Migration Guide from Cisco Catalyst 2960-X Series to 9200 Series The new Cisco Catalyst® 9000

switching family is the next generation in the legendary Cisco® Catalyst family of enterprise LAN access,
aggregation, and core switches. Cisco Catalyst 9200 Series switches extend the power of intent-based
networking and Catalyst 9000 hardware and software innovation to a broader set of deployments.
Compared to the scale and feature richness the of Catalyst 9300 Series switches, Catalyst 9200 Series
switches focus on offering features for the mid-market and simple branch deployments. With its family
pedigree, Catalyst 9200 Series offers simplicity without compromise –it is secure, always on and
provides IT simplicity. Introduction Purpose of this guide This document is intended to help network
planners and engineers who are familiar with the Cisco Catalyst 2960-X Series Switches deploy the
Cisco Catalyst 9200 Series Switches in the enterprise networking environment. © 2018 Cisco and/or its
affiliates. All rights reserved. Cisco Catalyst 2960-X Series Cisco Catalyst 9200 Series NEW Migration
guide Cisco public Why migrate? Cisco Catalyst 9200 Series Switches are Cisco’s latest addition to the
fixed enterprise switching access platform, and are built for security, resiliency, and programmability.
These switches play an integral role as entry-level switches in Cisco Software-Defined Access (SD-
Access), Cisco’s lead enterprise architecture. The 9200 Series provides enterprise-level resiliency and
keeps your business up and running seamlessly with FRU power supplies and fans, modular uplinks, cold
patching, perpetual Power over Ethernet (PoE), and the industry’s highest Mean Time Between Failures
(MTBF). The Cisco Catalyst 9200 Series has a highly flexible uplink architecture with options for fixed and
modular uplinks that support 1-Gbps and 10-Gbps speeds. The platform offers 1-Gbps copper Ethernet
switches with 40-Gbps uplink bandwidth and high-performance stacking with the Cisco StackWise®
160/80 stacking bandwidth solution. Cisco StackWise architecture provides industry-leading scale (416
ports per stack) and flexibility of deployment for the platform. It offers support for a leading Stateful
Switchover (SSO) resiliency architecture in a stackable solution. The Cisco Catalyst 9200 Series also has a
highly resilient and efficient power architecture with support for redundant power supplies, which
delivers a high density of PoE+ ports. The switches provide industry-leading PoE resiliency capabilities,
such as perpetual and fast PoE, optimizing them for Internet-of-Things (IoT) deployments. They support
the most efficient power supplies in the industry with available platinum- and silver-rated power
supplies. The Cisco Catalyst 9200 Series Switches are also built with the latest Cisco Unified Access® Data
Plane 2.0 (UADP 2.0) mini Application-Specific Integrated Circuit (ASIC) and an internal ARM based CPU
with open Cisco IOS® XE Software, a converged operating system. Together, they deliver model-driven
programmability, streaming telemetry, application visibility, stronger security with MACsec and support
for higher-bandwidth uplinks, and a more advanced operating system than the Cisco Catalyst 2960-X
Series. System hardware The Cisco Catalyst 9200 Series is based on Cisco’s UADP 2.0 mini ASIC
architecture and an internal ARM CPU architecture. This allows the switch to run with the Cisco IOS-XE
operating system, which enables the switch to support standard YANG models through NETCONF or
RESTCONF and to run scripts natively within the switch. © 2018 Cisco and/or its affiliates. All rights
reserved. Migration guide Cisco public Table 1 lists the system hardware differences between the Cisco
Catalyst 2960-X Series and 9200 Series. Table 1. Comparison of the Cisco Catalyst 2960-X Series and
9200 Series system hardware Catalyst 9200 Series Catalyst 2960X-Series Programmable ASIC Yes No CPU
Embedded quad core CPU @ 1.4 Ghz Dual core CPU @ 600 MHz DRAM (DDR3) 4 GB/2 GB 512 MB Flash
on board 4 GB Up to 256 MB Stacking (module) StackWise-160/80 FlexStack-Plus/Extended module
Number of stack members 8 8 Stack bandwidth 160 Gbps/80 Gbps 80 Gbps Power supply 2 FRUable PS
FRUable on 2960-XR Platinum Rated Power supply Yes No Max PoE budget 1440W 740W Modular
uplinks Yes No Modular fans Yes No Max depth 13.8 in. 16 in. Blue Beacon Yes No RFID Yes No © 2018
Cisco and/or its affiliates. All rights reserved. Migration guide Cisco public System software With a
consistent hardware architecture and a shared code base with the rest of the Catalyst 9000 family, the
Catalyst 9200 Series inherits enhanced functionalities that otherwise would not be supported on
Catalyst 2960-X switches. These feature sets provide increased resiliency and security through features
such as MACsec, Cisco SD-Access, and support for Cisco TrustSec®. Table 2 lists the major system
software differences between Cisco Catalyst 2960-X Series and 9200 Series switches. Table 2. System
software differences Feature Catalyst 9200 Series Catalyst 2960X-Series Modern operating system OS
IOS-XE IOS Model-driven programmability Streaming telemetry Patching License upgrade Cisco Plug and
Play (PnP) Advanced routing Virtual Route Forwarding (VRF) support Intermediate System to
Intermediate System (IS-IS) Enhanced Interior Gateway Routing Protocol (EIGRP) Open Shortest Path
First (OSPF) Fabric SD-Access Fabric Edge Security IEEE 802.1X MACsec-128 Cisco TrustSec Security
Group Access Control List (SGACL) First-Hop Security (FHS) Network visibility Full Flexible NetFlow
Ingress and egress NetFlow © 2018 Cisco and/or its affiliates. All rights reserved. Migration guide Cisco
public System default behavior The system default behavior on Cisco Catalyst 9200 Series switches are
very much the same as that of the Cisco Catalyst 2960-X Series. For example, interfaces default to the
layer 2 switch-port mode and IP routing is disabled. However, there are also some differences: •
Management interface - The management interface on the Cisco Catalyst 9200 Series is Gigabit
Ethernet, which is much more capable than the Fast Ethernet on the Catalyst 2960-X Series. The
management port on the Catalyst 9200 platform has dedicated Virtual Routing and Forwarding (VRF) for
separation of management traffic from normal data traffic, unlike the Catalyst 2960-X series platforms,
which lack support for virtual VRF instance. Table 3 lists the management port differences between the
two platforms. Table 3. Comparison of management interface default configurations on Catalyst 2960-X
and 9200 switches Cisco Catalyst 9200 Series Cisco Catalyst 2960-X Series Interface GigabitEthernet 0/0
FastEthernet0 VRF Mgmt-vrf none Default configuration interface GigabitEthernet0/0 vrf forwarding
Mgmt-vrf no ip address speed 1000 negotiation auto end interface FastEthernet0 no ip address no ip
route-cache shutdown end • Control Plane Policing (CoPP) - CoPP is enabled on the Cisco Catalyst 9200
Series with default policing rates for different classes of traffic. These policing rates are optimized for a
typical campus environment. The policing rates can be changed or disabled for different application
environments. On the Cisco Catalyst 2960-X Series, CoPP is not enabled by default, but the system
provides a macro to create the different classes, and the user can specify the policing rate for different
classes. • Power redundancy - The Cisco Catalyst 9200 Series provides support for dual power supplies
on all SKUs, compared to dual power supplies only on 2960-XR SKUs. In the Catalyst 9200 Series, the
power supplies operate either on combined or redundant modes based on data or the PoE+ model,
whereas all Catalyst 2960-XR switches operate in redundant mode. Table 4 compares the power
capabilities of the Catalyst 9200 Series with those of the Catalyst 2960-X Series. Table 4. Power
capabilities comparison between Catalyst 2960-X and Catalyst 9200 series Catalyst 9200 Catalyst 2960-X
Series Number of power supply slots 2 on all SKUs 2 on 2960-XR, 1 on 2960-X Power supplies • Silver-
rated 125 WAC • Platinum-rated 600 WAC • Platinum-rated 1000 WAC • 250 WAC • 640 WAC • 1025
WAC Available full PoE+ Yes, with dual power supplies No External redundant power supply No Yes, with
Cisco RPS 2300 Power mode Combined mode on PoE SKUs, Redundant mode on data SKUs Redundant
mode © 2018 Cisco and/or its affiliates. All rights reserved. Migration guide Cisco public Operations
Interface reference Cisco Catalyst 9200 Series Switches have Gigabit Ethernet (GE) and 10-GE ports only.
The uplink ports on the Catalyst 2960-X Series had //, whereas the 9200 Series has //. Table 5 compares
the interface numbering between the two platforms. Table 5. Interface numbering Cisco Catalyst 9200
Series Cisco Catalyst 2960-X Series GE downlink GigabitEthernet1/0/1 GigabitEthernet1/0/1 GE uplink
GigabitEthernet1/1/1 GigabitEthernet1/0/49 10-GE uplink Te1/1/1 Te1/0/1 Stacking The
StackWise160/80 architecture on the Catalyst 9200 Series provides a more robust and highly available
infrastructure when compared to FlexStack Plus or Extended on the Catalyst 2960-X Series. In
StackWise160/80, eight switches can be stacked together to form a single logical switch with support for
SSO mechanisms. This enables 1:1 redundancy during failovers. This 1:1 redundancy allows for a role of
a standby switch, which would take over the role of the active switch, an improvement over the
FlexStack architecture, where the failure of master switch would cause a re-election between the stack
members. Table 6 compares the stacking architecture between the Catalyst 2960-X and Catalyst 9200
Series Switches. Table 6. Stacking comparison between Catalyst 2960-X and 9200 switches Catalyst 9200
Catalyst 2960-X Series Stacking architecture StackWise FlexStack Stacking SSO Yes No Stacking
bandwidth Up to 160 Gbps Up to 80 Gbps Switch roles Active, standby, member Master, member ©
2018 Cisco and/or its affiliates. All rights reserved. Migration guide Cisco public Catalyst9200#show
switch Switch/Stack Mac Address : 0xxe.xxxx.axxx - Local Mac Address Mac persistency wait time:
Indefinite H/W Current Switch# Role Mac Address Priority Version State
------------------------------------------------------------------- *1 Active 0xxe.xxxx.axxx 1 P2B Ready 2 Standby
0x7x.xx0x.5xx0 1 P2B Ready Catalyst2960-X#show switch Switch/Stack Mac Address : 2xx2.xxxx.x1x0
H/W Current Switch# Role Mac Address Priority Version State
---------------------------------------------------------- *1 Master 2xx2.xxxx.x1x0 1 4 Ready 7 Member
xxx7.xxxx.x6x0 1 4 Ready Software features For details on the features supported on the Cisco Catalyst
9200 Series, use the Feature Navigator on cisco.com. For customers migrating from the Cisco Catalyst
2960-X Series to the 9200 Series, following are the only feature differences: System MTU On the Cisco
Catalyst 9200 Series, the global command “system mtu ” sets the global MTU for all interfaces, whereas
on 2960-X Series the command to set MTU was “system mtu jumbo ”. With the Cisco Catalyst 9200
Series, the IP MTU is a per-interface-level command that sets a protocol-specific MTU for the interface.
Table 7 explains how to set the system MTU. Table 7. Setting the system MTU Cisco Catalyst 9200 Series
Cisco Catalyst 2960-X Series System MTU C9200(config)#system mtu ? MTU size in bytes C2960-
X(config)# system mtu jumbo ? MTU size in bytes IP MTU C9200(config)# int te 1/3 C9200(config-if)#ip
mtu ? MTU (bytes) C2960-X(config)# system mtu routing Host tracking feature The Cisco Catalyst 2960-X
Series supports IP Device Tracking (IPDT) for keeping track of connected hosts (association of MAC and
IP addresses). The Cisco Catalyst 9200 Series, with the latest Cisco IOS XE Software release, supports the
new Switch Integrated Security Features (SISF) based on the IPDT feature. It acts as a container policy
that enables snooping and device-tracking features available with First-Hop Security (FHS), in both IPv4
and IPv6, using IP-agnostic Command-Line Interface (CLI) commands. See Appendix A for more
information on migrating from the IPDT CLI configuration to the new SISFbased device-tracking CLI
configuration. © 2018 Cisco and/or its affiliates. All rights reserved. Migration guide Cisco public Full
Flexible NetFlow Both the Catalyst 9200 Series and the Catalyst 2960-X Series support Flexible NetFlow.
Besides the scalability differences, there are a few differences in the capabilities and configurations, as
listed in Table 8. Table 8. Flexible NetFlow differences Cisco Catalyst 9200 Series Cisco Catalyst 2960-X
Series Flow support Ingress and egress Ingress only Export formats Version 9 and Version 10 Version 9
NetFlow support on L2 VLAN Yes No Sampler rate 1 out of 2 to 1 out of 1024 1 out of 32 to 1 out of 1022
Timestamp Use absolute time [0 is at time 00:00:00 January 1, 1970] Use system uptime Bridged traffic
Apply the flow monitor to a VLAN None Boot mode The Catalyst 9200 Series supports the monolithic
bundle boot mode as well as the optimized install boot mode, whereas the Catalyst 2960-X Series
supports only the traditional bundle mode. All Catalyst 9200 switches ship with the default install boot
mode. Table 9 compares the boot mechanism between the two platforms. Table 10 shows how to
ignore the startup configuration. Table 9. Boot modes on Catalyst 2960-X and Catalyst 9200 Series
Switches Cisco Catalyst 9200 Series Cisco Catalyst 2960-X Series Boot modes Install, bundle Bundle
Default Install mode (recommended) Bundle mode Boot configuration C9K# install add file
flash:cat9k_xxx.bin a ctivate commit C2960XR-2010(config)#boot system flash:c2960x-xx.152.bin ©
2018 Cisco and/or its affiliates. All rights reserved. Migration guide Cisco public Table 10. Ignoring the
startup configuration Cisco Catalyst 9200 Series Cisco Catalyst 2960-X Series Cisco IOS Software 9200L-
1(config)#system ignore startup config switch ? Switch number all Set config for all switches in stack
ROMMON SWITCH_IGNORE_STARTUP_CFG=1 Confreg , use the interactive prompt to enable/ disable
ignore startup configuration Switch reset The Cisco Catalyst 2960-X Series uses the traditional “write
erase” command in Cisco IOS Software and deleting of the configuration file and vlan.dat file in
ROMMON to reset the switch. The Cisco Catalyst 9200 Series provides an exec “factory-reset” command
that removes all customer-specific data that has been added to the device since the time of its shipping.
Erased data includes configurations, log files, boot variables, core files, and credentials. The device
reloads to perform the factory-reset task and stays in ROMMON mode. Quality of service The ASICs and
operating system that power the Cisco Catalyst 2960-X and Catalyst 9200 Series are different, resulting
in some differences in QoS behaviors, as described in Table 11. Table 11. QoS differences between the
9200 and 2960-X Switches Cisco Catalyst 9200 Series Cisco Catalyst 2960-X Series Model MQC MLS QoS
default Enabled Disabled Trust interface configuration Trust all Trust none Port ingress
Classification/Policing/Marking Classification/Policing/Marking/Scheduling Port egress
Policing/Marking/Queueing Queueing and scheduling SVI ingress Classification/Marking Not supported
SVI egress Classification/Marking Not supported © 2018 Cisco and/or its affiliates. All rights reserved.
Migration guide Cisco public Cisco Catalyst 9200 Series Cisco Catalyst 2960-X Series Hierarchical QoS
Supported Not supported Queues 2P6Q3T (8 Queues) 2P6Q3T (Up to 8 Queues) Classification Ingress
and Egress Ingress only Marking Ingress and Egress Ingress only Policing 1r2c, 2r3c 1r2c Sampler rate 1
out of 2 to 1 out of 1024 1 out of 32 to 1 out of 1022 Policing action Drop, mark down using Table Maps,
(DSCP, CoS, Precedence) Drop, mark down DSCP, CoS, precedence Egress queuing YES – Shaping,
Bandwidth, tail-drops (AFD, WRED) and priority queuing WTD (Weighted Tail Drp), Priority queueing,
Shaping, Bandwidth Table 12 lists other QoS specifications in the Cisco Catalyst 2960-X Series and
Catalyst 9200 Series. Table 12. QoS specifications in the Cisco Catalyst 2960-X Series and Catalyst 9200
Series Cisco Catalyst 9200 Series Cisco Catalyst 2960-X Series Buffer 6 MB/ASIC 4 MB/ASIC Buffer sharing
Buffer sharing is within the ASIC Buffer sharing is within the ASIC Number of priority queues 0 to 2 0 to 1
© 2018 Cisco and/or its affiliates. All rights reserved. Migration guide Cisco public Congestion avoidance
The Cisco Catalyst 2960-X Series supports only Weighted Tail Drop (WTD), which discards packets based
on configured thresholds. The Cisco Catalyst 9200 Series uses both WTD and Weighted Random Early
Detection (WRED), which randomly discards packets at specified queue thresholds based on IP
precedence, Differentiated Services Code Point (DSCP), or Class of Service (CoS), giving the network
architect much more control over the drop behavior. Following is an example of a WRED configuration
on the 9200 Series. policy-map 2P6Q3T class PRIORITY-QUEUE priority level 1 class VIDEO-PRIORITY-
QUEUE priority level 2 class DATA-QUEUE bandwidth remaining percent queue-buffers ratio random-
detect dscp-based random-detect dscp 10 percent 60 80 Cisco Catalyst 2960-X Series platform-specific
commands Table 13 lists commands that are specific to the Cisco Catalyst 2960-X Series and are not
available on the Catalyst 9200 Series. Table 13. Cisco Catalyst 2960-X Series platform-specific commands
Cisco Catalyst 2960-X Series Cisco Catalyst 9200 Series vlan internal allocation policy ascending Not
applicable ntp update-calendar Not applicable ip device tracking See Appendix A Conclusion The Cisco
Catalyst 9200 Series is Cisco’s latest addition to our fixed enterprise switching access platform. It is the
new generation of the access platform, with many additional capabilities, and is well-suited for
enterprises looking to migrate from their existing Cisco Catalyst 2960-X Series deployment. © 2018 Cisco
and/or its affiliates. All rights reserved. Migration guide Cisco public Appendix A If your device has no
legacy IP device-tracking or IPv6 snooping configurations, you can use only the new SISF-based device-
tracking commands for all your future configurations. The legacy IPDT commands and IPv6 snooping
commands are not available. Table 14 displays the new SISF-based device-tracking commands and the
corresponding IPDT and IPv6 snooping commands. Table 14. IPDT, IPv6 snooping, and device-tracking
CLI compatibility IP device tracking IPv6 snooping SISF-based device tracking IP device tracking probe
count Not supported Not supported IP device tracking probe delay ipv6 neighbor binding reachable-
lifetime device-tracking policy reachable-lifetime IP device tracking probe interval ipv6 snooping tracking
retry-interval device-tracking policy retry-interval IP device tracking probe use-svi Accepted and
interpreted as IP device tracking probe auto-source override Accepted and interpreted as IP device
tracking probe auto-source override. IP device tracking probe auto-source fallback Not supported Not
supported IP device tracking probe auto-source override Not supported Not supported IP device
tracking tracebuffer Not supported Not supported IP device tracking maximum ipv6 snooping policy
limit device-tracking snooping policy limit IP device tracking probe count Not supported Not supported
IP device tracking probe interval Not supported Not supported Clear IP device tracking all Not supported
Not supported © 2018 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are
trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view
a list of Cisco trademarks, go to this URL: https://www.cisco.com/go/trademark