Catalyst 6500 Sup2T New ACL Dry-Run and Atomic Commit Verification

Visit the Link

November 30th, 2011

Access Control List or ACL are important tools in the configuration and customization of network attributes, especially with the Catalyst 6500. In the Catalyst 6500 upgrade with Sup2T, the TCAM has been both increased and its architecture improved. For ACL, a major concern was the lack of visibility of TCAM overflows when new ACL scripts were submitted, disrupting network operation. Therefore, Cisco developed the ACL Dry Run and ACL Atomic Commit to mitigate this scenario. To verify ACL improvements, we use ACL Dry-Run to assure that the TCAM would not overflow, and then implement the changes safely with ACL Atomic-commit; assuring no network interruption. It’s a great short video that verifies how useful these new tools are in ACL management.

Download “A Comprehensive Testing of Cisco Systems Catalyst 6500 Sup2T” report here.

A Comprehensive Testing of Cisco Systems Catalyst 6500 Sup2T

Get the White Paper

November 30th, 2011

During the week of October 31, 2011, the Lippis Report tested Cisco System’s new Catalyst 6500 with Supervisor 2T or Sup2T for performance, upgradability, control and scalability at Ixia’s modern iSimCity laboratory in Santa Clara CA. By all counts, Cisco’s upgrade of the Catalyst 6500 via its new Sup2T, is its most ambitious and thoughtful yet for the venerable platform. The Sup2T is a major upgrade to the most widely-deployed switching platform in campus and data center networking. It’s the new Catalyst 6500’s network services that deliver most of the value, which is partially found in the Sup2T’s Policy Feature Card or PFC that increases NetFlow monitoring and a new TCAM design offering improved Access Control (ACL), Quality of Service design options, encryption security and many other features. This Lippis Report test verifies many of Cisco’s performance and upgradability claims. While it’s impossible to test all of the Catalyst 6500’s new 200-plus features with the Sup2T, we rather focus on a select few that will have the widest impact on IT business leaders’ product acquisition decision process.

Catalyst 6500 Sup2T 802.1ae MACSec Throughput Performance

Visit the Link

November 30th, 2011

MACsec encryption has become increasing popular and important to campus network design, but previous switch performance degraded when encrypted traffic was passing through it. Here we show that the catalyst 6500 does not suffer a performance degrade while MACsec traffic is passing through it. We tested the Catalyst 6500 via the cPacket Networks cTap 10G passive probe to verify traffic flows were either MACsec encrypted or unencrypted. We found that there is no material difference in throughput performance, other than 802.1ae encryption key overhead, thanks to 16 additional bytes per packet. The cPacket passive probe also measured line rate throughput performance. This is a great short video that verifies how the old encryption performance penalty is now gone.

Download “A Comprehensive Testing of Cisco Systems Catalyst 6500 Sup2T” report here.

Catalyst 6500 IPv4/IPv6 & IP Multicast Performance

Visit the Link

November 30th, 2011

For IPv4 and IPv6, dual stack implementations are most popular where desktops and mobile devices run both IPv4 and IPv6, therefore, the network infrastructure needs to support both equally at high performance. IPv6 performance has not been on par with IPv4 until now. To demonstrate how the Catalyst 6500 upgrade with Sup2T has improved IPv6 performance, we measure IPv4 and IPv6 unicast and bidirectional traffic performance via RFC 2544. IP Multicast traffic has been on the rise, thanks to the increased use of video services within the enterprise. Therefore, we test IP Multicast performance via RFC 3918 on the new Catalyst 6500 Sup2T to stresses its packet replication ASIC built into the 6908-10G line cards. We find that the new Catalyst 6500 delivers equal Ipv4 and Ipv6 performance; a 2x increase from the Sup720 for IP unicast, bidirectional and multicast forwarding.

Download “A Comprehensive Testing of Cisco Systems Catalyst 6500 Sup2T” report here.

Catalyst 6500 Sup2T Network Virtualization via MPLS/VPLS Performance

Visit the Link

November 30th, 2011

Network virtualization, or the ability to divide a physical network into multiple logical networks with unique attributes, is a design that has grown in popularity as IT business leaders have sort ways to segment their network with different attributes for different user groups. This is popular in healthcare, education, travel and other industries. Network virtualization can be implemented either in IP, and/or MPLS. In addition connecting the Catalyst 6500 directly to service provider MPLS networks is another popular design; therefore we test throughput performance for both scenarios here.

For active-active data center operation, disaster planning and load balancing are best practices when connecting data centers via MPLS or VPLS. VPLS layer 2 connected data centers deliver LAN-like service over the campus and/or wide area network. Layer 2 connectivity is important as server-server communications expect layer 2 connectivity as most applications have been designed with this assumption. For connecting more than two data centers, VPLS offers mesh connectivity. Data centers connected via VPLS look and act as if they are on the same LAN. Therefore, we test that VPLS throughput performance rates are equally high performance in this scenario as MPLS.

Download “A Comprehensive Testing of Cisco Systems Catalyst 6500 Sup2T” report here.