills and/or resources to regular (daily) monitor the control-plane CPU & memory utilization, then be prepared to watch the switches crash every 6 to 12 months or reboot the stack every 9 to 12 months.

Have a look at the graph below: 9300, IOS-XE version 16.12.4

This is a graph of a stack of 9300, with 16.12.4. From September 2021 until the end of February 2022, it has been memory-leaking at a gradual rate.

Starting March 2022, due to QuoVadis fiasco (FN - 72323 - Cisco IOS XE Software: QuoVadis Root CA 2 Decommission Might Affect Smart Licensing, Smart Call Home, and Other Functionality) the "Smart" (License) Agent and keyman process got "flooded". After applying the Workaround, it took several days for the spike to ease.

I spend several hours every week combing all our IOS-XE fleet and catching things like this. The non-Cisco NMS we have in place has saved our collective a$$es.

The uber-expensive DNAC, however, cannot even catch the above memory-leak.

We have a large(r) fleet of 2960S and 3750X with uptimes of >4 years. I could/will never achieve an uptime of <18 months with IOS-XE platform because they either crash or we have to perform proactive reload with <12 months uptime.

CORRECTION: I spoke in haste. The only way for 3650/3850/Sup7 to have an uptime of >2 years, without any crashes, is to use IOS-XE version 3.X.X.

Users looking for a simple Layer 2 switch, Catalyst 9200 is way over-kill. A lot of Cisco operators simply want a switch that will move packets around. No fancy stuff like Dot1X, routing, PBR, EEM, (r)SPAN, etc. But, most important of all, the switch will be sitting in some dark corner pushing packets around, gathering dusts and getting forgotten it was even there. The operator will, most probably, not have the knowledge and skill sets to perform regular firmware upgrade (to fix bugs) required of IOS-XE. And IOS-XE is very "generous" with bugs, including "0-config" bugs.

NOTE: Platform with no config, hence "0-config", boots up and hits a bug -- 0-config bugs.

Simplicity is key, hence, (my recommendation of) Catalyst 1000.

brianw360 · ‎09-21-2022

Could you share the name of your preferred "non-Cisco NMS" software?

Leo Laohoo · ‎09-21-2022

We use AKiPS.

Contact them for an evaluation license.

NOTE: Make sure to be sitting down when asking for a quote.