Router Architecture Slots Install

Cisco’s Integrated Services Routers
Thomas Krewedl
tkrewedl@cisco.com
0664-4234611
Session Number
Presentation_ID © 2004 Cisco Systems, Inc. All rights reserved. 1
Agenda
• Market Trends and Momentum for Services

• Cisco Integrated Services Routing Architecture
• Cisco’s Integrated Services Routing Portfolio
• Wireless Services on the Cisco 2800 & 3800 Series
Integrated Services Routers

MARKET TRENDS AND
MOMENTUM FOR SERVICES
Presentation_ID ©
© 2004,
2004 Cisco
Cisco Systems,
Systems, Inc.
Inc. All
All rights
rights reserved.
reserved. 3
Customer Priorities
Q. What functions that SHOULD be router-integrated?

Firewall
VPN
Intrusion Detection
Anti-Virus Software
IP Telephony
Compression
Content Filtering
Caching
QoS
Streaming
Multicasting
0 50 100 150 200 250
Cisco-Sponsored Yankee Survey: June 03 n=331
New Router Portfolio That Extends Integrated
Services to Businesses of All Sizes
• FIRST portfolio engineered for

secure, wire-speed delivery of
concurrent data, voice and video
services
• Cisco’s integrated systems
approach to embedded services
speeds deployment and reduces
operating costs and complexity
• Founded on more than 20 years
of innovation and leadership—
FIRST to embed security and
voice services into a single
routing system

Cisco’s New Integrated Services Routers
New Systems Approach For Services
Embedded Security tightly

integrated with Voice
Sustained wire-speed
3800 series performance with
concurrent services
Up to… 5X
service density,
7X performance,
4X memory! Integrated
Services 2800 series
Backward Routers
compatibility with Industry-leading
existing router network
modules for solid availability and
investment protection
1800 series resilience

The Value of a Systems Approach
Tightly Integrated Services
V3PN Toll-Quality Secure

(IPSec, QoS, GRE) Voice
Deliver latency- (Voice, QoS, sRTP)
sensitive data, Deliver toll quality IP
voice, video traffic Telephony over an IP
across the VPN WAN
Voice Security
DMVPN Routing
Network
(IPSec, NHRP, OSPF) Services Admission Control
Enables on-demand (EAP, Radius ACLs)
and scalable full VPN Limits network access
mesh and easy to to compliant and
manage. trusted endpoints

Scalable from Small Business to Large Enterprises
Right-Sized Router, Right-Sized Requirements
3800 Series
Performance and Services Density
2800 Series
FCS Oct 04
Highest Density 1800 Series
and Performance
for Concurrent FCS Sept 04
Services
Embedded, Advanced Voice, Video, FCS Sept 04
Data & Security Services
Integrated Security & Data
Enterprise Branch SM Branch SMB
Investment Protection and Migration Path
FCS Oct 04
FCS Sept 04 Cross compatibility
Cisco with existing router
3800 Cisco 2800 modules
Series Series
Increased default
FCS Sept 04 memory
Cisco Additional DRAM,
1800 reduced costs
Series New feature
Cisco development and
additions until IOS
3700 12(5) mainline
Series Cisco
2600XM Cisco No EOS for at least
Series 1751/ 18-24 months
Cisco
1760 1721 Continued software
support for 5 years
after last sale
Cisco’s Integrated Services Routers
CISCO 3825 CISCO 2801

$9500 $1995
CISCO 2811
$2495
CISCO 3845
$13000
CISCO 2821
$3895
CISCO 2851
CISCO 1841 $6495
$1395

18/28/3800 Concurrent Services at Wire Speed
3845
1 T3/E3
CME:240
T3/E3 SRST:720
3825
½ T3/E3
CME:168
SRST:336
Multiple T1/E1/xDSL 2811 2821 2851
2 T1/E1 4 T1/E1 6 T1/E1
2801 CME:36 CME:48 CME:96
1 T1/E1 SRST:36 SRST:48 SRST:96
CME:24
SRST:24
T1/E1/xDSL 1841
1 T1/E1
Wan Bandwidth
2800/3800 Platform Overview
70-100kpps
2801 64F/128D DDR
•
•
Complete New Line of Full Service Branch Access Routers
2-5x Increased routing performance *
• 2-10x services performance *
USB FE FE HWIC VWIC HWIC VWIC • Concurrent Services running at Wire-Rate
• Increased Memory
• Integrated 10/100/1000 LAN, Security and Voice options
130-160kpps
2811 64F/256D DDR
•
•
New Modules (GE, Switch, Voice)
New higher speed module technologies
• NMEs, HWICs, EVMs
HWIC HWIC FE
NME HWIC HWIC FE
USB
USB • Supports most current 1700/2600 modules
180-210kpps 280-350kpps
2821 64F/256D DDR 3825 64F/256D
NME
GE GE HWIC HWIC
EVM HWIC HWIC GE USB
HWIC HWIC
NME
USB
USB NME HWIC
USB
HWIC GE SFP
200-250kpps
2851 64F/256D DDR 400-500kpps
3845 64F/256D
HWIC HWIC USB GE
GE GE
HWIC HWIC
EVM USB
USB
USB HWIC HWIC HWIC HWIC GE SFP
NME NME NME

Presentation_ID © 2004 Cisco Systems, Inc. All rights reserved. NME NME 12
CISCO’S INTEGRATED SERVICES
ROUTING ARCHITECTURE
Presentation_ID ©
© 2004,
2004 Cisco
Cisco Systems,
Systems, Inc.
Inc. All
All rights
rights reserved.
reserved. 13
NEW Architecture-Core/Memory
Flash DRAM Flash DRAM
CPU CPU
RTC
PCI ASIC
Current NEW
DRAM/Flash 256M EDO/48M Up to 4X the density
Processor Up to 40Mbps Up to 250Mbps
Real Time Time-of-day on system power up.
N/A
Clock Necessary for certificates
Module Integration communication
Custom ASIC N/A
(HWIC, NM, AIM, DSPs,etc…)

NEW Architecture-WICs/Network Modules
USB
Flash DRAM Flash DRAM USB
WIC
HWIC
WIC RTC CPU HWIC
CPU
HWIC
FE DSP HWIC
PCI ASIC
FE VPN GE
GE
AIM
AIM
AIM EVM
In-line NM
NME
Power In-line Power
Current New
Up to 4 NMs (400Mbps aggregate) Up to 4-NME (up to 1.2Gbps aggregate)
Up to 3 WICs (8Mbps shared) Up to 4 HWICs (800Mbps aggregate)
External Device for Inline Power
Internal Inline Power (up to 360W)
(exception 3700
NEW Architecture-AIMs/USB/LAN Interfaces
USB
WIC
HWIC
WIC RTC CPU HWIC
CPU
HWIC
FE DSP HWIC
PCI ASIC
FE VPN GE
GE
AIM
AIM
AIM EVM
In-line NM
NME
Power In-line Power
Current NEW
Single/Dual FE Dual FE/GE, Optional GE SFP HWIC
1-2 AIMs 1-2 AIMs – Higher speed
No USB ports 1-2 USB ports per chassis
NEW Architecture-Security
USB
WIC
HWIC
WIC RTC CPU HWIC
CPU
HWIC
FE DSP HWIC
PCI ASIC
FE VPN GE
GE
AIM
AIM
AIM EVM
In-line NM
NME
Power In-line Power
Current NEW
Requires AIM Built-in VPN or AIM
DES/3DES/AES128,192,256

NEW Architecture-Voice
USB
Flash DRAM USB
Flash DRAM WIC
HWIC
WIC RTC CPU HWIC
CPU HWIC
FE DSP HWIC
ASIC
PCI VPN GE
FE GE
AIM
AIM EVM
AIM
In-line NM NME
Power In-line Power
Current NEW
Requires Voice NM HWICs support VICs and EVM slot
Dedicated DSPs Shared DSP slots on MB
TDM switching 3700 only TDM switching supported in 2800/3800 series

CISCO’S INTEGRATED SERVICES
ROUTING PORTFOLIO
Presentation_ID ©
© 2004,
2004 Cisco
Cisco Systems,
Systems, Inc.
Inc. All
All rights
rights reserved.
reserved. 19
New Cisco 3845 Router
Power + 802.3af
Power + 802.3af
VPN AIM AIM
USB HWIC HWIC HWIC HWI GE

USB C GE SFP
NME X NME D XD
NME X NME D XD
4 single-wides /4 single-wides
NME/HWIC Slots
Can accommodate up to 2 EVMs in any NME slot
Onboard DSP Slots 4
Internal Power Supplies 1-2 (AC, AC+IP, DC), RPS support
VPN Tunnels 2500 (AIM), or 700 (VPN on-board)
New Network Module and WIC Slot Types
NM i.e16ESW
NME i.e EVM-HD-xxx

removable slot
dividers
NME-X Future Use
NMD i.e. 36ESW
NME-XD
Future Use
HWIC HWIC-D
Power + 802.3af
VPN AIM AIM
NME X D XD
NME X HWIC HWIC GE USB

USB
HWIC HWIC GE
SFP
2 single-wides /4 single-wides
NME/HWIC Slots
Can accommodate up to 1 EVM in any NME slot
Onboard DSP Slots 4
Internal Power Supplies 1 (AC, AC+IP, DC), RPS support
New Cisco 2851/2821 Router
Power + 802.3af VPN AIM AIM
GE GE HWIC HWIC USB

EVM
HWIC HWIC USB
NME X D XD
GE GE HWIC HWIC USB

EVM
HWIC HWIC USB
NME X
New Cisco 2811/2801 Router
HWIC HWIC FE USB

NME
HWIC HWIC FE USB
Power + 802.3af
VPN AIM AIM
USB FE FE HWIC VWIC HWIC VWIC

2800 Comparison
2801 2811 2821 2851

NME / Dedicated EVM Slot 0/0 1/0 1/1 1/1
HWIC 2 4 4 4
Onboard DSP Slots 2 2 3 3
Onboard LAN 2 FE 2 FE 2 GE 2 GE
Internal Power Supply/RPS support 1/No 1/Yes 1/Yes 1/Yes
VPN Tunnels (VPN on-board/AIM) 100/800 150/1800 250/1800 300/1800

Power
VPN AIM
USB FE FE HWIC HWIC
The only Desktop form factor model
HWIC Slots 2 single-wides

Onboard DSP Slots None, Data Only
Internal Power Supply 1 (AC only), no RPS support

Cisco Access Router Interface Cards and Modules
• Supports 90+ existing

NM, WIC/VIC/VWIC, AIM
• Flexible expansion
(HWIC NME, EVM),
additional concurrent
services
• Updated Cisco Access
Router Quick Reference
Guide

High-Speed WAN Interfaces
New
9 & 4 port Etherswitch HWICs
• Support in 1800/2800/3800
• Low density L2 switching
• Supports standards based POE (802.3af)
with optional inline power supply

High-Speed WAN Interfaces
New
Gigabit Ethernet HWIC
• Offers Optical and Copper connectivity without

NM occupancy
• Support in 2811, 2821, 2851 & 3800 only

Extended Voice Module (EVM-HD)
EM 1
New
EM 0
RJ21
Connector
• EVM (voice/fax expansion modules) supports high-

density FXS, FXO, Analog-DID and BRI ports
• Baseboard: EVM-HD-8FXS/DID
• Expansion Modules:
EM-HDA-8FXS EM-HDA-3FXS/4FXO
EM-4BRI-NT/TE EM-HDA-6FXO

Removing Compact Flash (CF)
1 Removing CF
1. Press ejector button and
arm extends
2. Push ejector arm in and
CF comes out
2
Installing CF
6. Ejector arm pushed in
7. Insert CF into slot and
push in
• Storage of IOS image, SDM, CME files, VLAN, etc…

• Do not remove CP from operating router
Integrated Power Supply
Field Replaceable AC/DC and AC+POE

PVDM2 Installation
1. Angle PVDM into slot to seat

PVDM2 Installation
Installation order:
PVDM0
PVDM1
Removal order:
PVDM2
PVDM2
PVDM1
PVDM0
To remove
Prey open tabs
on both sides
2. Push up and snap into place

NME Slot
Removable
Align NME with grooves slot dividers
Wireless Services on the
Cisco 2800 & 3800 Series
Integrated Services Routers
Presentation_ID ©
© 2004,
2004 Cisco
Cisco Systems,
Systems, Inc.
Inc. All
All rights
rights reserved.
reserved. 36
Outline
• Wireless Services on Routers

Cisco Integrated Services Routers
Wireless Services for Branch Offices
Fast, Secure Mobility
Survivable Local Authentication
Scalability
Feature Sets
• Future Services – SWAN support

Rogue Detection
Assisted Site Surveys

Wireless Services Integrated With Wired
Infrastructure
HQ / CAMPUS BRANCH 1
Catalyst 6500
W Series WLSM
LAN core & WAN
LAN access layer with

Catalyst 6500 W W per-switch wireless VLANs
Series WLSM
Wide
Area
Network
LAN access layer (Intranet)
BRANCH 2
Cisco 3800 &
2800 Routers
W
LAN with site-wide
wireless VLANs
Guest Phone Employee

Wireless Services –
Fast Secure Mobility for Voice, Video, VPN
ACS WLSE
LAN core & WAN

W per-switch wireless VLANs
W
Wide
Area
Network
Layer 3
Fast secure
mobility (as
W
little as 50ms)
LAN with site-wide maintains
wireless VLANs latency-sensitive
connections
Layer 3
Layer 2
Fast Secure Mobility for Voice, Video, VPN
• Fast secure mobility enables wireless clients to maintain

voice, video, VPN connections when moving between access
points
• Mobility time is reduced from ~500ms to as low as 50ms

through WDS-based authentication for the handoff
No need to go back to the ACS server across the WAN for
authentication again (note that the initial authentication still
requires access to the ACS server)
• Supported with:
Cisco Aironet Access Points, and
Cisco Aironet or Cisco Compatible client devices that support the
Cisco Centralized Key Management protocol and Cisco LEAP

ACS WLSE
ACS Survivable
Failure W Local
Authentication
LAN core & WAN

Survivable W W Backup per-switch wireless VLANs
Local Switch &
Authentication WLSM
Wide
Area
Network
Survivable
WAN Local
Failure W
Authentication
LAN with site-wide
wireless VLANs
Guest Phone Employee

• The wireless LAN can survive a variety of failures:

WAN Link Failures – through dial backup & local
authentication
ACS Server Failures – through local authentication
• During a loss of connectivity to the ACS server:
Clients already connected to the network maintain their
WLAN access
New clients trying to authenticate to the network are
authenticated by the local authentication server
• Supported with:
Cisco Aironet Access Points, and
Cisco Aironet or Cisco Compatible client devices that
support the Cisco Centralized Key Management protocol
Presentation_ID
and Cisco LEAP
© 2004 Cisco Systems, Inc. All rights reserved. 42
Scalable for Branch Offices of All Sizes
Local
Access
Authentication
Points
Client
Supported
Database
Cisco 3845 100 APs 1000 clients
Cisco 3825
50 500
Cisco 3745
Cisco 3725 25 250
Cisco 2851 20 200
Cisco 2821
Cisco 2811 10 100
Cisco 2691
Cisco 2600XM 5 50
Cisco 2801 Future

Feature Sets Supported
Wireless
IOS 12.3(11)T or later
Services
IOS Advanced Enterprise Services feature set (K9) 

IOS Advanced IP Services feature set (K9) 
IOS Advanced Security feature set (K9) 
IOS SP Services feature set (K9) 
IOS Enterprise Services feature set (K9) 
Note – The above feature sets include the wireless services – no additional feature License is required.

Outline
• Wireless Services on Routers

Cisco Integrated Services Routers
Wireless Services for Branch Offices
Fast, Secure Mobility
Scalability
Feature Sets
• Future Services – SWAN support

Rogue Detection
Assisted Site Surveys

RM Aggregation for Rogue Detection
ACS WLSE
Rogue AP
LAN core & WAN

W per-switch wireless VLANs
W
Wide
Area
Network
RM Aggregation
W
LAN with site-wide
Rogue Access
wireless VLANs
Point
RM RM
Guest Phone Employee RM

Radio Management Aggregation for Site Surveys
1. CiscoWorks WLSE instructs APs to measure and report the Radio Frequency
(RF) environment and pushes optimal RF configurations to APs
2. CiscoWorks WLSE uses measurements from a client as it walks the
perimeter of the coverage area to further fine-tune RF coverage
WLSE
CiscoWorks WLSE
controls the process

Roadmap
Router-IOS Future
Benefit
12.3(11)T Releases
WDS with fast, secure layer 2 roaming

Security,
Fast Mobility 
IEEE 802.1X (backup) local
authentication for LEAP clients
High Availability 
Access point support (minimum AP1100, AP1200 AP-IOS 12.3 AP-IOS
release) compatible (11)JA Fluorine
Rogue Detection, Spring’05
RM aggregation
Site Survey, 12.3(6th)T,
WLSE support
SWAN WLSE 3.0

New IOS Software Architecture in 12.3
Simplified Image Selection
• Simplifies options (from 44 to 8)

Advanced Enterprise Services
SSH NAC• “Advanced Security” replaces:
IP/FW/IDS IP FW
Advanced IP Enterprise IP Plus IPSec IP/FW/IDS/IPSec
SSH
Services NAC Services • Security features
SSH
Network Admission Control
Advanced SP Enterprise IOS Firewall

Security Services Base Intrusion Prevention
SSH NAC SSH SSH
DMVPN, AES
IP
SSH and SNMPV3 (DES)
Voice
• As you step up, all features below
are inherited
IP Base
• www.cisco.com/go/fn

Cisco 1800/2800/3800 Release Plan
• 3800, 2800, 1800 Platforms Announcement:

External Announcement – Sept 14, 2004
• For 1800/2800 Platforms:
T train release – 12.3(8)T
Target CCO date 9/13/2004
Target Orderability date – 9/16/2004
Target FCS date - End of Sept 2004
• For 3800 Platforms:
T train release - 12.3(11)T
Target CCO date – Oct 2004
Target FCS Oct 2004

Q and A
Presentation_ID ©
© 2004,
2004 Cisco
Cisco Systems,
Systems, Inc.
Inc. All
All rights
rights reserved.
reserved. 51
Presentation_ID ©
© 2003,
2004 Cisco
Cisco Systems,
Systems, Inc.
Inc. All
All rights
rights reserved.
reserved. 52

Router Architecture Slots Install

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Router Architecture Slots Install

Uploaded by

Copyright:

Available Formats

Cisco’s Integrated Services Routers

• Market Trends and Momentum for Services

Presentation_ID © 2004 Cisco Systems, Inc. All rights reserved. 2

Q. What functions that SHOULD be router-integrated?

• FIRST portfolio engineered for

Presentation_ID © 2004 Cisco Systems, Inc. All rights reserved. 5

Embedded Security tightly

Presentation_ID © 2004 Cisco Systems, Inc. All rights reserved. 6

V3PN Toll-Quality Secure

Presentation_ID © 2004 Cisco Systems, Inc. All rights reserved. 7

CISCO 3825 CISCO 2801

Presentation_ID © 2004 Cisco Systems, Inc. All rights reserved. 10

NME NME NME

Flash DRAM Flash DRAM

Presentation_ID © 2004 Cisco Systems, Inc. All rights reserved. 14

Presentation_ID © 2004 Cisco Systems, Inc. All rights reserved. 17

Presentation_ID © 2004 Cisco Systems, Inc. All rights reserved. 18

USB HWIC HWIC HWIC HWI GE

NME i.e EVM-HD-xxx

NMD i.e. 36ESW

NME X HWIC HWIC GE USB

Power + 802.3af VPN AIM AIM

GE GE HWIC HWIC USB

GE GE HWIC HWIC USB

HWIC HWIC FE USB

USB FE FE HWIC VWIC HWIC VWIC

Presentation_ID © 2004 Cisco Systems, Inc. All rights reserved. 24

2801 2811 2821 2851

Presentation_ID © 2004 Cisco Systems, Inc. All rights reserved. 25

USB FE FE HWIC HWIC

The only Desktop form factor model

HWIC Slots 2 single-wides

Presentation_ID © 2004 Cisco Systems, Inc. All rights reserved. 26

• Supports 90+ existing

Presentation_ID © 2004 Cisco Systems, Inc. All rights reserved. 27

Presentation_ID © 2004 Cisco Systems, Inc. All rights reserved. 28

• Offers Optical and Copper connectivity without

Presentation_ID © 2004 Cisco Systems, Inc. All rights reserved. 29

• EVM (voice/fax expansion modules) supports high-

Presentation_ID © 2004 Cisco Systems, Inc. All rights reserved. 30

• Storage of IOS image, SDM, CME files, VLAN, etc…

Field Replaceable AC/DC and AC+POE

1. Angle PVDM into slot to seat

2. Push up and snap into place

• Wireless Services on Routers

• Future Services – SWAN support

Presentation_ID © 2004 Cisco Systems, Inc. All rights reserved. 37

LAN core & WAN

LAN access layer with

Guest Phone Employee

LAN core & WAN

LAN access layer with

• Fast secure mobility enables wireless clients to maintain

• Mobility time is reduced from ~500ms to as low as 50ms

Presentation_ID © 2004 Cisco Systems, Inc. All rights reserved. 40

LAN core & WAN

LAN access layer with

Guest Phone Employee

• The wireless LAN can survive a variety of failures:

Presentation_ID © 2004 Cisco Systems, Inc. All rights reserved. 43

IOS Advanced Enterprise Services feature set (K9) 

Presentation_ID © 2004 Cisco Systems, Inc. All rights reserved. 44

• Wireless Services on Routers

• Future Services – SWAN support