9000@nettrain

Catalyst 9000 Switch Family
Architecture
Kenny Lei, Technical Marketing Engineer
BRKARC-2035
T.me/nettrain
Cisco Webex App
Questions?
Use Cisco Webex App to chat
with the speaker after the session
How
1 Find this session in the Cisco Live Mobile App
2 Click “Join the Discussion”
3 Install the Webex App or go directly to the Webex space Enter your personal notes here
4 Enter messages/questions in the Webex space
Webex spaces will be moderated

until February 24, 2023.
BRKARC-2035 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 2
T.me/nettrain
• Digital trends
• Cisco ASICs
• Access Switching
• Catalyst 9300 (C9300X, C9300, C9300L/LM)
Catalyst 9200 (C9200CX, 9200, C9200L)
Agenda
•
• Catalyst 9400 (C9400X, C9400)
• Core and Distribution Switching
• Catalyst 9500 (C9500X, C9500)
• Catalyst 9600 (C9600X, C9600)
• Summary
T.me/nettrain
Enterprise Access Trends
Higher mGig Port Density Higher and Flexible Uplink Bandwidth
Higher UPOE+ Port Density Higher 10G Port Density
Wifi6E Deployments with mGig
Smart Buildings with 90W Server Connectivity – 10G BaseT
New Access requirements for Future Campus

T.me/nettrain
Cisco Catalyst 9000 Switching Portfolio
One Family from Access to Core – Common Hardware & Software
C9500X-60L4D
Q1
CY23
C9600X-LC-32CD
Catalyst Catalyst
Catalyst Catalyst 9600X
9300X
9400X
Catalyst 9500X
Catalyst
Catalyst
9400 Series
9000 Catalyst
Catalyst
9600 Series
Catalyst 9300 Series
9200 Series Series 9500 Series
Catalyst
9300LM
Catalyst Cisco Cisco
9200CX ASIC IOS® XE
Catalyst Catalyst Catalyst Catalyst Catalyst Catalyst

2960-X/XR 3650/3850 4500-E Series 3850-XS/4500-X 6840-X/6880-X 6500-E/6807-XL
Access Switching Core Switching
T.me/nettrain
Cisco ASICs
Cisco UADPs and Silicon One
T.me/nettrain
Catalyst 9000 Series – Common Building Blocks
ASICs
Programmable x86 Open IOS XE® Cisco ASICs

Multi-Core CPU Polaris UADPs and Q200
Application Hosting Model-Driven APIs Programmable Pipeline
Secure Containers Modular Patching Flexible Tables
Same binary image for both UADP and Silicon One C9K platforms*
* C9200 uses IOS XE Lite
T.me/nettrain
Custom ASICs – Programmable Silicon
Cisco Unified
Unified Access
Cisco Silicon One™ Flexible Pipelines
Data-Plane Investment Protection
(UADP®)
Adaptable Tables
Universal Deployment
Scalable Resources
Enhanced Scale and Buffering
Flexible & Programmable ASICs – Adapt to New Technologies

T.me/nettrain
Cisco Unified Access Data-Plane (UADP®)
Common ASIC Architecture for Switching Access, Distribution & Core
UADP 2.0m UADP 2.0/XL UADP 2.0sec UADP 3.0 UADP 3.0sec
120 Gbps 240 Gbps 480 Gbps 1.6 Tbps 1.6 Tbps
16nm FinFET 28nm FinFET 16nm FinFET 16nm FinFET 16nm FinFET
1.3B Transistors 7.6B Transistors 7.6B Transistors 19.2B Transistors 19.2B Transistors
1 Core + ARM CPU 2 Core 1 Core2 + SEC 2 Core 2 Core + SEC
• Multiple generations and formats, same architecture • Multiple functions: system-on-chip or line-card
• Rich flexible forwarding & services memories • Multiple form factors: fixed or modular
• First fully programmable microcode network silicon • Multiple places: Access, Distribution and Core
community.cisco.com/t5/networking-blogs/uadp-the-powerhouse-of-catalyst-9000-family/ba-p/3764605
T.me/nettrain
Cisco UADP ASICs up to 1 BILLION
times per second!
ASIC Architecture & Block Diagram
Stack or ASIC interface
PBC – Packet Buffers Complex SQS AQM

Q Q Q
IQS EQS
Flexible
Ingress Forwarding Egress Forwarding
Look up
Controller Tables Controller
(IFC) (EFC)
(shared by
Core 0 ASIC cores) Core 0
Rewrite engine
Ingress FIFO Egress FIFO
MACsec Encryption Recirculation MACsec

engine engine
Network Interfaces - Front Panel Ports
T.me/nettrain
Cisco UADP – Flexible Lookups
Programmable Ingress and Egress Processing Stages
Final decision on Flex parser

packet’s future 256 B
Flexible lookup tables
IGR Flex parser
Look-Up Look-Up Look-Up Look-Up
Table Table Table Table
15 Ingress Stage Stage

15 1
Programmable Look-Up
Table
Look-Up
Table
Look-Up
Table
Look-Up
Table
Stage Stage
stages # 2 8 Egress
Stage Look-Up Look-Up Look-Up Look-Up Stage
# Table Table Table Table
# Programmable
Stage Stage stages
2 Look-Up Look-Up Look-Up Look-Up #
Stage Stage
1 8
Look-Up Look-Up Look-Up Look-Up
Flex parser EGR

2 lookups
per stage
Final decision on
packet’s future
Flex parser FORWARD or
256 B RECIRCULATE
T.me/nettrain
Cisco UADP - Flexible Tables
Customizable ASIC tables for universal deployment flexibility
SRAM / TCAM
Flexible SDM templates
64K Access Core Distribution NAT
• MAC template template template template
• IPv4/v6
256K Layer 2 and Layer 3 and Mix of Layer 2 and Layer 3
• Unicast Client scale Policy scale Layer 3 capabilities and NAT scale
32K • Multicast
Customize table sizes for each function - based on the Place in Network
• NetFlow
48K • ACL SRAM TCAM SRAM TCAM
• SGACL FIB
MCAST
(16K) Others SGT
QoS
ACL Others
MCAST (32K) (3K)
16K • QoS (48K)
MAC
(80K)
SEC
ACL
QoS
ACL
FIB
(64K)
(48K) SEC
ACL
IGMP (18K) (18K) (18K)
• NAT SGT
(32K)
LISP
(1K) IGMP
MAC
(32K)
LISP
(1K)
8K • SPAN
(16K) (16K) NAT
(16K)
Host Internal Resources Tunnels NAT Internal Host Internal Resources Tunnels Internal
(32K) (1K) (2K) Resources (32K) (1K) Resources
4K
Access / Edge template Core / Border template
Table sizes can be tailored to support multiple templates

T.me/nettrain
Cisco Silicon One™ Q200
Industry leading Switching and Routing Silicon
First 7nm ASIC providing

lowest watts/GE power
Cisco Silicon ONE Q200 consumption
12.8T BW 8.1 Bpps
Industry Leading
12.8T System on Chip
2M IPv4
Fully P4 programmable enabling
8G HBM for
deep buffers or 1M IPv6 feature velocity
route scale
Fully P4 50G PAM4

Multi slice architecture for
Programmable
Pipeline
Serdes flexibility and scale
Routing Capabilities with Switching Power and Performance

T.me/nettrain
Cisco Silicon One™ Q200
ASIC Architecture & Block Diagram
RX & TX NPU (per slice):
• P4 programmable Run-to-Complete Traffic Manager (TM)
Packet Processing Slices (6):
• Large Central Database (CDB) Tables • Large fully-shared memory switch
• 1 packet per clock (@ 1.35GHz)
• Expandable LPM in external HBM • Congestion Management
• Slice = 2x IFGs + 1 RX & TX NPU
• Pool of queues & flexible scheduling
CDB LPM CEM ACL
receive slice n transmit slice n

receive slice 1 transmit slice 1
RX per- per- TX
MACs
classify
port Q
Queueing port Q MACs
RX IFGs RX NPU & TX NPU TX IFGs
RX per- Scheduling per- TX
classify
MACs port Q port Q MACs
Interface Groups – IFGs (12): High Bandwidth Memory (HBM)

• groups of 56Gbps SerDes & MACs HBM/DDR • Seamlessly expand on-die buffer
• 10/25/50GE & 40/100/200/400GE • expansion of CDB-LPM database
• 4-8GB of fully shared memory
T.me/nettrain
Cisco Silicon One™ Q200 - Central Databases
Onboard LPM, CEM & ACL memory
6 keys (1/slice)
Q200 CDB includes the Central L2/L3 EM

6 keys (1/slice)
Forwarding and ACL databases: EM
6 keys (1/slice)
Central EM
Central EM
LPM – SRAM database for IP/mask routing implemented RXPP-
EM+LPM
6 keys (1/slice) DB splitter
by Longest Prefix Match algorithm FWD EM+LPM
• Primarily used by IPv4 and IPv6 unicast routing RXPP- 6 keys (1/slice) DB splitter
• Up to* 2M IPv4 route entries, or 1M IPv6 route entries FWD LPM Central LPM
6 keys (1/slice)
• LPM can be extended (from CDB) to HBM
LPM Central LPM
CEM – SRAM database for MAC & Host (/48, /32 or /128), 12 keys (2/slice)
Multicast & Labels implemented by Exact Match algorithm RXPP-
12 keys (2/slice) ACL
• For features using an exact match (every bit, no mask) TRM 6 keys (1/slice)
• Up to 608K IPv4 entries, or 304K IPv6 entries RXPP-
TXPP- ACL
TRM
• CEM can be flexibly reallocated for different tables 6 keys (1/slice)
ENC
TXPP- 12 keys (2/slice)
ACL – TCAM classification database, contains Security, ENC
QoS and Services Access Control List entries 12 keys (2/slice)
2 keys (1/HBM i/f)
• For features that use (match criteria + action) policies
• Up to 8K IPv4 ACL entries, or 4K IPv6 ACL entries 2 keys (1/HBM i/f)
• OG/SGACLs use CEM, with only action ACEs in TCAM MM U +

HBM
MM U +
* Exact scale depends on IP/mask distribution (contiguous vs. random) and hash efficiency. Sample tests with IPv4 GRT is ~1.85M
HBM
T.me/nettrain
Cisco Catalyst 9500X & 9600X with Q200
SDM templates and scale numbers
Features (CEM) Customizable DEFAULT (core + edge) Custom (min to max @ step)
MAC addresses ✓ 128,000 32,000 to 256,000 @ 1000 step
Host routes (ARP/NDP) ✓ 128,000 / 64,000 32,000 to 256,000 @ 1000 step
Layer 2 multicast entries (IGMP/MLD) FCS+ 16,000 / 8000 0 to 64,000 @ 1000 step
Layer 3 multicast routes (IPv4/IPv6) FCS+ 32,000 / 16,000 0 to 64,000 @ 1000 step
ACL compression (SGT, DGT, OGID/v6) ✓ 32,000 / 16,000 0 to 64,000 @ 1000 step
MPLS labels ✓ 256,000 0 to 512,000 @ 1000 step
Reserved (PBR/NAT) FCS+ 16,000 / 8,000 0 to 256,000 @ 1000 step
CEM 608,000 (288,000 for LPM)
L3 Routes (LPM) FCS+ 2 million / 1 million 1 million to 2 million @ 1 million step
Features (TCAM) Customizable DEFAULT (core + edge) Custom (min to max @ step)
Security ACL (IPv4/IPv6) FCS+ 8000 / 4000 shared* 0 to 11,000/5000 @ 1 step

Quality of service (IPv4/IPv6) FCS+ 8000 / 4000 shared* 0 to 11,000/5000 @ 1 step
Policy-based routing (IPv4/IPv6) FCS+ 8000 / 4000 shared* 0 to 11,000/5000 @ 1 step
Lawful intercept (IPv4/IPv6) FCS+ 1000 (2x 512) reserved 1000 to 5000/2500 @ 1 tap (2 ACE)
LPTS, EPC, FSPAN, NFL (IPv4/IPv6) FCS+ 1000 (2x 512) reserved 1000 @ 1 step
TCAM 10,000 (2000 for LPM)

* Shared is an unreserved space, first come, first served per feature.
FCS – First Customer Shipment 17

BRKARC-2035 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public
T.me/nettrain
Access Switching
T.me/nettrain
Catalyst 9000 Family PID decoder
Product ID: C9300LM-48UX-4Y
Product Family Product sub-family # of ports and port type

C9200 L – Fixed uplink Copper (RJ45) Fiber
C9300 C – Compact T – Data only S – 1Gbps (SFP)
C9400 X - Expansion P – PoE (30W) X – 10Gbps (SFP+)
(C9404, C9407,
C9410) U – UPoE (60W) Y – 25Gbps (SFP28)
M – Mini (Shallow Depth)
C9500 H – UPoE+ (90W) Q – 40G (QSFP)
R – Modular Chassis with
Redundant Supervisor G – 1Gbps L – 50G (SFP56)
C9600
(C9606) X – 10Gbps C – 100G (QSFP28)
N – mGIG (up to 5Gbps) DD – 400G (QSFP-DD)
M - mGIG
T.me/nettrain
C9300X- UADP 2.0sec
C9300/L/LM - UADP 2.0
Catalyst 9300
C9300X – Expansion
C9300 - Modular Uplinks
C9300L – Fixed uplinks
C9300LM – Mini version with Fixed uplinks
T.me/nettrain
C9300/L - UADP 2.0
Cisco Catalyst 9300 Series

Extended Catalyst 9300 Series with Catalyst 9300X models
Catalyst® 9300 models with modular uplinks (C9300) Catalyst 9300 models with Fixed uplinks (C9300L)
1G copper ports with PoE/Cisco UPOE®/UPOE+ 9300 Uplinks 1G Copper Data & PoE
4x1G or 4x10G
4x fixed
Multigigabit Uplinks 48/24 ports data 1G
48/24 ports Data 1G 48/24 ports UPOE+ and UPOE 1G
2-4x 4x1G or 4x10G
2x
Scale fixed
Buffers 4x 1G SFP
Uplinks
48/24 ports UPOE 1G – 9300B 8x 1/10G SFP/ 48/24 ports PoE+ 1G
48/24 ports PoE+ 1G
SFP+
Multigigabit models with UPOE
Multigigabit models with UPOE 1G fiber

2x 40G QSFP 4x10G or
2x40G
Uplinks
48/24 ports mGig + UPOE
48/24 ports Multigigabit 48/24 ports SFP 1G 2x 1/10/25G
SFP/SFP+
StackWise® and StackPower Optional StackKit

cables
50CM-1M-3M 30CM-150CM Stack Adapters 50CM-1M-3M
Platinum-rated power supplies Modular fans External Storage
Common USB 3.0

components 120/240GB
315W AC 715W AC/DC 1100W AC 1900W AC
T.me/nettrain
Catalyst 9300X – New High Performance Access
Switch
500GE 1/2.5/5/10/25/40/100G
Bandwidth 1T
Supports Different Speeds Stacking Capacity
Enhanced App
100G Encryption QAT Engine
Hosting (HW Acceleration)
2 x 10G App Gig ports
UADP 2.0sec
48 x mGig-10G + 90W UPOE+ Flexible Uplink Options

T.me/nettrain
Investment protection with Catalyst 9300X
External storage
Redundant fans Redundant power
(240-GB SSD)
Data stack cables Optional power

StackPower cables
1T Stacking BW supplies (AC+DC)
Common components and stacking backward compatible with Catalyst®

9300 Series
T.me/nettrain
Introducing the Catalyst 9300X models UADP
2.0sec
Multi core
X86 CPU
Open IOS XE
Stacking up the industry firsts X86
Industry
first Terabit stacking Mixed 25/10G fiber stacking with copper 100G uplinks on stackable Extending Catalyst leadership …
Stacks with Densest uplinks: 2x 100/40G, 8x 25/10G, Line-rate non-blocking

Transitions Catalyst 3850-XS fiber switches
Catalyst® 9300 Series switches 8x 10G/Multigigabit
Removable storage (240 GB)
Fiber Copper 256-bit MACsec
Hot patching
Catalyst 9300X-48HX
Extended FSU
Catalyst 9300X-24Y Catalyst 9300X-48TX NBAR2
Catalyst 9300X-48HXN IEEE 1588 and AVB
Catalyst 9300X-24HX …while seamlessly integrating

Catalyst 9300X-12Y
with Catalyst 9300
Same optics
Industry Industry Industry
100G Layer 3 encryption StackPower+ first
App hosting with crypto acceleration
first first Common stacking
IPsec, QAT and ~2x capacity Common power stacking
Enabled through StackPower+ and power
* WAN MACsec, (memory, CPU, 2x 10G KR)
supply enhancements
* CloudSec* Common power supplies, fans, cables
Modular uplinks StackWise® and StackPower cables Platinum-rated power supplies Modular fan
4x 40/100G 2x 40/100G 8x 10/25G 8x Multigigabit 50CM-1M-3M 30CM-150CM 315W AC 715W AC/DC 1100W AC 1900WAC
*Roadmap.
T.me/nettrain
Catalyst 9300 Stacking Support
Modular Uplink Modular Uplink Fixed Uplink

Catalyst 9300X models (10/25G Fiber) Catalyst 9300 (non –B) and Catalyst Catalyst 9300L/LM models
9300X models
8 switches
8 switches
8 switches
1T 480G 320G
Stacking supported among Catalyst 9300X models and mixed stacking between Stacking supported among
Catalyst 9300 and Catalyst 9300X models Catalyst 9300L/LM models only
Mixed stacking is not supported between Catalyst 9300, 9300X, and 9300L/LM models
T.me/nettrain
Highly available StackPower
1900W 1900W 1900W 1900W
1900W 1900W One shared

1900W PS
1900W
4 member pool for 4 X watts
1900W 1900W 1900W 1900W
switches
1900W 1900W 1900W 1900W
Stack
Power
1900W 1900W 1900W 1900W
1900W 1900W Second shared

1900W 1900W
4 member PS pool for 4 X watts
1900W 1900W 1900W 1900W
switches
1900W 1900W 1900W 1900W
• Pools power from all Power Supplies (PS)

• All switches in StackPower share the available power in the pool
• Each switch is given its minimum power budget
T.me/nettrain
C9300LM - UADP 2.0
Cisco Catalyst 9300LM Series
Fixed Uplink replacement for Catalyst 3650-mini
Fixed Uplinks ( C9300LM Models )

Multigigabit/UPOE model UPOE models
4 x10/25G 4 x10/25G
Fixed 25G Uplinks FixedUplinks
25G
C9300LM-48UX-4Y 40 x 1 G +8 x 100/1/2.5/5/10G uplinks
UPOE Ports
C9300LM-24U-4Y 24 x 1G UPOE Ports uplinks
1G Data model
4 x10/25G
4 x10/25G Fixed 25G
Fixed 25G Uplinks
Uplinks uplinks
C9300LM-48T-4Y 48 x 1G Ports
uplinks C9300LM-48U-4Y 48 x 1G UPOE Ports
NEW Modular Stacking NEW Newer Higher-Efficiency C9300LM only Power supplies Modular Fans*
Stack Adapters Stack Cables 600W AC 715W DC 1000W AC FAN Module
* Data SKU utilize Fixed Fan
T.me/nettrain
Catalyst 9300LM- Shallow Depth
11.8-13.2 inches
19.2 inches 11.6 Inches
Catalyst C9300L Catalyst C9300LM Catalyst C3650-mini
Dimension(W X H x D)
SKU AC PSU DC PSU
Data Models 17.50” x 1.73” x 12.39” 17.50” x 1.73” x 11.86”
UPOE/mGig Models 17.50” x 1.73” x 13.17” 17.50” x 1.73” x 13.03”
Migration Platform for C3650-mini
T.me/nettrain
C9300X- UADP 2.0sec
C9300/L/LM - UADP 2.0
Extended Catalyst 9300 Series with Catalyst 9300X and 9300LM models
Catalyst® 9300 models with modular uplinks Catalyst 9300 models with Fixed uplinks
1G copper ports with PoE/Cisco UPOE®/UPOE+ 9300 Uplinks 1G Copper Data & PoE
2x to 4x
scale/
48/24 ports data 1G 48/24 ports UPOE 1G

buffer 4x1G or 4x10G
4x Multigigabit 4x 1G SFP
fixed
48/24 ports UPOE 1G Uplinks 48/24 ports PoE+/data 1G
48/24 ports PoE+ 1G 48/24 ports UPOE+ 1G Multigigabit models with UPOE
8x 1/10G SFP/
Multigigabit models with UPOE 1G fiber SFP+
2x 40G QSFP
4x1G or 4x10G
fixed
Uplinks
48/24 ports SFP 1G 2x 1/10/25G SFP/SFP+ 48/24 ports PoE+ 1G
48/24 ports Multigigabit
Catalyst® 9300LM models with Fixed uplinks NEW
Catalyst® 9300X models with modular uplinks 9300X Uplinks
Shipping 1/10/25G Fiber mGig Copper models 4x25G

40x 1G + 8 x mgig/10G 24 x 1G UPOE
4x 2x 100/40G Fixed Uplinks
100/40G* QSFP
QSFP
48 mGig port Data only 48 x 1G Data 48 x 1G UPOE
24/12 ports SFP+ 1G/10G/25G 24/48 mGig with UPOE+
StackWise® and StackPower

8x 25/10
cables 8x 10G-Mgig
/1G** Optional StackKit
50CM-1M-3M 30CM-150CM Stack Adapters 50CM-1M-3M
Platinum-rated power supplies Modular fans External Storage
Common USB 3.0

components 120/240GB
315W AC 715W AC/DC 1100W AC 1900W AC
* Supported on 48HX and 24Y 29
BRKARC-2035 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public
** Last two ports disabled with 48HXN
T.me/nettrain
C9300X- UADP 2.0sec
Cisco Catalyst 9300X models
C9300X-48HX - 48 port 1/2.5/5/10G copper
StackWise®-1T X86 2.4-GHz

quad-core CPU
ASIC 0 Packet buffer (16 MB) ASIC 1 Packet buffer (16 MB)
FPGA
DRAM – 16 GB
Forwarding controller Forwarding controller
Flash 16 GB
Reassembly 540G Reassembly Rewrite
Rewrite
crypto crypto USB 2.0
Ingress FIFO Egress FIFO Ingress FIFO Egress FIFO

USB 3.0
Core 0 Core 0
Mgmt Console
Network interface Network interface
2x 100G
2x 20G
2x 20G
2x 20G
2x 20G
2x 20G
2x 20G
2x 20G
2x 20G
2x 20G
2x 20G
2x 20G
2x 20G
2x 20G
2x 20G
2x 20G
2x 20G
2x 20G
2x 20G
2x 20G
2x 20G
2x 20G
2x 20G
2x 20G
2x 20G
2x 100G
4x 100/40G
PHY PHY PHY PHY PHY PHY 2x 100/40G
0 1 2 3 4 5 8x 25/10G
8x Multigigabit
Cage 1 Cage 2 Cage 3
1-24 25-48 1-8
T.me/nettrain
Flexible design options with the Catalyst 9300
in 2- or 3-tier architecture
Campus Branch
Core
9600/9500H
(SVL)
40/100G
40/100G
Collapsed core 9300X
40/100G 40/100G Distribution
9500H(SVL)
Distribution Collapsed access
9300X
fiber stack
(StackWise®-1T) Mixed stack 40/100G
9300/9300X 40/100G
40/100G
Mixed
Mixed stack stack
Access
9300/9300X 9300/ Mixed stack
Access
9300X 9300/9300X
Small Medium/large
Bringing 10/25/40/100G with StackWise-1 Terabit to access (C9300X)
T.me/nettrain
UADP 2.0m
Catalyst 9200
C9200 – Modular Uplinks
C9200L – Fixed Uplinks
C9200CX - Compact
T.me/nettrain
Cisco Catalyst 9200 Series highlights
UADP 2.0 mini

UADP 2.0 Mini Cisco IOS-XE Lite
Cisco IOS XE Software
Limited-scale SD-Access
MACsec-128 link encryption
Trustworthy solutions
Perpetual/Fast PoE
Programmability
Cold patching
Cisco Enhanced Security Smart building ready
6MB Up to 100GE Full Flexible NetFlow
StackWise MACsec 128 Green builds, 802.3bt PoE
Packet Buffer Bandwidth streaming telemetry
160/80
Right Sized Switching for simple Branch Deployments

T.me/nettrain
Next generation of entry-level access switches for intent-based networking
Fixed Uplinks Modular Uplinks
Cisco Catalyst 9200 Series highlights
Recommended for small scale SDA deployments
Security 48 ports Full POE+/Partial POE+/Data,1G/10G Uplink

48 ports Full POE+/Partial PoE+/Data UADP 2.0 mini
48 port Full POE+ with 32 VN**
48 ports Full POE+, 12xmGig, 10G Uplink
Cisco IOS XE Software (lite)
48 ports Full POE+, 8xmGig
Resiliency Limited-scale SD-Access
24 ports Full POE+/Data, 1G/10G Uplink 24 ports Full POE+/Data

24 ports Full PoE+ with 32 VN**
MACsec-128 link encryption
Application 24 ports Full POE+, 8xmGig, 10G Uplink Trustworthy solutions

experience 24 ports Full POE+, 8xmGig
Perpetual/Fast PoE
Modular
fans
Higher Efficiency AC FRU Power Supplies Modular uplinks
Programmability
FRU Fan FRU PSU FRU Uplinks* Cold patching

Silver Platinum Platinum
Rated Rated Rated
Full Flexible NetFlow
4x 1G 4x 10G 2x 25G 2x 40G streaming telemetry
125W 600W 1000W
*C9200 1G skus support 1/10G uplinks while C9200 mGig will support 10/25/40G uplinks
**C9200 32 VN skus only support 1/10G uplinks and these skus cannot be stacked with other C9200 skus
T.me/nettrain
Cisco Catalyst 9200CX Series
Data and PoE+ Models
1G Downlink and 1G/10G Uplink Models (Fanless)
Data SKU PoE+ SKUs
C9200CX-12T-2X2G
12x1G Downlinks + (3x1G + 2x10G SPP+ Uplinks) C9200CX 12 Port PoE+
Power adapter 12x1G Downlinks + (2x1G + 2x10G SPP+ Uplinks)
80W AC External
• External power adapter (80W) Power Adapter
• UPOE+ powered (70W)
Powering Option Available Power (W)

C9200CX 8 Port PoE+
8x1G Downlinks + (2x1G + 2x10G SPP+ Uplinks)
Auxiliary Input 80W
1 UPOE+ Uplink 71W • 310W Internal AC power supply

• 240W PoE power budget
1 Class 6 802.3bt (60W) 51W
T.me/nettrain
C9400X- UADP 3.0sec
C9400 - UADP 2.0XL
Catalyst 9400X/9400
T.me/nettrain
Modular Access delivering ever-increasing value
✓ No oversubscription per slot on any chassis (w/ Sup 2XL) ✓ 100 Gbps ports on Supervisors
✓ Higher non-oversubscribed port density ✓ More Active Ports on Supervisors
✓ Higher Access Point (AP) Density ✓ Higher TCAM scale
✓ Perpetual and Fast PoE hardware capable ✓ Proven 25 Gbps value
Catalyst 9400 SUP 2XL
Catalyst 9400 SUP 2
Catalyst 9400 SUP 1/1XL
T.me/nettrain
Same Chassis with New Supervisors and Line
cards
C9400X-SUP-2XL
C9400X-SUP-2
C9400-LC-48HX
C9400-LC-48XS
C9400-LC-48HN
NOTE: Same Supervisor model required in Dual SUP/SSO configuration
T.me/nettrain
C9400X-SUP-2 / 2XL
Gen2 Supervisor Modules with UADP 3.0sec 4.8 Tbps
With 2XL
3x UADP 3.0sec ASIC CPU & Memory

• Sup 2XL – 480Gbps per Slot (Full duplex) • 2.4Ghz 8C Intel Broadwell DE-NS CPU
• Sup 2 – 240Gbps per Slot (Full duplex) • 16GB DDR4 DRAM
RJ45 Mgmt port

SFP28 (1/10/25G) Uplink ports
480-960GB M.2 Drive (optional)
USB3.0 Type A port (installed inside of the Supervisor)
QSFP28 (40/100G) Uplink ports

USB Type B-Mini + RJ45 Console port
T.me/nettrain
Centralized Modular Architecture
Centralized architecture
Supervisor
Forwarding Open Control Plane

Features Cisco IOS Containers
Embedded controllers XE HA communication
Passive backplane
Up to 480G bandwidth per slot
Line card Line card Line card

STUB STUB STUB
ASIC ASIC ASIC
T.me/nettrain
Catalyst 9400 SUP-2/2XL block diagram
Switch backplane
48x 48x 32x 200G

SLI SLI SLI
SupIO
PCIe Ethernet
(I2C)
UADP 3.0sec UADP 3.0sec 200+200G
#1 #3
(1.6 Tbps) Direct Point-to-Point links (1.6 Tbps)
800 Gbps (full duplex)
UADP 3.0sec 8-core CPU

#2
(1.6 Tbps)
ASIC # 4-slot 7-slot 10-slot
UADP #1 Slot 1 Slots 2 and 7 Slots 1, 9, and 10

M.2 SATA
(optional) SDRAM
UADP #2 Slot 4 Slots 1 and 5 Slots 2, 3, and 4
UADP #3 Uplinks Slot 6 and uplinks Slots 7 and 8, and uplinks

4x 1/10/25G Console and
USB
SLI speed is 30G with 48XS, 48HX, and 48HN line cards; otherwise, is 10G. 4x 40/100G mgmt
T.me/nettrain
Line cards - RJ-45 (TrustSec and MACsec-256)
DATA POE+/UPOE UPOE + MultiGigabit
C9400-LC-48T C9400-LC-48P C9400-LC-48H C9400-LC-48UX

48x 10/100/1000M PoE+ 48x 10/100/1000M 24x Multigigabit + 24 10/100/1000
48x 10/100/1000M UPOE+/802.3bt
Sup2/2XL only
C9400-LC-48HN
C9400-LC-48U
48x 100M/1G/2.5G/5G/10G
48x 10/100/1000M UPOE® C9400-LC-48HX PoE+/UPOE+
48x 10GBaseT, 2.5/5G mGig, up to 90W
100/1000M
UPOE+/802.3bt
T.me/nettrain
Line cards – SFP/SFP+ (TrustSec and MACsec-256 )
1/10Gb SFP/SFP+ 1 Gb SFP
Sup2/2XL only
C9400-LC-48XS
C9400-LC-24S
48x 1/10Gb SFP/SFP+ 24x1Gb SFP
C9400-LC-24XS C9400-LC-48S
24x1/10Gb SFP/SFP+ 48x1Gb SFP
T.me/nettrain
Bandwidth Boost with Gen2 Supervisors
Cisco C9400X Cisco C9400X
Cisco C9400 SUP 1/1XL
SUP2 SUP2XL
Type C9404R C9407R C9410R C9404R/C9407R/C9410R C9404R/C9407R/C9410R
C9400-LC-48HX
New UPOE+ - - - 240 480
Not Supported
New C9400-LC-48XS Fiber - - - 240 480
C9400-LC-48UX UPOE 80 / 240 80 / 120 80 240 240
C9400-LC-24XS Fiber 80 / 240 80 / 120 80 240 240

C9400-LC-48HN UPOE+ 80 / 120 80 / 120 80 240 240
Bandwidth in Gbps
3x Bandwidth Uplift for Gen1 LCs (80G -> 240G) on 10 Slot Chassis w/ SUP2XL
2x Bandwidth Uplift for Gen1 LCs (120G -> 240G) on 7 Slot Chassis w/ SUP2XL
T.me/nettrain
Concurrent POE Port Density with C9400-LC-48HX
With 3200W Power Supply in Combined Mode(Fully loaded PSUs):
C9410R
C9407R
C9404R
Total 96 ports 240 ports 384 ports

Ports
UPOE +
90W 96 ports 226 ports 224 ports
(Fully loaded chassis) (Up to 4 fully loaded LCs + 34 Ports) (Up to 4 fully loaded LCs + 32 Ports)
UPOE
60W 96 ports 240 ports 336 ports
(Fully loaded chassis) (Fully loaded chassis) (Up to 7 fully loaded LCs)
T.me/nettrain
Catalyst 9400 Deployment Flexibility
C9400X enables dense 10G SFP+ aggregation and multigigabit access use cases
Core
Campus Branch
C9600/C9500H
(SVL)
Dense 10G Agg 40/100G 40/100G 40/100G

Collapsed Agg
Agg
Dense (Up to 384 ports) 10G SFP+ Agg (48XS)
Mixed SFP+, SFP, RJ45 LCs Mixed SFP+, SFP, RJ45 LCs
Agg Collapsed Agg 9500H(SVL) Collapsed Agg
Dense mGig
Mixed SFP, 1G/mGig RJ45 LCs
Access
Acces
s
Note: StackWise Virtual support on Sup2/XL Roadmap
Acces
s
T.me/nettrain
Core and Distribution
T.me/nettrain
C9500X – S1 Q200
C9500H – UADP 3.0
C9500 – UADP 2.0XL
Catalyst 9500
T.me/nettrain
Purpose-built fixed core/aggregation switches
Catalyst® 9500X - Extending
UADP 2.0XL UADP 3.0 Silicon One Q200 Cisco® Catalyst® 4500-X and
6800 Series leadership in fixed
core
• 40G at the price of 10G Up to 6 Tbps

• Up-to 48x 25 GE Ports
• Reversible Bi-directional Airflow
• Industry’s first 40G enterprise switch
• Industry’s first 100G enterprise switch
• Ultra Deep 8GB Buffers
• Optimized 10G switch for midsize Up to 8 Bpps
• Flexible templates
backbone • High route scale (2M) and Mac scale (256K)
No oversubscription
8x 400GE Density
C9500-16X
C9500-24Y4C C9500X-28C8D
C9500-40X
C9500-24Q C9500-48Y4C Pluggable SSD storage
C9500-12Q C9500-32QC C9500X-60L4D
C9500-32C
USB 3.0
8x memory and 4x flash
8 core CPU
Customizable templates
Cisco StackWise® Virtual

Modular Storage for
Modular fans Modular uplinks
power supplies application hosting
T.me/nettrain
Catalyst 9500X Family
Extending the Catalyst 9500 high-performance fixed core
Non-XL scale XL scale
Catalyst® 9500H Catalyst 9500X

(UADP 3.0) (Silicon One™ Q200)
C9500X-28C8D
C9500-32C / C9500-32QC
Core C9500X-60L4D IOS-XE 17.10.1

C9500-48Y4C / C9500-24Y4C
+
Edge
3.2 Tbps 2X
6.0 Tbps
32x 100G or 28x 100G + 8x 40/100/400G or
48x 25G + 4x 100G 60 x 10/25/50G + 4 x 40/100/400G
T.me/nettrain
Cisco Catalyst C9500X-28C8D: line rate 6T of capacity
High-level overview
Intel® 2.43-GHz 8 Core x86 CPU
Console Cisco Silicon One™ On-box application hosting
Cisco LAN and WAN MACsec 32-GB DDR4 DRAM Built-in RFID
management Q200 (2x resources, QAT)
Line-rate network encryption 16-GB flash (passive)
USB-C 12.8T ASIC 2x 10G KR
8-GB HBM deep buffering
14 nonblocking 40/100G 8 nonblocking 40/100/200/400G 14 nonblocking 40/100G

QSFP28 ports QSFP-DD ports QSFP28 ports
Cisco® Trust Anchor Technologies 6 standalone fans – N+1 redundancy Power supply unit (PSU)
USB 3.0 port, 240-, 480-, or 960-GB
Strong mitigation against man-in-the- Reverse airflow – port side intake Single PSU for both airflow directions
RJ-45 management M2 SATA SSD storage
middle attacks on software and firmware Forward airflow – port side exhaust Redundant 1+1 1500W AC/DC
T.me/nettrain
C9500X-28C8D
SFP breakout and QSA* support
100G ports 400G ports 100G ports
4x SFP 4x SFP 4x SFP 4x SFP 4x SFP 4x SFP 4x SFP 4x SFP 4x SFP 4x SFP 4x SFP 4x SFP 4x SFP 4x SFP 4x SFP 4x SFP 4x SFP 4x SFP
Breakout Breakout Breakout Breakout Breakout Breakout Breakout Breakout Breakout Breakout Breakout Breakout Breakout Breakout Breakout Breakout Breakout Breakout
4x SFP 4x SFP 4x SFP 4x SFP

N/A N/A N/A N/A N/A N/A N/A Breakout Breakout Breakout Breakout
N/A N/A N/A N/A N/A N/A N/A
• Breakout is supported on • Breakout supported on all • Breakout not supported on

top row (odd-numbered) 100G 400G (QSFP-DD) ports bottom row (even-numbered) 100G
(QSFP28) ports • Breakout mode: 4x 10/25G, (QSFP28) ports
• Breakout mode: 4x 10/25G 8x 10/25G,* 4x 100G* • The bottom port is disabled when
• Maximum ports: 14 x 4 = 56 • Maximum ports: 8 x 4 = 32 the corresponding top port is
configured as breakout
Maximum ports with breakout at FCS: 88 (56 +32)

* Hardware capable. System can support up to 120x 10/25G.
T.me/nettrain
Cisco Catalyst C9500X-60L4D: line rate 4.6T of capacity
High-level overview
Intel® 2.43-GHz 8 Core x86 CPU
Console Cisco Silicon One™ On-box application hosting
Cisco LAN and WAN MACsec 32-GB DDR4 DRAM Built-in RFID
management Q200 (2x resources, QAT)
Line-rate network encryption 16-GB flash (passive)
USB-C 12.8T ASIC 2x 10G KR
8-GB HBM deep buffering
Ports 1-30 Ports 31-34 Ports 35-64

10/25/50G SFP-56 Ports 40/100/200*/400G QSFP-DD ports 10/25/50G SFP-56 Ports
Cisco® Trust Anchor Technologies 6 standalone fans – N+1 redundancy Power supply unit (PSU)
USB 3.0 port, 240-, 480-, or 960-GB
Strong mitigation against man-in-the- Reverse airflow – port side intake Single PSU for both airflow directions
RJ-45 management M2 SATA SSD storage
middle attacks on software and firmware Forward airflow – port side exhaust Redundant 1+1 1500W AC/DC
T.me/nettrain
C9500X – Reversible Airflow
• Color of Fan Unit handle/latch
Back to Front Front to Back
Port-side Exhaust represents direction of airflow Port-side Intake
• Different Fan PIDs for different
airflow directions
• Royal Blue – Back to Front
• Burgundy – Front to Back
• All Fans must be the same color
(direction) to work correctly
Single 1500W AC/DC PSU

with Cisco Grey latch
for both airflow directions
T.me/nettrain
C9600X – S1 Q200
C9600 – UADP 3.0
Catalyst 9600
T.me/nettrain
Extending Modular Core with a Performance-Optimized Supervisor 2
SiliconOne
UADP
3.0 Q200
Gen1
1.2T /slot
Gen2
3.2T /slot
Supervisor 1 Supervisor 2
Total Capacity Total Capacity

4.8 Tbps 12.8 Tbps
Slot B/W Gen2
3.2T /slot
Slot B/W
1.2 Tbps Gen1 3X 3.2 Tbps
1.2T /slot
T.me/nettrain
Architecture
Centralized architecture
• Centralized architecture =>
UADP3.0/ Supervisor x86 Uninterrupted
Silicon One
supervisor switchover
Forwarding Open Control plane
Features Cisco® containers • Centralized architecture
embedded controllers IOS-XE HA communication
(Forwarding, queuing,
and security are done
on the supervisor) =>
Unlock new capability
Passive backplane Up to 6.4 T BW per slot with a supervisor upgrade
• Transparent line cards =>
Compatible with new sup
Line card Line card Line card • Passive backplane =>
High MTBF
PHY PHY PHY
• x86 CPU + storage =>
App hosting
T.me/nettrain
C9600X-SUP-2 Block Diagram
Switch backplane
2x8x4 56G … … … … SupIO

PCIe Ethernet FPGA
OBFL
(3.2T/Slot) (I2C) (1 Gb)
S1 Q200 ASIC PCIE Gen3

8-core CPU
(12.8T) 2x (16G)
M.2 SATA
SDRAM (optional)
Console
2x USB3 2x SFP+
& Mgmt0
T.me/nettrain
Line cards
Generation 1 Line Cards
C9600-LC-24C - 100G/40G (fiber)
• 24 ports
•
•
QSFP28/QSFP+
Supports 100G and 40G
Generation 2 Line Cards
IOS-XE 17.7.1
C9600-LC-40YL4CD –
C9600-LC-48YL – 50G/ 25G/10G/1G 400G/200G*/100G/50G/40G/
(fiber) 25G/10G (fiber)
• 48 ports • 40+2+2 ports
• SFP28/SFP+/SFP • SFP56/QSFP56+/QSFPDD
• Supports 25G, 10G, and 1G • Supports
400G,200G*,100G,50G,40G,2
5G and 10G
C9600-LC-48TX - mGig (copper)
• 48 ports
• Copper 10G (NBASE-T/10BASE-T) IOS-XE 17.9.1
• Supports 10G,5G,2.5G,1G,100M C9600X-LC-32CD –
and 10M
400G/200G*/100G/40G(fiber)
• 30+2 ports
C9600-LC-48S- 1G (fiber)
• SFP28/QSFPDD
• 48 ports • Supports 400G,200G*,100G,
• SFP and 40G
• Supports 1G
* Hardware Capable
T.me/nettrain
C9600-LC-40YL4CD IOS-XE 17.7.1
Gen2 Modules – Combo 40 x SFP + 4 x QSFP

3.2
• 3.2 Tbps when working with C9600X-SUP-2 Tbps
• 40x SFP56 ports - 10/25/50GE
• 2x QSFP56 ports - 40/100/200GE
• 2x QSFPDD ports - 40/100/200/400GE Supervisor 2
• 1.2 Tbps when working with C9600-SUP-1
• 40x SFP28 ports - 1/10/25GE
• 2x QSFP28 ports - 40/100GE
Supervisor 1
• 8x Marvell 7121M CDR5M PHYs
• MACSec, WAN-MACSec, ClearTag v3.4
• IEEE 1588 & PTPv2
• Hitless MUX (HMUX)
• Various Breakout & QSA support (QSFP ports)*
* Roadmap
T.me/nettrain
IOS-XE 17.9.1
C9600X-LC-32CD
Gen2 Module – 30 x QSFP28 + 2 x QSFP-DD 3.2
Tbps
• 3.2Tbps with Supervisor 2 Only
• 30 x QSFP28 ports, 40/100GE
• 2 x QSFP-DD ports, 40/100/200*/400GE
Supervisor 2
• NOT supported with Supervisor 1
• 8 x CDR5M + 2 x CDR5L PHYs
• MACSec, WAN-MACSec, ClearTag v3.4
Supervisor 1
• IEEE 1588 & PTPv2 (Precision Time Protocol)
• Hitless MUX (HMUX)
* Hardware capable
T.me/nettrain
Catalyst 9600 Line Card Support Matrix
C9606 Chassis
C9600-SUP- 1 C9600X-SUP- 2
C9600-LC-24C 24x 40G or 12x 100G

24x 40G/100G
(No MACsec)
C9600-LC-48YL 48x 1/10G and 25G

48x 10/25G and 50G*
(No MACsec, no 1G)
SUP2 hardware does not
C9600-LC-48TX 48x 1/2.5/5G and 10G (Multigigabit)
48x 10G support 1GE or below
(No MACsec, no 1/2.5/5G) speeds natively
If 1GE downlinks are

C9600-LC-48S 48x 1G SFP required, use SUP1
40x 10/25G and 50G +

C9600-LC-40YL4CD 40x 1/10G and 25G + 2x 40/100G and 200G* +
2x 40G and 100G 2x 40/100/200G* and 400G
MACsec and WAN MACsec (no 1G)
30x 40/100G +
C9600-LC-32CD 2x 40/100/200G* and 400G
MACsec and WAN MACsec (no 1G)
* Hardware capable
T.me/nettrain
Catalyst 9500 & 9600 Series Core Positioning
Next Generation Core + Edge Switching with Silicon One™ Q200
Feature Optimized Performance Optimized

C9500 & C9600-SUP-1 C9500X & C9600X-SUP-2
C9600-SUP-1 C9500 C9600X-SUP-2 C9500X

✓ Best-in-class Enterprise Core feature set ✓ Unmatched forwarding scale and performance
✓ Low speeds (1G – 40G) and port density ✓ High speeds (10G – 400G) and port density
✓ Comprehensive MPLS, EVPN and SDA ✓ Scaled MPLS and SDA, WAN-MACsec
✓ Ideal for Campus Core, Collapsed Core + Agg ✓ Ideal for Campus Core + Edge, or Centralized WLC
Ideal for C6K non-XL deployment migration Ideal for C6K XL deployment migration
T.me/nettrain
Modular vs. Fixed Platforms
Catalyst
9400
Modular Fixed
PROs CONs PROs CONs
• More Flexible • More Complex • Less Complex • Less Flexible
• Longer Life-Cycle • BW limit by Chassis • Swap Chassis for BW • Shorter Life-Cycle
• Higher Port Density • Slow(er) Dev & Test • Faster Dev & Test • Lower Port Density
• More Power/Cooling • Lower MTBF • Higher MTBF • Less Power/Cooling
• Redundant Processors • Higher COGs • Lower COGs • Single Processor
T.me/nettrain
Features
T.me/nettrain
StackWise Virtual
SW-1 SW-2
• Simplify Operations by
C9500
SVL and DAD
C9500
Eliminating STP, FHRP and
Multiple Touch-Points
SW-1 SW-2
• Double Bandwidth & Reduce
SVL Latency with Active-Active
Multi-chassis EtherChannel
DAD (MEC)
• Minimizes Convergence with
Sub-second Stateful and
Graceful Recovery (SSO/NSF)
• Supported on C9400, C9500 and C9600 platforms.
T.me/nettrain
App Hosting on C9K Switches
“ “
Existing Hardware
IT Operations and Security Agents Cloud Gateways with Customer Specific

Managed via CLI and Functions
Monitoring Tools Serverless Edge Compute Applications
or Cisco DNA Center
Consolidate Physical Enhance Visibility & Reduce App Latency 3 rd Party App Hosting
Real Time Processing Infrastructure Security Enforcement & Optimize App Traffic
Cybervision Rich ecosystem

Lower Latency partnership with 25+
certified apps and
200+ active
Save Bandwidth customer
T.me/nettrain
C9300X- UADP 2.0sec
Enhanced Application Hosting Infrastructure on C9300X

1 Core
X86 App1
(2 vCPU)
AppGig Ports
4G RAM
1 x 10G
Docker
2 Cores
(4 vCPU) X86 App
ASIC Cisco Signed
External Storage
1 Core
Applications
AppGig Ports
X86 App2
USB 3.0 240G (2 vCPU)
2 x 10G AppGig Ports
8G RAM 4G RAM
1 x 10G
ASIC ASIC
Support for Multiple Docker applications

With Additional RAM Memory and 2 x AppGigabit
Ports, multiple Cisco Signed performance savvy
Applications can be hosted on C9300X
Hardware Acceleration and Security

C9300X QAT is a special engine on the x86 CPU which
helps in accelerating the performance of
Applications
T.me/nettrain
HW resources for App Hosting
Catalyst Catalyst Catalyst Catalyst Catalyst Catalyst Catalyst Catalyst

Resource type
9300 9300-X 9400 9400-X 9500 9500-X 9600 9600-X
Mgmt Port*
Networking AppGig Port 1x1G 2x10G 1x1G 2x10G Mgmt Port* 2x10G Mgmt Port*
(2x10G CPU ports)
Memory 2GB 8GB 8GB 8GB 8GB 8GB 8GB 8GB
CPU 1 core 2 core 1 core 1 core 1 core 1 core 1 core 1 core

Resources
240GB 240GB 480-960GB 480-960GB 480-960GB 480-960GB 480-960GB 480-960GB
Storage
(USB3.0/SSD) (USB3.0/SSD) (SATA) (SATA) (SATA) (SATA) (SATA) (SATA)
* Using loopback with any external ports
Catalyst 9300-X Catalyst 9400-X Catalyst 9500-X Catalyst 9600-X
USB 3.0 M2 SATA M2 SATA M2 SATA

240GB 480/960GB 480/960GB 480/960GB
Back panel Plug into removable SUP Back panel Plug into removable SUP
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 72
T.me/nettrain
WAN MACsec overview and use cases
Enabled in hardware on Catalyst 9000 Switches
• Hop-by-hop encryption
• Directly connected Layer 2 links only
MACsec • Secure any direct link in campus/

WAN, including DWDM
• 256/128-bit AES encryption

Supported on all Catalyst® 9000 models
All ports and speeds simultaneously
• End-to-end encryption across Layer

2 Ethernet WAN service
• EoMPLS/VPLS, Q-in-Q Industry’s
first
WAN • Point-to-point or point-to-

Catalyst 9600X
Catalyst 9500X
multipoint
MACsec Supported on Silicon One™ platforms*
• Applications include secure site All ports/speeds (up to 400G) simultaneously
interconnect, DCI, storage replication
• 256/128-bit AES encryption
* Requires Release 17.8.1 and HSEC key ($1 PID).

T.me/nettrain
Software
Catalyst 9300X – Purpose built for the new edge

Cisco IOS® XE 17.6.2
With Cisco DNA Advantage
(HSEC key for export control)
100G Layer 3
SIG Saas Colo Iaas
hardware
encryption
128 tunnels
DC/HQ
256 SAs
+ 128
rekey SA Native IPsec
Catalyst
9300X
Cisco Catalyst 9300X
Encryption Authentication Static virtual tunnel interface Multicast Routing

AES-128-CBC HMAC/SHA1
IPv4/IPv6 NAT traversal
AES-128/256-GCM GMAC
OSPF/BGP Layer 3 segmentation over IPsec

Tunnel mode
Encapsulation – ESP Policy Based Routing Layer 2 extension over IPsec
IKEv2
VRF-aware
T.me/nettrain
Catalyst 9400X – Modular Collapsed Edge/Distribution
100Gbps IPsec support powered by UADP 3.0sec ASIC
IOS-XE 17.10.1
100Gbps L3 Hardware
Encryption1
Encryption Authentication
Site to Cloud
AES-128-CBC HMAC/SHA1
AES-128/256-GCM GMAC
Secure Tunnels
Tunnel Mode
Encapsulation - ESP
IKEv2
Site to Site
Branch/DC/Campus
128 Tunnels and 384 SA
128 rekey SA
Flexible Collapsed Topology
Consistent with C9300X IPsec*
With added flexibility and redundancy of modular platforms
IPsec HA on dual sup is not supported
*Roadmap (NAT-Traversal, BGP-EVPN Over Ipsec)

1Requires a HSEC License to Enable IPsec
T.me/nettrain
Catalyst 9300X/9400X – Purpose built for the New Edge
Secure connectivity to anywhere
Branch, campus, Colo

data center Regional
point of presence
Secure
tunnels Up to 100G low latency Secure Web Usage & Control
Secure
IPsec Encryption Faster time to Deployment
Unicast & Multicast Routing Lower TCO tunnels
L3 Segmentation & L2 Extension Investment protection
Cisco Catalyst 9300X/9400X Cisco Catalyst 9300X/9400X
Site to site Site to cloud

100G line-rate IPsec encryption with Standards-based IPsec for secure direct
low-latency forwarding internet access and cloud-native workloads
T.me/nettrain
Summary
T.me/nettrain
Cisco Catalyst 9000 Switching Portfolio 2022
One Family from Access to Core – Common Hardware & Software
C9500X-60L4D
Q1 Q3
CY23 CY22
C9600X-LC-32CD
Catalyst Catalyst
Catalyst Catalyst 9600X
9300X
9400X
Catalyst 9500X
Catalyst
Catalyst
9400 Series
9000 Catalyst
Catalyst
9600 Series
9200 Series Series 9500 Series
Q3 Catalyst Q3
CY22 9300LM CY22
Catalyst Cisco Cisco
9200CX ASIC IOS® XE
Catalyst Catalyst Catalyst Catalyst Catalyst Catalyst

2960-X/XR 3650/3850 4500-E Series 3850-XS/4500-X 6840-X/6880-X 6500-E/6807-XL
Access Switching Core Switching
T.me/nettrain
Campus Architectures with Catalyst 9000
1 2 3 4
Traditional (L2/L3) MPLS (L2/L3VPN) EVPN (L2/L3VNI) SDA (L2/L3VNI + SGT)
• L2 (PVST, MST) Services at Access • L3 Underlay + L2/L3 VPN Overlay • L3 Underlay + L2/L3 VNI Overlay • L3 Underlay + L2/L3 VNI Overlay
• L2/L3 boundary at Distribution • Virtual Private Networks • Virtual Network Instances • Scalable Group Tagging
• L3 - Dist. & Core • L3 VRF-based Segmentation • L2/L3 VNI-based Segments • L2/L3 VNI + SGT Segments
• BGP between Core & WAN • WAN/Edge + VPN Services • Common WAN/LAN Services • LAN Services + Group-Based Policy
MP-BGP, PIC, LDP, MPLS/VPLS, SR MP-BGP + EVPN AF, VXLAN, VRF-Lite LISP, VXLAN, MP-BGP, VRF-Lite
Base L2 Switching, Base L3 Routing, MVPN, LSM, Extranet, MSR Anycast Gateway, TRM, L2 BUM Anycast GW, LISP HER/Native, L2 BUM
Simple ACL, Simple QoS SSO, NSF/NSR, ECMP, GIR SSO, NSF/NSR, ECMP, GIR SSO, NSF/NSR, ECMP, GIR
VPN-FNF, Uniform/Pipe QoS, PBR, IPACL Fabric-FNF, Uniform QoS, IPACL/OGACL Fabric-FNF, App QoS, SGACL
T.me/nettrain
Complete your Session Survey
• Please complete your session survey
after each session. Your feedback
is important.
• Complete a minimum of 4 session
surveys and the Overall Conference
survey (open from Thursday) to
receive your Cisco Live t-shirt.
• All surveys can be taken in the Cisco Events Mobile App or
by logging in to the Session Catalog and clicking the
"Attendee Dashboard” at
https://www.ciscolive.com/emea/learn/sessions/session-catalog.html
T.me/nettrain
Continue
Agenda Your Education
Visit the Cisco Showcase for related demos.
Book your one-on-one Meet the Engineer meeting.
Attend any of the related sessions at the DevNet,

Capture the Flag, and Walk-in Labs zones.
Visit the On-Demand Library for more sessions

at ciscolive.com/on-demand.
T.me/nettrain
Thank you
T.me/nettrain
T.me/nettrain

9000@nettrain

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

9000@nettrain

Uploaded by

Copyright:

Available Formats

Catalyst 9000 Switch Family

Kenny Lei, Technical Marketing Engineer

4 Enter messages/questions in the Webex space

Webex spaces will be moderated

Higher mGig Port Density Higher and Flexible Uplink Bandwidth

Higher UPOE+ Port Density Higher 10G Port Density

Wifi6E Deployments with mGig

Smart Buildings with 90W Server Connectivity – 10G BaseT

New Access requirements for Future Campus

Catalyst Catalyst Catalyst Catalyst Catalyst Catalyst

Access Switching Core Switching

Programmable x86 Open IOS XE® Cisco ASICs

Flexible & Programmable ASICs – Adapt to New Technologies

Stack or ASIC interface

PBC – Packet Buffers Complex SQS AQM

Ingress FIFO Egress FIFO

MACsec Encryption Recirculation MACsec

Network Interfaces - Front Panel Ports

Final decision on Flex parser

15 Ingress Stage Stage

Flex parser EGR

Table sizes can be tailored to support multiple templates

First 7nm ASIC providing

Fully P4 50G PAM4

Routing Capabilities with Switching Power and Performance

CDB LPM CEM ACL

receive slice n transmit slice n

Interface Groups – IFGs (12): High Bandwidth Memory (HBM)

Q200 CDB includes the Central L2/L3 EM

• OG/SGACLs use CEM, with only action ACEs in TCAM MM U +

Host routes (ARP/NDP) ✓ 128,000 / 64,000 32,000 to 256,000 @ 1000 step

MPLS labels ✓ 256,000 0 to 512,000 @ 1000 step

Reserved (PBR/NAT) FCS+ 16,000 / 8,000 0 to 256,000 @ 1000 step

CEM 608,000 (288,000 for LPM)

L3 Routes (LPM) FCS+ 2 million / 1 million 1 million to 2 million @ 1 million step

Security ACL (IPv4/IPv6) FCS+ 8000 / 4000 shared* 0 to 11,000/5000 @ 1 step

Policy-based routing (IPv4/IPv6) FCS+ 8000 / 4000 shared* 0 to 11,000/5000 @ 1 step

TCAM 10,000 (2000 for LPM)

FCS – First Customer Shipment 17

Product Family Product sub-family # of ports and port type

Cisco Catalyst 9300 Series

Multigigabit models with UPOE 1G fiber

StackWise® and StackPower Optional StackKit

Platinum-rated power supplies Modular fans External Storage

Common USB 3.0

48 x mGig-10G + 90W UPOE+ Flexible Uplink Options

Data stack cables Optional power

Common components and stacking backward compatible with Catalyst®

Stacking up the industry firsts X86

Stacks with Densest uplinks: 2x 100/40G, 8x 25/10G, Line-rate non-blocking

Fiber Copper 256-bit MACsec

Catalyst 9300X-48HXN IEEE 1588 and AVB

Catalyst 9300X-24HX …while seamlessly integrating

Modular Uplink Modular Uplink Fixed Uplink

1900W 1900W 1900W 1900W

1900W 1900W One shared

1900W 1900W Second shared

1900W 1900W 1900W 1900W

• Pools power from all Power Supplies (PS)

Fixed Uplinks ( C9300LM Models )

Stack Adapters Stack Cables 600W AC 715W DC 1000W AC FAN Module

* Data SKU utilize Fixed Fan

Catalyst C9300L Catalyst C9300LM Catalyst C3650-mini

Data Models 17.50” x 1.73” x 12.39” 17.50” x 1.73” x 11.86”