At-a-Glance

IntroductionThe dramatic growth of data traffic has led to increased deployment of network service appliances and servers in enterprises, data centers, and cloud environments. While network switch and router architecture has evolved to support multiple-terabit capacity, service appliance and server capacity remains limited to a few gigabits far below switch capacity.

Cisco Intelligent Traffic Director Cisco® Intelligent Traffic Director (ITD) bridges the performance gap between a multi-terabit switch and gigabit servers and appliances. It provides multiple-terabit Layer 4 load balancing, traffic steering, and clustering from Cisco Nexus® switches.

ITD allows customers to deploy servers and appliances from any vendor without network or topology changes. With a few simple configuration steps on a Cisco Nexus switch, you can create an appliance or server cluster and deploy multiple devices for scalable load distribution of traffic. Servers or appliances do not have to be directly connected to the Cisco Nexus switch.

ITD offers:

• ASIC–based multiple-terabit load balancing at line rate

• Redirection of line-rate traffic to any device, such as web cache engine, web accelerator engine, video-cache, and more.

• The ability to create clusters of devices, including firewalls, intrusion prevention systems (IPSs), web application firewalls, and Hadoop clusters

• Elimination of the need for a service module or external Layer 3 or Layer 4 load balancer because every Cisco Nexus port can be used as a load balancer

• IP stickiness and resilient load balancing

• Server load balancing

• Virtual IP address with Layer 4 port-based load balancing

• Weighted load balancing

• Layer 4 port-based load balancing with user-configured port ranges

• Load balancing for a large number of devices or servers simultaneously with access control list (ACL)–based redirection

© 2015 Cisco and/or its affiliates. All rights reserved.

Cisco Intelligent Traffic Director

Benefits of Cisco ITD• Scales to a large number of

nodes with little configuration complexity, for simplified provisioning and ease of deployment

• Provisions N+M redundancy, with M standby nodes

• Offers zero-touch appliance deployment with no certification, integration, or qualification required between the appliances and Cisco Nexus switches

• Completely independent of Cisco Nexus hardware architecture, line-card type, and ASIC

• Allows the simultaneous use of heterogeneous appliances

• Capacity for an unlimited number of flows; provides flow-coherent symmetric traffic distribution and coherency for bidirectional flows where the same device receives both the forward and the reverse traffic

• Health monitoring of servers and appliances using IP service-level agreement (SLA) probes (supports TCP, UDP, ICMP, and DNS probes)

• Automatic failure detection and traffic redistribution in the event of a failure, with no manual intervention required

• Node-level standby support

• Sandwich mode node-state sync between two ITD services

• ITD statistics collection with traffic distribution details

• Ability to start, stop, and clear ITD statistics

• VRF support for ITD service and probes

• High scalability

• Support for both IPv4 and IPv6

• Number of ITD services scaled up: 128 ITD services per VDC

• Number of virtual IP addresses scaled up: 16 virtual IP addresses per ITD service

• Cisco Data Center Network Manager (DCNM) support using Cisco DevNet

• Planned support for NAT

Deployment ModesITD supports appliance clustering in multiple topologies.

One-Arm Mode The appliance is not in the direct path of client or server traffic. This mode allows appliances to simply be plugged into the network with no changes to the existing topology (Figure 1).

Figure 1. One-Arm Mode

Clients

src-iploadbalance

ITDs

Po’5 Po’6 Po’7 Po’8

At-A-Glance

At-a-Glance

• No increase in load to the supervisor CPU, and dramatically less hardware ternary content-addressable memory (TCAM) than the Web Cache Communication Protocol (WCCP)

• Enables transparent migration to the newest Cisco Nexus platforms and line cards; ITD is hardware independent and requires no additional work after an upgrade

• Transparent to end devices

• Significant savings in CapEx and OpEx through simplified provisioning and data-plane optimization:

- Reduction in configuration time and ease of deployment

- Reduced wiring, power, and rack space needs

• Terabit Layer 4 load balancing at extremely low cost (Note: ITD is not a replacement for a Layer 7 load balancer (URL, cookies, SSL, etc.)

• Enhanced business resiliency and continuity through highly available application services and integrated health monitoring

ITD also reduces your TCO with easy manageability and lower resource use. By using your existing infrastructure to deliver a high-performance, highly scalable solution, IDT delivers excellent investment protection. © 2015 Cisco and/or its affiliates. All rights reserved.

Sandwich Mode: Two Cisco Nexus Switches or Two Virtual Device Contexts on a Single Cisco Nexus Switch Some deployments require service appliances to provide stateful handling of traffic. In this mode, the forward and reverse traffic flow must pass through the same appliance. Some examples include firewall and load-balancer deployments, where traffic between the client and server must flow through the same appliance (Figure 2).

ITD also supports appliance clusters connected to multiple VDCs. ITD running in each VDC configures the switch to help ensure flow coherency.

Figure 2. Sandwich Mode

VDC 2

Sandwich Mode with 2Cisco Nexus 7000 Switches

Sandwich Mode with 2 VDCsin the Same Switch

VDC 1

ITDITD

N7k 1 N7k 2

ITDITD

Virtual PortChannel ModeIn virtual PortChannel (vPC) mode, ITD runs on each Cisco Nexus switch and programs the switches to help ensure coherent flow of traffic passing through cluster nodes (Figure 3).

Figure 3. Virtual PortChannel Mode

N7k'1

Po'1 Po'3 Po'4Po'2

N7k'2 ITDsITDs

At-A-Glance

At-a-Glance

© 2015 Cisco and/or its affiliates. All rights reserved.

Virtual IP Mode ITD can be configured to host a virtual IP address on the switch. Internet traffic destined for the configured virtual IP address will be load balanced on the nodes (Figure 4).

Figure 4. Virtual IP Mode

Clients

ITDs

Po-1

Po-2

Po-3Loadbalancing

VIP:210.10.10.100

Industry AwardsITD was named the Best of Interop 2015 Data Center Winner.

Software RequirementsITD is supported on Cisco Nexus 5000, 6000, 7000 and 9000 Series Switches and 7700 platform switches.

ITD is available on Cisco Nexus 7000 Series and 7700 platform switches with Cisco NX-OS Software Release 6.2(10), on Cisco Nexus 5000 and 6000 Series Switches with NX-OS Software Release 7.1.1N1(1), and on Cisco Nexus 9000 Series Switches with NX-OS Software Release 7.0(3)I1(2).

Ordering InformationFor the Cisco Nexus 7000 Series, ITD is supported in Cisco NX-OS Software Release 6.2(10) and requires the Enhanced Layer 2 Package license. For the Cisco Nexus 5000 and 6000 Series, ITD is supported in NX-OS Software Release 7.1(1) N1(1) and requires the Enhanced Layer 2 Package license. ITD will be supported for the Cisco Nexus 9000 Series in NX-OS Software Release 7.0(3)I1(2) and requires the Network Services license.

At-a-Glance

© 2015 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) C45-732554-01 06/15

For More InformationPlease contact your local account representative for additional information, email nxos-itd@cisco.com, or visit www.cisco.com/go/itd.