Overview of Cisco Catalyst 8000V

The Cisco Catalyst 8000V Edge Software is a virtual router that runs on Cisco IOS XE. Apart from deploying in hypervisors, Cisco Catalyst 8000V can be deployed as a virtual machine in a public cloud such as Google Cloud Platform (GCP).

This guide specifies the deployment procedures and the post deployment configurations for Cisco Catalyst 8000V on GCP. You can choose to deploy Cisco Catalyst 8000V software on new or existing infrastructure, such as a VPC network.

Features Supported

Cisco Catalyst 8000V provides enterprise-class networking services and VPN technologies. The following VPN features are supported on Cisco Catalyst 8000V: IPsec, DMVPN, FlexVPN, and SSLVPN. Further, you can use dynamic routing protocols, such as EIGRP, OSPF, and BGP.

You can secure, inspect, and audit network traffic with the application-aware Zone-Based Firewall. You can also use IP SLA and Application Visibility and Control (AVC) to detect performance issues, fingerprint application flows, and export detailed flow data.

Prerequisites for Deploying Cisco Catalyst 8000V

The following are the prerequisites when deploying a Cisco Catalyst 8000V device on Google Cloud Platform (GCP):

  • You must have a user account or subscription with Google Cloud Platform.

  • Several resources must be deployed before or during the deployment of Cisco Catalyst 8000V.

  • To obtain full traffic throughput, you must obtain a software license for Cisco Catalyst 8000V. Otherwise, the throughput is limited to 10 Mbps in the autonomous mode and 250Mbps in the controller mode.


Note

By default, Cisco Catalyst 8000V boots with Ipbase which includes a minimal set of features only. To use all the features, configure the essentials, advantage, or the premier boot level.

Google Cloud Platform Resources

To deploy a Cisco Catalyst 8000V on Google Cloud Platform (GCP), you must create a project with the following resources: virtual machines, interfaces, VPC networks, routes, public IP addresses, firewall rules, and storage. Resources that exist in different projects can only connect through an external network. For more information on projects, see The Project resource, and Creating and Managing Projects in the Google Cloud Platform (GCP) resource hierarchy.

The following list is a summary of some of the resources that are used by a project for Cisco Catalyst 8000V on Google Cloud Platform:

  • Virtual Private Cloud (VPC) network - connects VM instances and has subnets with defined IP addresses.

  • VM instance - created from a boot disk image. For example, n1-standard-2 (2 vCPUs, 7.5 GB RAM, 2 virtual Network Interface Cards (vNICs)).

  • Subnet - includes a subnet route which is the next hop IP address. The next hop IP address defines a communication path to and from the resources for the subnet.

  • Firewall rules - security rules for the VPC network.

  • Routes - a route maps an IP address range to a destination. This route allows the VPC network to send packets to the correct destination for an IP address. For more information, see Routes Overview.

  • Storage - persistence disk storage that is used to hold disk or container images for VM instances. For more information, see Storage Options.

  • Interfaces - You can assign a public IP address to each network interfaces of a Cisco Catalyst 8000V VM. Usually, a public IP address is assigned to the first interface. All the Cisco Catalyst 8000V VM interfaces are in a private subnet. You can assign the IP address of each private interface using the ip dhcp address command in the interface configuration. Alternatively, you can assign a static IP address using the ip address command. For example, ip address 1.1.1.1 255.255.255.0. If you use a static IP address, ensure that the IP address is the same as the IP address assigned by GCP. Later, to view some details about the interface, use the show ip interface brief command.

Supported Instance Types for Google Cloud Platform

Cisco IOS XE Release

Supported Instance Types

Notes

Cisco IOS XE 17.13.1a

N1: n1-standard-4, n1-standard-8

BYOL only

Cisco IOS XE 17.12.2

Cisco IOS XE 17.12.1a

N1: n1-standard-4, n1-standard-8

BYOL only

Cisco IOS XE 17.11.1a

N1: n1-standard-2, n1-standard-4, n1-standard-8

BYOL only

Cisco IOS XE 17.10.1a

N1: n1-standard-2, n1-standard-4, n1-standard-8

BYOL only

Cisco IOS XE 17.9.4a

Cisco IOS XE 17.9.3a

Cisco IOS XE 17.9.2a

Cisco IOS XE 17.9.1a

N1: n1-standard-2, n1-standard-4, n1-standard-8

BYOL only

Cisco IOS XE 17.8.1a

N1: n1-standard-2, n1-standard-4, n1-standard-8

BYOL only

Cisco IOS XE 17.7.2

Cisco IOS XE 17.7.1a

N1: n1-standard-2, n1-standard-4, n1-standard-8

BYOL only

Cisco IOS XE 17.6.6a

Cisco IOS XE 17.6.5a

Cisco IOS XE 17.6.5

Cisco IOS XE 17.6.4

Cisco IOS XE 17.6.3a

Cisco IOS XE 17.6.2

Cisco IOS XE 17.6.1a

N1: n1-standard-2, n1-standard-4, n1-standard-8

BYOL only

Cisco IOS XE 17.5.1a

N1: n1-standard-2, n1-standard-4, n1-standard-8

BYOL only

Cisco IOS XE 17.4.2

Cisco IOS XE 17.4.1b

Cisco IOS XE 17.4.1a

N1: n1-standard-1, n1-standard-2, n1-standard-4, n1-standard-8

BYOL only

Support for both autonomous and controller modes

Cisco Catalyst 8000V with Two Network Interfaces

This example shows a topology diagram that results after deploying a Cisco Catalyst 8000V device on GCP.

Figure 1. Sample Topology of a Cisco Catalyst 8000V device on GCP

The Cisco Catalyst 8000V VM was created from image "n1-Standard-2" and has two interfaces and two vCPUs. This Cisco Catalyst 8000V instance has a public IP address of 40.121.148.7 for the interface of the first subnet (NIC0). The firewall rule "c8000v-firewallrule-1" is assigned to this interface.


Note
Create a firewall rule to allow traffic to pass in a custom VPC network. Without a firewall rule, by default, all the traffic is blocked.

Licensing

Cisco Catalyst 8000V supports the Bring Your Own License (BYOL) licensing model on GCP under the following licensing types:

  • Cisco Smart Licensing Usage Policy - Cisco Smart Licensing Usage Policy is an evolved version of the existing Smart Licensing model with the overarching objective of providing a licensing solution that does not interrupt the operations of your network. Rather, this model enables a compliance relationship to account for the hardware and software licenses that you purchase and use. To know how to configure and use this licensing type, see Smart Licensing Using Policy for Cisco Enterprise Routing Platforms.

  • Cisco Smart Licensing - If you are a user who has upgraded to Cisco Catalyst 8000V from Cisco CSR1000V or Cisco ISRV, you can continue using Smart Licensing.

    Cisco Smart Licensing assigns a license to the Cisco Catalyst 8000V instances dynamically. This allows you to manage licenses across different Cisco Catalyst 8000V instances without having to lock each license to a specific Cisco Catalyst 8000V UDI serial number. For more information on Cisco Smart Licensing, see Smart Licensing.

The cost of licensing using BYOL in GCP includes the cost of a GCP instance and the cost of a Cisco Catalyst 8000V license.