Nexus 9500 vs Catalyst 9600 or Both?
Overview
Campus LAN and Datacenter applications are hosted in the same MDF with two IDFs to access closets. Currently refreshing a 10 year old network on MMF OM3 10G backbone/distribution network to SMF 100G backbone and 40G distribution. This means refreshing the aged 6504-E L3 Core and Nexus 5548UP L2 that is a distribution layer to access switches 6513/4506-E's. 10G to access for workstations will be a requirement as well. There is 300 users but 90% of the staff is software development with powerful workstations and up to 6 devices at the desk (rest HR, marketing, etc).
A curve ball for all of this is setting up the business to support a zero trust network with segmenting all the users and servers after the refresh once we start analyzing traffic and building security profiles for traffic flows. I'm thinking the catalyst platform could probably do it easier/better.
Advice on what you would select, nexus 9500 or catalyst 9600 at the core, would be helpful to gauge some people's opinions on the platforms.
Design 1
Initially before the catalyst 9600 chassis was announced the design was to collapse the core/distro and move the C6504/NX5548 to a pair of NX9508's and go from VSS to vPC + HSRP. One of the current issues with the 5548 is the customer needs some more density to access, storage, and compute farms. In essence the customer is a flexpod design with cisco UCS and netapp FAS/AFF storage.
Campus LAN and Datacenter
2 x Nexus 9508
10 x 9410R's Catalyst for access
UCS/Netapp farms
Design 2
Instead of a collapsed core divide the networks into two segments datacenter and campus LAN. This design seems a bit much to me to have buy two chassis pair's for 300 users. A single pair of either could handle the network for the next 5-7 years easily.
Campus LAN
2 x Catalyst 9600 Core/distribution in StackWise Virtual setup
10 x 9410R's access.
Datacenter
2 x Nexus 9504 Core/Distribution for datacenter (UCS/ NetApp,DC services)
UCS/Netapp farms
Design 3
Instead of a collapsed core divide the networks into two segments datacenter and campus LAN.
Campus LAN
2 x Catalyst 9600 Core/distribution
10 x 9410R's access.
Datacenter
2 x Nexus 9336C-FX2 Core/Distribution for datacenter (UCS/ NetApp,DC services)
UCS/Netapp farms
Some thoughts after thinking over these initial 3 "designs"
One of the things I'm seeing is having a hybrid campus/datacenter mixes cisco ACI and cisco DNA which means end to end visibility of those features won't be there as a result of having a combined campus LAN & data center.
If I went with a cisco style best practices I would segment the campus LAN and go pure catalyst there and DNA it up. While in the Data center go pure nexus and have ToR switches to each DC rack. It's hard to gauge the expense at the moment but I will get some numbers. It's basically bigger chassis at the core vs more small purpose built switches to segment both. A big chassis is an older traditional design (6500) but it works for this campus size and I foresee it continuing to be fine.
I'll update this thread as I ponder more options/considerations. I'm sure many others have gone through a big ole 6500 VSS migration/refresh with similar thoughts
No comments:
Post a Comment