Scribd Logo
Upload

Welcome to Scribd!

  • Nexus 1000v TDM

    Uploaded by

    Muhammad Yasir Afariz
    66 views35 pages
    Many of the products and features described herein remain in varying stages of development. This roadmap is subject to change at the sole discretion of Cisco. Cisco will have no liability for delay in the delivery or failure to deliver any of the products or features set forth in this document.

    Original Description:

    Original Title

    Nexus 1000v Tdm

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Many of the products and features described herein remain in varying stages of development. This roadmap is subject to change at the sole discretion of Cisco. Cisco will have no liability for delay in the delivery or failure to deliver any of the products or features set forth in this document.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    66 views35 pages

    Nexus 1000v TDM

    Uploaded by

    Muhammad Yasir Afariz
    Many of the products and features described herein remain in varying stages of development. This roadmap is subject to change at the sole discretion of Cisco. Cisco will have no liability for delay in the delivery or failure to deliver any of the products or features set forth in this document.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 35

    Cisco Nexus 1000V

    Technical Decision Maker NDA Only

    Presentation_ID

    2006 Cisco Systems, Inc. All rights reserved.

    Cisco Confidential

    Legal Disclaimer
    Many of the products and features described herein remain in varying stages of development and will be offered on a when-and-if-available basis. This roadmap is subject to change at the sole discretion of Cisco, and Cisco will have no liability for delay in the delivery or failure to deliver any of the products or features set forth in this document.

    Presentation_ID

    2006 Cisco Systems, Inc. All rights reserved.

    Cisco Confidential

    Agenda
    Networking Challenges of Server Virtualization Cisco VN-Link Introduction

    Cisco Nexus 1000V


    Overview & Architecture Deployment Scenarios Advanced Features

    Additional Information

    Presentation_ID

    2006 Cisco Systems, Inc. All rights reserved.

    Cisco Confidential

    Transparency in the Eye of the Beholder

    With virtualization, VMs have a transparent view of their resources

    Presentation_ID

    2006 Cisco Systems, Inc. All rights reserved.

    Cisco Confidential

    Transparency in the Eye of the Beholder

    but its difficult to correlate network and storage back to virtual machines

    Presentation_ID

    2006 Cisco Systems, Inc. All rights reserved.

    Cisco Confidential

    Transparency in the Eye of the Beholder

    Scaling globally depends on maintaining transparency while also providing operational consistency

    Presentation_ID

    2006 Cisco Systems, Inc. All rights reserved.

    Cisco Confidential

    Networking Challenges to Scaling Server Virtualization

    Security and Policy Enforcement


    Applied at physical servernot the individual VM Impossible to enforce policy for VMs in motion

    Operations and Management


    Lack of VM visibility, accountability, and consistency

    Organizational Structure
    Muddled ownership as server admin must configure virtual network Organizational redundancy creates compliance challenges
    8

    Inefficient management model and inability to effectively troubleshoot

    Presentation_ID

    2006 Cisco Systems, Inc. All rights reserved.

    Cisco Confidential

    Cisco Virtual Network Link VN-Link


    Virtualizing the Network Domain

    Virtual machine aware network and storage services Abstract physical and logical infrastructure Virtual machines are the new data center building block

    Presentation_ID

    2006 Cisco Systems, Inc. All rights reserved.

    Cisco Confidential

    VN-Link Brings VM Level Granularity


    VMotion

    Problems:
    VMotion may move VMs across physical portspolicy must follow Impossible to view or apply policy to locally switched traffic Cannot correlate traffic on physical linksfrom multiple VMs

    VLAN 101

    VN-Link: Extends network to the VM Consistent services Coordinated, coherent management


    Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential

    10

    Cisco Nexus 1000V


    Industry First 3rd Party Virtual Distributed Switch

    Nexus 1000V provides enhanced VM switching for VMW ESX environments Features VN-Link capabilities:
    Policy-based VM connectivity Mobility of network and security properties Non-disruptive operational model VM #1

    Server 1
    VM #2 VM #3 VM #4 VM VM #1 #5

    Server 2
    VM #5 #6 VM #7 VM #8

    VMware vSwitch VMware vSwitch Nexus 1000V Nexus 1000V Nexus 1000V VMW ESX VMW ESX

    Ensures visibility and continued connectivity during VMotion

    Enabling Acceleration of Server Virtualization Benefits


    Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential

    11

    What is a Virtual Distributed Switch?


    A Virtual Distributed Switch, is a concept developed by VMware and Cisco to allow a single vSwitch to span multiple hosts.

    VMW calls this a vNetwork Distributed Switch.


    The Cisco Nexus 1000V, a 3rd party virtual distributed switch, will be supported in VMware ESX and Virtual Infrastructure in the 1st half of 2009

    Presentation_ID

    2006 Cisco Systems, Inc. All rights reserved.

    Cisco Confidential

    12

    Cisco Nexus 1000V Architecture


    Server 1
    VM #1 VM #2 VM #3 VM #4 VM #5

    Server 2
    VM #6 VM #7 VM #8 VM #9

    Server 3
    VM #10 VM #11 VM #12

    VEM VMware vSwitch


    VMW ESX

    Nexus 1000V VEM VMware vSwitch


    VMW ESX

    VMware vSwitch VEM


    VMW ESX

    Virtual Supervisor Module (VSM)


    Virtual or Physical appliance Virtual Ethernet Module (VEM) running Cisco OS (supports HA) Enables advanced networking Cisco Nexus 1000V Enables: Performs management, monitoring, capability on the hypervisor & configuration Policy Based VM Connectivity Provides each VM with dedicated Tight integration with switch Mobility of Network & VMware Security port Virtual Center Properties Collection of VEMs = 1 Distributed Switch Non-Disruptive Operational Model

    Virtual Center Nexus 1000V

    VSM
    Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential

    13

    Cisco Nexus 1000V


    Faster VM Deployment

    Cisco VN-LinkVirtual Network Link


    Policy-Based VM Connectivity
    Server
    VM #1 VM #2 VM #3 VM #4 VM #5

    Mobility of Network & Security Properties


    Server
    VM #6 VM #7

    Non-Disruptive Operational Model

    VM #8

    Cisco Nexus 1000V VMW ESX VMW ESX

    Defined Policies
    WEB Apps HR DB Virtual Center
    Cisco Confidential

    VM Connection Policy

    Defined in the network Applied in Virtual Center Linked to VM UUID


    14

    Compliance
    Presentation_ID

    2006 Cisco Systems, Inc. All rights reserved.

    Cisco Nexus 1000V


    Richer Network Services

    VN-Link: Virtualizing the Network Domain


    Policy-Based VM Connectivity
    Server
    VM #1 VM #2 VM #3 VM #4 VM VM #1 #5

    Mobility of Network & Security Properties


    Server
    VM VM #2 #6

    Non-Disruptive Operational Model


    VM VM #3 #7 VM VM #4 #8

    Cisco Nexus 1000V VMW ESX VMW ESX

    VMs Need to Move


    VMotion DRS SW Upgrade/Patch Hardware Failure Virtual Center


    Cisco Confidential

    VN-Link Property Mobility


    VMotion for the network Ensures VM security Maintains connection state


    15

    Presentation_ID

    2006 Cisco Systems, Inc. All rights reserved.

    Cisco Nexus 1000V


    Increase Operational Efficiency

    VN-Link: Virtualizing the Network Domain


    Policy-Based VM Connectivity
    Server
    VM #1 VM #2 VM #3 VM #4 VM #5

    Mobility of Network & Security Properties


    Server
    VM #6 VM #7

    Non-Disruptive Operational Model

    VM #8

    Cisco Nexus 1000V VMW ESX VMW ESX

    Server Benefits

    Maintains existing VM mgmt Reduces deployment time Improves scalability Reduces operational workload Virtual Enables VM-level visibility Center
    2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential

    Network Benefits

    Unifies network mgmt and ops Improves operational security Enhances VM network features Ensures policy persistence Enables VM-level visibility
    16

    Presentation_ID

    How Does It Work?

    Deploying the Nexus 1000V

    Presentation_ID

    2006 Cisco Systems, Inc. All rights reserved.

    Cisco Confidential

    17

    Deploying the Cisco Nexus 1000V


    Collaborative Deployment Model
    1. VMW Virtual Center & Cisco Nexus 1000V relationship established
    2. Network Admin configures Nexus 1000V to support new ESX hosts 3. Server Admin plugs new ESX host into network & adds host to Cisco switch in Virtual Center

    Server 1

    Nexus 1000VVEM

    VMW ESX

    3.

    2.
    Nexus 1000V

    Virtual Center
    Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential

    1.

    VSM
    18

    Deploying the Cisco Nexus 1000V


    Collaborative Deployment Model
    1. VMW Virtual Center & Cisco Nexus 1000V relationship established
    2. Network Admin configures Nexus 1000V to support new ESX hosts 3. Server Admin plugs new ESX host into network & adds host to Cisco switch in Virtual Center 4. Repeat step three to add another host and extend switch configuration
    Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential

    Server N

    Server 1

    Nexus 1000VVEM

    Nexus 1000VVEM Nexus 1000V

    VMW ESX

    VMW ESX

    4.
    Nexus 1000V

    Virtual Center

    VSM
    19

    Policy Based VM Connectivity


    Enabling Policy
    1. Nexus 1000V automatically enables port groups in Virtual Center
    2. Server Admin uses Virtual Center to assign vnic policy from available port groups

    Server 1
    VM #1 VM #2 VM #3 VM #4

    3. Nexus 1000V automatically enables VM connectivity at VM power-on

    2.

    Nexus 1000V - VEM

    VMW ESX

    3.
    WEB Apps:

    PVLAN 108, Isolated Security Policy = Port 80 and 443 Rate Limit = 100 Mbps QoS Priority = Medium Remote Port Mirror = Yes

    1.
    Available Port Groups

    Nexus 1000V

    Virtual Center

    WEB Apps DB

    HR Compliance

    VSM
    20

    Presentation_ID

    2006 Cisco Systems, Inc. All rights reserved.

    Cisco Confidential

    Policy Based VM Connectivity


    What Can a Policy Do?

    Policy definition supports:


    VLAN, PVLAN settings ACL, Port Security, ACL Redirect
    VM #1

    Server
    VM #2 VM #3 VM #4

    Cisco TrustSec (SGT)


    NetFlow Collection Rate Limiting QoS Marking (COS/DSCP) Remote Port Mirror (ERSPAN)

    Nexus 1000V - VEM

    VMW ESX

    Nexus 1000V

    Virtual Center

    VSM
    21

    Presentation_ID

    2006 Cisco Systems, Inc. All rights reserved.

    Cisco Confidential

    Mobility of Security and Network Properties


    Following Your VMs Around

    1.

    Virtual Center kicks off a Vmotion (manual/DRS) and notifies Nexus 1000V During VM replication, Nexus 1000V copies VM port state to new host

    Server 1
    VM #1 VM #2 VM #3 VM #4 VM #5

    Server 2
    VM #6 VM #7 VM #8

    2.

    Nexus 1000VVEM Nexus

    Nexus 1000 -VEM 1000V

    VMW ESX

    VMW ESX

    Mobile Properties Include:

    Port policy

    Interface state and counters


    Flow statistics Remote port mirror session

    1.
    Network Persistence VMotion Notification
    Virtual Center
    Cisco Confidential

    2.
    Nexus 1000V onstate Server 1 Current: VM port VM1 config, New: VM1 on Server 2 VM monitoring statistics VSM
    22

    Presentation_ID

    2006 Cisco Systems, Inc. All rights reserved.

    Mobility of Security and Network Properties


    Following Your VMs Around

    1.

    Virtual Center kicks off a Vmotion (manual/DRS) & notifies Nexus 1000V During VM replication, Nexus 1000V copies VM port state to new host Once VMotion completes, port on new ESX host is brought up & VMs MAC address is announced to the network

    Server 1
    VM #1 VM #2 VM #3 VM #4 VM VM #1 #5

    Server 2
    VM #6 VM #7 VM #8

    2.

    Nexus 1000VVEM Nexus

    Nexus 1000 -VEM 1000V

    3.

    VMW ESX

    VMW ESX

    3.
    Nexus 1000V

    Network Update

    Virtual Center
    Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential

    ARP for VM1 sent to network Flows to VM1 MAC redirected to Server 2

    VSM
    23

    Increase Operational Efficiency


    What stays the same? What gets better?
    Task
    vSwitch Config

    Virtualization or Server Admin


    Automated

    Network Admin
    Same as physical network

    Port Group Config


    Port Group Assignment Add new ESX host NIC Teaming Config VM Creation Security Visibility Management Tools

    Automated
    Unchanged (Virtual Center based) Automated (assign NIC & go) Automated Unchanged Policy Based VM Specific Unchanged (Virtual Center)
    Cisco Confidential

    Policy Based
    Unchanged EtherChannel Optimized Policy Based ACL, PVLAN, IP Redirect, Port Security, TrustSec VM Specific Cisco CLI, XML API, SNMP, DCNM
    24

    Presentation_ID

    2006 Cisco Systems, Inc. All rights reserved.

    Cisco Nexus 1000V


    Three New Features that Make a Difference

    Encapsulated Remote SPAN (ERSPAN)


    NetFlow v.9 with Data Export


    Private VLANs (PVLANs)


    Mirror VM interface traffic to a remote sniffer Identify root cause for connectivity issues No host-based sniffer virtual appliance to maintain Follows your VM with VMotion or DRS

    View flow-based stats for individual VMs Captures multi-tiered app traffic inside a single ESX host

    Great for mixed use ESX clusters Segment VMs w/o burning IP addresses Supports isolated, community and promiscuous trunk ports Follows your VM with VMotion or DRS

    Export aggregate stats to dedicated collector for DC-wide VM view


    Follows your VM with VMotion or DRS

    Presentation_ID

    2006 Cisco Systems, Inc. All rights reserved.

    Cisco Confidential

    25

    Cisco Nexus 1000V VM Security


    Server
    VM #1 VM #2 VM #3 VM #4 VM #1

    Server
    VM #2 VM #3 VM #4 VM #1

    Server
    VM #2 VM #3 VM #4

    P
    VMW ESX

    I
    VMW ESX

    I
    VMW ESX

    Cisco Nexus 1000V

    Cisco TrustSec Security Features Private VLAN


    Promiscuous port Isolated port Community port Access Control List Port Security DHCP Snooping IP Source Guard Dynamic ARP Inspection Admission control: 802.1X Hop-by-hop crypto: 802.1AE Security Group Tag
    SGACL Matrix
    Source Group
    Destination Group

    26

    Presentation_ID

    2006 Cisco Systems, Inc. All rights reserved.

    Cisco Confidential

    Key Features of the Nexus 1000V Switching


    L2 Switching, 802.1Q Tagging, VLAN Segmentation, Rate Limiting (TX) IGMP Snooping, QoS Marking/Queuing

    Security
    Provisioning Visibility Management
    Presentation_ID 2006 Cisco Systems, Inc. All rights reserved.

    Policy Mobility, PVLAN, ACL (L24 w/ Redirect), Port Security Cisco TrustSecAuthentication, Admission, Access Control

    Automated vSwitch Config, Port Profiles, Virtual Center Integration Optimized NIC Teaming

    Historical VMotion Tracking, ERSPAN, NetFlow v.9 w/ NDE, CDP v.2 VM-Level Interface Statistics, Wireshark

    Virtual Center VM Provisioning, Cisco Network Provisioning Cisco CLI, XML API, SNMP (v.1, 2, 3)
    Cisco Confidential

    27

    Nexus 1000V Deployment Scenarios


    Pick Your Flavor
    Rack Optimized Servers Blade Servers

    1. Works with all types of servers (rack optimized, blade servers, etc.)
    2. Works with any type of upstream switch (Blade, Top or Rack, Modular) 3. Works at any speed (1G or 10G) 4. Nexus 1000V VSM can be deployed as a VM or a physical appliance

    Nexus 1000V

    Virtual Center
    Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential

    VSM
    28

    Roadmap Summary
    Nexus 1000V
    N1KV Beta 1 N1KV Beta 2 N1KV Beta 3 N1KV Appliance Beta

    Q2 CY08

    Q3 CY08

    Q4 CY08

    Q1 CY09

    Q2 CY09

    Q3 CY09

    Q4 CY09

    N1K-VA GA - VMW

    N1K-PA GA - VMW

    Note: Nexus 1000V GA dates dependent on VMware release schedule Target for VMware release is 1st half CY2009
    Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential

    29

    Product Availability & Support


    Nexus 1000V is a Cisco product & will be sold and supported through Ciscos normal channels. It will be available in conjunction with an upgraded version of the VMW ESX product in the 1st half of 2009 Cisco Services & SmartNet support will be available Nexus 1000V is in BETA now talk to the BU for more information Nexus 1000V will have a flexible licensing mechanism, more detail will be provided closer to general availability.
    Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential

    30

    Accelerate Server Virtualization


    Enable, Simplify, Scale

    Security and Policy Enforcement Enable VM-level security and policy Scale the use of VMotion and DRS

    Operation & Management Simplify management and troubleshooting with VM-level visibility

    Organizational Structure Enable flexible collaboration with individual team autonomy Simplify and maintain existing VM mgmt model

    Scale with automated server & network provisioning

    Presentation_ID

    2006 Cisco Systems, Inc. All rights reserved.

    Cisco Confidential

    31

    Cisco Nexus 1000: More Information http://www.cisco.com/go/datacenter

    Presentation_ID

    2006 Cisco Systems, Inc. All rights reserved.

    Cisco Confidential

    32

    Presentation_ID

    2006 Cisco Systems, Inc. All rights reserved.

    Cisco Confidential

    33

    Cisco Virtual Network Link VN-Link


    Virtualizing the Network Domain
    Policy-Based VM Connectivity Mobility of Network & Security Properties Non-Disruptive Operational Model

    Cisco Nexus 1000V


    (Software Based) Cisco switch for ESXVM VM VMVMW VM
    #1 with #2 any switching #3 #4 Compatible platform Server

    Nexus 5000 with VN-Link


    (Hardware Based) Scalable, based, VM hardware VM VM high VM #1 #2 #3 #4 performance solution
    VMW ESX Standards driven approach to delivering hardware based VM Initiator networking

    Server

    Nexus 1000V Leverages Virtual Center for server VMW ESX admin; Cisco CLI for network admin
    NIC NIC

    Combines VM & physical network operations into 1 managed node


    Nexus 5000

    Nexus 1000V
    LAN

    Two Complementary Models to Address Evolving Customer Requirements


    Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential

    34

    VN-Link With the Cisco Nexus 1000V


    Cisco Nexus 1000V Software Based

    Server
    VM #1 VM #2 VM #3 VM #4

    Industrys first third-party ESX switch

    Built on Cisco NX-OS


    Compatible with switching platforms Maintain Virtual Center provisioning model unmodified for server administration; allow network administration of Nexus 1000V via familiar Cisco NX-OS CLI

    Nexus 1000V

    VMW ESX
    NIC NIC

    Nexus 1000V

    LAN

    Policy-Based VM Connectivity
    Presentation_ID 2006 Cisco Systems, Inc. All rights reserved.

    Mobility of Network and Security Properties


    Cisco Confidential

    Non-Disruptive Operational Model


    35

    VN-Link with Network Interface Virtualization


    Nexus Switch with VN-Link Hardware Based

    Server
    VM #1 VM #2 VM #3 VM #4

    Allows scalable hardware-based implementations through hardware switches Standards-based initiative: Cisco & VMware proposal in IEEE 802 to specify Network Interface Virtualization Combines VM and physical network operations into one managed node

    VMW ESX
    VN-Link

    Nexus

    Policy-Based VM Connectivity
    Presentation_ID 2006 Cisco Systems, Inc. All rights reserved.

    Mobility of Network and Security Properties


    Cisco Confidential

    Non-Disruptive Operational Model


    36

    You might also like