• Save
Cisco nexus1000v
 

Like this? Share it with your network

Share

Cisco nexus1000v

on

  • 829 views

Cisco Theater presentation from Emc World 2013

Cisco Theater presentation from Emc World 2013

Statistics

Views

Total Views
829
Views on SlideShare
829
Embed Views
0

Actions

Likes
2
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Cisco nexus1000v Presentation Transcript

  • 1. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1Cisco Nexus 1000VAppaji Malla & Michael JoffeCo-Sponsored by Intel®
  • 2. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2Agenda• Cisco Virtual Networking Vision• Cisco Nexus 1000V Overview• Virtual Services
  • 3. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3Physical | Virtual | Cloud JourneyPHYSICALWORKLOADVIRTUALWORKLOADCLOUDWORKLOAD• One app per Server• Static• Manual provisioning• Many apps per Server• Mobile• Dynamic provisioning• Multi-tenant per Server• Elastic• Automated ScalingHYPERVISORVDC-1 VDC-2CONSISTENCY: Policy, Features, Security, Management, Separation of DutiesNexus 1000V, VM-FEXvWAAS, VSG, ASA 1000V, vNAM*Nexus 7K/5K/3K/2KWAAS, ASA, NAMCloud Services Router (CSR 1000V)ASR, ISRSwitchingRoutingServicesUCS for Virtualized workloadsUCS for bare-metalComputeWith Intel® Xeon® processor
  • 4. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4Tenant ACisco Cloud Networking ServicesHypervisor agnostic multi-service platformNexus 1000VNexus 1000V• Distributed switch• NX-OS consistency7000+ CustomersVSG• VM-level controls• Zone-based FWShippingASA 1000V• Edge firewall, VPN• Protocol InspectionShippingvWAAS• WAN optimization• App, trafficShippingCSR 1000V(Cloud Router)• WAN L3 gateway• Routing and VPNShippingASA 1000VCloudFirewallCisco VirtualSecurityGateway(VSG)vWAASCitrixNetScalerVPXImpervaSecureSphereWAFCloudServicesRouter 1000VZone AZone BvPath VXLANMulti-Hypervisor (VMware, Microsoft*, RedHat*, Citrix*)EcosystemServices• Citrix NetScaler VPXvirtual ADC• Imperva Web App.FirewallCY2013Physical Infrastructure (Compute, Network, Storage)
  • 5. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5Cisco Nexus1000V InterCloudSecurely Extend Enterprise Environment into Provider CloudNexus 1000V InterCloudEnterprise-Grade Crypto and Firewalling within & across cloudsSecureSimple Transparent Application Migration; Centralized ManagementFlexible Choice of Provider Clouds and HypervisorsPrivateHostedUtilityPublicCommunityManagedNexus SwitchingIOS RoutingNetwork Services
  • 6. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6Server Virtualization Issues1. Live Migration moves VMs acrossphysical ports—the network policy mustfollow VM Movement2. Must view or apply network/securitypolicy to locally switched traffic3. Need to maintain segregation of dutieswhile ensuring non-disruptiveoperationsPortProfileServer AdminNetwork AdminSecurityAdmin
  • 7. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7Customer Issues in highly virtualized environmentsOverlay TechnologySupportOperationalComplexity Managing networksacross physical &virtualenvironmentsMaturing Hypervisormarket Economics Use-cases requiringdifferent hypervisorsPublic Cloud Security concernsfor public cloud Mobility concernsResourceUtilization VM Mobility acrossDC Mobility across DCs Mobility acrosscloudsVirtual Services Secure virtualenvironment Rich networkservicesDiverse Virtualization Requirements for DataCenter CustomersMulti-servicessupport with vPathMulti-hypervisorSupportConsistentOperational ModelMulti-cloud support
  • 8. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8Cisco Nexus 1000V ArchitectureHypervisorModular Switch…Linecard-NSupervisor-1 (Active)Supervisor-2 (StandBy)Linecard-1Linecard-2BackPlaneVEM-NVEM-1 VEM-2VSM: Virtual Supervisor ModuleVEM: Virtual Ethernet ModuleVSM-1 (active)VSM-2 (standby)Virtual ApplianceNetworkAdminServerAdminNX-OSControl PlaneNX-OSData PlaneHypervisor Hypervisor
  • 9. Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 9VM Mgmt StationCiscoNexus1000VVEMCiscoNexus1000VVEMCiscoNexus1000VVEMVM VM VM VMVM VM VM VMVM VM VM VMCisco Nexus 1000V VSMVirtual Supervisor Module (VSM)• Virtual or Physical appliance running Cisco NXOS(supports Hi-availability)• Performs management, monitoring, and configuration• Tight integration with management platformsVirtual Ethernet Module (VEM)• Enables advanced networking capability on thehypervisor• Provides each virtual machine with dedicated“switch port”• Collection of VEMs : 1 virtual network DistributedSwitchHyoervisor HyoervisorHypervisorServer Server ServerCisco Nexus 1000V Architecture
  • 10. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10Cisco Nexus 1000V PortfolioVirtual Extensible LAN(VXLAN)Scaling LAN segmentsDC-wide VM Mobility• LAN segment across Layer 3• Works with existing networkinfrastructure• 16 million segmentsVirtual Service Data Path(vPath)• Service chaining (traffic steering)• Fast-path offload• VXLAN awareEmbedding intelligence for virtualservicesNexus 1000V VEMvPath VXLANHypervisorNexus 1000V VEMvPath VXLANHypervisor* To be released in CY13Ethernet/IPNetwork FabricCisco vWAASN1KV VSMASA 1000V Cisco VSG Citrix VPX*CSR1000V Imperva WAF*Virtual Appliance
  • 11. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11Switching L2 Switching, 802.1Q Tagging, VLAN, VXLAN, Rate Limiting (TX) IGMP Snooping, QoS Marking (COS & DSCP), Class-based WFQSecurity Policy Mobility, Private VLANs w/ local PVLAN Enforcement Access Control Lists, Port Security, Cisco TrustSec Support* Dynamic ARP inspection*, IP Source Guard*, DHCP Snooping*Provisioning Port Profiles, Integration with virtualization & cloud mgmt. tools Optimized NIC Teaming with Virtual Port Channel – Host ModeVisibility VM Migration Tracking, NetFlow v.9 w/ NDE, CDP v.2 VM-Level Interface Statistics, SPAN & ERSPAN (policy-based)Network Services  Virtual Services Datapath (vPath) support for traffic steering & fast-path off-load [leveraged byVirtual Security Gateway (VSG)*, vWAAS, ASA1000V]Cisco Nexus 1000V FeaturesManagement Integrated Provisioning with VM Mgmt station, Cisco LMS, DCNM Cisco CLI, Radius, TACACs, Syslog, SNMP (v.1, 2, 3) Hitless upgrade, SW Installer* Available only with Advanced Edition
  • 12. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12Cisco Nexus 1000V Operational ModelNetworks & policies synced toVM Mgmt StationCreate VMs and assign theright network policiesNexus1000VVEMServerNexus 1000VVSMHypervisorVM Mgmt StationNetworkAdminCreate networks and policiesVM Mgmt Station manages the placement of VMsVM VM VM VMServerAdmin
  • 13. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13Virtual Services
  • 14. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14Virtualization and Cloud Driving New Requirementsin Data CenterTraditional Data Center Virtual/Cloud Data CenterFW WANOpt• Application-specific services• Form factors:ApplianceSwitch module• Virtual appliance form factor• Dynamic instantiation/provisioning• Service transparent to VM mobility• Support scale-out• Large scale multitenant operationVirtualServiceNode (VSN)ADC/SLBAPPOSHypervisorVDC-1VDC-2
  • 15. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15HypervisorTraditional Service NodesVirtual ContextsVLANsRedirect VM traffic via VLANs toexternal (physical) firewallAppServerDatabaseServerWebServerAppServerDatabaseServerWebServerVSNVirtual Service NodesVSNApply hypervisor-basedvirtual network servicesHypervisorVirtual Service NodesServices deployment in Virtualized DC
  • 16. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16Nexus 1000VDistributed Virtual SwitchVM VM VMVM VMVMVM VM VMVMVMVM VM VMVM VM VMVMVMvPathLog/AuditInitial PacketFlowVirtual SecurityGateway (VSG)1Flow Access Control(policy evaluation)2DecisionCaching 34Intelligent Traffic Steering with vPath
  • 17. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17Nexus 1000VDistributed Virtual SwitchVM VM VMVM VMVMVM VM VMVMVMVM VM VMVM VM VMVMVMvPathRemaining packets fromflowACL offloaded toNexus 1000V(policy enforcement)Log/AuditVirtual SecurityGateway (VSG)Performance Acceleration with vPath
  • 18. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18ConsistentNetwork Services• Leverage existing virtual servicesVirtual Security Gateway, Virtual WAAS, Virtual ASA, NAM on Nexus 1010• Services can be hosted on Nexus 1010ConsistentNetworking Features• NX-OS feature across multiple hypervisors & across physical• Advanced NX-OS switching features, including security, visibility, QoS, segmentation,port channel, …ConsistentOperational Model• NX-OS CLI across multiple hypervisors & across physical• Separation of duties between network & server admins• Dynamic provisioning and VM mobility awareness• Leverage existing monitoring and management toolsNexus 1000V: Customer Benefits
  • 19. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19• Twitter: @ciscoDC• Facebook.com/CiscoDC• Video: http://www.youtubecisco.com/datacenter• Cisco blog: http://blogs.cisco.com/datacenter• Slideshare: http://slideshare.com/CiscoDataCenterIn Collaboration with Intel®Intel, the Intel logo, Xeon and Xeon inside are trademarks of Intel Corporation in the U.S.and other countries.
  • 20. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20