You are on page 1of 64

Virtual Switching

Establishing A Platform for Virtual Network Services

Presentation_ID

2009 Cisco Systems, Inc. All rights reserved. Cisco Confidential

14

Ciscos Virtual Networking Vision


Accelerate Data Center Virtualization Compute Environment Virtualized Agile Policy-driven Multi-tenant
Virtual Network Link (VN-Link)
Extend networking to virtualized environments
Hypervisor Switch (SW): Nexus 1000V Standards based, Feature rich External Switch (HW): UCS 6100/N5K + VIC (Pre-standard, IEEE 802.1 Qbh)

Virtual Network Services


Extend network services to virtualized environments
Virtual Security Gateway for Nexus 1000V Virtual WAAS

NAM virtual service blade on Nexus 1010

2010 Cisco and/or its affiliates. All rights reserved.

Virtual Network Management (UCSM, VNMC) Policy-driven, Programmatic, Multi-device, Multi-tenant

15

Server Virtualization Issues


1. vMotion moves VMs across physical portsthe network policy must follow 2. Impossible to view or apply network policy to locally switched traffic
Port Group

3. Need shared nomenclature for security policies between network and server admin
vCenter Physical Switch Interface

2010 Cisco and/or its affiliates. All rights reserved.

16

Cisco Nexus 1000V


Distributed Virtual Switch for VMware vSphere

Industrys most advanced virtual switch for VMware vSphere Standards based interoperates with all IEEE 802.1Q switching platforms Built on Cisco NX-OS

VM

VM

VM

VM

VM

VM

VM

VM

Nexus 1000V VEM vSphere

Nexus 1000V VEM vSphere

Feature and operational consistency across physical and virtual networks Provides advanced switching features Network team manages virtual network No change for server administration
Host

Hypervisor

Hypervisor

Non-disruptive provisioning model


Host

Nexus 1000V Virtual Supervisor Module (VSM)

Policy-Based VM Connectivity
2010 Cisco and/or its affiliates. All rights reserved.

Mobility of Network & Security Properties

Non-Disruptive Operational Model


17

Features of the Nexus 1000V

Switching Security

L2 Switching, 802.1Q Tagging, VLAN Segmentation, Rate Limiting (TX) IGMP Snooping, QoS Marking (COS & DSCP), Class-based WFQ* Policy Mobility, Private VLANs w/ local PVLAN Enforcement Access Control Lists (L24 w/ Redirect), Port Security Dynamic ARP inspection, IP Source Guard, DHCP Snooping Automated vSwitch Config, Port Profiles, Virtual Center Integration Optimized NIC Teaming with Virtual Port Channel Host Mode

Provisioning
Visibility Management
2010 Cisco and/or its affiliates. All rights reserved.

VMotion Tracking, NetFlow v.9 w/ NDE, CDP v.2 VM-Level Interface Statistics Policy-based SPAN & ERSPAN* Virtual Center VM Provisioning, Cisco Network Provisioning, CiscoWorks

Cisco CLI, Radius, TACACs, Syslog, SNMP (v.1, 2, 3)


Hitless upgrade*
*In 1.4 Release, 4Q CY2010
18

Nexus 1010: VSM on an Appliance


VSM on Virtual Machine VSM on Nexus 1010

1000V VSM x 1

VM

VM

VM

VM

VM

VM

VM

1000V VEM
vSphere

1000V VEM
vSphere

Server
1000V VSM x 4

Server

Cisco Nexus 1010

2010 Cisco and/or its affiliates. All rights reserved.

19

Feature Comparison

Network Team manages the switch hardware Installation like a standard Cisco switch NX-OS high availability of VSM VEM running on vSphere 4 Enterprise Plus Nexus 1000V features and scalability NX-OS high availability of VSM VEM running on vSphere 4 Enterprise Plus Nexus 1000V features and scalability

VSM on Virtual Appliance VSM Virtual Machine


2010 Cisco and/or its affiliates. All rights reserved.

VSM on Nexus 1010 1010 VSM hosted on Nexus


20

NAM Virtual Blade on Nexus 1010


Optimize Application Performance and Network Resources
VM VM VM VM

Application Performance Monitoring Traffic Analysis and Reporting


Applications, Host, Conversations, VLAN, QoS, etc. Per-application, per-user traffic analysis

Nexus 1000V VEM vSphere

View VM-level Interface Statistics Packet Capture and Decodes Historical Reporting and Trending

ERSPAN
NAM Virtual Blade on Nexus 1010

vCenter

Nexus 1000V VSM

NetFlow

2010 Cisco and/or its affiliates. All rights reserved.

21

Introducing: Cisco Virtual Security Gateway


Securing Virtualized Data Center and Cloud Environments FEATURES
Virtual Security Gateway (VSG)
On Nexus 1000V

Secure segmentation with zone-based firewall VM-level granularity with context-aware rules Virtual Network Management Center: Policy-based centralized management

Virtual Network Management Center (VNMC)

BUSINESS BENEFITS
Operational simplicity

Deployment flexibility
Consistent security policy compliance and auditing

2010 Cisco and/or its affiliates. All rights reserved.

22

Example Use Case: 3-tier Server Zones


Tenant_A
Only Permit Web Servers access to App servers via HTTP/HTTPS Only Permit App servers access to DB servers

Tenant_A

Web Server Web Server

App App Server Server

DB DB server server

Port 80 (HTTP) and 443 (HTTPS) of Web Servers open

Only Port 22 (SSH) of App Servers open

All other traffic denied

2010 Cisco and/or its affiliates. All rights reserved.

23

Virtual Security Gateway - Capabilities


Context aware Security

VM context aware rules Establish zones of trust Policies follow vMotion Efficient, Fast, Scale-out SW

Virtual Security Gateway (VSG)

Zone based Controls Dynamic, Agile Best-in-class Architecture

Virtual Network Management Center (VNMC)

Non-Disruptive Operations Policy Based Administration

Security team manages security


Central mgmt, scalable deployment, multi-tenancy

Designed for Automation

XML API, security profiles

2010 Cisco and/or its affiliates. All rights reserved.

24

Virtual Network Management Center (VNMC)


Seamless Policy-Based Management
VM VM VM VM VM VM VM VM VM

VM Context
Security Team

vCenter
Server Team

VNMC
Virtual Network Management Center

Port Profile Nexus 1000V


Network Team

Security Profile

2010 Cisco and/or its affiliates. All rights reserved.

28

Nexus 5000 and 2000 Series

Data Center Business Advantage

Cisco Nexus 5548UP Switch


Back of the Switch

Compelling Unified Ports Value Proposition

Expansion Modules (GEM2)

32 Fixed SFP+ Ports Line Rate Hardware Capable of 1/10GE Traditional Ethernet *, Fibre Channel over Ethernet, and 8/4/2/1G Native Fibre Channel
* 1G Support NOW available with 5.0(3)N1(1)

16p SFP+ Ethernet Ports 8p Eth + 8p Native FC 16p Unified Ports Front of the Switch

Front to Back Airflow

Mgmt 0, Console, USB

Redundant Fan Modules

Redundant 750W AC Power Supplies

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

30 30

Cisco Nexus 5596UP Switch

Industrys Highest Density Fixed Form-Factor Switch

Back of the Switch


Expansion Modules (GEM2)

48 Fixed SFP+ Ports Line Rate Hardware Capable of 1/10GE Traditional Ethernet *, Fibre Channel over Ethernet, and 8/4/2/1G Native Fibre Channel
* 1G Support NOW available with 5.0(3)N1(1)

16p SFP+ Ethernet Ports

8p Eth + 8p Native FC
16p Unified Ports Front of the Switch

Front to Back Airflow

Mgmt 0, Console, USB


Nexus 7000 EBC External

Redundant 1100W AC Power Supplies


2009 Cisco Systems, Inc. All rights reserved.

Redundant Fan Modules


31 31

Generic Expansion Modules (GEM2)


Ultimate Flexibility

N55-M16UP

16 Unified Ports Ports can be configured as either Ethernet or Native FC Ports Ethernet operation at 1/10 Gigabit Ethernet Fibre Channel operation at 8/4/2/1G Uses existing Ethernet SFP+ and Cisco 8/4/2G and 4/2/1G FC Optics
Minimum software required: 5.0(3)N1(1)

Flexibility ANDSimplicity
Cisco Nexus 5500 Platform Cisco All Rights Reserved 32

Nexus 5500 Layer 3 Modules


Two Distinct Form Factors, Same Performance
L3 Hardware List Price
L3 Hardware List Price

$5,000

$5,000

Nexus 5548P Nexus 5548UP


Cisco Nexus 5500 Platform Cisco All Rights Reserved

Nexus 5596UP
33

Cisco Nexus 7000 with 2000 Fabric Extender (FEX)


Platform Update

Model
Form Factor Uplink Ports Uplink Transceivers Supported Host Facing Ports

Nexus 2224TP
1 RU 2 x 10GbE SFP+

Nexus 2248TP
1 RU 4 x 10GbE SFP+

Nexus 2232PP-10G
1 RU 8 x 10GbE SFP+

Copper CX-1 (passive): 1m, 3m, 5m. (active ) 7M,10M Optical: FET (Nexus 2200 platforms), SR, LR [distance limited to 300m] 24 x 100/1000Base-T RJ45 48 x 100/1000Base-T RJ45 N/A 1.72 x 17.3 x 17.7in 110W Yes Yes 1536 FEX GbE Ports per Nexus 7000 32 x SFP/SFP+ (1/10G) (note: 1GE SFP support in 4.2(1)N2(1)) Yes ( for Nexus 7000 On future line module) 1.72 x 17.3 x 17.7 in 270W Yes Yes 1024 FEX 10GbE Ports per Nexus 7000

FCoE Dimensions Operational Power Supports FET Multiple PortChannel member ports on a FEX Scalability 32 FEX per Nexus 7000

N/A 1.72 x 17.3 x 17.7in 95W Yes Yes 768 FEX GbE Ports per Nexus 7000

Cisco Nexus 5500 Platform

Cisco All Rights Reserved

35

Nexus 7000 Platform Overview


Next Generation Modular

Nexus 7000 and NX-OS 9, 10 & 18 Slot Chassis 15+ Terabit System (18 Slot) Unified Fabric Modular NX-OS Device Virtualization Hitless ISSU Highest Availability Ethernet Switch and Director Class SAN
Supervisor 10G Ethernet M Series 32 Port SFP+ 10G - XL 8 Port X2 10G - XL 1G Ethernet M Series 48 Port 10/100/1000 -XL 48 Port 1G - XL 10G Ethernet F Series DCB/FabricPath/FCoE 32 Port SFP+ 10G

Linecard Modules

Cisco NX-OS Multi-protocol Operating System Data Center Network Manager (DCNM)
Nexus 7000 EBC External 2009 Cisco Systems, Inc. All rights reserved.

38 38

NX-OS Software

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

51 51

NX-OS Modular Architecture


Layer 3 Protocols Layer 2 Protocols
VLAN PVLAN STP LACP UDLD CDP 802.1X CTS

Storage Protocols
VSANs FCIP IVR Zoning FSPF

HA Manager

OSPF BGP EIGRP PIM

GLBP HSRP IGMP SNMP

Future

System Infrastructure

Kernel (Linux)

Based on MDS-9000 Series SAN-OS 3.1 Every process runs in protected memory for fault containment Automatic stateful process restart Modular code only runs in DRAM when invoked
2009 Cisco Systems, Inc. All rights reserved. Cisco Confidential

Nexus 7000 EBC External

53 53

In-Service Software Upgrade


N7K# install all kickstart bootdisk:4.1-kickstart system bootdisk:4.1-system N7K# Upgrade and reboot
Initiate stateful failover

Upgrade and reboot


Upgrade and reboot I/O modules

Active
OSPF OSPF BGP etc. PIM

Standby
BGP PIM etc.

Release Release 4.1 4.0

Release Release 4.1 4.0

HA Manager Linux Kernel

HA Manager Linux Kernel

N7K Data Plane

Nexus 7000 EBC External

I/O Module Images

Release Release 4.1 4.0


2009 Cisco Systems, Inc. All rights reserved.

55 55

High Availability - Independently Verified Zero Packet Loss

Zero Packet Loss when Upgrading and Downgrading the software image - ISSU

Zero Packet Loss when removing Fabric Cards


Zero Packet Loss when killing and restarting OSPF Zero Packet Loss when failing over Supervisors
Test Conditions: Nexus 7000 I/O modules load balance all of the traffic across all
5 Fabric Cards. The test was performed with 51,200 OSPF routes, 256 OSPF neighbors (one on each 10GbE port), every packet going through a security ACL of 7000 lines, every packet being rewritten using a 500 line QOS ACL, each line cards was doing 48 Mpps lookup, and Cisco Netflow to track up to 512,000 flows .
Nexus 7000 EBC External

http://www.networkworld.com/reviews/2008/090108-test-cisco-switch.html 2009 Cisco Systems, Inc. All rights reserved. Cisco Confidential

56 56

Virtual Switches
One physical switch can act as multiple virtual switches
Reduces the number of physical switches in the network, lowers capex and power Applications Include separating Networks, Isolating Security Domains using the same physical switch

Prod
Extranet DMZ

Note: Should not be used for dual homing high availability. Physical redundancy is more robust
Nexus 7000 EBC External 2009 Cisco Systems, Inc. All rights reserved.

57 57

Collapsed Aggregation/Core Using Virtual Switches


Switch 1 Core Switch 2

Aggregation

Access

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

58 58

Nexus 7000 Virtualization with VDCs


VDC 1

VDC 2
Layer 2 Protocols Layer 3 Protocols
OSPF GLBP

Layer 2 Protocols
VLAN PVLAN STP LACP UDLD CDP 802.1X CTS

Layer 3 Protocols
VLAN OSPF BGP EIGRP PIM GLBP HSRP IGMP SNMP UDLD

VDC 1 VDC 2 VDC 3 VDC 4

PVLAN
STP LACP

CDP
802.1X CTS

BGP
EIGRP PIM

HSRP
IGMP SNMP

Infrastructure Kernel

VDC Virtual Device Context


Flexible separation/distribution of hardware resources and software components Complete data plane and control plane separation Complete software fault isolation Securely delineated administrative contexts Forwarding engine scalability with appropriate interface allocation
Nexus 7000 EBC External 2009 Cisco Systems, Inc. All rights reserved.

59 59

Virtual Port Channel - vPC


vPC is a Port-channeling concept extending link aggregation to two separate physical switches
Allows the creation of resilient L2 topologies based on Link Aggregation. Eliminates the need for STP in the access-distribution Provides increased bandwidth All links are actively forwarding vPC maintains independent control planes
Non-vPC
Si

Physical Topology

Logical Topology

Virtual Port Channel


L2
Si

vPC

Increased BW with vPC


Nexus 7000 EBC External 2009 Cisco Systems, Inc. All rights reserved.

60 60

FabricPath
Shipping, Tested and Published Solution Cisco FabricPath enables faster, simpler, flatter data center networks By David Newman, Network World October 25, 2010
http://www.networkworld.com/reviews/2010/102510-cisco-fabricpath-test.html

Fast Fabric failover


For networking in general and data centers in particular, resiliency is an even more important consideration than high performance.

Impressive performance
Our tests examined FabricPath functionality in five ways. All these involved six Nexus 7010 chassis linked to create one FabricPath network connecting 12,800 emulated hosts.

No multicast performance penalty


Cisco also claims FabricPath load-shares multicast source-receiver trees across multiple spine switches, compared with the single tree formed in STP networks

How we tested Cisco FabricPath : http://www.networkworld.com/reviews/2010/102510-ciscofabricpath-test-how.html?source=NWWNLE_nlt_cisco_2010-10-25

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

63 63

Applications leveraging LAN extensions


VMware Cluster (Local) VMware Vmotion Microsoft MSCS (with all your backoffice on it) Veritas Cluster Server (Local) Solaris Sun Cluster Enterprise Oracle RAC (Real Appl.Cluster)

IBM HACMP EMS/Legato Automated Availability Mgr NetApp Metro Cluster HP Metrocluster BACnet (building automation/control - http://www.bacnet.org/)

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

69 69

Introducing Overlay Transport Virtualization

O T V
Nexus 7000 EBC External

Overlay - A solution that is independent of the infrastructure technology and services, flexible over various inter-connect facilities Transport - Transporting services for layer 2 and layer 3 Ethernet and IP traffic Virtualization - Provides virtual connections, connections that are in turn virtualized and partitioned into VPNs, VRFs, VLANs and Bridge Domain instances

IETF Standard - http://tools.ietf.org/html/draft-hasmit-otv-00


OTV delivers a virtual L2 transport
2009 Cisco Systems, Inc. All rights reserved.

70 70

Nexus 7000 Worldwide Deployment

3 Years of Shipments 4,000+ Customers 13,000+ Chassis Shipped


Nexus 7000 EBC External 2009 Cisco Systems, Inc. All rights reserved.

78 78

Selected Customers With Nexus Deployments

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

79 79

StrataScale: Service Provider Selects Nexus


Fully automated managed server hosting

Need infrastructure to support 100% uptime SLA for IronScale service


Service built upon Nexus 7000

Zero Service Loss Architecture meets IronScale SLA requirements


Density and performance delivered higher utilization and improved ROI

Manageability and IOS-consistency allowed for quick, painless deployment

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

80 80

Three segments: advertising, business service, personal service 7 data centers, new DC to meet growth

Demanding requirements for virtualization, stateful fault recovery


Nexus 7000 selected for scalability, switching performance, 10GbE density, and security policy migration and management Benefits Increased bandwidth and capacity for serverto-server traffic Reduced core server footprint from 4 to 2 Infrastructure virtualization provides better management and improved space and power utilization
Nexus 7000 EBC External 2009 Cisco Systems, Inc. All rights reserved.

81 81

Nexus 7000 Proven Performance


512 x 10GbE 768 x 1GbE

Continuous Operations
High Availability verified Zero Service Disruption Upgrades Virtual Port Channel- improves L2 Availability

256 x 10GbE 384 x 1GbE

Scalability
18-Slot Chassis: 768 GbE and 512 10GbE Port Density. Increased network efficiency. 48p 1Gb Fiber more deployment scenarios

Virtualization
Virtual Device Contexts (VDCs) Consolidate network layers for medium-business Data Center Interconnect Simplified with OTV

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

82 82

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

83 83

Disclaimer
Some of the products and features described herein remain in varying stages of development and will be offered on a when-and-if-available basis. The information in this Seminar is subject to change at the sole discretion of Cisco, and Cisco will have no liability for delay in the delivery or failure to deliver any of the products or features set forth in this document.

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

84 84

Cisco Confidential Under NDA

Nexus 7000 I/O Module Family Roadmap

M2-XL Series Modules 10G/40G/100G modules


M1 Series XL Modules 8 port 10G-XL (80G/slot) 32 port 10G-XL (80G/slot) 48 port 1G-XL (46G/slot) 48 port 1G RJ45-XL (46G/slot) M1 Series Modules 32 port 10G (80G/slot) 48 port 1G RJ45 (46G/slot) 48 port 1G (46G/slot)

F1 Series I/O Modules 32 port 10G SFP+ (230G/slot) F2 Series I/O Modules 48 port 10G SFP+ w/L3 (480G/slot) 40 port 10G 10G-T w/L3 (400G/slot)

Shipping
Nexus 7000 EBC External

2010

2011

2012
85 85

2009 Cisco Systems, Inc. All rights reserved.

NX-OS Long Term Planning


Software Releases Target Dates for the Nexus 7000

Delhi (5.2)
Target: June, 2011 Status: EC

Freetown (6.1)
Target: 1H, CY2012 Status: EC

Helsinki
Target: 2013 Status: Planning

1HCY11

2HCY11

1HCY12

2HCY12

1HCY13

Edinburgh (6.0)
Target: Q4, CY2011 Status: EC

Gibraltar
Target: 2H, CY2012 Status: Planning

C97-591706-00

2010 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

86

Cisco Confidential Under NDA

NX-OS Roadmap for Nexus 7000


Cairo Delhi Edinburgh Freetown

Q4CY10

Q1CY11

Q2CY11

Q3CY11

Q4CY11

1HCY12

Cairo (SHIPPING) 5.1 FabricPath and VPC+ F1 Series: 32-port 10G SFP+ I/O module M1 Series: 32-port 10G XL SFP+ I/O module M1 Series: 48-port 10/100/1000 XL I/O module VTP client/server ERSPAN (M1) Nexus 2248T (FEX)

Delhi (EC) 5.2


Target 2QCY11

Edinburgh (EC)
Target Q4CY11

Freetown (EC)
Target 1HCY12

9-slot Nexus 7000 chassis (maint) MPLS Phase 1 L3VPN FCoE / FCF (F1)

F2 Series: 48-port 10G I/O module F2 Features Phase 1: L2, L3, vPC, SPAN 7010 Fab 2 Module

LISP Phase 1 VM Mobility, IPv6, Map Server VACL Capture (M1) Static Mcast Mac (M1) Nexus 2232, 2224 (FEX) 1588 PTP (F1) OTV Adjacency Server
Cisco Confidential

7018 Fab 2 Module

M2 Series: 6-port 40G I/O module M2 Series: 2-port 40/100G I/O module F2 Series: 40-port 10GBase-T I/O Module F2 Features Phase 2: FEX, FCoE, FabricPath CCN Phase I* IPSLA* MPLS Phase 2-VPLS* LISP Phase 2 MultiTenancy

*Pending Separate EC
87

C97-591706-00

2010 Cisco Systems, Inc. All rights reserved.

Cisco Confidential Under NDA

Next Generation Service Module Strategy


Today
6500 Service node

CY2011
6500 Service node

CY2012+
6500 & Nexus 7000

Security

FWSM

ASA SM
10+ Gbps Performance ASA Software Parity

NG FW For N7K
40Gbps Forwarding 1000 contexts

Applicat Applicat ion ion Delivery Visibility & Monitori ng

Common HW Platform for FW, NAM

NG NAM For N7K


20Gbps Monitoring

NAM

NAM10
10+ Gbps

ACE30
Data plane unification with appliance HTTP Compression
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

ACE

40Gbps Forwarding 300K CPS

Presentation_ID

88

Nexus 7000 Unique Innovations


Drivers for transitioning
Value
Continuous Operations Perform software upgrades with zero packet loss and no service disruptions High-Availability Modular Operating System Lossless fabric with Virtual Output Queues

Hitless ISSU
Stateful Process Restart for NX-OS Lossless Fabric Virtualization Enabler Unified Fabric

Enable I/O Consolidation with FCoE capable modules in the Nexus 7000

Nexus 2000 Fabric Extender Support


Overlay Transport Virtualization TRILL / Layer 2 MultiPathing

Support high-density 1GE ToR Designs with a greatly reduced management touchpoints
Simple solution for L2 Extensions within and across Data Center Build large L2 Networks without running spanning tree

Presentation_ID

2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

89

Nexus 7000 Unique Innovations


Drivers for transitioning
Value
Security & Cost Optimization Cisco TrustSec (CTS) Virtual Device Contexts Operational Excellence Front-to-back Airflow Fabric, PS, FAN in the back of the chassis Shutdown lock-buttons on Fabric Modules Blue Beacon LED on modules Integrated Wireshark port
Presentation_ID 2007 Cisco Systems, Inc. All rights reserved.

Line rate hop by hop link encryption, Group-based tags for access control in network

Virtualize a single physical switch into multiple virtual switches

Allows optimized Air-Cooling/consumption DC deployments for greater resources utilization& cost Allows upgrade or maintenance operation without impact on Cabling => shorten time & cost Properly shut down sequence for Fabric module when unlocking=> prevents any packet loss Remote controlled identification of components requiring operations. Eliminate errors & optimize costs Integrated deep packet inspection capabilities for faster initial troubleshooting operations
90

Cisco Confidential

Nexus Series Network Management

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

91 91

Data Center Network Manager (DCNM)


Comprehensive data-center class administration architecture:
Multi-protocol aware consolidates and automates Ethernet, IP and Fiber Channel management
Manages specific data-center network features Offers FCAPS coverage for full network service life cycle administration, with emphasis on provisioning, performance and accounting Provides management solution for all layers of Cisco-based data center networks
Nexus 7000 EBC External 2009 Cisco Systems, Inc. All rights reserved.

92 92

DCNM - Intelligent Information Solution


Discovery & Inventory Configuration Fault Management Performance Monitoring System & Infrastructure

Centralized

management throughout the data center network


- Fiber Channel, Ethernet, IP routing and Network Security domain awareness

Enables error-free provisioning - Configuration validation via syntax and semantics


checks

Health monitoring - Real-time alarms and key traffic performance


indicators

Facilitates the insertion of innovative

network features
- Network virtualization transparently supported day 1
Nexus 7000 EBC External 2009 Cisco Systems, Inc. All rights reserved.

93 93

Cisco TrustSec
First Cisco product to deliver Cisco TrustSec, a crossplatform, multi-phase policy-based admission- and access-control solution

Unified I/O

GbE

GbE

Unified Fabric
Unified I/O

FC
FC

FC
FC

Intelligent Fabric Applications


Nexus 7000 EBC External 2009 Cisco Systems, Inc. All rights reserved.

94 94

Cisco TrustSec Network Admission Control


SGACL

E
Employee

CRM

U
P
Partner

General

I
Internet

Process Authorization Rules


Source: Ken Hook

Verify Identity Credentials & Obtain Additional Attributes Cisco ACS 5.0 External Directory Server

Guest

1. Authentication Request 2. Radius & AD Authc/Authz 3. SGT Dynamically Assigned


E P G
Nexus 7000 EBC External

C U I
2009 Cisco Systems, Inc. All rights reserved.

4. SGACL Dynamically Applied

5. Links Up
95 95

Cisco TrustSec Topology Independent Access Control

E
Employee

CRM

Access Denied

U
P
Partner

General

I
Internet

Source: Ken Hook Source: Ken Hook

Guest

Destination Groups
SGACL Matrix

Source Groups

E P G

E P G
Nexus 7000 EBC External

C U I

2009 Cisco Systems, Inc. All rights reserved.

96 96

VOQ and Central Arbitration Theory

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

97 97

Lossless Fabric with Single Queues


Request Grant

A
ARB
Credit

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

98 98

Head of Line Blocking


Request Grant

A
ARB
Credit

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

99 99

Head of Line Blocking


Request Grant

A
ARB
Credit

CBA

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

100 100

Virtual Output Queues and Arbitration


Request Grant

A
ARB
Credit

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

101 101

Virtual Output Queues and Arbitration


Request Grant

A
ARB
Credit

B C A

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

102 102

Cable Management
Can route up to 384 Cat6A cables to one side of chassis worst-case scenario Cable tray cover and lockable front doors prevent accidental interference

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

103 103

Nexus 7000 Data Center Operations


Power and Environmentals
Power Consideration Power efficiency and scalability for today and tomorrows data center environment

Power supply efficiency rated above 90% Redundancy modes for N+1 or GRID redundancy Variable Speed Fans Real-time Power Meter capable Virtualization allows switch consolidation

220V

220V

Grid 1

Grid 2

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

104 104

System Power
6000W or 7500W AC power supply for Nexus 7000 series chassis

Dual inputs at 220/240V or 110/120V


Proportional load-sharing among supplies Hot swappable Blue beacon LED for easy identification

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

105 105

Nexus 7000 DC Power Supply


-48V 6kW DC Power Supply Supports 2 independent inputs
3kW per input connection 1+1 resilience for battery plant

15 Custom Power Cable with connector plug and terminal ends for hot swap Compatible with all shipping Nexus 7000 Series 7018 Supports up to 24kW
1+1 mode up to 12kW N+1 mode up to 18kW

7010 Supports up to 18kW


1+1 mode up to 9kW N+1 mode up to 12kW
Nexus 7000 EBC External 2009 Cisco Systems, Inc. All rights reserved.

106 106

32-Port 10GE I/O Module, 80G Fabric


80G full duplex fabric connectivity IEEE802.1AE MACSec on every port

4:1 oversubscription at front panel


Two operational modes per group of 4 ports,
Dedicated mode
Shared mode

Buffering:
Dedicated mode: 65MB ingress, 80MB egress Shared mode: 1MB per port Plus 65MB shared ingress, 80MB egress (4 ports)

Queues: 8q2t ingress, 1p7q4t egress


SFP+
SR LR ER 300m over MMF (OM3) 10km over SMF 40km over SMF
107 107

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

8-Port 10GE XL I/O Module, 80G Fabric


8 ports of Line Rate 10GE
80G full duplex fabric connectivity

Up to 1M FIB entries, 128K ACL/QoS TCAM

Dual M1 Forwarding Engines for 120Mpps


64 byte packet line rate performance on all 8 ports

IEEE802.1AE MACSec on every port


Buffering:
Dedicated mode: 65MB ingress, 80MB egress

Flexible XL Option with Feature License

Queues: 8q2t ingress, 1p7q4t egress


X2 Optics LRM SR LR ER DWDM 220m over FDDI, OM1.. 300m over MMF (OM3) 10km over SMF 40km over SMF 80 km, 32 colors 108 108

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

48-Port 1GE I/O Module - Copper


48 1GE 10/100/1000 RJ-45 ports Integrated 60Mpps forwarding engine 48 ports wire-rate L3 multicast replication IEEE 802.1AE MACSec on every port

46G full duplex fabric connectivity


Line rate on 48-ports
With ~10% local switching

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

109 109

48-Port 1G XL I/O Module - Fiber


48 1G SFP ports
SX, LX, ZX, T, CWDM, DWDM Supports Digital Optical Monitor

Integrated 60Mpps forwarding engine


48 ports wire-rate L3 multicast replication

46G full duplex fabric connectivity Line rate on 48-ports


With ~10% local switching

Flexible XL Option with Feature License


802.1AE MacSec on every port

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.

110 110

Integrated Forwarding Engine


Advanced hardware forwarding engine Up to 60Mpps IPv4 unicast, 30Mpps IPv6 unicast throughput M1 Series Forwarding Engine
Equal to Cat 6K EARL 8

Integrated on every I/O module (NOT a FRU)


Table sizes
FIB TCAM IPv4 Routes IPv6 Routes Classification TCAM (ACL and QoS) Non-XL 128K 128K 64K 64K XL Up to 1M Up to 1M Up to 500K 128K

NetFlow TCAM (Ingress and Egress)


MAC table Bridge Domains (VDC + VLAN)

512K
128K 16K

512K
128K 16K
111 111

Nexus 7000 EBC External

2009 Cisco Systems, Inc. All rights reserved.