Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Nexus 7000 Series Innovations: M3 Module, DCI, Scale

2,108 views

Published on

Nexus 7000 Innovations: Data Center Interconnect, Enhanced Scale, Enhanced Security and Investment Protection
Webinar recording: https://grs.cisco.com/grsx/cust/grsEventQA.html?EventCode=15331&LanguageId=1&KeyCode=001416123

Published in: Technology
  • Be the first to comment

Nexus 7000 Series Innovations: M3 Module, DCI, Scale

  1. 1. Data Center Switching Product Management Team December 2016 Cisco Nexus 7000 Series Switches Designing Data Center Interconnect
  2. 2. Agenda Nexus 7000 Product Update Nexus 7000 DCI Technologies
  3. 3. Switching Infrastructure for Today’s Data Centers Investment Protection Architectural Flexibility Operational Simplicity Open and Programmable Secure, Scalable, and Resilient One Operating System Cisco NX-OS Cisco Nexus 9000 Series Cisco Nexus 7000 Series Cisco Nexus 3000 Series Cisco Nexus 2000 Series Cisco Nexus 5000 Series
  4. 4. Cisco Data Center Fabric Solutions APPLICATION CENTRIC INFRASTRUCTURE PROGRAMMABLE FABRIC  Disaggregated approach based on Open standards  Support 3rd party SDN Controller  SDN across the entire Nexus Product line  Rich inter-domain support  Turnkey integrated solution with security, centralized management, compliance and scale  Automated application centric-policy model with embedded security  Broad and deep ecosystem CONTROLLER OPEN APIs VXLAN with BGP EVPN OPEN APIs
  5. 5. Cisco Nexus 7700 Series Switch Family 26RU 14RU 9RU Cisco Nexus® 7700 10-Slot Cisco Nexus® 7700 18-Slot Cisco Nexus® 7700 6-Slot Environmental EFFICIENCY True front-to-back airflow Smaller FOOTPRINT More compact Fabric BANDWIDTH 1.32 Tbps 100G Density 40G Density 1G / 10G Density 192 384 768 96 192 384 48 96 192 12 24 48 3RU Cisco Nexus® 7700 2-Slot
  6. 6. FabricPath FCoE M1(2008) 80G/slot Cisco Nexus 7000 Series Module Evolution M2(2012) 240G/slot F1(2010) 230G/slot F2(2011) 480G/slot F3(2013) 1.2T/slot M3(2016) 1.2T/slot OTV MPLS LISP EoMPLS/ VPLS Layer 3Layer 2 Sampled NetFlow FEX Large Tables Large Buffers Full NetFlow VXLAN FSA Offload L2-L2 GW 10G FSA 256-bit MACsec 40G / 100G
  7. 7. FabricPath FCoE Cisco Nexus 7000 Series Module Evolution M2(2012) 240G/slot F3(2013) 1.2T/slot M3(2016) 1.2T/slot OTV MPLS LISP EoMPLS/ VPLS Layer 3Layer 2 Sampled NetFlow FEX Large Tables Large Buffers Full NetFlow VXLAN FSA Offload L2-L2 GW 10G FSA 256-bit MACsec 40G / 100G
  8. 8. DC CORE | DC INTERCONNECT 24-Port 40GE 48-Port 1/10GE Enhanced Scale | Enhanced Security | Deployment Flexibility | Investment Protection Cisco Nexus 7000 M3 Series Modules 12-Port 100GE 48-Port 1/10GE 24-Port 40GE
  9. 9. 256-bit AES MACsec#  48 1/10 GE Ports (SFP+)  24 40 GE Ports (QSFP)  12 100 GE Ports (QSFP28) On all ports/speeds Multi-Core Fabric Services Accelerator (FSA) Enhanced Performance for BFD, Netflow, and Other Distributed Fabric Services New Cisco M3 ASIC  VXLAN, OTV, LISP*, MPLS  FabricPath*, Classic L2/L3  Cisco TrustSec – SGT, SXP, SGACLs Larger Tables  2M* FIB Entries  384K* MAC Entries  128K ACL/QOS Entries Advanced Parser  Layer 2 to Layer 2 Gateway*  GTP Hashing Deeper Buffers  31.25MB per 10GE Port  125MB per 40GE Port  350MB per 100GE Port * Hardware Capability. Software support may be available in the future. See NX-OS Software Release Notes. Cisco Nexus 7000 M3 Series Modules # MKA support may be available in a later release. Compatible with Supervisor 2/2E and Fabric 2 Modules | VDC Interoperability with F3 or M2 I/O Modules
  10. 10. QSFP28 Optics for 100G connectivity QSFP Optics for 40G connectivity Approximately 6µsec cross-fabric latency Nexus 7700 M3 12-Port 100G I/O Module
  11. 11. Introducing the M3-Series into New or Existing Chassis M3 and F3 or M2 modules interoperate at the Lowest Common Feature Set (F3 + M3) VDC Full Layer2 and Layer3 Interoperability No L3 Proxy M3 F3 (M3 only) VDC Full Layer2 and Layer3 Interoperability M3 – 48p 10G M3 – 24p 40G
  12. 12. VDC Interface Allocation – M3-Series Modules M3 40G 6-port port-group VDC 1 VDC 2 VDC 3 VDC 4 M3 10G 24-port port-group Port-group size varies depending on I/O module type VDC Allocation on port-group boundaries – Aligns ASIC resources to VDCs M3 100G 2-port port-group
  13. 13. 4x10G Port Breakout Capability Seamless 10G aggregation into dense 40G/100G ports Breakout per port not per line card | No need to reload • Direct-attach active/passive copper breakout cables • Direct-attach active optical breakout cables • Fiber breakout cables (not included with optics transceivers) Nexus 7000 24-Port 40GE M3 Series I/O Module Nexus 7000 12-Port 40GE F3 Series I/O Module Nexus 7700 24-Port 40GE M3 Series I/O Module Nexus 7700 24-Port 40GE F3 Series I/O Module
  14. 14. Nexus 7000 Series – Designed for DC & Campus Core VPC BASED DESIGN  Classic STP Limitation  50% of all Links not utilized  Complex to Harden  No STP Blocked Ports  Full Links Utilization  Faster Convergence  Simple to Configure  Higher Fabric Bandwidth  Consistent Latency Spine Scales to provide fabric bandwidth Leaf Scales to provide access port density Spine Leaf Horizontal Scale Out FABRIC BASED DESIGNSTP BASED DESIGN Workload Mobility | Application Communication | Port Density | Bandwidth
  15. 15. DCNM 10 DCNM 10 is a comprehensive toolbox for automated cloud-scale deployments TOPOLOGY DISPLAYS OVERLAY, UNDERLAY and STORAGE NETWORKS – VXLAN ENABLED OVERVIEW AUTOMATED LAN, SAN, and PROGRAMMABLE FABRIC MANAGER POAP and AUTO-PROVISIONING FUNCTIONS FOR OVERLAY and UNDERLAY NETWORKS MULTI-SITE, MULTI-TENANT, MULTI-FABRIC TURNKEY INFRASTRUCTURE SUPPORTS ALL NEXUS and MDS SWITCHES ENTERPRISE SCALE 500-1000 DEVICES IMAGE, CONFIGURATION, and PATCH MANAGEMENT INTEGRATES WITH VMWARE, OPENSTACK, REST
  16. 16. Data Center Interconnect Technologies
  17. 17. Nexus 7000 Series – Designed for DCI WAN L3 INTERCONNECT: IP VRF-LITE, MPLS, LISP HITLESS ISSU, STATEFUL PROCESS RESTART, GRACEFUL INSERT & REMOVAL L2 INTERCONNECT: FABRICPATH, VPC, OTV, LISP, VPLS, VXLAN SOLUTION BENEFITS LEVERAGE PROVEN & MATURE DCI TECHNOLOGIES AND IMPLEMENTATIONS CONTROLLER VXLAN with BGP EVPN PROGRAMMABLE FABRIC STP [OR] VPC BASED STP, vPC, FabricPath ACI
  18. 18. Challenges in Traditional Layer 2 VPNs Flooding Behavior - Unknown Unicast for MAC propagation - Unicast Flooding reaches all sites Pseudo-wire Maintenance - Full mesh of Pseudo-wire is complex - Head-End replication is a common problem Multi-Homing - Requires additional Protocols & extends STP - Malfunctions impacts multiple sites
  19. 19. EoMPLS VPLS Dark Fiber Data Center Interconnect – Traditional Layer 2 Extensions
  20. 20. EoMPLS VPLS Dark Fiber Data Center Interconnect – Traditional Layer 2 Extensions • vPC or FabricPath • Applies easily for dual site interconnection • Over dark fiber or protected D-WDM • Easy crypto using end-to-end 802.1AE • OTV – Overlay Transport Virtualization • MAC in IP • EoMPLS & VPLS & A-VPLS & H-VPLS • PE style • Multi-tenants • Most deployed today Ethernet MPLS IP
  21. 21. Use Case: MACsec for Secure DCIs Single Access dark Fiber Connectivity Datacenter 1 Datacenter 2 Nexus 7000 Nexus 7000 Dual Access with dark Fiber Connectivity Datacenter 1 Datacenter 2 Nexus 7000 Nexus 7000 Nexus 7000 Nexus 7000 V P C V P C Datacenter 1 Datacenter 2 Nexus 7000 Nexus 7000 Nexus 7000 Nexus 7000 MPLS Core Nexus 7000s as Bulk Encrypters for Self managed MPLS DCI Cores
  22. 22. OTV Enhancements Loopback Address as Join Interface 50% more MAC Addresses per Site 50% more MAC Addresses across all Sites * Hardware Capability. Software support may be available in the future. See NX-OS Software Release Notes.
  23. 23. Interconnecting Fabrics with Nexus 7000 Switches and F3/M3 Series Cards FabricPath VXLAN EVPN Ethernet FabricPath to VLAN Handoff VLAN to VXLAN Handoff Interconnecting fabrics using Nexus 7000 Switches and F3/M3 cards requires two VDCs
  24. 24. Loopback Address as OTV Join Interface - Benefits Enables the use of multiple uplinks & ECMP in the core for better resiliency and traffic depolarization DC EastDC West Core
  25. 25. Challenges in Traditional Layer 2 VPNs Solved by OTV Flooding Behavior - Unknown Unicast for MAC propagation - Unicast Flooding reaches all sites Pseudo-wire Maintenance - Full mesh of Pseudo-wire is complex - Head-End replication is a common problem Multi-Homing - Requires additional Protocols & extends STP - Malfunctions impacts multiple sites ✔ ✔ ✔ Control-Plane Based Learning Dynamic Encapsulation Native Automated Multi-Homing
  26. 26. Yet Another Layer 2 Extension Control- Plane Multi- Homing Loop Prevention Fault Containme nt Transport Agnostic Multicast Optimizatio n Path Diversity Multi-Site Good FabricPath ✖ ✔1 ✔✔ ✖ ✖ ✖ ✔ ✖ VXLAN (Flood&Learn) ✖ ✔1 ✔2 ✖ ✔ ✔ ✔✔ ✖ Better VXLAN BGP EVPN ✔ ✔1 ✔2 ✔✔ ✔✔ ✔ ✔✔ ✖ VPLS ✖ ✔1 ✔✔ ✖ ✖ ✖ ✔ ✔ Best OTV ✔✔ ✔✔ ✔✔ ✔✔ ✔✔ ✔✔ ✔✔ ✔✔ 1) Only with Multi-Chassis Link Aggregation (MC-LAG / VPC) 2) Limited Overlay Loop Prevention
  27. 27. MPLS
  28. 28. F3/M3 With MPLS L3 VPN • Highest density of 40G MPLS • Available on M3 or M3 + F3 VDC • VRF-Lite supported at FCS L2 L3 MPLS PE MPLS P MPLS Core F3/M3 F3/M3
  29. 29. LISP* * M3 Hardware Capability. Software support may be available in the future. See NX-OS Software Release Notes.
  30. 30. WAN/Campus • Similar problem scale to DNS • Leverage demand based protocols • A directory of hosts • Location as well as policy • Location != Routing • Keep routing lean • Move all host state to LISP directory • Minimize state on the routers and switches (cache on demand) Handling host state at large scale with LISP Branch/Cl oset LISP XTR DC 1 DC 2 LISP Host directory
  31. 31. WAN/Campus • The Fabric can be based on any technology: • ACI, EVPN (PF), NSX • LISP routers will take host routes received from the fabric and register them with the LISP directory LISP Host Directory Services for any fabric Branch/Cl oset LISP XTR DC 1 DC 2 Local host routes Local host routes
  32. 32. ACI WAN/DCI Handoff* * M3 Hardware Capability. Software support may be available in the future. See NX-OS Software Release Notes.
  33. 33. Nexus 7000 AUTO-PROVISION OpFlex TENANT SEGMENTATION APIC WAN/DCI OR DC CORE SOLUTION SECURITY POLICY ENFORCEMENT AT ACI LEAF PER-TENANT REACHABILITY WITH MP-BGP GROUP POLICY AUTOMATION WITH OPFLEX BENEFITS MULTI-DC WORKLOAD MOBILITY LEVERAGE PROVEN/MATURE DCI TECHNOLOGIES AND IMPLEMENTATIONS Nexus 7000 Series – ACI WAN/DCI Handoff
  34. 34. DCI Summary * M3 Hardware Capability. Software support may be available in the future. See NX-OS Software Release Notes.
  35. 35. Nexus 7000 Series – Designed for Interconnecting Fabrics WAN L3 INTERCONNECT: IP VRF-LITE, MPLS, LISP HITLESS ISSU, STATEFUL PROCESS RESTART, GRACEFUL INSERT & REMOVAL L2 INTERCONNECT: FABRICPATH, VPC, OTV, LISP, VPLS, VXLAN SOLUTION BENEFITS LEVERAGE PROVEN & MATURE DCI TECHNOLOGIES AND IMPLEMENTATIONS CONTROLLER VXLAN with BGP EVPN PROGRAMMABLE FABRIC STP [OR] VPC BASED STP, vPC, FabricPath ACI

×