Welcome to the Cisco Networking Professionals Ask the Expert conversation. This is an opportunity to discuss Catalyst 4500 Series Switches with Cisco expert John Bartlomiejczyk. John is a Senior Technical Marketing Engineer in the Gigabit Systems Business Unit (GSBU), home of the Catalyst 4500. John has been with Cisco for over six years starting as a Systems Engineer in NYC and has held several Technical Marketing Engineering positions supporting the Catalyst 6000/4000 and 8500 over the past 4 years. Feel free to post any questions relating to Catalyst 4500 Series Switches. Remember to use the rating system to let John know if youve received an adequate response.
John might not be able to answer each question due to the volume expected during this event. Our moderators will post many of the unanswered questions in other discussion forums shortly after the event. This event lasts through November 22. Visit this forum often to view responses to your questions and the questions of other community members.
I have a couple of questions. Firstly relating to the CEF capability of Cat4500. Exactly what performance or customer benefits does this technology over considering all routing/classification is handled centrally by the SE4 and there is no distributed switching on the modules ? By the way are there plans to start delivering modules with on board switching capabilities ? Finally, can you please advise on the expected forwarding rate of IPX routing considering its not implemented on the ASICs but in software ?
In general CEF forwarding overcomes the limitations of cache based forwarding schemes( fast switched) where the first packet towards a destination is always process switched and entries are timed out periodically to prevent use of stale information or when an ARP entry or route changes, cache has to be flushed with subsequent performance degradation.
CEF is implemented in HW on the Catalyst 4500 as it is in other Catalyst platforms. So the FIB and adjacency table are downloaded to the hardware where all of the forwarding decisions and actual packet switching is done. This translates into IP L3 switching performance of 48 Million pps w/o the use of intelligent linecards.
One of the major benefits of the Catalyst 4500 familiy is the fact that new capabilites are added via the Supervisor without having to change the linecards, hence the reason why there are no plans to place intelligence on the linecards.
IPX forwarding, which is done in SW, with the current IOS release on the SUpervisor IV, 12.1(12c) EW1 has a SW based IPX forwarding performance of ~ 20 K pps. This will be enhanced in the next release of SW due out towards the end of the year...stay tuned.
Question1:Will cat4500 roadmap integrate NAT feature?
Question2:Does cat4500 engine support DHCP server feature?
NAT is currently not on the roadmap.
DHCP server is also currently not supported. We do support DHCP relay function.
Hi john ,
I am going to install one 4006 switch as a backbone switch in VLAN configuration.There are 6 floors at which one 3550G-48 edge switch at each floor will be uplinked with the 4006 sw on gigabit fiber link.There will a one VLAN per floor.Can you u send me a sample configuration file for layer3 configuration for 4006.Do I need to create subinterfaces per VLAN at each gigabit trunk on the 4006 sw?pls help
National Telephone Services CO. LLC.
I'm assuming you have a Supervisor III in your 4006. From your description, you are configuring a collapsed backbone design with one vlan/subnet per floor. Therefore you would configure the 4006 using a routed interface for each of the Gig E ports connected to the 3550;s. Here is a snip:
description Vlan 10 Floor 10
ip address 10.1.1.1 255.255.255.0
Note, since the ports come up at a layer 2 default, you must use the no switchport interface command to enable the port at Layer 3.
In this case, since each uplink to the 3500's is a separate VLAN ...no need to configure trunking. Please note that in general sub interfaces are not supported or needed on the routed interfaces since the hardware does that function so much better. Heres a snip to configure a dot 1q trunk:
switchport trunk encapsulation dot1q
switchport mode trunk
For the complete documentation for IOS Release 12.1(12c)EW check out:
I have a few more questions relating to L3 performance on the Cat4500....
1. Multicast performance: Is multicast routing implemented in the 4500 ASICs and if so, is multicast packet replication across VLANs also handled by the ASICs or via the CPU ? Are there performance limitations with this capability (ie max number of VLANs to retain wire rate etc.)
2. How many Source/Group multicast pairs are supported by the Cat4500 hardware ?
2. L3 capacity. The datasheet quotes very large numbers for routes, ARPs etc. Are these theoretical numbers or can a Cat4500 actually handle 130K routes ? Does it matter what routing protocols are running at the same time....
sorry about the number of questions...if there is a document explaining these scaling issues please advise
Sorry for delayed response..just got back to my desk..whew. Anyway here goes:
Mcast routing and packet replication is handled in hardware. The packet replication is handled in HW . The actual mechanics of how it is done is complex and involves interaction among several ASIC's. The short answer is the Catalyst 4500 supports a multicast forwarding rate of 21 million pps
Up to 28K IP Mcast(S,G)'s are supported in HW for dense mode and 14K routes in Sparse mode, less because the ( *,G) entry is also programmed
There are a total of 128 K entries in the CEF Hardware tables shared by IP unicast routing protocols and multicast. The routing protocols routing tables provide input into the CEF tables . The CEF Tables are then loaded into the HW for HW based forwarding. So if route 10.1.0.0/16 is generated by EIGRP or OSPF..only 1 entry in the CEF FIB ( Forwarding Information Base) table. Yes we have tested 128 k routes.
i am using cisco 1751 v routers at both the end of our leased line for data and voice. after installation, both voice and data worked for last 6 months without any problem, but from last 4 days we could not transfer data consistently, there is no problem with voice,
most of the time i could not ping other side router/devices from our side, but other side can continuously ping our router only and not other devices. when i reset our router, then it starts working for app. half an hour and then stops pinging, in all these situation our voice commn. works perfectly.
expecting solution from you, thanks.
Not really enough information to help you out. Apparently something has changed within the last 4 days that is affecting your data traffic. When the problems begin, I would do a sh proc cpu...to see what the CPU usage is and if high what process'es are causing it.
I'm going to have to ask you to contact Cisco TAC for a resolution on this one.
We've been using the Cat6K family with great success for a couple of years now and are evaluating the Cat4.5K.
There's an excellent paper on the Cat6K architecture at:
Are similar papers available on the Cat4K/4,5K family, describing the architecture, how switching is performed, how it copes with the inherent overbooking of some line cards etc.?
The 2800W power supply for the 4507R is labeled as accepting a voltage input of 200-240V. The documentation states that it will handle 100-240V. Which is correct? If the supply is only supposed to have 200-240V input, what happens if we try 120V? Will the supplies still be redundant, or will a single pwoer supply lack the drive to power the chassis by itself? We are not running IP phones - 2 SUP4 engines, a GBIC card, a 24 port 100FX-MMF card, 48 port 10/100 card.
BTW - the TAC tells me this is okay, but I just can't get comfortable with this entirely. I'm missing my power cords from the vendor, so I can't plug it in and find out what it will do. I don't want to risk chassis damage, either...
It would be fantastic if the Power Supply could be 120V! We will be running about 125-150 IP Phones out of a 4507R.....Can that run with 120V?
The 2800 watt PS cannot run on 120 V.
The 1300 watt PS can support up to 126 IP phones in redundant mode and 211 IP phones in combined mode.
In redundant mode, the second supply is online and provides half the power the system is using. The Supervisor Engine allocates the total available power to be less than or equal to the power available from a single supply. This provides fault coverage for the complete loss of a power supply.
In combined mode, power available from two supplies is not a mathematical sum of individual power capacity. Tthe Supervisor Engine manages the combined power budget of both supplies in order to provide more power than a single supply.
This capability is only required for powering inline power devices that require more than the 800W of inline power ( -48V) the 1300 watt supply can provide
The doc is incorrect. Please let me know the URL so we can get it corrected. If you had your power cords you would see the connector will not fit into a 120V outlet.
We also have 1300 watt power supplies , which were recently introduced.A combined data and inline 110-220V AC power supply which can provide up to 1000W of 12 V for line cards and Supervisor Engines and up to 800W at 48 V for inline power devices. The maximum combined power of line cards and inline-powered devices cant exceed 1300W.
The URL is
From "Table A-5: 2800W Power Supply Specifications" AC-input voltage: 100 to 120 VAC, 200 to 240 VAC (110% for full range).
Thanks for you help. I'll get with my vendor to exchange for the 1300W supplies. Do you have a Cisco part number for that supply? /Ethan
Hi John, I want to know details of 48pps routing throughput for L3 capa. Does it mean ASIC throughput, how many routing sessions can go through ASIC at the same time? Will the extra route request be dropped?
I have a delimma in my mind - to reduce collision and increase network performance, need to separate network using vlans, but the more vlans could cause the routing bottleneck.
Actually we have a 6509 on hand, do you have any suggestion? thanks!
The Catalyst 4500 architecture supports 32 gigabit non blocking port connections to the forwarding ASIC complex. Each of these ports supports full wire rate ( 64 byte packets) of 1.5 Mpps yielding a Layer 3 forwarding rate of 48 M pps.
Not sure what you mean by routing sessions. The Catalyst 4500 can be configured with each port as a layer 3 port or ports could be grouped together into VLAN's and routing between VLAN's is done by configuring switch virtual interfaces ( SVI's)..eg. Interface VLAN X1..interface VLAN X2. The Catalsyt 4500 can support up to 4,000 VLAN's and 4,000 SVI's. The IP forwarding is done in hardware via CEF ( Cisco Express Forwarding ). The Catalyst 4500 supports
128,000 entries in the HW forwarding table. The forwarding performance is independent of the number of VLAN's.
Hi John, does it mean only 32 routing tunnels are available at the same time connecting to ASIC complex with each tunnel supports 1.5M pps. If there are 4000 users across the 8 VLANs communicate with each others or to the shared servers in specific VLAN, the traffic which need routing will be segmented into queues to use the 32 tunnels if the simultaneous communication pairs is over 32. Though it supports 128K entries in H/W forwarding table, the physical forwarding tunnels are limited by 32, is that right? Thanks!
Sorry for the delay..I was swamped yesterday :(
Let me try to clarify for you. Not sure what you mean by routing tunnels. There are actually 32 physical Gigabit Connections into the Central Switch Engine. Each line card has 6 Gbps ( 12 Gbps Full Duplex) of access into the Supervisor Engine. Plus there are 2 more gigabit connection for uplinks in the Supervisor. Five linecards times 6 Gbps and 2 ports in the Supervisor yields the 32 Gbps physical capacity..each at full line rate or 48 Mpps. The linecards also have front side or user side connections which can be 10/100 or 1000 Mbps connections. For 10/100 cards we use a stub ASIC where a single internal Gigabit port connects to 8 10/100 ports. For a 48 port card there would be 6 of these types of connections.
Now if you have 8 Vlans..plus a Server Vlan and you wanted to route between them, you would define what we call a Switched Virtual interface ( SVI) via CLI command Interface Vlan 2, 3 etc. . Think of the SVI's as being a port on a router that is connected to a layer 2 switch where the specific VLAN is defined. Any number of ports can belong to a VLAN within the physical port limits of the switch.
So lets assume a VLAN2 consists of 2 100 Mb ports on 2 separate linecards in slots say 3 and 4 in a Catalyst 4506. When these users on VLAN 2 want to talk with the Server on Vlan 8, the packets are physically going through 2 separate Gigabit links to the Supervisor Engine, so you can see in this example, 2 users on the same VLAN are using 2 of the 32 internal Gig E ports. or you may have these same 2 users in VLAN 2 on the same linecard, in this case they may both be using the same gig E port connect to the Supervisor.
So to summarize, there are 32 internal physical gigabit connections into the Centralized Switch Engine. These are NOT tunnels. EAch of these internal ports can do full line rate with a total L2/L3 routing performance of 48 Mpps. the cool thing about the Catalyst 4500 is that you can also turn on QOS and Security features and still get the same performance.
Could you be more specific on how the Cat4500 handles switching internally?
I understand, that the 32G you're referring to are the sum of 5 slots with 6G to each slot, and 2G to the Supervisor ports, but how is switching/arbitration handled on the overbooked cards (such as the 48 port 10/100/1000TX card)?
For 10/100 there is no issue, since 48 X 100 Mbps = 4.8 Gig and each module has 6 Gig access into the Switch fabric. Now for 48 X 1000, there is an 8:1 oversubscription factor. However this card is recommended for end users and not Servers, where due to the bursty nature of the traffic oversubscription should not be an issue.
Till now only 'ethernet' vlans are supported in Cat4000IOS. Is there any plan to support other types of vlans like fddi,tokenRing? Coz, this support is available in Catalyst 4000 with SupII.
There are no plans to support this. On Cat OS, the VLAn types may be indicated as FDDI and Token Ring, but there are no FDDI or TR linecards.
I would to know if I can configure a Catalyst 4006 to Upload it Configuration files via TFTP to a server on a given time and dat of each month?
Not inherently within either Cat OS or IOS. Customer normally do this using tools such as Expect Scripts.
The WS-4604-GWY Access Gateway Module which supports the same WIC's ( WAN Interface Card, T-1 / E-1 )and VIC's ( FXS FXO) as the 2600/3600/3700 Routers would be used. In addition to being a PSTN gateway and a WAN access device, it also supports HW based conferencing and transcoding in a Call Manager based VOIP implemenation.
This module will be supported in the next IOS release of the Supervisor III/IV in January 2003 timeframe.
IS IT POSSIBLE TO CONFIGURE HSRP BETWEEN CATALYST 4500 -6500 SERIES
IF IT IS POSSIBLE HOW CAN I CONFIGURE THEM/