Cisco Catalyst 8000V Edge Software Data Sheet
Available Languages
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Cisco Catalyst™8000V Edge Software (Catalyst 8000V) is a virtual machine form-factor cloud router that delivers comprehensive SD-WAN, WAN gateway, and traditional network routing services into virtualized on-premises infrastructures and cloud environments. Using familiar, industry-leading Cisco IOS® XE software networking capabilities, the Catalyst 8000V enables enterprises to transparently extend their WANs into provider-hosted clouds. Managed services providers and public cloud providers can use the Catalyst 8000V to offer enterprise-class networking services to their customers and tenants.
In addition to bringing enterprise-class networking services and security to public cloud environments, the Cisco Catalyst 8000V can be used as a building block for scalable network service offerings. When used as a Network Functions Virtualization (NFV) component, it helps fill roles traditionally reserved for hardware-based devices. Virtualizing these complex functions allows service providers to consolidate numerous instances onto a single server, and to easily scale as new customers come on board or networks are expanded.
The Catalyst 8000V is a member of Cisco’s Catalyst 8000 portfolio of routers and is built on the same proven Cisco IOS XE software used on the physical platforms. This continuity enables the Catalyst 8000V to offer a rich feature set consistent with the physical platforms, including traditional routing capabilities, SD-WAN, VPN, next-generation firewall, Network Address Translation (NAT), Quality of Service (QoS), application visibility, failover, WAN optimization, virtual Route Reflector (vRR), and voice services. This broad suite of functions empowers enterprises and cloud providers to build highly secure, optimized, scalable, and consistent hybrid networks that span branches, data centers, colocation data centers, and public clouds.
Cisco Catalyst 8000V enables you to extend your SD-WAN fabric to colocation centers and public clouds
Cisco Catalyst 8000V can be used to support a rich set of network routing use cases:
● Traditional routing
● Highly secure VPN gateway
◦ NAT gateway
◦ Multiprotocol Label Switching (MPLS)
◦ Layer 3
◦ Layer 2 (virtual machine migration) and Layer 3 (IP mobility) extensions
● Cisco Catalyst SD-WAN
● Next-Generation Firewall (NGFW)
● Multicloud connectivity
● WAN optimization
● Voice services
The sections that follow describe each use case in more detail.
Highly secure VPN gateway
Catalyst 8000V offers route-based IP Security (IPsec) VPNs (DMVPN, FlexVPN, and GetVPN), Layer 7 NGFW, and access control that enables enterprises to connect distributed sites directly to their cloud deployment (Table 1).
Table 1. Catalyst 8000V as a highly secure VPN gateway
| Customer problem |
Features |
Benefits of Catalyst 8000V |
| An enterprise needs to securely connect its premises with its off- premises cloud. A typical large enterprise has a central headquarters, a few regional hubs, two or more data centers, and hundreds to thousands of branch-office sites. The network is either hub-and-spoke or fully meshed. By extending the data center to the cloud, the enterprise wants the cloud to act as another node in its network. |
● IPsec
● DMVPN
● FlexVPN
● GetVPN
● Border Gateway Protocol (BGP)
● Open Shortest Path First (OSPF)
● Enhanced Interior Gateway Routing Protocol (EIGRP)
● NGFW
● Access Control List (ACL)
● Authentication, Authorization, And Accounting (AAA)
● NAT
● Dynamic Host Configuration Protocol (DHCP)
|
●
Ownership: An enterprise can deploy a Catalyst 8000V in the cloud, access its command-line interface (CLI), and manage it using Cisco Catalyst SD-WAN Manager.
●
Smooth connectivity and enterprise-class scalability: With its range of VPN and routing features, the Catalyst 8000V can fit into any enterprise network topology. An enterprise can directly and dynamically connect its distributed sites to its cloud deployment, avoiding the latency caused by the typical backhaul through the data center while overcoming the management complexity of point-to-point IPsec VPNs.
●
Consistent WAN architecture: The Cisco IOS XE software-based Catalyst 8000V complements the new Catalyst 8000 router portfolio as well as existing Cisco
® Aggregated Services Router (ASR) and Integrated Services Router (ISR) deployments. Enterprises can now deploy a Cisco endpoint at every node in their network, allowing for consistent network configuration and security policies across their distributed hybrid networks.
●
Visibility and cost savings: Many public cloud and virtual private cloud services provide VPN functions as a service. Typically, this service is offered as a black box with little visibility into failures and no ability to troubleshoot, and users must pay a monthly or per-tunnel fee. Using the Catalyst 8000V as the VPN termination point in the cloud allows for a familiar platform to monitor and troubleshoot problems and avoids any additional VPN service fees.
|
NAT gateway
Enterprises with private IPv4 subnets that must communicate with the Internet need NAT functionality. The Catalyst 8000V can be used as a NAT gateway to provide the translation between private and public networks. This can be deployed at the branch edge, data center edge, or cloud edge. Most cloud providers do have NAT gateways as an additional service, but if a customer requires a richer set of NAT features as available in physical routers with a high scale, the Catalyst 8000V can be used as a NAT gateway. Similarly, enterprises that are IPv6 only and need to communicate with IPv4 networks can deploy the Catalyst 8000V to provide the NAT64 functionality. Both NAT and NAT64 provide the ability to conserve the public IPv4 addresses by using Port Address Translation (PAT). Other NAT features include Virtual Route Forwarding (VRF) awareness and application layer gateways. For a complete list of NAT features available in Cisco IOS XE software, refer to the Configuration Guide.
Table 2. Cisco Catalyst 8000V as a NAT gateway
| Customer problem |
Features |
Benefits of Cisco Catalyst 8000V |
| An enterprise needs to provide connectivity between IPv4 private and public networks. |
● NAT
|
● NAT provides the translation between the private and public IPv4 networks, and PAT can help conserve the public IPV4 addresses by using TCP/UDP ports to distinguish the flows.
|
| An enterprise needs to provide connectivity between IPv6-only and IPv4 networks. |
● NAT64
|
● NAT64 provides the translation between IPv6-only networks and IPv4-only networks or the public IPv4 Internet. IPv4 address overloading (PAT) helps to conserve the public IPv4 addresses.
|
MPLS WAN endpoint
The Cisco Catalyst 8000V can serve as an MPLS router, meaning a service provider can offer end-to-end managed connectivity (customer site to customer cloud deployment) with performance guarantees. Also, by extending the MPLS WAN deeper into the cloud network, the service provider can increase network scale, serving more tenants and more networks per tenant (Table 3).
Table 3. Cisco Catalyst 8000V as an MPLS WAN endpoint
| Customer problem |
Features |
Benefits of Cisco Catalyst 8000V |
| A service provider needs to extend MPLS connectivity to its customers’ cloud segments. Service providers that offer managed connectivity services to businesses want to help their customers connect with off- premises clouds. To provide end-to-end connectivity, the service providers want to extend their private MPLS WANs into the clouds, right up to the edge of the customers’ segments within the clouds. |
● MPLS VPN
● VRF
● BGP
● Generic Routing Encapsulation (GRE)
● QoS
● IP SLA
|
●
MPLS extension within a cloud: A service provider can manage the cloud connectivity of its customers and offer performance and reliability guarantees with the help of a dedicated Catalyst 8000V (serving as a customer-edge router) per customer.
●
Intracloud scale: A typical cloud network is highly switched. A router hands off incoming traffic to a group of switches, which assigns the traffic to customer VLANs. In this network architecture, the cloud provider cannot scale beyond 4096 VLANs per router, limiting the number of customers it can support. The Catalyst 8000V, serving as a customer-edge or provider-edge extension, can help overcome these scale limitations by creating routing overlays within the cloud, minimizing the providers’ dependence on VLANs.
|
Layer 3 vRR
The Catalyst 8000V can be deployed as a virtual Route Reflector (vRR) to simplify the routing adjacencies required in larger networks. Because route reflection is a process-intensive (but not throughput-intensive) application, many instances of route reflectors may be consolidated onto a single server running multiple Catalyst 8000V routers. This approach significantly reduces the physical footprint, power, cooling, and cabling overhead of maintaining numerous physical route-reflector systems.
A Catalyst 8000V-based route reflector with 16 GB of memory can maintain up to 24 million IPv4 routes or up to 21 million IPv6 routes.
Layer 2 (virtual machine migration) and Layer 3 (IP mobility) extensions
LISP, OTV: The Cisco Catalyst 8000V offers features such as Locator/ID Separation Protocol (LISP) and NAT that allow an enterprise to maintain addressing consistency across premises and cloud as it moves applications back and forth or bursts compute capacity into the cloud. The Overlay Transport Virtualization (OTV) and Virtual Private LAN Services (VPLS) features of the Catalyst 8000V allow an enterprise to extend VLAN segments from its data center into the cloud for server backup, disaster recovery, and compute scale (Table 4).
Table 4. Cisco Catalyst 8000V as a Layer 2 or Layer 3 extension
| Customer problem |
Features |
Benefits of Cisco Catalyst 8000V |
| An enterprise needs to maintain IP addressing consistency when moving an application from its data center into an off-premises cloud, and does not want to reconfigure its application when doing so. Change in the address of the application affects connectivity with the user accessing the application. |
● LISP
|
● IP mobility: The cloud-based Catalyst 8000V can serve as a LISP router, building a tunnel with a LISP-enabled router in the enterprise’s data center so an application can be migrated across the tunnel with a fixed identifier.
|
| An enterprise needs to replicate its virtual machines (for application servers, web servers, etc.) in an off-premises cloud, in order to migrate or back up virtual machines. |
● OTV
|
● Virtual machine migration: The cloud-based Catalyst 8000V can serve as an OTV router, building a bridge with an OTV-enabled router in the enterprise’s data center so that a VLAN can be extended to the cloud.
|
Virtual Extensible LAN (VXLAN) gateway: The Catalyst 8000V can participate in a VXLAN network, serving as a VXLAN Tunnel Endpoint (VTEP) and therefore as a termination point for VXLAN Network Identifiers (VNIs). For large data center and service provider networks, this feature allows for greatly increased scalability in the number of simultaneously operating isolated tenant networks. After a VNI is terminated by the Catalyst 8000V, its traffic can be Layer 3 routed or Layer 2 bridged to other VXLAN or non-VXLAN networks (Table 5).
Table 5. Cisco Catalyst 8000V as VXLAN gateway
| Customer problem |
Features |
Benefits of Cisco Catalyst 8000V |
| A service provider needs to support many tenants on a given infrastructure. Service providers—particularly those offering private cloud services—routinely create and manage many thousands of isolated networks for tenants. VLAN tagging has, in the past, been the typical technology used to isolate and extend a Layer 2 network from the physical network into a tenant’s private cloud. VLAN tagging imposed a limit of 4094 VLAN identifiers, limiting the utility of any given Layer 2 infrastructure. |
● VXLAN gateway
● VXLAN multicast and unicast modes
● VXLAN with VRF
|
● Expanded scale for service provider networks: VXLAN supports millions of network identifiers and allows service providers to deploy a greatly increased number of tenants on their existing infrastructure. The Catalyst 8000V can be deployed as a single-tenant VXLAN gateway, allowing tenants to enjoy their own dedicated VXLAN gateway node. It can also be deployed in a more cost-effective manner as a multitenant VXLAN gateway node, terminating VNIs for many tenants with a single Catalyst 8000V instance.
|
Cisco Catalyst SD-WAN is a set of intelligent software services that allows you to connect users, devices, branch office locations, and cloud deployments reliably and securely across a diverse set of WAN transport links. SD-WAN-enabled routers like the Catalyst 8000V dynamically route traffic across the “best” link based on up-to-the-minute application and network conditions for great application experiences. You get tight control over application performance, bandwidth usage, data privacy, and availability of your WAN links.
The Catalyst 8000V is optimized for Catalyst SD-WAN. For enterprises, this means that business-critical applications run faster, with more reliability and reduced Operating Expenditures (OpEx). SD-WAN achieves this by giving all branches, data centers, and cloud deployments the ability to monitor, control, move, and report on streams of application data, such as specific web (HTTP) traffic. The Catalyst 8000V has deep packet inspection capability and can accurately identify and control thousands of different applications, including custom in-house enterprise applications.
The entire Catalyst SD-WAN implementation can be managed from either the cloud or on-premises-based management software, through multiple levels of throughput-based licenses. The license tiers are structured to support the growth in business needs through simple subscriptions that help simplify the journey to intent-based networking for the WAN.
Table 6. Cisco Catalyst 8000V enables SD-WAN deployments
| Customer problem |
Features |
Benefits of Cisco Catalyst 8000V |
| As a network operator in a growing enterprise, I need to:
● Securely onboard and manage tens of thousands of network devices across sites worldwide
● Reduce my network management costs
● Increase agility in reacting to evolving network needs
● Reduce complexity in operations and bring about consistency in configurations of network devices
● Seamlessly extend the enterprise network into workloads deployed in multiple public Infrastructure-as-a-Service (IaaS) clouds
● Monitor the network using a single pane of glass
|
● Deployments in on-premises locations, middle-mile colocation data centers, and public clouds
● Centralized management of Catalyst 8000V via Catalyst SD-WAN Manager
|
● Extend the enterprise’s SD-WAN fabric to include cloud deployments.
● Business-critical applications no longer need to contend with each other or with traffic that should be served on a best-effort basis.
● The enterprise network becomes more reliable because multiple paths can be used.
● Costs are greatly reduced because dual MPLS links can be replaced with a mix of MPLS and Internet.
● The time required to bring up new remote sites is dramatically reduced because the SD-WAN supports rapidly deployed DSL and 3G/4G LTE/5G connections as easily as it does MPLS.
● Security is assured across these connections using a zero-touch secure VPN technology used by governments and finance organizations worldwide.
|
You can now move your traditional and complex WAN networks to a more agile SD-WAN with integrated security. The Catalyst 8000V connects branch offices to the Internet and cloud, with industry-leading protection against major web attacks. Secure Direct Internet Access (DIA) to the branches helps optimize branch workloads for improved performance, specifically for cloud-hosted applications. At the same time, DIA helps ensure that your branch is protected from external threats.
Table 7. NGFW support in Catalyst 8000V
| Customer problem |
Features |
Benefits of Cisco Catalyst 8000V |
|
● An enterprise needs to secure the WAN network connections in its branches from external threats.
● It needs to isolate network traffic based on identity, applications, and destinations and meet security compliance guidelines.
|
Catalyst NGFW with:
● Stateful inspection
● Intrusion detection and prevention (IPS/IDS)
● URL filtering
● Advanced malware protection
● Identity-based filtering
● TLS decryption
|
● DIA: Secure Direct Internet Access for an improved branch-office user experience.
● Guest access: Offload guest Internet traffic from the corporate WAN with enhanced security.
● Direct cloud access: Offload Software-as-a-Service (SaaS) traffic from premium WAN connections and improve application experience.
● Payment Card Industry (PCI) compliance: Protect sensitive information against data breaches (such as cardholder or patient information).
|
Automated deployments of the Catalyst 8000V in different public clouds enable enterprises to extend their WAN.
Table 8. Cisco Catalyst 8000V enables rapid connectivity to multiple public clouds
| Customer problem |
Features |
Benefits of Cisco Catalyst 8000V |
| As a network operator in a growing enterprise, I need to:
● Set up cross-cloud connectivity using middle-mile providers
● Use backbone networks of public cloud providers for low-latency global connectivity
|
● Cloud OnRamp automation in Catalyst SD-WAN Manager
|
● Set up multicloud connectivity in minutes.
|
Catalyst 8000V in SD-WAN mode includes an Application Quality of Experience (AppQoE) solution that offers a suite of capabilities that help overcome WAN link limitations and optimizes your network and application performance:
● TCP optimizations address latency issues.
● Bandwidth optimizations are achieved with Data Redundancy Elimination (DRE) and LZW compression.
● Link integrity challenges are mitigated using Forward Error Correction (FEC) and Packet Duplication (PD).
Table 9. Cisco Catalyst 8000V support for AppQoE
| Customer problem |
Features |
Benefits of Cisco Catalyst 8000V |
| High latency and loss in the WAN link are affecting my network performance. |
TCP optimization via:
● FEC
● PD
|
● Reliable transmission and increased throughput over the WAN link.
|
| The applications in my network are underperforming due to low-bandwidth WAN links. |
TCP optimization via:
● DRE
● LZW compression
|
● Efficient transmission of large amount of data over the WAN.
|
The Catalyst 8000V includes the CUBE (Cisco Unified Border Element) feature set, offering rich voice services in both Catalyst SD-WAN and traditional Cisco IOS XE software feature stacks. This provides the ability to bridge voice and video connectivity between two separate voice over IP (VoIP) networks, and also helps connect enterprise networks to Internet Telephony Service Providers (ITSPs).
For more details see the Cisco Unified Border Element webpage.
Cisco IOS XE software advantages
The Catalyst 8000V contains the same operating system—Cisco IOS XE—that runs inside the Catalyst 8000 product family. Providing control- and data-plane separation, multicore forwarding, and a modular architecture that allows for smooth insertion of networking features, it is well-suited for dynamic cloud environments. Cisco IOS XE is based on the stable, robust, and feature-rich Cisco IOS software that has powered Cisco ISRs and other hardware routers in demanding enterprise, service provider, and government networks for more than two decades.
Key benefits of Cisco IOS XE include:
● Proven functions with industry-leading Cisco IOS networking and security features.
● Operational efficiency through rapid integration into any Cisco IOS environment, such as a branch office, WAN, data center, colocation facility, or cloud.
● Consistent user experience: Cisco IOS XE uses the same Cisco IOS CLI and management tools available across the Cisco Catalyst 8000 Edge platforms family.
Table 10. Catalyst 8000V product specifications
| Feature |
Description |
| Cisco IOS XE software version |
● IOS XE Release 17.4.1 or later
● IOS XE Release 17.7.1 or later for Cisco DNA Software tier-based licensing
|
| Virtual machine supported configurations |
●
vCPU: 2, 4, 8, or 16 cores
●
Memory: 4, 8, or 16 GB (minimum 8 GB required for NGFW; 8 GB recommended for SD-WAN)
●
Disk: 8 or 16 GB (minimum 600 GB required for AppQoE)
|
| CPUs |
● Intel
® Xeon
® family – based on Intel x86 instruction set
● Intel Atom family – based on Intel x86 instruction set
|
| Network interface cards (NICs) (see configuration guide for support matrix) |
● Intel E810
● Nvidia Mellanox ConnectX-5
● Intel X700, X500, i350 – select models
|
| I/O modes |
● Single-root I/O virtualization (SR-IOV) – select NICs
● Paravirtual – VirtIO, VMware VXNET3
● PCI pass-through
● AWS Enhanced Networking Adapter
● Azure Accelerated Networking
● DPDK acceleration for VirtIO in KVM hypervisors
|
| NIC drivers |
For SR-IOV support:
● Intel: I40EVF, IAVF, IXGBEVF, IGBVF
● Nvidia Mellanox: CX5VF
|
| On-premises hypervisors |
KVM
● Cisco NFVIS: 4.4.x or later
●
Redhat Enterprise Linux: 9.x, 8.x, 7.x
● SUSE Linux Enterprise Server: 15.x
● Ubuntu: 16.04 LTS
OpenStack
● Cisco Virtualized Infrastructure Manager 4.2 (VIM) based on OpenStack Train
● Redhat OpenStack Platform 16.1 (RHOSP) based on OpenStack Train
VMware
● VMware ESXi: 8.x, 7.x
|
| Public clouds |
Commercial
● Amazon Web Services (AWS): Pay As You Go (PAYG), Bring Your Own License (BYOL)
● Microsoft Azure: PAYG, BYOL
● Google Cloud Platform (GCP): BYOL
● Alibaba Cloud: BYOL
Sovereign
● Amazon AWS GovCloud: BYOL
● Microsoft Azure for US Government: BYOL
China
● Alibaba Cloud: BYOL
● Amazon AWS China: BYOL
● Microsoft Azure China: BYOL
|
| Middle-mile providers |
● Equinix
● Megaport
|
| Management |
● Cisco Catalyst SD-WAN Manager
● Standalone Cisco IOS XE CLI, REST, NETCONF
|
| Number of interfaces supported |
● KVM: Maximum of 26
● VMware ESXi: Maximum of 8
● Public clouds: Depends on instance size up to maximum of 8
|
| Deployment modes |
● SD-WAN “Controller” mode for SD-WAN capabilities
● Autonomous mode for traditional routing capabilities
◦ Managed as a standalone device ◦ Managed by Catalyst SD-WAN Manager controller software, aka SD-Routing mode |
Note:
● You may be able to run Cisco Catalyst 8000V Edge Software on other combinations of operating system hypervisors, hypervisor versions, NICs, CPU families, and VM resource configurations that are not listed in the table above. All such deployments will fall under the noncertified support model whereby Cisco may request you to reproduce the reported issue on a supported configuration.
Table 11. Catalyst 8000V on-premises CPU core allocation guidance
| Throughput |
Packet forwarding (Cisco Express Forwarding, unencrypted) |
Encrypted ‒ IPsec |
SD-WAN with IQDF* |
SD-WAN with NGFW# |
| 50 Mbps |
2 cores |
2 cores |
2 cores |
4 cores |
| 500 Mbps |
2 cores |
2 cores |
2 cores |
4 cores |
| 2 Gbps |
2 cores |
2 cores |
2 cores |
8 cores |
| 5 Gbps |
2 cores |
2 cores |
4 cores |
16 cores |
| 10 Gbps |
2 cores |
8 cores |
8 cores |
‒ |
| 20 Gbps |
2 cores |
16 cores |
16 cores |
‒ |
| 30 Gbps |
2 cores |
16 cores |
16 cores |
‒ |
| 40 Gbps |
2 cores |
16 cores |
‒ |
‒ |
Notes:
● Packet size: 1400 bytes for encrypted traffic, 1500 bytes for unencrypted traffic.
● *IQDF = IPsec + QoS + DPI + FNF
◦ QoS = Quality of service
◦ DPI = Deep packet inspection
◦ FNF = Flexible NetFlow
● #100% DIA traffic with FW + NAT + IPS + URLF + AMP with EMIX packet size.
◦ FW = Firewall zone based
◦ IPS = Intrusion prevention system
◦ URLF = URL filtering
◦ AMP = Advanced malware protection
◦ EMIX = Enterprise mix of network traffic of different packet sizes
● Based on benchmarking on server with Intel Xeon Ice Lake 2.8-GHz processor with no hyperthreading and using SR-IOV connectivity to the NIC. Your actual throughput may be different and depends on CPU family, CPU clock speeds, hypervisor, NIC, and NIC connectivity.
Table 12. Catalyst 8000V in Amazon Web Services ‒ recommended compute instance
| Throughput |
Packet forwarding (Cisco Express Forwarding, unencrypted) |
Encrypted ‒ IPsec |
SD-WAN with IQDF* |
SD-WAN with NGFW# |
| 50 Mbps |
c6in.large |
c6in.large |
c6in.large |
c6in.2xlarge |
| 500 Mbps |
c6in.large |
c6in.large |
c6in.large |
c6in.2xlarge |
| 2 Gbps |
c6in.large |
c6in.large |
c6in.large |
c6in.8xlarge |
| 8 Gbps |
c6in.large |
c6in.2xlarge |
c6in.2xlarge |
coming soon |
| 19 Gbps |
c6in.2xlarge |
c6in.8xlarge |
c6in.8xlarge |
- |
Notes:
● Packet size: 1400 bytes for encrypted traffic, 1500 bytes for unencrypted traffic.
● *IQDF = IPsec + QoS + DPI + FNF
◦ QoS = Quality of service
◦ DPI = Deep packet inspection
◦ FNF = Flexible NetFlow
● #100% DIA traffic with FW + NAT + IPS + URLF + AMP with EMIX packet size.
◦ FW = Firewall zone based
◦ IPS = Intrusion prevention system
◦ URLF = URL filtering
◦ AMP = Advanced malware protection
◦ EMIX = Enterprise mix of network traffic of different packet sizes
● See Catalyst 8000V Configuration Guide Compatibility Matrix in Public and Sovereign IaaS Clouds chapter for all supported compute instances.
● Your actual throughput performance may be different and depends on the cloud provider’s infrastructure.
Table 13. Catalyst 8000V in Microsoft Azure ‒ recommended compute instance.
| Throughput |
Packet forwarding (Cisco Express Forwarding, unencrypted) |
Encrypted ‒ IPsec |
SD-WAN with IQDF* |
SD-WAN with NGFW# |
| 50 Mbps |
D2 v2 |
D2 v2 |
D2 v2 |
D4 v2 |
| 500 Mbps |
D3 v2 |
D2 v2 |
D2 v2 |
D4 v2 |
| 2 Gbps |
D3 v2 |
D3 v2 |
D3 v2 |
coming soon |
| 5 Gbps |
D4 v2 |
D4 v2 |
D4 v2 |
- |
| 10 Gbps |
D16 v5 |
D16 v5 |
D16 v5 |
- |
Notes:
● Packet size: 1400 bytes for encrypted traffic, 1500 bytes for unencrypted traffic.
● *IQDF = IPsec + QoS + DPI + FNF
◦ QoS = Quality of service
◦ DPI = Deep packet inspection
◦ FNF = Flexible NetFlow
● #100% DIA traffic with FW + NAT + IPS + URLF + AMP with EMIX packet size.
◦ FW = Firewall zone based
◦ IPS = Intrusion prevention system
◦ URLF = URL filtering
◦ AMP = Advanced malware protection
◦ EMIX = Enterprise mix of network traffic of different packet sizes
● See Catalyst 8000V Configuration Guide Compatibility Matrix in Public and Sovereign IaaS Clouds chapter for all supported compute instances.
● Microsoft Azure “Accelerated Networking” setting is recommended for optimal performance.
● Your actual throughput performance may be different and depends on the cloud provider’s infrastructure.
Cisco Catalyst 8000V is offered with Cisco DNA Software subscription licenses that are based on feature package, throughput tier, and term.
| Feature packages supported: |
Cisco DNA Essentials, Cisco DNA Advantage |
| Throughput tiers: |
Tier 0, 1, 2, 3, or 4 |
| Term durations: |
3, 5, or 7 years |
Refer to Cisco DNA Software SD-WAN and Routing Matrices for a comprehensive list of features available in the Catalyst 8000V enabled by Cisco IOS XE software.
The following exceptions are noted:
● Catalyst 8000V can also be used as a virtual route reflector.
● You can use VMware vCenter to manage the lifecycle of the Catalyst 8000V on VMware ESXi hypervisor software.
Catalyst 8000V virtual router instances use the Cisco Smart Licensing Using Policy licensing framework.
To place an order for Cisco DNA Software subscription licenses, visit Cisco Ordering. To download software, visit Cisco Software Download Center.
Options for ordering the Catalyst 8000V Edge Software depend on where you plan to deploy the software. Table 14 describes the ordering choices.
Table 14. Buying options for Catalyst 8000V, based on where deployed
| Deployment location |
Buying options |
| On-premises |
Buy Cisco DNA Software subscriptions. Buying models supported are:
● Individual Cisco DNA Software subscriptions
● Enterprise Agreements
● Managed Services License Agreements
● Whole Portfolio Agreements
|
| Colocation data centers |
Buy Cisco DNA Software subscriptions. Buying models supported are:
● Individual Cisco DNA Software subscriptions
● Enterprise Agreements
● Managed Services License Agreements
● Whole Portfolio Agreements
Cisco has partnerships with Equinix and Megaport. Refer to their websites for ordering details. |
| Air-gapped environments offered only to Department of Defense (DoD) customers |
Buy Cisco DNA Software subscriptions. Contact Cisco Sales for ordering details. |
| Public cloud – Amazon Web Services (AWS) |
Two choices:
●
Bring your own license (BYOL): Buy Cisco DNA Software subscriptions from Cisco and use them in the cloud by using the Catalyst 8000V BYOL listing in AWS Marketplace.
●
Pay as you go (PAYG): Buy Catalyst 8000V with an hourly price via the PAYG listings in AWS Marketplace.
|
| Public cloud – Microsoft Azure |
Two choices:
●
Bring your own license (BYOL): Buy Cisco DNA Software subscriptions from Cisco and use them in the cloud by using the Catalyst 8000V BYOL listing in Azure Marketplace.
●
Pay as you go (PAYG): Buy Catalyst 8000V with an hourly price via the PAYG listings in Azure Marketplace.
|
| Public cloud – Google Cloud Platform (GCP) |
Bring Your Own License (BYOL): Buy Cisco DNA Software subscriptions from Cisco and use them in the cloud by using the Catalyst 8000V BYOL listing in GCP Marketplace. |
| Public cloud – Alibaba |
Bring Your Own License (BYOL): Buy Cisco DNA Software subscriptions from Cisco and use them in the cloud by using the Catalyst 8000V BYOL listing in GCP Marketplace. |
| Public clouds in China:
● Amazon AWS China
● Microsoft Azure China
● Alibaba China
|
Bring Your Own License (BYOL): Buy Cisco DNA Software subscriptions from Cisco and use them in the cloud by using the Catalyst 8000V BYOL listing in the cloud marketplace. |
| Sovereign clouds:
● Amazon AWS Government Cloud (IL5)
● Microsoft Azure GovCloud (IL5)
|
Bring Your Own License (BYOL): Buy Cisco DNA Software subscriptions from Cisco and use them in the cloud by using the Catalyst 8000V BYOL listing in the cloud marketplace. |
All Cisco DNA Software subscriptions include access to software upgrades for the duration of your subscription term.
When ordering Cisco DNA Software subscriptions, or at any time after ordering, you can optionally choose to buy support coverage that enables you to call the Cisco Technical Assistance Center (TAC) for help.
Support contract terms are independent from the license subscription terms and may terminate later than the end date of your license subscription.
If you need support for your Catalyst 8000V Edge Software bought under the PAYG hourly model in Amazon AWS and Microsoft Azure cloud marketplaces, you can buy
L-CSR-SVC-C8KV-AD= or L-CSR-SVC-C8KV-ES= support contracts. Contact your local Cisco Sales team for help.
Flexible payment solutions to help you achieve your objectives
Cisco Capital® financing makes it easier to get the right technology to achieve your objectives, enable business transformation, and stay competitive. We can help you reduce the total cost of ownership, conserve capital, and accelerate growth. In more than 100 countries, our flexible payment solutions can help you acquire hardware, software, services, and complementary third-party equipment in easy, predictable payments. Learn more.
● Cisco Catalyst 8000V Edge Software home page
● Cisco DNA Software for SD-WAN and Routing ordering guide
● Cisco DNA Software SD-WAN and Routing Feature Matrix
● Cisco Catalyst 8000V Edge Software data sheet (this document)
● Cisco Catalyst 8000V Edge Software release notes
● Cisco Catalyst 8000V Edge Software Installation and Configuration Guide
● Troubleshooting Guide for Cisco Catalyst 8000V Edge Software
● Smart Licensing Using Policy for Cisco Enterprise Routing Platforms
● Cisco Software Download Center
● Compatibility Matrix for Cisco Catalyst 8000V in Public and Sovereign IaaS Clouds
● Cisco Catalyst 8000V listings in Amazon AWS Marketplace
● Cisco Catalyst 8000V listings in Amazon AWS China Marketplace
● Cisco Catalyst 8000V listings in Microsoft Azure Marketplace
● Cisco Catalyst 8000V listings in Microsoft Azure China Marketplace
● Cisco Catalyst 8000V listings in Google GCP Marketplace
● Cisco Catalyst 8000V listings in Alibaba Cloud Marketplace
● Cisco Catalyst 8300 Series Edge uCPE platform data sheet
● Cisco Catalyst 8200 Series Edge uCPE platform data sheet
● Cisco Catalyst SD-WAN Manager orchestrator software
Table 15. Document history
| Date |
Change notes |
| November 04, 2024 |
Version 3:
● Update diagram to reflect Catalyst 8000V product name.
● Added list of network routing features.
● Updated product specifications table.
● Added performance guidance table for on-premise and cloud deployments.
● Added guidance for ordering based on where the virtual router will be deployed.
|
| October 13, 2023 |
Version 2. |
| November 12, 2021 |
Initial launch. |