Han YangProduct Manager, Server Access and Virtualization Technology GroupJune 11, 2012© 2011 Cisco and/or its affiliates....
PHYSICAL                                      VIRTUAL                                    CLOUD                            ...
Virtual Appliance                                                       Nexus 1010            ASA 1000V                   ...
Firewall, Load Balancer, WAN Optimization                 Appliance/Module                           Scale Up       Contex...
Virtual Service Nodes (VSN)      VM                         VM                        VM      VM   VM      VM   VM      VS...
VM                         VM                        VM       VM           VM      VM   VM      VSN     VSN       VSN     ...
Scalable Acceleration in Virtual Ethernet Module      VM                         VM                        VM       VM    ...
Nexus 1000V with vPath 2.0 Service Chaining        VSG & ASA 1000V                 VM                                     ...
Nexus 1000V with vPath 2.0 Service Chaining              VSG & ASA 1000V                 VM                               ...
Shipping Now!                                                                                                             ...
Q2CY2012                                                                 VXLAN 101                                        ...
• Nexus 1000V: Powering the                                • vPath 2.0      Complete Cloud Network with                   ...
Thank you.© 2011 Cisco and/or its affiliates. All rights reserved.   Cisco Confidential   13
Upcoming SlideShare
Loading in …5
×

Nexus 1000V Platform for Virtualized Network Services

1,186
-1

Published on

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,186
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
75
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • Cisco vPath: architecture supporting Virtual Service NodesIntelligent traffic steeringInserts traffic flow into vPath
  • Nexus 1000V Platform for Virtualized Network Services

    1. 1. Han YangProduct Manager, Server Access and Virtualization Technology GroupJune 11, 2012© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
    2. 2. PHYSICAL VIRTUAL CLOUD WORKLOAD WORKLOAD WORKLOAD • One app per Server • Many apps per Server • Multi-tenant per Server • Static • Mobile • Elastic • Manual provisioning • Dynamic provisioning • Automated Scaling HYPERVISOR VDC-1 VDC-2 CONSISTENCY: Policy, Features, Security, Management Nexus 7K/5K/3K/2K Nexus 1000V, VM-FEX ASR Cloud Services Router (CSR) WAAS, ASA, NAM, ACE Virtual WAAS, VSG, ASA 1000V, vACE UCS for Bare Metal UCS for Virtualized Workloads© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
    3. 3. Virtual Appliance Nexus 1010 ASA 1000V vWAAS VSG VSM VSM NAM VSG Primary VSM NAM VSG Secondary VSM: Virtual Supervisor Module VEM: Virtual Ethernet Module L3 Connectivity Virtual Service Blades vPath: Virtual Service Data-path Virtual Supervisor Module (VSM) VXLAN: Scalable Segmentation Network Analysis Module (NAM) VSG: Virtual Security Gateway Virtual Security Gateway (VSG) vWAAS: Virtual WAAS Data Center Network Manager (DCNM) ASA 1000V: Tenant-edge security vPath VEM-1 VEM-2 VEM-3 VXLAN• Service Binding (Traffic vPath VXLAN vPath VXLAN vPath VXLAN • 16M address space for LAN Steering) segments VMware ESX Win Server 2012 Open Source Hypervisor• Fast-Path Offload • Network Virtualization (Mac- over-UDP) © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3 3
    4. 4. Firewall, Load Balancer, WAN Optimization Appliance/Module Scale Up Context Service VM/Host Virtualize Scale Out Multitenant Flexible Deployment Kernel Acceleration Tenant A VM VM Hypervisor Hypervisor© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
    5. 5. Virtual Service Nodes (VSN) VM VM VM VM VM VM VM VSN VSN VSN VSN Nexus Nexus Nexus 1000V 1000V 1000V VEM vPath VEM vPath VEM vPath• New flow is classified for VSN re-direction• Initial packet(s) re-directed to VSN• VSN installs a flow entry into vPath© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
    6. 6. VM VM VM VM VM VM VM VSN VSN VSN VSN Nexus Nexus Nexus 1000V 1000V 1000V VEM vPath VEM vPath VEM vPath Production VMs Virtual Service Nodes• Service VMs placed with or separated from production VMs• VSN can provide network service to multiple vSphere servers© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
    7. 7. Scalable Acceleration in Virtual Ethernet Module VM VM VM VM VM VM VM VSN VSN VSN VSN Nexus Nexus Nexus 1000V 1000V 1000V VEM vPath VEM vPath VEM vPath Production VMs Virtual Service Nodes• Network service policy for subsequent packets in the flow are enforced in VEM• Reduces traffic steering• VEMs are part of the network service: Scalable Acceleration in hypervisor kernel© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
    8. 8. Nexus 1000V with vPath 2.0 Service Chaining VSG & ASA 1000V VM VM VM VM VM VM VM VM VM (policy evaluation) VM VM VM VM VM VM VM VM 2 5 VSG 2 6 2 4 Nexus 1000V vPath ASA Distributed Virtual Switch 1000V 2 3 Initial Packet 2 2 ASA in line 1 1 Flow© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8 8
    9. 9. Nexus 1000V with vPath 2.0 Service Chaining VSG & ASA 1000V VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VSG Nexus 1000V vPath Distributed Virtual Switch 2 3 ASA Rest of the flow 2 2 ASA in line (policy downloaded) 1 1© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9 9
    10. 10. Shipping Now! Integrated with VMware vCloud Director• Ethernet in IP overlay network • Tunnel between VEMs Entire L2 frame encapsulated in UDP VMs do NOT see VXLAN ID 50 bytes of overhead • IP multicast used for L2• Include 24 bit VXLAN Identifier broadcast/multicast, unknown unicast 16 M logical networks • Technology submitted to IETF for Mapped into local bridge domains standardization With VMware, Citrix, Red Hat and Others• VXLAN can cross Layer 3 Outer Outer Inner InnerMAC Optional Original Outer Outer IP Outer IP Outer VXLAN ID (24 MAC MAC MAC DA SA Inner 802.1Q Ethernet CRC 802.1Q DA SA UDP bits) DA SA Payload VXLAN Encapsulation Original Ethernet Frame© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
    11. 11. Q2CY2012 VXLAN 101 VXLAN 5001 VM VM VM VM Nexus 1000V vPath Distributed Virtual Switch • Deployment- VMs and Virtual Service Nodes, ASA 1000V, VSG, vWAAS etc, on VXLANs • Same VSG can protect VMs on multiple VXLANs with overlapping IP addresses© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11 11
    12. 12. • Nexus 1000V: Powering the • vPath 2.0 Complete Cloud Network with Policy Driven: Configure Once Multi-hypervisor Support Service Chaining: 1 Policy with Multiple Network Scalable network isolation with VXLAN Services Live Migration Aware: Just Works• Cisco full portfolio of virtualized Support VXLAN network services with ASA 1000V, Virtual Security Gateway, vWAAS, NAM http://tinyurl.com/N1k-Resources© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
    13. 13. Thank you.© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13

    ×