Catalyst 8500 TDM

Cisco Catalyst 8500 Series Edge
Platforms
Technical Decision Maker Slides
Sumant Mali / David Roten

Technical Marketing Engineers
April 2021
Cisco Catalyst 8500 Series Edge Platforms
Agenda
1 Catalyst 8000 Edge Platforms Family 5 IOS XE Software Architecture
2 Cisco Catalyst 8500 Series Edge Platforms 6 Performance and Scale
3 C8500 and C8500L Overview 7 Solutions and Use Cases
4 C8500 and C8500L Platform Architecture 8 Key Takeaways

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Catalyst 8000
Edge Platforms Family
It’s a Multicloud World
Devices & Things
IaaS
WAN SaaS
Mobile Users Campus & Branch Users
DC/Private Cloud
Journey to Cloud
Fueled by Technology Transformation
5G, AI/ML
Multicloud
Edge Compute Insights
“Cloud migration will continue to “5G Enterprise Market is expected... CAGR of over 42% “By 2022, 72% of network strategists
accelerate the adoption of SD-WAN” during the forecast period (2020-2025)… pushing toward the project using AI-enabled predictive insights
- Markets & Markets industrial revolution 4.0” or prescriptive remediation”
- Mordor Intelligence Report - Cisco VNI Report
Facilitating more service acceleration at the edge in a multicloud world
Powered by secure cloud scale SD-WAN
Cisco’s flexible architecture for Intent-based Networking
On-premise | Cloud | Multi-tenant
Management
Any Deployment & Analytics
Automation | Network Insights | Machine Learning | AI
Open | Programmable | Scalable
Multicloud Multi-Layer Multi-Domain

Any Service Optimization Security
Analytics Voice
IBN Policy
Any Transport Satellite Internet MPLS 5G/LTE SDCI*
Any Location Branch Colocation Cloud Remote Work
* Software Defined Cloud Interconnect

Cisco Catalyst 8000 Edge Platforms Family
Catalyst 8000V
Cloud
VN Virtual Switch/SRIOV
F Hypervisor/Cloud
Catalyst 8500 – Catalyst 8500L

x86
Headend
QFP User Centric

Design
x86
Branch
Catalyst 8300
IOS XE
Common Software Architecture
QFP, x86
Scalable Hardware Architecture
Catalyst 8500 Series
Edge Platforms
Highly Capable 1RU Enterprise Routing Platforms
Integrated Rich Services Scale

NBAR2, NAT, Firewall, QoS, etc. Up to 8000 SD-WAN Tunnels
High Scale Service Edge Platforms High Speed 100 / 40 GE Ports
High Density 10 / 1 GE Ports
Edge Intelligence Multi-layer Security

Compute High Throughput IPsec
Container based Apps Line Rate MACsec
Trustworthy Solutions
Umbrella SIG
Highlights Manageability
Built-in vManage DNA Center
Port Flow Third Up to
WAN
Flexibility based Generation 200Gbps 5G Ready
MACsec
Datapath QFP CEF
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Open APIs Analytics
9
Cisco Catalyst 8500/8500L Series Edge Platforms
Highly Capable 1RU SD-WAN Headend
QFP
C8500-12X4QC QFP based hardware forwarding

Third generation QFP ASIC designed by Cisco
C8500-12X
Port flexibility for 100/40/10 Gig interfaces
Up to 200 Gb/sec forwarding on C8500-12X4QC
TCAM hardware assist for pattern matching
x86
Advanced Flow based forwarding

C8500L-8S4X
x86 based SOC design
Dedicated cores for control, data, and services
Optimized technology for efficient packet processing
Core reallocation to balance forwarding, services needs
Up to 20 Gb/sec forwarding on C8500L-8S4X
IOS XE 5G Ready
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential WAN MACsec Port flexibility
Catalyst 8500/8500L Series Edge Platforms
C8500-12X4QC
100G, 40G 4 QSFP,12 SFP+
‘C’ ‘Q’
C8500-12X
10G, 1G 12 SFP+
‘X’
C8500L-8S4X
10G, 1G 8 SFP, 4 SFP+
‘X’ ‘S’
Purpose-built 1RU SD-WAN Headend
C8500 Hardware C8500L Hardware

Third Generation QFP based Advanced Flow-based
Forwarding Forwarding
Exceptional Hardware IOS XE Richness User Centric Design

Compact 1RU Form Secure Access Service Edge Radio Frequency ID (RFID)
Built-in TAm Chip Multi-Cloud Application Optimization Label Tray
Hardware Accelerated IPsec Multi-Domain Intent Based Networking 1 + 1 Power Supply Redundancy
Line rate MACsec on all built-in ports High Scale Services N + 1 Fan Redundancy
ASR 1000 Enterprise Feature Parity Field Upgradable: FAN module, PSUs,
DRAMs, SSD
Edge Platforms Overview
Catalyst 8500 Series Overview
Trustworthy
Data Plane Trust Anchor module
Third Generation QFP: 224 PPEs Secure Boot, Image Signing
80Mb/10Mb* TCAM, 32GB DP Memory Modern Crypto, Runtime Defenses
CEF: up to 200Gbps/120Gbps*
IPsec: up to 46Gbps/30Gbps*
SD-WAN IPsec: up to 33Gbps/22Gbps*
Interface Options
Control Plane Two 100/40GE QSFP28, Two 40GE QSFP+ Ports
x86 Quad Core Processor Twelve 10/1GE SFP+ Ports
DRAM 16GB default – 64GB upgradable Cisco WAN MACsec, SYNCE Support
32GB Bootflash, Optional 480GB SSD
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential *C8500-12X Parameter
All Throughput numbers are Aggregate IMIX values
C8500L-8S4X Overview
Trustworthy
Data Plane Trust Anchor module
Advanced flow-based forwarding Secure Boot, Image Signing
CEF: up to 20 Gbps Modern Crypto, Runtime Defenses
IPsec: up to 12 Gbps
SD-WAN IPsec: up to 6.6 Gbps
Interface Options
Control Plane Eight 1GE SFP Ports
x86 Processor – 2 dedicated cores Four 1 / 10GE SFP+ Ports
DRAM 16GB default – 64GB upgradable Cisco WAN MACsec, SYNCE Support
32GB Bootflash, Optional 480GB M.2 SSD
Highly Capable 1RU SD-WAN Headend
C8500-12X4QC
CEF: up to 200 Gbps

C8500-12X SD-WAN IPsec: up to 33 Gbps
Performance
CEF: up to 120 Gbps

C8500L-8S4X SD-WAN IPsec: up to 22 Gbps
CEF: up to 20 Gbps
IPsec: up to 12 Gbps IMIX traffic
SD-WAN IPsec: up to 6.6 Gbps CEF: Autonomous mode
IPsec: Autonomous/Controller mode
Catalyst 8500 Series Front Face
USB 3.0 Interfaces Bay 2: 3xQSFP Bay 1: 4xSFP+/1xQSFP Bay 0: 8xSFP+
Management Ethernet 1x 100G or 3x 40G 1x 100G or 1x 40G or 4x 10/1G 8x 10/1G
C8500-12X4QC
C8500-12X
RFID Tag RJ45 and Micro Bay 0: 12xSFP+ Label Tray
USB Console 12x 10/1G
Catalyst 8500L-8S4X Front Face
USB 3.0 Interfaces Management Ethernet Bay 0: 8x 1G SFP Bay 1: 4x 10G SFP+
RJ45 and Micro M.2 SSD drive Label Tray RFID Tag
USB Console
C8500L-8S4X
C8500-12X4QC Port Connectivity
Purpose-built 100GE, 40GE Port SD-WAN 1RU Platform
Max 120G of Max 120G of ports across
ports from Bay 2 Bay 0 + Bay 1
Option Port Speed Maximum Port Configuration

1 100GE 2x100G
2 100/40GE 1x100GE + 3x40GE
3 100/40GE 1x100GE + 12x10GE
4 40/10GE 4x40GE + 8x10GE
5 40/10GE 3x40GE + 12x10GE
6 100/40/10GE 1x100GE + 1x40GE + 8x10GE
7 10GE 12x10GE + 12x10GE (using breakout* cable)
8 1GE 12x1GE
Note: 1/10GE port’s speed is detected based on SFP/SFP+ used in the port, *breakout cable support in autonomous mode only
100GE, 40GE Connectivity Options (i)
C8500-12X4QC
Port Enabled
Port Disabled
Option 1 2 x 100GE
100G 100G
Option 2 1 x 100GE + 3 x 40GE Ports
40G 40G 40G 100G
Note: For port speed change on any bay; there is an expected 1 sec traffic disruption due to backplane reset
100GE, 40GE Connectivity Options (ii)
C8500-12x4QC
Port Enabled
Port Disabled
Option 3 1 x 100GE + 12 x 10GE
1/10G 1/10G 1/10G 1/10G 1/10G 1/10G
100G 1/10G 1/10G 1/10G 1/10G 1/10G 1/10G
1/10G 1/10G 1/10G 1/10G
40G 40G 40G 40G 1/10G 1/10G 1/10G 1/10G
100GE, 40GE Connectivity Options (iii)
C8500-12x4QC
Port Enabled
Port Disabled
1/10G 1/10G 1/10G 1/10G 1/10G 1/10G
40G 40G 40G 1/10G 1/10G 1/10G 1/10G 1/10G 1/10G
Option 6 1 x 100GE + 1 x 40GE + 8 x 10GE
1/10G 1/10G 1/10G 1/10G
100G 40G 1/10G 1/10G 1/10G 1/10G
High Density 10GE, 1GE Connectivity Options
C8500-12X and C8500-12x4QC
Port Enabled
Port Disabled
Option 6,7 C8500-12X: 12 x 1/10GE
1/10G 1/10G 1/10G 1/10G 1/10G 1/10G
1/10G 1/10G 1/10G 1/10G 1/10G 1/10G
Option 6,7 C8500-12X4QC: 12 x 1/10GE + 12 x 10GE*
1/10G 1/10G 1/10G 1/10G 1/10G 1/10G
4x10G 4x10G 4x10G 1/10G 1/10G 1/10G 1/10G 1/10G 1/10G
12 x 10GE using Breakout Cable

*C8500-12X4QC breakout cable is supported from 17.4.1 and on Autonomous mode only.
TAm
Secure Platform with Trustworthy Solutions

Step 1 Step 2 Step 3 Step 4 Step 5 Step 6
TAm
Hardware CPU CPU CPU CPU CPU

Anchor Microloader
Microloader Bootloader
Bootloader OS
OS OS
OS OS
OS
Microloader
Microloader Bootloader OS launched Authenticity and Trust Anchor
checks Bootloader checks OS license checks module provides
critical services
First instructions run on CPU stored in tamper-resistant hardware
Confidentiality Integrity Authenticity

Radio Frequency Identification (RFID)
Front Facing Passive UHF RFID
Ultra High Frequency (UHF)
860 to 960 MHz

1 to 4 meter Distance
Benefits
Good read range

Industry adopted standard
Supply Chain Applications
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential RFID Tag
Label Tray
Label Tray has a plastic strip that can be pulled out
Label Tray contains
Product ID
PID version ID
CLEI
TAN
MAC and
Hardware version number
Label tray contains a QR code with information encoded in it
Label Tray
AC, DC Power Supply
PSU FAN AC Input PSU FAN DC Input
AC Power Supply DC Power Supply
1 + 1 Redundancy
Field Replaceable FAN Module
Replaceable FAN Tray N + 1 FAN Redundancy Front-to-Back Airflow

Front Panel LED Indicators
Major
Built-in Port LEDs Minor Critical
Chassis Status
LED OFF Port is not LED
enabled by software
Power LED Activity Link
LED Amber Port is

enabled by software, but
problem with link
LED Green Port is

enabled by software
and link is valid
Similar LEDs applicable for C8500-12X4QC and C8500-12X platforms

Management Flexibility
Management i/f
GigabitEthernet0
Console Flexibility
Traditional RJ45 Console Port

Micro USB Console Port
Out-of-band Management
Dedicated Management Interface
External Storage
2 x USB 3.0 Ports

Micro USB USB3.0
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Console
Industrial Design and Ergonomics
Circle Pattern Rounded Frame

Hex Packing Satin Aluminum Based 4 mm
Textured Finish
Catalyst 8500
Platform Architecture
C8500-12X4QC Block Diagram
sTCAM
SDRAM SDRAM SDRAM 80Mb
DDR4
Control Plane
Packet Buffer Resource Memory sTCAM I/F
Processor
4 Core 3rd Generation QFP
Crypto
EP0 EP1
120Gbps 120Gbps
Chassis Mgmt. Bay 2 Bay 1 Bay 0

CPLD/FPGA
Reset Ctrl
QE/HE QE QE QE/HE TE TE TE TE TE TE
0/2/0 0/2/4 0/2/8 0/1/0 0/1/0 0/1/2 0/0/0 0/0/2 0/0/4 0/0/6
QSFP28 QSFP Port QSFP28 TE TE TE TE TE TE

Port 40G Port 0/1/1 0/1/3 0/0/1 0/0/3 0/0/5 0/0/7
100/40G 100/40G
C8500-12X4QC SFP+ Ports
10/1 G
SFP+ Ports
10/1G
Third Generation QFP Built-in Cryptography

Built-in L2 Sub-system
C8500-12X Block Diagram
sTCAM
sTCAM
5Mbx2
SDRAM SDRAM SDRAM 5Mbx2
DDR4
Control Plane
Processor
Crypto
EP0 EP1
120Gbps
Chassis Mgmt. Bay 0

CPLD/FPGA
Reset Ctrl
TE TE TE TE TE TE
0/0/0 0/0/2 0/0/4 0/0/6 0/0/8 0/0/10
TE TE TE TE TE TE
0/0/1 0/0/3 0/0/5 0/0/7 0/0/9 0/0/11
C8500-12X SFP+ Interfaces 1/10 GE
Third Generation QFP Built-in Cryptography

Built-in L2 Sub-system
C8500L-8S4X Block Diagram
DDR4 M.2 NVMe
Resource Memory PCIe

Ctrl Ctrl
x86 SOC
Fwd Fwd Fwd I/O Crypto QA
Architecture
DPDK
Fwd Fwd Fwd I/O Crypto T
PCIe I2C SPI PCIe PCIe
Chassis Mgmt. Bay 1 Bay 0

CPLD/FPGA
Reset Ctrl
TE TE GE GE GE GE
0/1/0 0/1/2 0/0/0 0/0/2 0/0/4 0/0/6
TE TE GE GE GE GE
0/1/1 0/1/3 0/0/1 0/0/3 0/0/5 0/0/7
C8500L-8S4X SFP+ Ports

10/1 G
SFP Ports
1G
Life of a Packet
sTCAM
SDRAM SDRAM SDRAM 80Mb
DDR4
Control Plane
Processor
Crypto
EP0 EP1
120Gbps 120Gbps
IP CEF Traffic
Crypto Traffic Chassis Mgmt. Bay 2 Bay 1 Bay 0

CPLD/FPGA
Reset Ctrl
RP Control Traffic
QE/HE QE QE QE/HE TE TE TE TE TE TE
0/2/0 0/2/4 0/2/8 0/1/0 0/1/0 0/1/2 0/0/0 0/0/2 0/0/4 0/0/6
QSFP28 QSFP Port QSFP28 TE TE TE TE TE TE

IP Multicast Traffic Port 40GE Port 0/1/1 0/1/3 0/0/1 0/0/3 0/0/5 0/0/7
100/40G 100/40G
C8500-12X4QC SFP+ Ports
10/1 G
SFP+ Ports
10/1G
C8500 -
Third Generation
Quantum Flow Processor
Cisco Enterprise Routing ASIC Leadership
QFP
Continuing Investment in Network Processor Technology

3rd Gen QFP
Up to 200G
2nd Gen QFP

Over 100 Up to 60G
Patents
Awarded! # Cores: 224
Fully integrated # Threads: 896
Performance
1 Gen QFP
st
NPU and IO
Up to 40G device
# Cores: 64
# Threads: 256
NPU## Threads:
Cores: Number of Packet Processing Engines
concurrent, parallel threads processed
# Cores: 40
# Threads: 160
High Speed Backplane Aggregation ASIC
IO Oversubscription & Aggregation ASIC
2008 2012 2020

Increasing network intelligent and services requirements

Cisco Third Generation QFP
Exceptional Data Path ASIC
Multi-Core Parallel Processing

Scalable for Future
High Scale Feature Velocity

Improved Performance, Programmable
Hardware Accelerated IPsec

In-Line Encryption, Decryption
Built-in Layer 2 Sub-system

Better Traffic Management
QFP 3.0 Architecture QFP
DDR4 DDR4 DDR4 DDR4

DDR4 DDR4 DDR4 DDR4
DDR4
DRAM DDR4
DRAM DDR4
DRAM DDR4
DRAM
DDR4
DRAM DDR4
DRAM DDR4
DRAM DDR4
DRAM
DRAM DRAM DRAM DRAM
Multi-threaded Parallel Processing DRAM DRAM DRAM DRAM
16 Channels
DDR4 x18bit
• 28 clusters of 8 PPEs each
DDR4 Memory Controller To Control
• 224 PPEs, 4 threads each  896 threads CPU
HW Assist: PCIe
DST Gen3x4
FLB
Hardware Accelerated Crypto Traffic Manager Crypto PLU
Packet Processor RLB
Engines (PPEs) ARL
TCM
• 16 Crypto Engines with dedicated resources TCAM
TCAM
• Flow queues for complex stateful features Pkt Buffer
Buffer GPM
Buffer Manager
PKT / xBAF
Buffer
DRAM
Buffer
DRAM
DRAM
DRAM
Ingress Classification,
Egress Buffering, Scheduling
Layer-2 Aggregation Accounting, Policing and
Oversubscription Buffer
and Flow Control
• 240Gbps of aggregation L2 MACs w/MACsec / Interlaken & Mesh
• Per Port Classification and Accounting …

QFP
QFP 3.0 Innovation
Traffic Manager Layer 2 Sub-system Inline Crypto

256K useable queues 240Gbps Aggregation Higher IPsec throughput
134K scheduling nodes Per Port L2/L3 classification 16 Crypto Engines
Event driven flow control Next Generation Strong
Encryption: Suite-B
C8500L -
Intel x86 Forwarding
with Advanced Flow-based
Algorithm
C8500L - Performance enhancements using advanced
flow-based forwarding
Multi-Core Parallel Processing
High Scale Feature Velocity

Improved Performance, Programmable
High speed IPsec, with QAT

In-Line Encryption, Decryption
Advanced flow-based forwarding

algorithm
x86
Advanced flow based forwarding on C8500L

Multicore Architecture
Traditional x86 based data planes
12 cores give any packet to any available core.
Dynamic distribution depending on use case
Stateful features require additional

processing and spend time moving
state information.
Specialized Hardware Assist
Crypto supported by dedicated cores

Advanced flow based forwarding
locks a flow to a given core.
Stateful flows are locked to cores to optimize • reduces overhead for stateful features
forwarding. Intel® Quick Assist Technology
(QAT) is used to accelerate cryptography for
maximum secure throughput.
x86
Two modes – data or service plane focused

Data plane focus
• 2 cores for control plane i e
• No cores for services
• 10 cores for data plane
o d
• 2 cores shared for I/O and queuing
• 2 crypto cores (1 encrypt, 1 decrypt) Control I/O & Data Crypto
• 6 cores for feature processing plane queuing plane
Services focus
• 2 cores for control plane io e
d
• 4 cores for services
• 6 cores for data plane
• 1 core shared for I/O and queuing
• 1 crypto core (encrypt and decrypt) Control Services I/O & Data Crypto
• 4 cores for feature processing plane plane queuing plane
CLI configuration and reboot required to change modes. Roadmap for future software to not require reboot.
C8500L-8S4X delivers power in compact package
• C8500L-8S4X delivers all this:
• more performance than C8300 and ASR1001-X platform
• more platform memory for services delivery

D
R
A
M
x86 • flexibility of core allocation for targeted performance
• flow based forwarding algorithm for maximum efficiency
• least physical depth (ideal for COLO)
• optimized power consumption (400W)
C8300 / C8500L / C8500 Data-plane
Heavy Mode
performance comparison
Gb/sec . C8300-2N2S-4T2X ASR1001-X C8500L C8500-12X
CEF 19.9 18.9 20.8 113.6
QFP load based dataplane

x86 flow based dataplane
x86 load based dataplane
IPsec 7.9 5.7 13.2 27.9
NAT 9.4 15.2 17.0 56.8
ZBFW 8.5 18.9 18.8 71.0
FNF (fast mode) n/a n/a 8.1 n/a
GRE 15.6 17.8 18.1 72.2
* IMIX - 352 bytes average, clear text injected traffic rate.

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential All numbers are for aggregate IMIX traffic in Gbps
*IQDF: IPsec + QoS + DPI + FNF
C8300 / C8500L / C8500 Data-plane
Heavy Mode
performance comparison
* Gb/sec . C8300-2N2S-4T2X ASR1001-X C8500L C8500-12X
SDWAN-IQDFNFw 1.8 2.2 3.1 9.2

x86 flow based dataplane
SDWAN-IQDFN
x86 load based dataplane 2.2 2.2 3.9 10.4
SDWAN-IQDF 2.3 2.4 4.0 11.6
SDWAN-IQ 6.1 4.0 8.4 20.6
SDWAN-I 6.8 4.6 8.6 22.6
* IMIX - 352 bytes average, clear text injected traffic rate.

*IQDFNFw: IPsec + QoS + DPI + FNF + NAT + Firewall
C8300 / C8500L / C8500 platform comparison
C8300-2N2S-4T2X ASR1001-X C8500L C8500
C8500-12X: 12x 1/10G
MACSEC availability 6x 1G 8x 1G C8500-12X4QC:
2x 1/10G
on built-in ports + 2x 10G + 4x 1/10G 12x 1/10G
+ 4x 40G/2x 100G
Complete high
No Yes Yes Yes
priority QoS path
Hardware TCAM No Yes No Yes
Maximum memory 32 GB 32 GB 64 GB 64 GB
Default memory 8GB 8 GB 16 GB 16 GB
Size / Depth 2 RU / 18.52” 1 RU / 19.25” 1 RU / 16.3” 1 RU / 18.46”
Max power rating * 650 W 250 W 400 W 750 W
* 1000 W for PoE capable power supplies.
C8300 / C8500L / C8500 platform comparison
C8200-1N-4T C8300-2N2S-4T2X C8500L C8500
C8500-12X: 12x 1/10G
MACSEC availability 8x 1G C8500-12X4QC:
No 2x 1/10G
on built-in ports + 4x 1/10G 12x 1/10G
+ 4x 40G/2x 100G
Complete high
No No Yes Yes
priority QoS path
Hardware TCAM No No No Yes
Maximum memory 32 GB 32 GB 64 GB 64 GB
Default memory 8GB 8GB 16 GB 16 GB
Size / Depth 1 RU / <12” 2 RU / 18.52” 1 RU / 16.3” 1 RU / 18.46”
Max power rating *100W ** 650 W 400 W 750 W
* 150 W for PoE only DC power supply.

** 1000 W for PoE capable power supplies.
Catalyst 8500
IOS XE Software Architecture
IOS XE Richness
Ready on Day 0
L2VPN SD-WAN Aggregation

Business VPNs NAT Firewall Internet Gateway
IPsec Gateway Traditional Routing IPsec Aggregation

High End Branch
Route Reflector
Secure WAN Aggregation VXLAN, OTV
MPLS, L2/L3VPN
NAT, CGN
Data Center Interconnect IOx App-Hosting Key Server
Services Performance Cloud Gateway MACsec
L4-L7 Services
Synchronous Ethernet WAN Aggregation
Cisco Catalyst 8500 Series inherits IOS XE Routing, SD-WAN features!
Open IOS XE — A Modern Operating System Open and Extensible IOS
XE
TCO Savings Automation Continuous Innovation
Confd Telemetry
Native Container
I/O Forwarding Control and Management Apps Apps
VM
CPP SD-WAN IOSd
DPDK
IOS XE Database
Kernel
Kernel
Open, API, Model Driven & Secure Operating Systems

Easy Operations with Single Image
IOS-XE
IOS-XE Single
SD-WAN
IMAGE Image IMAGE
universalk9 universalk9 ucmk9
IOS XE
IOS XE
SD-WAN
‘Autonomous’
‘Controller’
mode
mode
Accelerate SD-WAN
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Simplify Deployments Cloud-scale Applications
Programmability Device Lifecycle Phases
Device YANG Data Models
Zero-Touch, PNP Day 0 Device Network Configuration
Provisioning Onboarding Configuration Protocols
Intent Context
Day n
Cisco Day 1
IOS XE
Guest Shell Device

Optimization Device
Application Hosting Day 2 Telemetry
Python Scripting Monitoring
Catalyst 8500
Performance and Scale
Reference data only, please refer latest release data on salesconnect
SD-WAN Throughput Performance

C8500-12XQC
C8500-12X
31.9
C8500L-8S4X
29.8
22.6
20.6
15.8
14.2
12.5
8.6
8.4
11.6
10.7
10.4
9.2
8.0
4.0
4.0
3.4
3.1
IPSec IPSec + QoS IQDF* IQDF* + ZBFW IQDF* + NAT IQDF* + NAT +
ZBFW
*IQDF: IPsec + QoS + DPI + FNF
IOS XE IPsec Throughput Performance

C8500-12XQC
C8500-12X
46.3
C8500L-8S4X
40.3
35.9
32.4
31.4
13.6
27.9
24.7
21.0
3.6
9.7
7.1
l el l l
n ne nn n ne n ne on
tu tu tu tu rfM
lti- gl
e-
lti- le- Pe
u in u ng C
: M
:S : M Si V
P v4 v 4 P v6 v 6: +
A
cI IP cI IP T
S e
S ec S e
Se
c
N
A
IP IP IP IP +
CL
A
+
oS
Q
+
Sec
IP
IMIX Profile: 64B:7, 594B:4, 1418B:1
IOS XE Performance
C8500-12XQC
C8500-12X
189.8
189.4
189.4
189.3
C8500L-8S4X
141.1
113.9
113.6
97.1
96.8
85.2
85.2
78.9
72.2
71.0
66.3
56.8
22.0
19.0
18.9
18.9
18.6
17.7
16.7
16.3
IPv4 CEF IPv6 CEF ACL PBR NAT HQoS GRE Firewall
IMIX Profile: 64B:7, 594B:4, 1418B:1
SD-WAN 1D-Scale
Feature C8500-12X4QC C8500-12X C8500L-8S4X
IPsec Overlay Tunnels (Viptela) 8,000 8,000 6,000
GRE Overlay Tunnels (Viptela) 8,000 8,000 6,000
DPI Flows 2,000,000 2,000,000 1,000,000
cFlow Flows 2,000,000 2,000,000 1,000,000
OMP Routes (Overlay) 2,000,000 2,000,000 1,500,000
IPv4 Routes 2,000,000 2,000,000 1,500,000
NAT Sessions 6,000,000 6,000,000 2,000,000
Firewall Sessions 6,000,000 6,000,000 2,000,000
ARP Entries 500,000 500,000 300,000
IOS XE 1D-Scale
Feature C8500-12X4QC C8500-12X C8500L-8S4X
ARP Adjacencies 1,000,000 1,000,000
IPv4 Routes 4,000,000 4,000,000 3,500,000
IPv6 Routes 4,000,000 4,000,000 3,000,000
IPsec Tunnels 8,000 8,000 4,000
FlexVPN Tunnels 10,000 10,000 4,000
NAT/PAT Sessions 16,000,000 12,000,000 2,000,000
CGN Sessions 32,000,000 24,000,000 3,200,000
Firewall Sessions 6,000,000 6,000,000 2,000,000
IPv4 ACE 380,000 47,000 50,000
IPv6 ACE 200,000 25,000 25,000
Catalyst 8500 TCAM Capacity
C8500-12X TCAM is high-speed memory for C8500-12X4QC

classification lookups 380,000
47,000 200,000
25,000
Moderate scale TCAM High scale
use-cases TCAM use-cases
IPv4 ACEs IPv6 ACEs IPv4 ACEs IPv6 ACEs
C8500-12X: 10Mb C8500-12X4QC: 80Mb
C8500-12X4QC is better choice for high scale TCAM use-cases

C8500L-8S4X does not use a hardware TCAM.
Catalyst 8500
Solution and Use-cases
Best Platforms for Cloud-scale Enterprise Networks
01 Powerful Data Plane “C8500 Platforms offer best in

QFP x86
class hardware with rich software
Accelerated
features for high performance use-
02 SD-WAN Services cases!” Powerful Data Plane
QFP 3.0, x86 FBD*
Hardware High Speed DIA, DCA High Scale SD-WAN

High Speed
03 Multi-Cloud Access
Accelerated Services 100/40/10/1GE Ports IPsec Tunnels
Highly Scalable
04 Control Plane
*FBD: Flow Based Distribution

Catalyst 8500 Edge Series Platforms
for SD-WAN
100 / 40 / 10 / 1 GE Ports 8000 SD-WAN Tunnels
High Speed DIA, DCA Remote Workforce Aggregation
Headend Multicast Replication High IPsec Throughput
SASE, Cloud Edge Platform High Performance Services

SD-WAN
Data Center Hub Campus Edge
for Cloud-Scale, Co-location
Large capacity in small form factor
Cloud MSP: Edge, CPE Co-lo, Cloud Gateway
Rich Features Highly Scalable

Multi-tenant, VRF Aware 8000 VRFs
VxLAN Up to 4M IPv4, IPv6 Routes
Route Scale Up to 16M NAT, 32M CGN
Convergence Services Up to 6M Firewall Sessions
IPsec, NAT, Firewall 8000 IPsec Tunnels
B2B Redundancy WAN MACsec on all ports
Port Flexibility: 100/40/10/1G Small 1 RU form factor Platinum Power Efficiency
for Enterprise Networks
Traditional Routing Headend Applications
DCI
Remote Users
WAN Aggregation
Internet
Gateway
Campus
WAN Internet
Cloud
IaaS
Edge
High End SaaS
Branch
DC/Private Cloud
IPsec Gateway
High Speed Customer Edge IPsec VPN, GETVPN Data Center Interconnect
SD-Access L2 and L3 VPN Internet Gateway
High Scale NAT, Firewall

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential DMVPN, FlexVPN High Speed Cloud Access
for MSP Applications
Remote Workforce Access and Aggregation MSP Edge
Cloud Convergence
MPLS Traffic Engineering IPsec Cloud SP Cloud

Wireless
Peering
Segment Routing NAT
IPsec, NAT, Firewall Firewall

Services VxLAN
AVC, NBAR2
Business Wire line Route Reflector
ETTx
VPN RR
IP/MPLS RR
CPE xDSL
Core
P
xPON
DSLAM
Micro-Branch
PE Content Farm
L2VPN
OLT L3VPN
Lawful Intercept Gateway VOD TV SIP

One Platform, Many Solutions
SD-WAN Internet Gateway Cloud GW, CoLo Secure WAN
High Speed DIA, DCA High Throughput Performance Multi-Tenant, VRF Aware Site-to-site, Remote
Access VPN
Headend Multicast Replication High Scale NAT, AVC, Firewall High Scale NAT, AVC, Firewall
GETVPN, DMVPN, FlexVPN,
Feature Inheritance Direct Internet Access Inter VRF
IPsec over GRE, sVTI
Communication-VASI
1G, 10G, 40GE, 100GE 1G, 10G, 40GE, 100GE
High Scale NAT, AVC, Firewall
Port Connectivity Port Connectivity Stateless/Stateful
Box-to-Box Redundancy Cisco WAN MACsec
SD-Access DCI Network Infra Cloud MSP

Control-Plane Node EoMPLS, L2TPv3, MPLS, Segment Routing Multi-Tenant, VRF Aware
VPLS, MPLS
Border Node L2VPN, L3VPN VxLAN
Overlay Transport Virtualization
SD-A/SD-WAN Multi-Domain mVPN Route Scale
VxLAN
MPLS-TE Convergence Services
Cisco WAN MACsec
AVC, H-QoS IPsec, NAT, Firewall
Route Reflector B2B Redundancy
Catalyst 8500 Inherits Cisco ASR 1000 features for IOS XE and IOS XE SD-WAN use-cases
Key Takeaways
Highly Capable 1RU SD-WAN Headend Solutions
Ready for the Agile Cloud Journey 1st 100/40GE Port Accelerated Services using Up to 200Gbps
High Speed Cloud Access 1RU SD-WAN 3rd Gen QFP or x86 CEF Aggregate
Platform architectures Throughput
Multi-Cloud Application Optimization
Compact, Powerful 1RU Platforms
QFP x86
Ready for 5G, Edge Compute
3rd Generation QFP In-Line Crypto
SASE driven Feature Innovations
Improved Services Performance
QFP
5G Ready Edge Intelligence

High End Aggregation 100/40/10/1GE Port x86
flexibility
Multi-Domain Intent Based Networking
Equipped with User Centric Design

Operational Ease for better Tracing
Built-in Interface
Passive UHF Radio Frequency ID High Performance
Flexibility Highly Programmable
Easy Access Label Tray 100/40/10/1GE
IPsec, MACsec
Field Replaceable FAN Tray

Catalyst 8500 TDM

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Catalyst 8500 TDM

Uploaded by

Copyright:

Available Formats

Cisco Catalyst 8500 Series Edge

Sumant Mali / David Roten

1 Catalyst 8000 Edge Platforms Family 5 IOS XE Software Architecture

2 Cisco Catalyst 8500 Series Edge Platforms 6 Performance and Scale

3 C8500 and C8500L Overview 7 Solutions and Use Cases

4 C8500 and C8500L Platform Architecture 8 Key Takeaways

Mobile Users Campus & Branch Users

Multicloud Multi-Layer Multi-Domain

Any Transport Satellite Internet MPLS 5G/LTE SDCI*

Any Location Branch Colocation Cloud Remote Work

* Software Defined Cloud Interconnect

Catalyst 8500 – Catalyst 8500L

QFP User Centric

Integrated Rich Services Scale

Edge Intelligence Multi-layer Security

C8500-12X4QC QFP based hardware forwarding

Advanced Flow based forwarding

C8500 Hardware C8500L Hardware

Exceptional Hardware IOS XE Richness User Centric Design

CEF: up to 200 Gbps

CEF: up to 120 Gbps

Option Port Speed Maximum Port Configuration

Option 2 1 x 100GE + 3 x 40GE Ports

40G 40G 40G 100G

1/10G 1/10G 1/10G 1/10G 1/10G 1/10G

100G 1/10G 1/10G 1/10G 1/10G 1/10G 1/10G

Option 4 4 x 40GE + 8 x 10GE

1/10G 1/10G 1/10G 1/10G

40G 40G 40G 40G 1/10G 1/10G 1/10G 1/10G

1/10G 1/10G 1/10G 1/10G 1/10G 1/10G

40G 40G 40G 1/10G 1/10G 1/10G 1/10G 1/10G 1/10G

Option 6 1 x 100GE + 1 x 40GE + 8 x 10GE

1/10G 1/10G 1/10G 1/10G

100G 40G 1/10G 1/10G 1/10G 1/10G

1/10G 1/10G 1/10G 1/10G 1/10G 1/10G

1/10G 1/10G 1/10G 1/10G 1/10G 1/10G

Option 6,7 C8500-12X4QC: 12 x 1/10GE + 12 x 10GE*

1/10G 1/10G 1/10G 1/10G 1/10G 1/10G

4x10G 4x10G 4x10G 1/10G 1/10G 1/10G 1/10G 1/10G 1/10G

12 x 10GE using Breakout Cable

Secure Platform with Trustworthy Solutions

Hardware CPU CPU CPU CPU CPU

First instructions run on CPU stored in tamper-resistant hardware

Confidentiality Integrity Authenticity

Ultra High Frequency (UHF)

860 to 960 MHz

Good read range

Label Tray contains

Label tray contains a QR code with information encoded in it

PSU FAN AC Input PSU FAN DC Input

AC Power Supply DC Power Supply

Replaceable FAN Tray N + 1 FAN Redundancy Front-to-Back Airflow

Built-in Port LEDs Minor Critical

LED Amber Port is

LED Green Port is

Similar LEDs applicable for C8500-12X4QC and C8500-12X platforms

Traditional RJ45 Console Port

Dedicated Management Interface

2 x USB 3.0 Ports

Circle Pattern Rounded Frame

Chassis Mgmt. Bay 2 Bay 1 Bay 0

QSFP28 QSFP Port QSFP28 TE TE TE TE TE TE

Third Generation QFP Built-in Cryptography

Chassis Mgmt. Bay 0