How To Configure Cisco Catalyst 9300 Switch?
Designed to leverage assurance, security, and automation capabilities for the Cisco SD access and DNA center, the Catalyst 9300 Switches set the...
Cisco has managed to blow our minds with switch options so I am going to try and simplify what the 9300 options are and how they compare. There are 84 different models… 84!?!? 84 includes both -E and -A software options (-E stands for Network Essentials which is layer 2 and some basic layer 3 functions. -A stands for Network Advantage and fully supports Layer 3 and protocols such as OSPF, BGP, EIGRP, etc.) so there are actually 42 different models. Still kind of absurd:-) Outside of any specific support for L3 features, the 3850 switch model selection process mostly could be answered with 4 questions. How many ports? Do you need PoE? How much PoE? What uplinks? There were basically 6 different models: the 24 and 48-port versions of data-only (no PoE), PoE+, or UPoE. Then there are always a few models that push into really being aggregation switches rather than access. New to switching in the 3850s was the support of Multi-Gig technology which should probably be part of new deployments moving forward to connect APs. There was only a handful of different options depending on what you wanted to do. The introduction of 42 new switch models is quite an addition to the portfolio. So, let’s break the models down and try to get to a more manageable list to choose from.
**update** Did you hear that C9300s can now be managed by the Meraki dashboard? They can! For more information, visit Meraki Managed 9300s.
First, let’s go ahead and understand that the ASIC is something that will be used to differentiate all the variations of Cisco switches moving forward. ASIC stands for Application-Specific Integrated Circuit. I think of ASIC(s) as specialized PC processors. They are more specifically computer chips customized for a particular use case. Certain chip configurations will perform better at processing video codecs, while others tuned in a different manner process voice traffic more efficiently.
It’s basically breaking down a standard “processor” into literally millions of variations of that processor to maximize its intended use. The maximum complexity (or the number of ways to ‘configure’ a processor) possible in an ASIC has grown from 5,000 logic gates (variations) to over 100 million. Yes, the new ASIC(s) support more throughput, but do you really need the extra horsepower in the access layer? Maybe, maybe not. I think the performance improvements are "nice to haves" for the most part as I haven't heard a customer tell me they had processor/performance issues on access switches since the early 2000s.
Second, let's briefly mention the forced purchase of Cisco DNA (Digital Network Architecture). In order to purchase any of the new Catalyst 9K through channel, it is also required that a 3, 5, or 7-year DNA subscription be purchased. This must be purchased whether you intend to use DNA or not. In order to use DNA, an $80K DNA appliance is required which most enterprises have not adopted. Most people that I have spoken with say they have no intention of renewing DNA after their initial purchase subscription expires.
The nomenclature is basically the same as in previous generations:
The table below breaks the different models down a bit further. Two of the models are for very specific use cases and will likely not be needed any time soon for the majority of enterprise networks. Most everyone can immediately discard C9300X, C9300LM, C9300UB, UXB, or -UL models leaving 12 different C9300 options and 14 different C9300L. So the first question is do you want fixed or modular uplinks? Modular uplinks came into play with the 3750X which seems like a good idea. We're able to change the uplink interfaces on these switches by simply changing out the network module rather than replacing the entire switch. In reality, I've never had a customer call and ask for a quantity of uplink mods to upgrade their infrastructure. By the time this requirement is realized, we're usually being pushed to simply upgrade the switch.
C9300X models as an access switch can also be eliminated for most. These are really more of an aggregation switch with 12 and 24 ports of 25G SFP28. The other two models are 24 and 48-port mGig UPoE+. Unless you have 48 devices requiring 90W of PoE per port, the C9300 or C9300Ls can suffice.
C9300LM models can also be eliminated for most. These specifically offer a smaller chassis. The LM is about 6 inches less deep in a rack. This is another switch that was likely created for a few specific deployments.
C9300L all have fixed uplink ports which results in a lower list price. Fixed uplink port models meet the requirements of most access deployments. There is a case to be made regarding fixed uplinks in relation to how many switches you plan to have in a single stack. C9300Ls require an additional stack module to be purchased if you intend to stack. At about 5 switches, your cost becomes lower on a stack of C9300s as you’re paying for 5 additional stack mods for the C9300Ls where that technology is included with the C9300. The performance of the C9300L is of course fantastic and possibly even overkill for most access networks. By the way, C9300Ls and previous gen 3850s offer basically the same performance. Both the C9300L and the 3850s use the same chipset and both offer a switching capacity of 176Gbps and a forwarding rate of 130.95 Mpps.
C9300 is the base replacement of the 3850s. In fact, all of the parts (power supplies, network modules, fans) from a 3850 work in a C9300. The 2 platforms are very close with most of the ‘upgrade’ being marginal performance enhancements, the number of mGig ports, and support for UPoE+.
The number of mGig ports is a simple qualifying question. You simply need as many mGig ports as you need access point connections. I am an mGig fan, but it's first important to know what your cable plant is capable of and then secondly, that your APs have a network interface greater than 1G. CAT5e and CAT6 are based on minimum standards, but newer CAT5e plants might have a bandwidth rating of 500MHz which is equivalent to the standard of CAT6. The value proposition is simple. Without changing your cable plant, you will be able to connect to your APs at up to 10G. This is a huge performance increase considering most APs are connected at only 1G. Its literally 10x throughput improvement. If you have 3800s, 4800s, or the 9100s, and do not have an MGig capable switch, the new APs you have arent being fully utilized. Also keep in mind that newer APs are coming with 2 network interfaces so start thinking about running extra network drops. More information about mGig at New mGig more of a “meh” gig?
The last major differentiating factor is the amount of PoE per port the C9300s are capable of. UpoE+ offers 90 watts per port but seems to be a solution in search of a problem. The picture to the right is from Cisco’s webpage about UPoE+ and is titled Cisco UPOE+ Powered Workspace. It perfectly illustrates how I think most people can benefit… I just haven’t had a client ask me for a switch yet to power their desk and lamp. UPoE+ is being promoted as the market tries to identify what items that also need a network connection could/should draw their power from that network connection. Technologies such as UPoE-powered switches, biometric door locks, network-powered lighting, powered displays, cameras, AV equipment, sensor systems, nurse calling systems, etc. all are great opportunities to reduce cable plants, but even most of these devices don’t require 90W today. UPoE+ is a great enhancement. I just don’t know how many of my clients are looking for this at their access layers.
PoE+ supports 30W per port and UPoE supports 60W per port. For most access switch installations, APs are attached. Included below is a quick chart showing what APs are pulling as well as some of the consequences of not providing enough power to certain APs. I think standardizing UPoE capable ports should protect any investment in APs for the next 5+ years.
If you’re wondering which switch is best for you, please ask your Edgeium representative. Or, if you would like information about anything else, please just ask! You can also view a short video with this explanation on Edgeium's Youtube channel.
Designed to leverage assurance, security, and automation capabilities for the Cisco SD access and DNA center, the Catalyst 9300 Switches set the...
Unfortunately, high hopes won’t get you very far if you’re trying to purchase and install new Cisco before year end. Lead times continue to grow and...
Interested in adding C9300s to the Meraki Dashboard?