Nexus 1000V in Context of SDN. Martin Divis, CSE,

Similar documents
Cisco Virtual Networking Solution Nexus 1000v and Virtual Services. Abhishek Mande Engineer

Cloud Networking (VITMMA02) Network Virtualization: Overlay Networks OpenStack Neutron Networking

Integration of Hypervisors and L4-7 Services into an ACI Fabric. Azeem Suleman, Principal Engineer, Insieme Business Unit

Implementing VXLAN in DataCenter

Virtuální firewall v ukázkách a příkladech

Network Services in Virtualized Data Center

Virtual Security Gateway Overview

Architecting Scalable Clouds using VXLAN and Nexus 1000V

VXLAN Overview: Cisco Nexus 9000 Series Switches

Cisco Virtual Networking Solution for OpenStack

Cisco Nexus 1000V Switch for Microsoft Hyper-V

Implementing VXLAN. Prerequisites for implementing VXLANs. Information about Implementing VXLAN

Virtualization Design

Table of Contents HOL-PRT-1305

Configuring Virtual Networks Using OpenStack

Agile OpenStack Networking with Cisco solutions Rohit Agarwalla, Technical DEVNET-1107

Cisco Virtual Security Gateway Deployment Guide VSG 1.4

Integration of Multi-Hypervisors with Application Centric Infrastructure

Hypervisors networking: best practices for interconnecting with Cisco switches

Hybrid Clouds: Integrating the Enterprise Data Center and the Public Cloud

CS-580K/480K Advanced Topics in Cloud Computing. Network Virtualization

Data Center Configuration. 1. Configuring VXLAN

VXLAN Deployment Use Cases and Best Practices

Layer-4 to Layer-7 Services

Lecture 8 Advanced Networking Virtual LAN. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it

Higher scalability to address more Layer 2 segments: up to 16 million VXLAN segments.

Integration of Hypervisors and L4-7 Services into an ACI Fabric

Enterprise. Nexus 1000V. L2/L3 Fabric WAN/PE. Customer VRF. MPLS Backbone. Service Provider Data Center-1 Customer VRF WAN/PE OTV OTV.

HW virtualizace a podpora hypervizorů různých výrobců

Neutron: peeking behind the curtains

ANALYSIS OF VIRTUAL NETWORKS IN DATA CENTERS.

Integration of Hypervisors & L4-7 Services with ACI

Cisco Nexus 1000V InterCloud

Network Virtualization

Provisioning Overlay Networks

Introduction to Neutron. Network as a Service

Lecture 7 Advanced Networking Virtual LAN. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it

VXLAN VTEP Gateway with Pica8 and VMware NSX

Cisco Virtual Security Gateway (VSG) Mohammad Salaheldin

Brocade and VMware Strategic Partners. Kyle Creason Brocade Systems Engineer

Cisco Nexus 1000V InterCloud based Hybrid Cloud Architectures and Approaches

Provisioning Overlay Networks

Cisco HyperFlex Systems

Quick Start Guide (SDN)

Cisco ACI and Cisco AVS

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Exam Name: VMware Certified Associate Network Virtualization

Cisco VTS. Enabling the Software Defined Data Center. Jim Triestman CSE Datacenter USSP Cisco Virtual Topology System

Deploying Cloud Network Services Prime Network Services Controller (formerly VNMC)

Preparing for Installation

Cloud Networking From Theory to Practice. Ivan Pepelnjak NIL Data Communications

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Cisco Application Centric Infrastructure Roadshow. Wednesday, 2. April 14

Cloud Networking (VITMMA02) Server Virtualization Data Center Gear

Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13

IPv6 Best Operational Practices of Network Functions Virtualization (NFV) With Vmware NSX. Jeremy Duncan Tachyon Dynamics

Managing Demand Spikes in a highly flexible and agile deployment

Cisco ACI Multi-Pod/Multi-Site Deployment Options Max Ardica Principal Engineer BRKACI-2003

BIG-IP TMOS : Tunneling and IPsec. Version 13.0

Virtual Machine Manager Domains

1V0-642.exam.30q.

Architecting an OpenStack Based Cloud with Cisco Infrastructure

Building NFV Solutions with OpenStack and Cisco ACI

VXLAN Technical Brief A standard based Data Center Interconnection solution Dell EMC Networking Data Center Technical Marketing February 2017

Red Hat OpenStack Platform 10 Red Hat OpenDaylight Product Guide

Service Graph Design with Cisco Application Centric Infrastructure

Cisco CCIE Data Center Written Exam v2.0. Version Demo

Quantum, network services for Openstack. Salvatore Orlando Openstack Quantum core developer

IPv6 in Virtualized Data Centers

Cisco ACI Unified Plug-in for OpenStack Architectural Overview

Cisco ACI Virtual Machine Networking

Installing Cisco Nexus 1000V for KVM

Data Centers & Clouds Network Plumbing with Palo Alto

Neutron networking with RHEL OpenStack Platform. Nir Yechiel Senior Technical Product Manager, OpenStack Red Hat

Cisco Nexus 1000V Series Switches

Optimizing your virtual switch for VXLAN. Ron Fuller, VCP-NV, CCIE#5851 (R&S/Storage) Staff Systems Engineer NSBU

Data Center 3.0 Technology Evolution. Session ID 20PT

Session objectives and takeaways

VMware - NSX-vSphere. Dashboards. NSX-vSphere - Overview. Version:

Huawei CloudEngine Series. VXLAN Technology White Paper. Issue 06 Date HUAWEI TECHNOLOGIES CO., LTD.

OpenStack and OVN What s New with OVS 2.7 OpenStack Summit -- Boston 2017

The 2013 Guide to Network Virtualization and SDN

Virtualized Access Layer. Petr Grygárek

Cisco CSR 1000V VxLAN Support 2

VMware vsphere 5.5 VXLAN Networking and Emulex OneConnect OCe14000 Ethernet Adapters

Integrating Juniper Networks QFX5100 Switches and Junos Space into VMware NSX Environments

NSX Administration Guide. Update 3 Modified on 20 NOV 2017 VMware NSX for vsphere 6.2

Installing and Configuring VXLAN Gateway

Ethernet Fabrics- the logical step to Software Defined Networking (SDN) Frank Koelmel, Brocade

Cross-vCenter NSX Installation Guide. Update 3 Modified on 20 NOV 2017 VMware NSX for vsphere 6.2

Cisco Nexus 1000V for VMware vsphere VDP Configuration Guide, Release 5.x

Huawei CloudFabric and VMware Collaboration Innovation Solution in Data Centers

Cisco Nexus 1000V for KVM Interface Configuration Guide, Release 5.x

Openstack Networking Design

Cisco Nexus 1000V for Microsoft Hyper-V: Expanding the Virtual Edge

Send document comments to Information About Layer 2 Ethernet Switching

Network Configuration Example

Cisco ACI Virtual Machine Networking

Cisco ACI Virtual Machine Networking

White Paper. Huawei Campus Switches VXLAN Technology. White Paper

Transcription:

Nexus 1000V in Context of SDN Martin Divis, CSE, mdivis@cisco.com

Why Cisco Nexus 1000V Losing the Edge Server Admin Host Host Host Host Server Admin manages virtual switching! vswitch vswitch vswitch vswitch Unsupervised VM to VM communication VMs on the wrong VLANs No Network visibility or control No policy and vlan control The rest of the network Network Admin

Why Cisco Nexus 1000V Finding it back! Server Admin Host Host Host Host Server Admin freed from managing network Nexus 1000V Distributed virtual switch Virtual switching managed by Network Admin Full network policy control, visibility Network Admin

Cisco Nexus 1000V Overview Network Admin Modular Switch Virtual Appliance VSM1 VSM2 Back Plane Supervisor-1 Supervisor-2 Linecard-1 Linecard-2 Linecard-N VEM-1 VEM-2 VEM-N VSM: Virtual Supervisor Module VEM: Virtual Ethernet Module Server Admin Hypervisor Hypervisor Hypervisor

Why Not Configure Virtual Ports? Too many ports, and they move too fast Network admin needs sanity Server admin needs freedom To deploy and move virtual machines To deploy and move physical hosts switch # int gi1/0/35 switchport switch # int mode gi1/0/47 access switchport # int mode gi1/0/21 access switchport access # int mode gi1/0/17 vlan access 23 access vlan 23 etc switchport mode access switchport access vlan 23 etc switchport access vlan 23 etc etc Source: http://images.webmagic.com/klov.com/screens/s/wspace_invaders.png 6

Cisco Nexus 1000V Architecture Virtual Appliance ASA 1000V N1KV VSM Cisco VSG Cisco vwaas CSR1000V Citrix VPX* Imperva WAF* Virtual Service Data Path (vpath) Embedding intelligence for virtual services Ethernet/IP Network Fabric Virtual Extensible LAN (VXLAN) Scaling LAN segments DC-wide VM Mobility Service chaining (traffic steering) Fast-path offload VXLAN aware Nexus 1000V vpath Hypervisor ESX, Hyper-V VXLAN Nexus 1000V vpath Hypervisor KVM, Xen VXLAN LAN segment across Layer 3 Works with existing network infrastructure 16 million segments * To be released in CY13

vpath Service Chaining Nexus 1000V vpath 3 2 1 Service Path defines the service chain an ordered list of service profiles (e.g. security profile, edge profile, slb profile etc.) Traffic Selector rules are used to configure Service Table in vpath An endpoint VM is associated with Service Path via Port-Profile Binding

VxLAN Deep Dive Overlays Why Overlays? Robust Underlay/Fabric High Capacity Resilient Fabric Intelligent Packet Handling Programmable & Manageable Flexible Overlay Virtual Network Mobility Track end-point attach at edges Scale Reduce core state Distribute and partition state to network edge Flexibility/Programmability Reduced number of touch points

VxLAN Deep Dive Overview Virtual extensible LAN (VXLAN) Virtual extensible LAN (VXLAN) is a Layer 2 overlay scheme over a Layer 3 network. A 24-bit VXLAN Segment ID or VXLAN Network Identifier (VNI) is included in the encapsulation to provide up to 16M VXLAN segments for traffic isolation/ segmentation, in contrast to the 4K segments achievable with VLANs. Each of these segments represents a unique Layer 2 broadcast domain, and can be administered in such a way that it can uniquely identify a given tenant s address space or subnet Ethernet Header Payload FCS Outer Ethernet Outer IP Outer UDP VXLAN Inner Ethernet Payload New FCS 8 Bytes Flags Reserved Segment ID Reserved 1 Byte Rsvd 1 Rsvd Outer UDP Destination Port = VXLAN (originally 8472, recently updated to 4789) Outer UDP Source Port = Hash of Inner Frame Headers (optional)

VxLAN Deep Dive Overview VTEP Handling of Multi-Destination Traffic Since a control/signaling protocol has not been defined, emulation of Multi- Destination traffic (Broadcast, Multicast, Unknown Unicast) is handled through the VXLAN IP underlay through the use of segment control multicast groups VTEP implemented in software or hardware. Required for VxLAN gateway. VTEP 3 IP-3 End System VTEP-3 End System Note: VxLAN 1.1 added control/signaling mechanism via centralized agent, in case of Nexus1000V, it is VSM End System A MAC-A IP-A VTEP-1 VTEP 1 IP-1 Mcast Group IP Network VTEP-2 VTEP 2 IP-2 End System B MAC-B IP-B

VxLAN implementations today Nexus 1000V (L2) network virtualization in server virtualization context vcenter, Hyper-V, KVM, OpenStack Nexus 3100 (L2), 5600 (L2, L3), 9000 (L2, L3) - gateway Cisco ASR 1000(L2, L3), 9000 (L2, L3) - gateway VMware vshield & DVS (L2) VMware NSX (L2, L3) alternatively can use STT can use limited number of switch models for HW gateway (L2) Many other chipset & HW vendors (L2) 12

REST API Open RPC API Extensible to support REST HTTP GET http://192.168.133.131/api/vlan { } "1": { "url": "/api/vlan/1", "properties": { "id": 1, "state": "active", "name": "default", "shutdown": false } }, "5": { "url": "/api/vlan/5", "properties": { "id": 5, "state": "active", "name": "dbs", "shutdown": false } } HTTP Programmability

Nexus 1000v REST API Services VLAN, VXLAN Port-Profiles Virtual Service Nodes, vpath Span Ports User access Hypervisor dependent operations, mostly read only License Connectivity vnic, uplinks, port-profiles Inventory 14

Warning, warning, warning Nexus 1000v available for: vsphere Hyper-V KVM And while features and CLI is almost the same for all platforms......rest API is totaly different 15

OpenStack Neutron Architecture Core API Network Port Subnet Resource and Attribute Extension API ProviderNetwork PortBinding Router Quotas SecurityGroups AgentScheduler LBaaS FWaaS VPNaaS. Type Drivers VLAN GRE VXLAN ML2 Neutron Core plugins Cisco Nexus OVS Cisco (Nexus, N1Kv) REST API Neutron Server More vendor plugins Mechanism Drivers OVS OpenDayLight Southbound interfaces APIC More vendor drivers Neutron Service plugins Load Balancer HA Proxy Firewall IPTables VPN OpenSwan Message Queue L3 Services Futures DHCP Agent L3 Agent IPTables on Network Node L2 Agent OVS on Compute Node Core + Extension REST API s Message Queue for communicating with Neutron Agents Core and Service Plugins Different vendor core plugins Different network technology support ML2 plugin with Type and Mechanism Drivers Service plugins with backend drivers 16

Neutron Cisco Nexus1000v Plugin (KVM) Neutron N1Kv specific API extensions usage Neutron Server Neutron Core plugin (Cisco) Cisco N1Kv Plugin REST API N1Kv VSM Network Profile:Network Segment Pool Policy Profile:Port Profile, Nova VM VM VMs on Compute Node N1Kv VEM Compute Nodes neutron network- profile- create PROFILE_NAME vlan - - segment_range 400-499 Network Profile (admin) neutron net- create NETWORK_NAME - - n1kv:profile_id PROFILE_ID neutron policy- profile- list Network Profiles VLAN, VXLAN (multicast/unicast), Trunk Policy Profiles ACLs, QoS VXLAN Gateway Service VM Policy Profile defined in VSM (periodic neutron port- create NETWORK_NAME - - polling) n1kv:profile_id PROFILE_ID Policy Benefits: Profile 17

Prosíme, ohodnoťte tuto přednášku Děkujeme

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback