cisco support community expert series webcast · 12/2/2015 · if you would like a copy of the...
TRANSCRIPT
Vishal Mehta
Technical Marketing Engineer
February 12, 2015
Cisco Nexus 1000v Series Switches, Part 1: Conquered Territory: Multi-Hypervisor – February 12, 2015
Cisco Support Community
Deep Dive Expert Series Webcast
Upcoming Expert Series Webcast
Meet the 1000v Family: The Secret of Unity February 17, 2015 This session will discuss vPath: The Secret behind uniting Virtual Network Services provided by ASA 1000v, VSG, vWAAS, Nexus 1000v, vNAM.
In-Depth on Cisco Nexus
1000V Series Switches, Part 2
http://tools.cisco.com/gems/cust/customerSite
.do?METHOD=E&LANGUAGE_ID=E&SEMINAR_CODE=S22084
Part 3 registration can be found on that web page
March 17th, 2015
Ever wonder what VFC, VETH, VIF and HIF are in UCS and which path your packets are taking?
UCS infrastructure has several virtual components and this makes it challenging to troubleshoot but it is critical to understand. Cisco Expert, Niles Pyelshak will discuss UCS interfaces and how packets travels from the UCS server.
Demystifying Unified Computing System
(UCS) Interfaces for troubleshooting.
https://supportforums.cisco.com/event/12413
926/expert-webcast-demystifying-unified-computing-system-ucs-interfaces-
troubleshooting
Now through February 27th
Ask the Expert Events – Active
Join the discussion for these Ask The Expert Events:
https://supportforums.cisco.com/expert-corner/knowledge-sharing
Cisco Prime Infrastructure on Implementation
and Deployment on Wired and Wireless Join
Cisco Experts, Vinod Kumar Arya, Dhiresh
Yadav, and Afroz Ahmad
Cisco Email Security Appliance (ESA), Web
Security Appliance (WSA), and Content
Security Management Appliance (SMA).
Join Cisco Expert, Nasir Abbas
Rate Content Now your ratings on documents, videos, and blogs count give points to the authors!!!
So, when you contribute and receive ratings you now get the points in your profile.
Help us to recognize the quality content in the community and make your searches easier. Rate content in the community.
https://supportforums.cisco.com/blog/154746
Encourage and acknowledge people who generously share
their time and expertise
https://supportforums.cisco.com/expert-corner/top-contributors
Participate in Live
Interactive
Technical Events
and much more
http://bit.ly/1jlI93B
Become an Event Top Contributor
Cisco Support Community Expert Series Webcast
• Today’s featured expert is Cisco Technical Marketing Engineer Vishal Mehta
• Ask your questions now in the Q&A window
Vishal Mehta
Technical Marketing Engineer
February 12, 2015
Cisco Nexus 1000v Series Switches,
Part 1: Conquered Territory: Multi-
Hypervisor
Topic: Part 1: Conquered Territory: Multi-Hypervisor
Technical Expert – Question Manager
Gunjan Patel
If you would like a copy of the presentation slides, click the PDF file link in the chat box on the right or go to:
https://supportforums.cisco.com/document/12421056/expert-dept-series-cisco-nexus-1000v-series-switches-part-1-slides
Or, https://supportforums.cisco.com/expert-corner/knowledge-sharing
Thank You For Joining Us Today!
Now through February 27th
Ask the Expert Event following the Webcast
Join the discussion for these Ask The Expert Events:
https://supportforums.cisco.com/expert-corner/knowledge-sharing
Vishal will be continuing the discussion in an Ask
the Expert event. So if you have more questions,
please visit the Knowledge Center on the Cisco
Support Community
https://supportforums.cisco.com/discussion
/12412941/ask-expert-deepdive-cisco-nexus-
1000v-series-switches
Submit Your Questions Now! Use the Q & A panel to submit your questions
and the panel of experts will respond.
Please take a moment to
complete the survey at
the end of the webcast
Polling Question 1
Do you have Nexus 1000v installed?
a. I have N1k on VMware and Hyper-V
b. We are using other Virtual-Switch
c. Why do I need N1kv?
Vishal Mehta
Technical Marketing Engineer
February 12, 2015
Cisco Support Community Deep Dive Expert Series Webcast
Cisco Nexus 1000V Series Switches Part 1: Conquered Territory: Multi-Hypervisor
• Nexus 1000v refresher
• Nexus 1000v for VMware
• Nexus 1000v for Hyper-V
• Nexus 1000v for Openstack
• Nexus 1110 updates
• VXLAN – Now as VM
• Enhancements
• VSUM for vSphere*
• Scalability
Agenda
The need - Administrative Gap
Host Host
Network
Admin
Server
Admin
Host Host
The rest of the network…
vSwitch vSwitch vSwitch vSwitch
VMs on Wrong VLANs!
No Network Visibility or Control!
No Policy and VLAN control!
Server Admin must handle network configuration
Cisco Confidential © 2010 Cisco and/or its affiliates. All rights reserved. 15
Host Host
Network
Admin
Server
Admin
Host Host
Distributed Switch managed by Network Admin
Server Admin freed from networking configuration
Clear Configuration
Boundaries
Transparent Monitoring
Boundaries
Filling it in
Network Admins Server Admins
• Create or Update network policies
• Install hypervisor on hosts with N1KV VEM
• Create VM and assign Port profiles to VM
VM Mgmt Center
VM Mgmt Interface Nexus OS CLI
Nexus1000v VSM
• No hand-off required between network and server admins
• Complete visibility to the VM-to-VM traffic
• Consistent feature-set & CLI for physical & virtual networks
• Same management tools used across physical & virtual networks
Non-disruptive Operational Model with N1KV Consistent NX-OS Feature-set and Services
Cisco Nexus 1000V Architecture
17
vCenter / SCVMM
Cisco
Nexus
1000V
VEM
Cisco
Nexus
1000V
VEM
Cisco
Nexus
1000V
VEM
VM VM VM VM VM VM VM VM VM VM VM VM
Nexus 1000V VSM
Virtual Supervisor Module (VSM)
• Virtual or Physical appliance running Cisco NXOS (supports Hi-availability)
• Performs management, monitoring, and configuration
• Tight integration with management platforms
Virtual Ethernet Module (VEM)
• Enables advanced networking capability on the hypervisor
• Provides each virtual machine with dedicated “switch port”
• Collection of VEMs : 1 virtual network Distributed Switch
Hypervisor
Serv er Serv er Serv er
Hypervisor Hypervisor
17
Nexus 1000v similarity to Physical Switch
18 18
Conquered Territory: Multi-Hypervisor
19 19
20
Nexus 1000V Essential Edition
The world’s most advanced
virtual switch
• Full Layer-2 Feature Set
• Security, QoS Policies
• VXLAN virtual overlays
• Full monitoring and management
capabilities
• vPath enabled Virtual Services
• Any Hypervisor
Nexus 1000V Advanced Edition
Adds Cisco value-add features for
DC and Cloud
• All Feature of Essential Edition
• VSG firewall
• VXLAN to VLAN Gateway
• Cisco TrustSec
• Platform for other Cisco DC
Extensions in the Future
• Any Hypervisor
Packet Flow with UCS-B & Nexus 5k
21
MAC:A MAC:B
• Nexus 1000v refresher
• Nexus 1000v for VMware
• Nexus 1000v for Hyper-V
• Nexus 1000v for Openstack
• Nexus 1110 updates
• VXLAN – Now as VM
• Enhancements
• VSUM for vSphere*
• Scalability
Agenda
Cisco Confidential © 2010 Cisco and/or its affiliates. All rights reserved. 23
Physical Side Virtual Side T
he S
witch
Nexus 1000 in vCenter
Port-profile examples
24
VSM# sh run port-profile VM2 port-profile type vethernet VM2
vmware port-group
switchport mode access
switchport access vlan 20
no shutdown
state enabled
VSM# sh run port-profile iscsi-a
port-profile type vethernet iscsi-a
capability iscsi-multipath
vmware port-group
switchport mode access
switchport access vlan 150
no shutdown
system vlan 150
state enabled
VSM# sh run port-profile l3control
port-profile type vethernet
l3control
capability l3control
vmware port-group
switchport mode access
switchport access vlan 170
no shutdown
system vlan 170
state enabled
VSM to VEM
Nexus1000v Version 3.0 – Advanced Edition
Feature Description Highlights
Scale This covers the scalability of the product with reference to per host scale, total number of hosts per
VSM and total port count supported in the platform
• 12K Ports per VSM
• 256 Hosts per VSM
• 1K ports per Host
IPv6 This covers the IPv6 functionality expected from this release. The goal for the product is to move
towards full IPv6 compliance and the new release is the first step towards achieving this goal.
• IPv6 – ACL
TrustSec 2.0 This covers the enhancements to the existing TrustSec 1.0 functionality. The goal of introducing
this functionality is to provide a comprehensive TrustSec solution that a customer can deploy
independent of any external dependencies.
• SGACL support
• Native SGT Tagging
VXLAN
Control Plane
This section covers the requirements to provide a comprehensive VXLAN solution. In previous
release we introduced the VXLAN enhancements and this new release is building up on that
functionality by introducing a control plane to tie together multiple VSMs required for effective
functioning in a Datacenter.
• BGP control plane
• VTEP address
distribution
VXLAN GW as
a VM
This section offers the ability for introducing the VXLAN Gateway as a Virtual Machine. • VXLAN GW as a VM
Storm Control This features enables rate limiting for broadcast, multicast and unknown unicast packets on both
veth and pnic N1KV ports.
• Protecting VEM CPU by rate
limiting multicast, broadcast
and unknown unicast traffic
• User configurable options BPDU Guard This feature enables N1KV veth ports as edge port and protect the upstream network receiving the
unwanted stp bpdu packets sent by a rouge vm
• Enable BPDU guard features
on N1KV veth ports
N1k 3.0 enhancement for vSphere
26
27
• Nexus 1000v refresher
• Nexus 1000v for VMware
• Nexus 1000v for Hyper-V
• Nexus 1000v for Openstack
• Nexus 1110 updates
• VXLAN – Now as VM
• Enhancements
• VSUM for vSphere*
• Scalability
Agenda
29
30
N1k-Hyper-V terminology
32
Hyper-V: Comparison with ESX Terminology
33
Nexus1000v -- Hyper-V installation
34
35
• Nexus 1000v refresher
• Nexus 1000v for VMware
• Nexus 1000v for Hyper-V
• Nexus 1000v for Openstack
• Nexus 1110 updates
• VXLAN – Now as VM
• Enhancements
• VSUM for vSphere*
• Scalability
Agenda
OpenStack Overview
•Nova: To provision VMs
•Glance: To discover, & retrieve VM Images
•Swift: Distributed Object storage
•Cinder: Persistent block storage
•Neutron: Network as a service
•Keystone: To provide identity services
Open source software for building
private and public clouds.
Consists of a series of inter-related
projects delivering various components
for a cloud infrastructure solution.
• Uniform north-bound APIs
• Core Resources
• Network
• Subnet
• Port
• Extensible through plugin infra
OpenStack Neutron Service
Horizon Dashboar
d
Workflow Scripts
Orchestration tools
Uniform (Extensible) Neutron APIs
Vendor-specific Neutron Plugins
Physical Networks Virtual Networks
OpenStack with Nexus 1000V
API Network is
typically routable to
enable public access
Cloud Controller
Node
nova-scheduler
mysql, rabbit...
nova-api
neutron-server
keystone
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Network Node
dhcp-agent
*-plugin-agent
l3-agent
Network Node
dhcp-agent
*-plugin-agent
l3-agent
Network Node
dhcp-agent
*-plugin-agent
l3-agent
Management Network
API Network
Data Network
External Network
Internet
N1000V
• Foundation of Virtual
Services Architecture
• vPath Service
Insertion/Chaining
• VXLAN Overlay
Networking
• CSR, VPN, Firewall,
etc.
• Leverage Nexus 1000V
REST API
VSM/N1000V
40
KVM-1000v Components
• Tightly Integrated with OpenStack Vendor solutions
• Canonical (Barracuda)
• MAAS based infrastructure manager
• Juju/charm based installer
• Charms for N1KV components (VSM, VEM,
plugin, VXGW)
• Supported version :14.04 LTS + IceHouse
• RedHat (Barracuda.1)
• Foremen based infrastructure manager
• Puppet (Staypuft) based installer
• Puppet modules for n1kv components
• Supported version: RHEL 7.0 + OSP5 (IceHouse)
N1KV Solution Supported Distributions
Nexus1000V for RedHat OSP solution overview
N1KV components
CCO
OpenStack
Platform Installer
Compute Nodes
OpenStack
Services
MySQL
Horizon Neutron
N1KV Plugin VSM VM
VEM KVM
Libvirtd
Nova
Neutron Networker
RHEL7.0
VEM KVM
Libvirtd
Nova
L3 agent L2 agent
Tab
Nova
Cinder
RabbitMQ
Glance
Keystone
RHEL7.0
KV
M
Libvirtd
RHEL7.0
RHEL7.0
OSP5.0
RedHat Repo Cisco Repo
N1KV Packages
N1KV Installer
modules
VSM , VEM
VXGW, VSG
PNSC
N1KV components
Customer site
Servers
VSM Node
RHEL 6.x
Controller
RHEL7.0
vm vm vm
vm vm vm
Nexus 1000V for Canonical OS solution overview
JUJU Bootstrap Node MAAS Controller
Compute Nodes
VM
1 VM
1 VM
OpenStack Services
MySQL
Ceph
RadosGW
Horizon Neutron
Plugin
VSM
VM
VEM KVM Libvirtd
Nova
Network Nodes
Ubuntu LTS 14.04
VEM KVM
Libvirtd
Nova
VM
1 VM
1 VM
VM
1 VM
1 VM L3 agent L2 agent
Tab
N1KV components
PPA for N1KV
Nova
Cinder
RabbitMQ
Glance
Keystone
Ceph Ubuntu LTS 14.04
KV
M Libvirtd
Ubuntu
LTS 14.04
Kernel ,
Serv er ,
OpenStack
Packages Ubuntu Archive Charm Store
OpenStack
services charms
Openstack
VSM , VEM
VXGW
N1KV component
OS Archive,
OS charms with
N1KV changes
Customer site
44
Comparing N1KV/KVM with N1KV/ESX
Install & Configure MAAS
• Install the Maas Packages (region & cluster controllers, dhcp)
• Import boot images for the services
• Configure DHCP
Install & Configure Juju
• Install juju-core
• Customize juju configuration file in MAAS mode
• Create a MAAS bootstrap node
Install & Configure OpenStack Services
• Use juju charms to deploy all OpenStack services
• Includes N1KV Plugin & N1KV dashboard tab
Install & Configure Cisco Nexus 1000V
• Use juju charms to deploy VSMs
• Use juju charms to deploy VEMs
• Use juju charms to deploy VXLAN Gateway
OpenStack Deployment with Cisco Virtual Networking OpenStack
Cisco
Polling Question 2
Should we use Nexus 1110 Appliance ?
a. Yes
b. No
c. It Depends
• Nexus 1000v refresher
• Nexus 1000v for VMware
• Nexus 1000v for Hyper-V
• Nexus 1000v for Openstack
• Nexus 1110 updates
• VXLAN – Now as VM
• Enhancements
• VSUM for vSphere*
• Scalability
Agenda
Nexus 1110 – Cloud Services Platform
51
New Auto Save Config on N1110
• Problem:
• Presently on CSP, virtual service blade (VSB) configuration and network configurations are lost when user does not execute “copy running-config startup-config” before reload or during power-failure. This behavior leads loss of VSB and requires user to reconfigure all the VSB configurations and network configuration.
• Changes with auto-save config
• Auto saving of the running configuration to the startup-configuration will be triggered when there is a change in a VSB or network configurations.
• CPPA_MGR will check every 5 mins if any VSB or network config has been changed and trigger auto saving of the configurations.
• Auto save will NOT be triggered unless there is a change in configurations
Nexus 1110 - Summary • Dedicated NX-OS appliance for hosting
virtual services
• Two form factors: 1110-S, 1110-X
• Up to 14 virtual services can be hosted on the 1110-X platform and up to 9 on the 1110-S
• Simplifies lifecycle management of virtual services
• Network/security team can deploy, upgrade, manage
• Virtual services currently supported
• Nexus 1000V virtual supervisor modules (VSMs), Network Analysis Module (NAM)
• Virtual Security Gateway (VSG), VXLAN GW
• Citrix NetScaler 1000V
Nexus 1110: NX-OS based server appliance (UCS C220M3)
• CPU: 2 * Intel Sandy Bridge, 16 cores total
• RAM: 32 or 64 GB
• HDD: 2 or 4 TB
• Network I/O:
6 x 1 GbE (1110-S) OR
6 x 1 GbE + 2 x 10 GbE SFP+
6 uplinks can be individual links or port channel in any combination
• LACP
• Default: 6 individual links
Virtual Service Blades can connect to any uplink or port channel
Previous releases required customer to choose “Topology Type” during platform bring up.
Topology type could either be “Static” or “Flexible”
This feature eliminates this choice. The network topology type is by default “flexible”
ISSU will convert static topologies to equivalent flexible topology.
Enhanced startup script. Option to configure PortChannel during initial setup.
Flexible VSB/Uplink Networking (Type 5) Network Analysis Module
Nexus 1000V VSMs
Virtual Security Gateway
Command List: VSB config commands CLI Comment
(config)# virtual-service-blade <name> Creates new virtual-service blade
(config-vsb-config)# virtual-service-blade-type name <template-name> Attaches VSB template f ile to VSB
(config-vsb-config)# virtual-service-blade-type new <iso/ova filename> Attach iso/ova file to
(config-vsb-config)# ramsize Change ram for VSB
(config-vsb-config)# disksize Change disk size for VSB
(config-vsb-config)# numcpu Change CPU cores for VSB
(config-vsb-config)# crypto-off load Configure crypto bandw idth for VSB
(config-vsb-config)# interface <int-name> mode <mode> Configure VSB interface mode
(config-vsb-config)# interface <int-name> vlan <vlan-id> Configure vlan for VSB interface
(config-vsb-config)# interface <int-name> uplink <uplink-id> Configure uplink port for VSB interface
(config-vsb-config)# shutdow n <primary/secondary/both> Shutdow n VSB
(config-vsb-config)# enable <primary/secondary/both> Enable VSB
(config)# no virtual-service-blade <name> Delete VSB
Command List: Interface config commands CLI Comment
(config-if)# channel-group Configures interface as a port-channel member
(config-if)# <no> shutdow n Changes operation state of interface
(config-if)# native vlan <valn-id> Configures native vlan on interface
CLI Comment
(config-svs-domain)# control uplink <uplink-int> Configures control interface uplink
(config-svs-domain)# management uplink <uplink-int>
Configure management interface uplink
(config-svs-domain)# control vlan <vlan-id> Configures control vlan
(config-svs-domain)# management vlan <vlan-id> Configures management vlan
Network Config Commands
N1110 - Benefits
• Common hosting platform for all network-centric virtual appliances
• Respects separation of duties
• Empowers networking team to extend ownership of networking in virtual & cloud environments
• Non-disruptive to server/virtualization team
• No vSphere or vCenter dependency for the Network Team
• Hypervisor agnostic operation: supports workload VMs from any hypervisor
• High Availability(HA) with Active/Standby deployment model
• Install and manage like a standard NX-OS switch
• Nexus 1000v refresher
• Nexus 1000v for VMware
• Nexus 1000v for Hyper-V
• Nexus 1000v for Openstack
• Nexus 1110 updates
• VXLAN – Now as VM
• Enhancements
• VSUM for vSphere*
• Scalability
Agenda
1.5.1 2.2 3.0 Strategy
VXLAN
• VXLAN 1.0
• Multicast based
• Flood and Learn
• VXLAN 1.5
• Single VSM only
• Mac-distribution
• No flood and learn
• VXLAN 2.0
• BGP Control Plane
• VTEP distribution
• Continue supporting multi-
cast based VXLAN for
standards compliance and
interoperability w ith Nexus
hardw are
• BGP control plane for
interoperability w ith
Nexus9K and for better
physical virtual story
1.5.1 2.2 3.0 Strategy
VXLAN GATEWAY
• N/A • Nexus 1110 • GW as a VM • Minimize investment in
softw are VLXAN GW since
Nexus hardw are w ill have
GW functionality at a
cheaper price-point
• Develop GW as a VM for
Proof of Concepts and
cloud use cases
VXLAN Strategy
VXLAN 1.5 Feature Overview
• VXLAN 1.5 addresses some VXLAN 1.0 shortcomings and introduces enhancements to the current VXLAN solution
• Multicast: The VXLAN 1.0 solution depends on multicast in the upstream network for transmission of multicast, broadcast and unknown unicast traffic.
• Flood & Learn: VXLAN 1.0 uses a flood & learn mechanism to discover the mapping of a VXLAN MAC to the VTEP behind which it lives
• The following 2 modes are supported with VXLAN 1.5
• Unicast-Only Mode (with Flood & Learn):
• This mode removes the need for multicast to transport unknown unicast/multicast/broadcast packets. Each VEM has a list of VTEPs for every VXLAN which is distributed to other VEMs by the VSM. Instead of using multicast, packets are replicated and unicast encapsulated to each of these VTEPs.
• Unicast-Only Mode (with MAC Distribution):
• Each VEM reports its local MACs, along with their ‘home’ VTEP to the VSM. The VSM then distributes this {MAC, VTEP} information to all the other VEMs
VXLAN 2.0 – BGP CP
• VXLAN 1.5 unicast-only/mac-distribution limits strectching VXLAN segments to within a single N1KV domain (DVS).
• Limited to 256 servers in 3.X.
• Use BGP CP to distribute VXLAN info (VTEPs and Macs across DVS).
• 3.X release will only support VTEP distribution via BGP.
• Mac distribution could come in a future release.
• BGP runs on the VSM and forms MP-(i)BGP peering with VSMs in other DVS’s.
• Uses EVPN address-family, which is being standardized by Cisco, Juniper, Alcatel, et al.
• BGP peering is setup using control0 IP address on VSM.
• BGP peering could be full-mesh or with router-reflector (VSM could be used as RR).
• Could peer with other platforms that support EVPN address-family (in the future).
VM
VXLAN BGP Solution
VM VM
VSM
VEM 1 VEM 2 VEM 3
vt1 vt2 vt3
Membership List
Membership Membership Membership
VSM
VEM 1 VEM 2
vt4 vt5
Segment VTEPs
Green vt4 vt5
Membership List
Membership Membership
VM
Segment VTEPs
Green vt1 vt3
DVS 1 DVS 2
Membership List with BGP Segment VTEPs
Green vt1, vt3, vt4, vt5
• Segments can extend across multiple VSMs
• Built based on Single VSM model
• VSMs distribute the information among them using BGP
• VSM and VEMs will continue to exchange information using AIPC like single VSM mode
VXLAN 2.0 – Selective MAC Distribution
• In 2.X, Mac distribution populated Mac’s for all BD’s on all VEM’s irrespective of the BD’s that have local ports.
• Scale challenges with increased BD and module scale.
• VEM L2 table limit of 32K across all BDs.
• Localized mac distribution does dynamic MAC distribution to VEM’s when first port gets attached to a BD.
• VEM’s report MAC’s to VSM (reported every 100 ms if new mac’s learnt).
• VSM keeps track of BD’s that are signification to a module.
• VSM selectively distributes (unicasts) macs for BD’s that are configured on specific VEMs.
• Uses existing periodic version publish mechanisms to keep VEM in
• Backup mechanism on VEM to query missing mac from VSM (at a throttled rate).
VXLAN 2.0 – BGP peers configuration
feature bgp router bgp 1 router-id 192.168.66.10 log-neighbor-changes template peer vxlan remote-as 1 password 3 9125d59c18a9b015 address-family l2vpn evpn send-community extended neighbor 192.168.65.10 inherit peer vxlan neighbor ..
VSM1
feature bgp router bgp 1 router-id 192.168.65.10 log-neighbor-changes template peer vxlan remote-as 1 password 3 9125d59c18a9b015 address-family l2vpn evpn send-community extended neighbor 192.168.66.10 inherit peer vxlan neighbor ..
VSM2
Need for the VXLAN Gateway
• Nexus 1000v virtual switch supports VXLAN. But many hardware switches still lack support VXLAN in ASIC.
• In the deployments where VXLAN is not supported by physical switches the only endpoints that can connect into VXLANs are virtual machines that are connected to a Nexus1000v. Physical servers cannot be in VXLANs.
• Routers or services that have traditional VLAN interfaces cannot be used by VXLAN based networks. The only way VXLANs can currently interconnect with traditional VLANs is through VM based software routers e.g. the ASA1000v.
VXLAN Gateway Overview
• The VXLAN Gateway is a layer 2 bridging device.
• Allows VXLAN traffic to be bridged to a VLAN i.e. stitches together a VXLAN and a VLAN into a single bridging domain.
• Controlled by the Nexus1000V Virtual Supervisor Module (VSM).
• There can never be any virtual machines connected directly to the VXLAN Gateway.
• It supports both VXLAN multicast & unicast modes.
• Supported in 2.X release: VXLAN GW as a Virtual Service Blade (VSB) on N1x10
• Supported in 3.X release:
• VXLAN GW as a Virtual Service Blade (VSB) on N1x10
• VXLAN GW as a VM on ESX. Gateway as a VM should be instantiated through Vmware vsphere client.
• vlan <-> vxlan mapping configuration commands have changed in Alabcore to be in sync with NX-OS PI changes. The same changes are retained in 3.X.
• GW VSB creation procedure has some minor differences
Inserting a Physical Service into a VXLAN
• A customer may have a service provided by a physical device that has not yet been virtualized, but needs to be in the same bridge domain as VXLAN virtual machines.
• In this use case, the physical device sits in a VLAN, connected to a physical switch. The VXLAN gateway is configured to map this VLAN to the VXLAN where the virtual machines live.
VXLAN Gateway Deployment as VSB
Control and management plane Data I/O
GW1 1 vCPU 2 vCPUs
GW2 1 vCPU 2 vCPUs
NIC NIC NIC
VXLAN GW VM
Port channel
Tenant VM
• Host running ESX/VEM
Mgmt interface Data interface
Number of vCPUs – 2:
1 for management and
1 for data interface
VXLAN Gateway deployment as VM
Polling Question 3
Is it difficult to find proper upgrade procedure for Cisco products?
a. Yes
b. No
• Upgrade utility is an interactive tool
• Provides sequence of steps to upgrade Nexus 1000V
• Allows customers to plan the Nexus 1000V and VMware ESX/ESXi upgrade
What is Upgrade utility?
• Nexus 1000v refresher
• Nexus 1000v for VMware
• Nexus 1000v for Hyper-V
• Nexus 1000v for Openstack
• Nexus 1110 updates
• VXLAN – Now as VM
• Enhancements
• VSUM for vSphere*
• Scalability
Agenda
Installation and upgrade made easier using Virtual Switch Update Manager (VSUM)
http://www.cisco.com/c/en/us/support/switches/application-virtual-switch/products-installation-guides-list.html
Short video installation guides
< 5 minutes
Cisco Nexus 1000V Manager is a virtual appliance and it is registered as a plugin to the VMware vCenter server. The Cisco Nexus 1000V Manager GUI is an integral part of the VMware vSphere Web Client and it can only be accessed by logging into the VMware vSphere Web Client.
It is the graphical user interface (GUI) that you use to install, migrate, monitor, and upgrade the VSMs in high availability (HA) or standalone mode and the VEMs on ESX/ESXi hosts.
Cisco Nexus 1000V Manager enables you to install the following versions of the Cisco Nexus 1000V VSM.
• 4.2(1)SV1(5.2b)
• 4.2(1)SV2(1.1a)
• 4.2(1)SV2(2.2)
• 5.2(1)SV3(1.1)
Cisco Nexus 1000V Manager OVA file has the above VSM and VEM binaries needed for Install, migrate and upgrade. Therefore, no need of copying the files.
VSUM Keypoints
N1k-VMware Scalability Increased Scale (Advanced Edition)
Feature Details
Number of servers/hosts per switch 250 hosts/servers
Number of ports per switch 10,000 ports per switch
Number of vEth ports per server/hosts 990 ports per host/server
Active Vlans per switch 4094 VLANS
Active VXLAN per switch 6144 VXLAN
Number of Port Profile per switch 6144 port profiles
Domain Id’s 1 to 1023
VXLAN G/W Pairs 8 pairs per switch
VXLAN G/W Pair per server/host Associated to one G/W pair
Number of VXLAN Mapping per G/W 512 mappings
Function Distributed Netflow
Flow Monitors per host 64
Flow monitors switch-wide 64
Number of Interfaces per host 1k Instances
Number of Interfaces DVS-Wide 12k Instances
Flow Entries per host 64K
Flow Records per DVS 64
Flow Exporters per DVS 64
Number of flow exporters per monitor
2
Scalability: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus1000/sw/5_2_1_s_v_3_1_2/release/notes/n1000v_rn.html
Netflow Scalability
Submit Your Questions Now! Use the Q & A panel to submit your questions and our expert will respond
The 1000v family
85 85
Family Photo
Collaborate within our Social Media
Facebook- http://bit.ly/csc-facebook
Twitter- http://bit.ly/csc-twitter
You Tube http://bit.ly/csc-youtube
Google+ http://bit.ly/csc-googleplus
LinkedIn http://bit.ly/csc-linked-in
Instgram http://bit.ly/csc-instagram
Newsletter Subscription http://bit.ly/csc-newsletter
Learn About Upcoming Events
Cisco has support communities in other languages!
Spanish https://supportforums.cisco.com/community/spanish
Portuguese https://supportforums.cisco.com/community/portuguese
Japanese https://supportforums.cisco.com/community/csc-japan
Russian https://supportforums.cisco.com/community/russian
Chinese
http://www.csc-china.com.cn
If you speak Spanish, Portuguese, Japanese, Russian or Chinese we invite you to participate and collaborate in your language
More IT Training Videos and Technical Seminars on the Cisco Learning Network
View Upcoming Sessions Schedule
https://cisco.com/go/techseminars
Please take a moment to complete the survey
Thank you for Your Time!
