Upgrade guide from Cisco Catalyst 3650/3850 Series to Catalyst 9300 Series
Cisco public
Purpose of this guide
This document is intended to help network planners and engineers who are familiar with the Cisco Catalyst 3650/3850 Series in deploying the Cisco Catalyst 9300 Series switches in the enterprise networking environment.
The document visually depicts an upgrade path, showing Cisco Catalyst 3650 Series and Cisco Catalyst 3850 Series switches transitioning to Cisco Catalyst 9300 Series switches, specifically highlighting C9300L fixed uplink models and C9300 modular uplink models, as well as C9300-Mini and C9300LM series.
Introduction
The new Cisco® Catalyst® 9000 switching family represents the next generation in the legendary Cisco Catalyst line of enterprise LAN access, aggregation, and core switches. Within this family, the Cisco Catalyst 9300 Series switches stand out as Cisco’s leading fixed enterprise switching access platform, engineered for security, IoT, and cloud integration.
Why upgrade?
The Cisco Catalyst 9300 Series switches are Cisco's premier fixed enterprise switching access platform, designed for security, mobility, IoT, and cloud environments. They serve as the foundational building block for Cisco Software-Defined Access (SD-Access), Cisco's leading enterprise architecture.
The Cisco Catalyst 9300 Series is notable as the industry's first optimized platform for WiFi-6/WiFi-6E and 802.11ac Wave 2. It supports 2.5G, 5G, and Multigigabit downlinks, along with 802.3 BT compliant power up to 90W PoE (Cisco UPOE®+). This series offers support for the highest density of WiFi-6/WiFi-6E and 802.11ac Wave 2 access points (up to 48) within a single Rack Unit (RU) box. The Cisco Catalyst 9300 Series boasts the most flexible uplink architecture: 9300X models support Multigigabit, 10Gbps, 25Gbps, 40Gbps, and 100Gbps uplinks, while C9300 modular uplink models support 1 Gbps, Multigigabit, 25Gbps, and 40 Gbps uplinks. The platform also features a flexible downlink architecture with fiber ports supporting 1G/10G/25G speeds and Multigigabit (1G/2.5G/5G/10G) copper ports, delivering the industry's highest 1Tbps stacking bandwidth. The Cisco StackWise®-1T architecture provides exceptional scale (up to 448 ports per stack) and deployment flexibility, complemented by robust Nonstop Forwarding (NSF)/Stateful Switchover (SSO) resiliency for stackable solutions.
Furthermore, the Cisco Catalyst 9300 Series features a highly resilient and efficient power architecture leveraging Cisco StackPower® technology, which enables a high density of Cisco UPOE+, UPOE, and PoE+ ports. These switches provide superior PoE resiliency capabilities, including Perpetual and Fast PoE, making them ideal for Smart Building deployments. They are equipped with the industry's most efficient power supplies.
The Cisco Catalyst 9300 Series Switches are built upon the latest Cisco Unified Access® Data Plane 2.0 (UADP 2.0) Application-Specific Integrated Circuit (ASIC) for 9300 (Modular and Fixed uplink models) and the Cisco UADP 2.0sec ASIC for 9300X models. These are powered by an x86-based CPU running on open Cisco IOS® XE Software, a converged operating system. This combination delivers model-driven programmability, streaming telemetry, third-party container-based app hosting, application visibility, enhanced security with 256-Bit MACsec link encryption, Hardware Layer 3 encryption (IPSEC) up to 100G, and Encrypted Traffic Analytics (ETA). They offer higher bandwidth uplinks and a more advanced operating system compared to the Cisco Catalyst 3850 or 3650 Series switches.
System hardware
The Cisco Catalyst 9300 Series is based on Cisco's UADP ASIC architecture and an x86 CPU architecture. Specifically, 9300X models utilize the Cisco UADP 2.0sec ASIC, while 9300 modular uplinks and fixed uplinks models use the UADP 2.0 ASIC. The platform also offers options for additional internal and external storage up to 240GB SSD, enabling the device to host containers and run third-party applications and scripts natively within the switch. Tables 1 and 2 detail some of the system hardware differences between the Cisco Catalyst 3850 Series and Catalyst 9300 Series.
Table 1. Comparison of Cisco Catalyst 3650 Series and Catalyst 9300 - fixed uplink C9300L hardware
| Catalyst 3650 Series | Catalyst C9300-C9300L/C9300LM SKUs | |
|---|---|---|
| CPU | Quad-core | x86 Quad-core |
| DRAM | 4 GB | 8 GB |
| Internal flash | 2/4 GB | 16 GB |
| External storage | 16 GB | 240 GB |
Table 2. Comparison of Cisco Catalyst 3850 Series and Catalyst 9300 Series - modular uplink C9300 hardware
| Catalyst 3850 Series | Catalyst 9300 - C9300 SKUs | |
|---|---|---|
| CPU | Quad-core | x86 Quad-core |
| DRAM | 4 GB | 8 GB/16G (9300X models) |
| Internal flash | 2/4/8 GB | 16 GB |
| External storage | 16 GB | 240 GB |
System default behavior
The system default behavior on the Cisco Catalyst 9300 Series closely mirrors that of the Cisco Catalyst 3650/3850 Series. For instance, interfaces default to Layer 2 switch port mode, IP routing is disabled, and the management interface resides in a dedicated Virtual Routing and Forwarding (VRF) instance. A key difference emerges in the control plane policy when comparing the Catalyst 3650/3850 Series running Release 3.X.
Control Plane Policing (CoPP): CoPP is enabled by default on the Cisco Catalyst 9300 Series, featuring default policing rates optimized for typical campus environments. These rates can be adjusted or disabled based on specific application needs. In contrast, CoPP is not enabled by default on the Cisco Catalyst 3650/3850 Series (Release 3.X). However, the system provides a macro to define different classes, allowing users to specify policing rates for various classes.
High availability – StackWise-1T/480/320 and StackPower Plus
The Cisco Catalyst 9300 Series offers robust high availability features, building upon the capabilities of the Cisco Catalyst 3650/3850 Series with enhanced stack bandwidth. Catalyst 9300X models support Stackwise-1T, while Cisco Catalyst 9300 Series switches with Modular uplinks support Stackwise 480. Switches with fixed uplinks (9300L/9300LM) support Stackwise-320. In StackWise-1T/480/320 configurations, up to eight switches can be stacked to form a single logical switch, with both SSO and NSF mechanisms supported during failovers. The Catalyst 9300 series supports Extended Fast Software Upgrade (xFSU), which reduces traffic downtime to less than 30 seconds – a capability not present in the Catalyst 3850/3650 series. For customers migrating from 3850 Series stacks to Catalyst 9300 Series stacks, the same stacking cables can be used. However, for customers migrating from Catalyst 3650 Series stacks to C9300L/C9300LM stacks, an optional stack kit must be ordered separately for Stackwise-320.
The Cisco Catalyst 9300 Modular uplink models support the Cisco StackPower feature, and 9300X models support StackPower Plus for power redundancy, allowing up to four switches to be stacked in either combined or redundant mode. In an eight-member stack, two power stacks of four switches each can be configured for power redundancy. Tables 3 and 4 compare the power redundancy features of the Cisco Catalyst 3650/3850 Series and Catalyst 9300 Series. Note that Cisco Catalyst 9300 Series switches with fixed uplinks (C9300L/C9300LM) do not support StackPower.
Table 3. Comparison of Cisco Catalyst 3850 Series and 9300 Modular Uplinks power redundancy
| Catalyst 3850 Series | Catalyst 9300 Series - C9300 SKU's | |
|---|---|---|
| Stackwise-1T | NA | 8 (9300X models) |
| StackWise-480 | 8 or 9, depending on the model | 8 |
| StackPower | 4 | 4 |
| Number of power supply slots | 2 | 2 |
| Power supplies | 350W AC 715W AC 1100W AC 715W DC |
350W AC 715W AC 1100W AC 715W DC 1900W AC |
Table 3 (Continued). System power and PoE power
| Catalyst 3850 Series | Catalyst 9300 Series - C9300 SKU's | |
|---|---|---|
| System power and PoE power | Each power supply has a fixed amount of system power and a fixed amount for PoE | Each power supply has a fixed amount of system power and a fixed amount for PoE |
| Power redundancy | Combined redundant | Combined redundant |
Table 4. Comparison of Cisco Catalyst 3650 Series and 9300L Power Redundancy
| Catalyst 3650 Series | Catalyst 9300 - C9300L/ C9300LM SKUs | |
|---|---|---|
| Stacking | StackWise-160 | StackWise-320 |
| StackPower | No | No |
| Number of power supply slots | 2 | 2 |
| Power supplies | 250W AC 640W AC 1025W AC 640W DC |
350W 600W AC* 715W AC 1000W AC* 1100W AC 715W DC 715W DC* |
| System power and PoE power | Each power supply has a fixed amount of system power and a fixed amount for PoE | Each power supply has a fixed amount of system power and a fixed amount for PoE |
| Power redundancy | Combined | Combined |
*C9300LM only PSU
Operations
Interface reference
Cisco Catalyst 3650/3850 Series Multigigabit switches offer Gigabit Ethernet and 10G Ethernet ports exclusively. In contrast, Cisco Catalyst 9300 Series Multigigabit switches introduce support for 1G, 2.5G, 5G, and 10G Ethernet on their 48-port Multigigabit models, as detailed in Table 5.
Table 5. Presence of 2.5 Gigabit Ethernet ports on the Cisco Catalyst 3850 Series and Catalyst 9300 Series
| Catalyst 3650/3850 Series | Catalyst 9300 Series | |
|---|---|---|
| 2.5 Gigabit Ethernet ports | None | Tw1/0/1 |
Management interface
The management interface on the Cisco Catalyst 9300 Series is Gigabit Ethernet, closely resembling the Gigabit Ethernet interface on the Catalyst 3650/3850 Series. On both platforms, the management port utilizes its own VRF instance to segregate management traffic from normal data traffic.
Software features
For comprehensive details on features supported by the Cisco Catalyst 9300 Series, consult the feature navigator on cisco.com. For customers migrating from the Cisco Catalyst 3650/3850 Series to the Catalyst 9300 Series, the following are the primary feature differences:
Host tracking feature
The Cisco Catalyst 3650/3850 Series supports IP Device Tracking (IPDT) in Release 3.X for tracking connected hosts (MAC and IP address association). The Cisco Catalyst 9300 Series, with the latest Cisco IOS XE Software release, incorporates the new Switch Integrated Security Features (SISF)-based IP device-tracking feature. This acts as a container policy, enabling snooping and device-tracking features available with First Hop Security (FHS) for both IPv4 and IPv6, using IP-agnostic Command-Line Interface (CLI) commands. Refer to Appendix A for guidance on migrating from IPDT CLI configurations to the new SISF-based device-tracking CLI configuration.
Quality of service
The Cisco Catalyst 9300 Series introduces new features and enhancements with its latest ASIC and operating system. It supports a per-port egress queuing policy, allowing each downlink or uplink port to have a distinct egress queuing policy. In contrast, the Cisco Catalyst 3650/3850 Series shares a common egress queuing policy across all downlinks or uplinks.
Table 6. Quality of service policy in the Cisco Catalyst 3850 Series and Catalyst 9300 Series
| Catalyst 3650/3850 Series | Catalyst 9300 Series | |
|---|---|---|
| Egress queuing policy | Supports only two policies (downlinks share one policy and uplinks share another policy) | Supports multiple queuing policies (each downlink or uplink can have its own policy) |
| Traffic classification | Supports "Match-any" | Supports "Match-any" and "Match-all" |
Congestion avoidance
The Cisco Catalyst 3650/3850 Series supports only Weighted Tail Drop (WTD), which discards packets based on configured thresholds. The Cisco Catalyst 9300 Series utilizes both WTD and Weighted Random Early Detection (WRED). WRED randomly discards packets at specified queue thresholds based on IP precedence, Differentiated Services Code Point (DSCP), or Class of Service (CoS), providing network architects with greater control over drop behavior. The following illustrates an example of WRED configuration on the Catalyst 9300 Series:
policy-map 2P6Q3T
class PRIORITY-QUEUE
priority level 1
class VIDEO-PRIORITY-QUEUE
priority level 2
class DATA-QUEUE
bandwidth remaining percent <number>
queue-buffers ratio <number>
random-detect dscp-based
random-detect dscp 10 percent 60 80
Table 7 lists additional QoS specifications for the Cisco Catalyst 3850 Series and Catalyst 9300 Series.
Table 7. QoS specifications in the Cisco Catalyst 3850 Series and Catalyst 9300 Series
| Catalyst 3650/3850 Series | Catalyst 9300 Series | |
|---|---|---|
| Buffer | 12 MB | 16 MB |
| Buffer sharing | Buffer sharing is within the ASIC | Buffer sharing is within the ASIC |
| Number of priority queues | 0 to 2 | 0 to 2 |
Conclusion
The Cisco Catalyst 9300 Series is Cisco's leading fixed enterprise switching access platform. As the new generation of access platform, it offers numerous additional capabilities and is exceptionally well-suited for enterprises looking to upgrade from their existing Cisco Catalyst 3650/3850 Series deployments.
Appendix A
If your device lacks legacy IP device-tracking or IPv6 snooping configurations, you can utilize the new SISF-based device-tracking commands for all future configurations. The legacy IPDT commands and IPv6 snooping commands are no longer available.
Table 8 displays the new SISF-based device-tracking commands and their corresponding IPDT and IPv6 snooping command compatibility.
Table 8. IPDT, IPv6 snooping, and device-tracking CLI compatibility
| IP device tracking | IPv6 snooping | SISF-based device tracking |
|---|---|---|
| ip device tracking probe count | Not supported | Not supported |
| ip device tracking probe delay | ipv6 neighbor binding reachable-lifetime | device-tracking policy reachable-lifetime |
| ip device tracking probe interval | ipv6 snooping tracking retry-interval | device-tracking policy retry-interval |
| ip device tracking probe use-svi | Accepted and interpreted as ip device tracking probe auto-source override | Accepted and interpreted as ip device tracking probe auto-source override |
| ip device tracking probe auto-source fallback | Not supported | Not supported |
| ip device tracking probe auto-source override | Not supported | Not supported |
| ip device tracking trace buffer | Not supported | Not supported |
| ip device tracking maximum | ipv6 snooping policy <name> limit | device-tracking snooping policy <name> limit |
| ip device tracking probe count | Not supported | Not supported |
| ip device tracking probe interval | Not supported | Not supported |
| clear ip device tracking all | Not supported | Not supported |
