Cisco Silicon One ASICs: A100 and E100/K100

Tune in for this overview of the newest additions to the Cisco SiliconOne lineup, the A100 and the E100/K100. These new Network Processing Units (NPUs) represent a second generation of Silicon One ASICs specifically designed for campus environments, prioritizing features and high scale over just raw speed. Unlike previous generations, these ASICs are built for a feature-rich environment, supporting large tables for MAC addresses, Access Control Lists (ACLs), and NetFlow. This new design is crucial for enabling advanced capabilities like application hosting for containerized environments, AI/ML models, and HyperShield, a containerized distributed firewall, directly on the switch hardware. The intelligence behind this is rooted in cloud-native IOS-XE, which seamlessly integrates with both Meraki Dashboard and Catalyst Center, offering a unified and automated management experience without the need for special commands or reboots.

The A100 and K100 ASICs boast significant advancements in memory and table management, critical for modern network demands. They feature enhanced Longest Prefix Match (LPM) for highly efficient routing table entries, achieving over 90% utilization for millions of routes. A key innovation is HCAM (Hash-based Algorithmic TCAM), which combines a reasonably sized TCAM with fast, cost-effective SRAM to deliver massive scale for ACLs and NetFlow, a crucial requirement for campus networks. This hybrid approach allows for flexible allocation of memory based on specific needs through customizable SDM templates. Furthermore, these ASICs include hardware-based MACsec and IPsec for line-rate data encryption, and support for Precision Time Protocol (PTP) and Audio Video Bridging (AVB) to address latency-sensitive traffic. The A100 and K100 can scale from 400 Gigabit Ethernet all the way down to 10 Megabit half-duplex, accommodating a wide range of devices, from high-performance uplinks to legacy printers.

The presentation also highlighted the architectural benefits of the new switches, particularly the next-generation StackWise. This redesigned stacking capability utilizes a Linux kernel with separate processes for bootstrapping and cluster management, enabling in-service software upgrades (ISSU) and minimizing disruption during updates. The cluster remains operational even if an individual switch process is interrupted, preventing catastrophic link downtime. This standardized, VXLAN-based stacking architecture provides dynamic link additions and ensures consistent management across both the C9350 and C9610. The underlying hardware improvements, including latest-model Intel X86 CPUs with higher and faster DRAM, are fundamental to supporting these advanced software capabilities and the demanding requirements of AI, security, and high-density network environments.