Cisco Virtual Networking Solution for OpenStack

Similar documents
Cisco Nexus 1000V Series Switches

Cisco Nexus 1000V Series Switches

Cisco Nexus 1000V Switch for Microsoft Hyper-V

Virtual Security Gateway Overview

VXLAN Overview: Cisco Nexus 9000 Series Switches

Cisco Nexus 1000V InterCloud

Cisco Data Center Network Manager 5.1

GS-2610G L2+ Managed GbE Switch

Cisco HyperFlex Systems

Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13

FGS-2616X L2+ Managed GbE Fiber Switches

PSGS-2610F L2+ Managed GbE PoE Switch

ASIT-33018PFM. 18-Port Full Gigabit Managed PoE Switch (ASIT-33018PFM) 18-Port Full Gigabit Managed PoE Switch.

24-Port: 20 x (100/1000M) SFP + 4 x Combo (10/100/1000T or 100/1000M SFP)

CCIE Data Center Written Exam ( ) version 1.0

Gigabit Managed Ethernet Switch

26-Port Full Gigabit Managed PoE Switch

Nexus 1000V in Context of SDN. Martin Divis, CSE,

Cisco Nexus 1000V for KVM Security Configuration Guide, Release 5.x

Configuring sflow. Information About sflow. sflow Agent. This chapter contains the following sections:

Gigabit Managed Ethernet Switch

Gigabit Managed Ethernet Switch

Cisco Nexus 1000V for KVM Interface Configuration Guide, Release 5.x

GS-1626G Web Smart+ GbE Switch

Cisco Nexus 4001I and 4005I Switch Module for IBM BladeCenter NX-OS Release Notes, Release 4.1(2)E1(1f)

SOLO NETWORK (11) (21) (31) (41) (48) (51) (61)

14-port Gigabit Managed Industrial POE Switch

Hypervisors networking: best practices for interconnecting with Cisco switches

Product features. Applications

CISCO CATALYST 4500-X SERIES FIXED 10 GIGABIT ETHERNET AGGREGATION SWITCH DATA SHEET

Cisco Prime Central for HCS Assurance

Release Notes for Cisco Application Policy Infrastructure Controller Enterprise Module, Release x

Cisco SRW Port Gigabit Switch: WebView Cisco Small Business Managed Switches

Cisco Virtual Security Gateway Deployment Guide VSG 1.4

Cisco SRW208 8-Port 10/100 Ethernet Switch: WebView Cisco Small Business Managed Switches

Exam Name: VMware Certified Associate Network Virtualization

SAE-PE QSFP-NMS

Cisco Nexus 1000V for VMware vsphere VDP Configuration Guide, Release 5.x

Configuring StackWise Virtual

Virtuální firewall v ukázkách a příkladech

Cisco SGE Port Gigabit Switch Cisco Small Business Managed Switches

Build Cloud like Rackspace with OpenStack Ansible

Cisco RF Gateway 10 Supervisor Engine V-10GE

Vendor: Cisco. Exam Code: Exam Name: Designing Cisco Data Center Unified Fabric (DCUFD) Version: Demo

SOLO NETWORK (11) (21) (31) (41) (48) (51) (61)

SOLO NETWORK (11) (21) (31) (41) (48) (51) (61)

28-Port L2 Managed Gigabit Switch, 4 x SFP

Configuring Control Plane Policing

Cisco ISR G2 Management Overview

Cisco Nexus Data Broker

Configuring Port Channels

Migrate from Cisco Catalyst 6500 Series Switches to Cisco Nexus 9000 Series Switches

Cisco Small Business Managed Switches

SOLO NETWORK (11) (21) (31) (41) (48) (51) (61)

Network Virtualization

Cisco Nexus Data Broker for Network Traffic Monitoring and Visibility

Cisco ACI with Cisco AVS

OP-MEN 99216B 2 Port (1G/10G) + 12 Port GbE (100M/1G) SFP + 2 RJ45 (100M/1G) Combo L2 Managed Switch

Cisco Nexus 1000V Installation and Upgrade Guide, Release 5.2(1)SV3(1.4)

ANALYSIS OF VIRTUAL NETWORKS IN DATA CENTERS.

1 Mojo S-2000 Series Managed PoE Switches

Cisco Integrated Services Virtual Router

RC-ACS-2428B. Overview. Features & Benefits. Gigabit L2+ OAM Managed Fiber Switch with.

SOLO NETWORK (11) (21) (31) (41) (48) (51) (61)

TestOut Routing and Switching Pro - English 6.0.x COURSE OUTLINE. Modified

Cisco SGE Port Gigabit Switch Cisco Small Business Managed Switches

SOLO NETWORK (11) (21) (31) (41) (48) (51) (61)

Cisco Catalyst Switch Module 3110 for IBM BladeCenter

Configuring WCCPv2. Information About WCCPv2. Send document comments to CHAPTER

Symbols INDEX > 12-14

Cisco ACI and Cisco AVS

Exam Questions

Managed Gigabit PoE Switch PS2460GM

Cisco IOS Embedded Event Manager

Cisco Nexus 7000 Switches Supervisor Module

Architecting Scalable Clouds using VXLAN and Nexus 1000V

WINNER 2007 WINNER 2008 WINNER 2009 WINNER 2010

PSGS-1526F. Web Smart+ Managed GbE PoE+ Switch

CL-SW10G Port GbE (100M/1G)SFP + 4 TP/(100/1G) SFP Combo + 4-Port 1G/10G SFP+ L2 Plus Carrier Ethernet Switch

Data Center Configuration. 1. Configuring VXLAN

TECH. MGS2924G: 16-Port SFP + 8-Port Combo GbE L2 Plus Managed Switch

Cisco Nexus 1100 Series Virtual Services Appliances

Table of Contents HOL-PRT-1305

Installing the Cisco Nexus 1000V Software Using ISO or OVA Files

Configuring NetFlow. About NetFlow. This chapter describes how to configure the NetFlow feature on Cisco NX-OS devices.

Cisco SFE Port 10/100 Ethernet Switch Cisco Small Business Managed Switches

Information about Network Security with ACLs

Configuring Private VLANs

Network-Level High Availability

Cisco Wireless LAN Controller Module

Configuring NetFlow. Information About NetFlow. What is a Flow. This chapter contains the following sections:

Cisco Wide Area Application Services: Secure, Scalable, and Simple Central Management

Configuring Virtual Port Channels

LiveNX 7.4 QUICK START GUIDE (QSG) LiveAction, Inc WEST BAYSHORE ROAD PALO ALTO, CA LIVEACTION, INC.

Cisco Certified Network Associate ( )

Cisco SGE Port Gigabit Switch Cisco Small Business Managed Switches

Chapter 6 Global CONFIG Commands

CISCO EXAM QUESTIONS & ANSWERS

VSC6812SDK and VSC6813SDK

GBE MANAGED SWITCHES

Transcription:

Data Sheet Cisco Virtual Networking Solution for OpenStack Product Overview Extend enterprise-class networking features to OpenStack cloud environments. A reliable virtual network infrastructure that provides a scalable, secure environment is critical when you are building your OpenStack cloud. A solution that is easy to deploy, operate, and maintain is also very important for any successful OpenStack project. The Cisco Virtual Networking Solution for OpenStack addresses these challenges by bringing an enterprise-class Cisco NX-OS Software architecture to the OpenStack environment. It offers: Reduced operational risk through a reliable virtual networking infrastructure Simplified operational model through tight integration with OpenStack services Operational flexibility with a scalable switching and extensible services architecture It brings the same robust architecture associated with traditional Cisco physical modular switches and with other virtualization environments (for example, VMware vsphere and Microsoft Hyper-V) to OpenStack deployments. The solution has the following main components (Figure 1): The Cisco Nexus 1000V Virtual Ethernet Module (VEM) is a software component that is deployed on each Kernel-based Virtual Machine (KVM) host. Each virtual machine on the host is connected to the VEM through virtual Ethernet (veth) ports. The Cisco Nexus 1000V Virtual Supervisor Module (VSM) is the management component that controls multiple VEMs and helps in the definition of virtual machine-focused network policies. It is deployed either as a virtual appliance on any KVM host or on the Cisco Cloud Services Platform appliance. The Cisco Virtual Extensible LAN (VXLAN) Gateway is a gateway appliance to facilitate communication between a virtual machine located on a VXLAN with other entities (bare-metal servers, physical firewalls etc.) that are connected to traditional VLANs. It can be deployed as a virtual appliance on any KVM host. The OpenStack Neutron plug-in is used for communication between the VSM and OpenStack Neutron service and is deployed as part of the OpenStack Neutron service. The OpenStack Horizon Router tab is used for operational simplicity and is deployed as part of the OpenStack Horizon service. 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 10

Figure 1. Cisco Virtual Networking Solution for OpenStack Each of these components is tightly integrated with the OpenStack environment: The VEM is a hypervisor-resident component and is tightly integrated with the KVM architecture. The VSM is integrated with OpenStack using the OpenStack Neutron plug-in. The OpenStack Neutron API has been extended to include two additional user-defined resources: Network profiles are logical groupings of network segments. Policy profiles group port policy information, including security, monitoring, and quality-of-service (QoS) policies. Figure 2 shows the operational workflow in an OpenStack environment: 1. Proactively define the policy profiles on the VSM using the Cisco NX-OS command-line interface (CLI) or the Representational State Transfer (REST) API.The policies defined on the VSM are automatically propagated to the OpenStack Neutron service. 2. Proactively define the network profiles using the OpenStack Neutron CLI or API. 3. When a virtual machine is created, assign the right network and policy profiles according to the requirements. 4. The VSM propagates the right policy information to the VEM that hosts the virtual machine. Any virtual machine live-migration event triggers an update of the policy information on the target VEM. 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 2 of 10

Figure 2. Cisco Virtual Networking Solution for OpenStack Operational Workflow Benefits The Cisco Virtual Networking Solution for OpenStack offers the following benefits to customers: Reduced operational risk through: Reliable, advanced Cisco NX-OS feature set Well-tested, well-deployed architecture across a variety of hypervisors and use cases Cisco service and support Simplified operational model through: Tight integration with OpenStack Tighter integration with the OpenStack deployment tools (for example, Juju Charms) Capability to use existing tools to manage both physical and virtual networks Operational flexibility through: Scalable switching architecture with support for VXLAN Extensible services architecture through Cisco vpath Strong management partner ecosystem Main Features Table 1 summarizes the features offered by the Cisco Virtual Networking Solution for OpenStack. Table 1. Feature Switching Security VXLAN Provisioning Main Features Description Layer 2 switching, IEEE 802.1Q VLAN tagging, Link Aggregation Control Protocol (LACP), PortChannel, virtual PortChannel (vpc) host mode, Internet Group Management Protocol (IGMP) Versions 1, 2, and 3 (v1, v2, and v3) snooping, and jumbo-frame support Access control lists (ACLs; Layers 2 through 4 with redirect), port ACLs (PACLs), named ACLs, ACL statistics, RADIUS, and TACACS+ Unicast and multicast modes, port statistics, ACLs, Cisco NetFlow, and VXLAN-to-VLAN gateway Integration with OpenStack Neutron APIs and OpenStack Horizon dashboard, virtual machine policy provisioning through port profiles, and capability to create service-level agreement (SLA)-based network profiles 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 3 of 10

Feature Visibility Manageability Description Cisco NetFlow, port statistics, and virtual machine-level interface statistics Cisco NX-OS CLI, Simple Network Management Protocol (SNMP) (v1, v2, and v3), Cisco Discovery Protocol, syslog, Network Time Protocol (NTP), Cisco In Service Software Upgrade (ISSU), Secure Shell SSH v2, Telnet, REST APIs, and centralized management through VSM High Availability The Cisco Virtual Networking Solution for OpenStack is designed to be resilient with high availability built into the system at multiple levels: Cisco NX-OS Software, the OS run by the VSM, is specifically designed for high availability at the network, system, and process levels. Critical processes run independently for ease of isolation, fault containment, and upgrades. Processes can restart independently in milliseconds without losing state information, affecting data forwarding, or affecting adjacent devices or services. VSMs are typically deployed in active-standby pairs for high availability. The state and configuration remain constantly synchronized between the two VSMs to provide stateful switchover if the active VSM fails. VSM and VEM communication is built for reliability. In the event of loss of communication with the VSM, the VEMs can use nonstop forwarding (NSF) to continue to switch traffic according to the last-known configuration. Enhanced Manageability with Cisco NX-OS The Cisco Virtual Networking Solution for OpenStack provides advanced Cisco NX-OS features, including: Enhanced visibility of virtual machine traffic through features such as Cisco NetFlow and packet statistics Simplified virtual networking operations through a strong partner ecosystem and management features including SNMP, NETCONF, and syslog Advanced switching and security through features such as VXLANs and ACLs Because this solution uses the same northbound interfaces as the Cisco Nexus physical switches, your existing network monitoring and management tools can be used across physical and virtual environments. The solution also provides a strong set of REST APIs that can be used to automate your operations. Scalable Networking with Support for VXLAN VXLAN is a network virtualization technology that addresses the scalability requirements associated with large cloud deployments, for which the traditional network isolation mechanisms like VLANs may not work. VXLAN meets these challenges with a MAC in User Datagram Protocol (MAC-in-UDP) encapsulation technique and a 24- bit segment identifier in the form of a VXLAN ID. This larger VXLAN ID allows the infrastructure to scale up to 16 million logical networks. In addition, the UDP encapsulation allows each LAN segment to be extended across an IP network. 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 4 of 10

The standard VXLAN technology uses IP multicast to send broadcast, multicast, and unknown unicast flood frames. This approach may not work in some customer environments that don t want to deploy IP multicast. The Cisco Virtual Networking Solution for OpenStack supports the standard VXLAN technology as well as an enhanced VXLAN mode that doesn t require IP multicast. Product Specifications Maximum Supported Configurations 128 hosts per VSM 8000 veth ports per virtual switch (vswitch), with 300 veth ports per physical host 4000 active VLANs 4000 active VXLANs 4000 port profiles 2000 network profiles 32 physical network interface cards (NICs) per physical host 1000 PortChannels per vswitch, with 4 PortChannels per physical host Layer 2 Features Layer 2 switch ports and VLAN trunks IEEE 802.1q VLAN encapsulation LACP: IEEE 802.3ad Advanced PortChannel hashing based on Layer 2, 3, and 4 information Source MAC address (default) Virtual port ID Destination IP address and Layer 4 port Destination IP address, Layer 4 port, and VLAN Destination IP address and VLAN Destination MAC address Destination Layer 4 port Source and destination IP addresses and Layer 4 port Source and destination IP addresses, Layer 4 port, and VLAN Source and destination IP addresses and VLAN Source and destination MAC addresses Source and destination Layer 4 ports Source IP address and Layer 4 port Source IP address, Layer 4 port, and VLAN Source IP address and VLAN Source MAC address Source Layer 4 port 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 5 of 10

VLAN only vpc host mode (static, MAC address pinning, MAC address pinning relative, manual, and subgroup Cisco Discovery Protocol) IGMP v1, v2, and v3 snooping Jumbo-frame support: up to 9216 bytes Security Ingress and egress ACLs on Ethernet and veth ports Standard and extended Layer 2 ACLs: MAC address and IPv4 Source MAC address Destination MAC address EtherType VLAN Standard and extended Layer 3 and 4 ACLs: Source IP Destination IP Differentiated Services Code Point (DSCP) Precedence Protocol (TCP, UDP, Internet Control Message Protocol [ICMP], and IGMP) Source port Destination port TCP flags ICMP and IGMP types ICMP code PACLs Named ACLs ACL statistics VXLAN Scalable network isolation Port statistics ACL Cisco NetFlow Multicast mode Unicast flooding and learn mode Multicast traffic 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 6 of 10

Management Management through Cisco NX-OS CLI, OpenStack Horizon dashboard, and other configuration management tools Layer 3 connectivity between VSM and VEM; recommended through the management interface of the VSM Cisco NX-OS CLI console ISSU Cisco Discovery Protocol v1 and v2 SNMP (read) v1, v2, and v3 SNMP ACL Enhanced SNMP MIB support SSH v2 Telnet Authentication, authorization, and accounting (AAA) TACACS+ RADIUS Syslog Ingress and egress packet counters per interface NTP RFC 1305 REST APIs (create, read, update, and delete) SNMP MIBs Generic MIBs CISCO-TC SNMPv2-MIB SNMP-COMMUNITY-MIB SNMP-FRAMEWORK-MIB SNMP-NOTIFICATION-MIB SNMP-TARGET-MIB Configuration MIBs ENTITY-MIB IF-MIB CISCO-ENTITY-EXT-MIB CISCO-ENTITY-FRU-CONTROL-MIB CISCO-FLASH-MIB CISCO-IMAGE-MIB CISCO-CONFIG-COPY-MIB CISCO-ENTITY-VENDORTYPE-OID-MIB 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 7 of 10

ETHERLIKE-MIB CISCO-LAG-MIB MIB-II Monitoring MIBs NOTIFICATION-LOG-MIB CISCO-PROCESS-MIB CISCO-VIRTUAL-NIC-MIB Security MIBs CISCO-AAA-SERVER-MIB CISCO-COMMON-MGMT-MIB Miscellaneous MIBs CISCO-CDP-MIB CISCO-LICENSE-MGR-MIB CISCO-ENTITY-ASSET-MIB Supported Standards Table 2 presents IEEE compliance information, and Table 3 presents RFC compliance information. Table 2. IEEE Compliance Standard IEEE 802.1q IEEE 802.3 IEEE 802.3ad Description VLAN tagging Ethernet LACP Table 3. RFC Compliance Standard IP Services RFC 768 RFC 791 RFC 792 RFC 793 RFC 826 RFC 854 RFC 894 RFC 1305 RFC 1492 RFC 1591 RFC 2068 RFC 2138 RFC 2139 Description UDP IP Internet Control Message Protocol (ICMP) TCP Address Resolution Protocol (ARP) Telnet IP over Ethernet NTP v3 TACACS+ Domain Name System (DNS) client HTTP server RADIUS authentication RADIUS accounting 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 8 of 10

Standard IP Multicast RFC 1112 RFC 2236 RFC 3376 Description IGMP v1 snooping IGMP v2 snooping IGMP v3 snooping System Requirements Ubuntu 14.04 Long-Term Support (LTS) Cisco Nexus 1000V VSM VSM can be deployed as a virtual machine on Ubuntu 14.04 Hard disk: 3 GB RAM: 4 GB 2 virtual CPUs at 1.5 GHz Cisco Nexus 1000V VEM Hard disk space: 6.5 MB RAM: 150 MB Cisco VXLAN Gateway Hard disk: 10 GB RAM: 2 GB Compatible with any upstream physical switches, including all Cisco Nexus and Cisco Catalyst switches and Ethernet switches from other vendors Essential and Advanced Editions The Cisco Virtual Networking Solution for OpenStack is offered in two editions: Essential Edition: Provides all the basic Layer 2 networking features and is available at no cost for up to 20 physical hosts Advanced Edition: Includes the Cisco VXLAN Gateway in addition to the base functions of the Essential Edition Table 4 summarizes the differences in the features of the Essential and Advanced Editions. Table 4. Feature Comparison Feature Description Essential (Free) Advanced Number of CPUs Limited to 20 hosts Unlimited Switching: VLANs, ACLs, LACP, and multicast Yes Yes Monitoring: Cisco NetFlow Yes Yes Management: SNMP and NETCONF Yes Yes Cisco VXLAN Gateway Yes 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 9 of 10

Licensing Information The Cisco Nexus 1000V Switch is licensed based on the number of physical CPUs on the server on which the VEM is running. And these licenses support multiple hypervisors in that the same license can be used under different hypervisors. Please contact your local Cisco representative for any additional information.. Cisco Services Cisco Software Application Support plus Upgrades (SASU) is a comprehensive support service that helps you maintain and enhance the availability, security, and performance of your business-critical applications. Cisco SASU includes the following resources: Software updates and upgrades: The Cisco SASU service provides timely, uninterrupted access to software updates and upgrades to help you keep existing systems stable and network release levels current. Update releases, including major upgrade releases that may include significant architectural changes and new capabilities for your licensed feature set, are available by software download from Cisco.com or by CD- ROM shipment. Cisco Technical Assistance Center (TAC): Cisco TAC engineers provide accurate, rapid diagnosis and resolution of software application problems to help you reduce outages and performance degradation. These specialized software application experts are trained to support the Cisco Nexus 1000V Switch. Their expertise is available to you 24 hours a day, 365 days a year, by telephone, fax, email, or the Internet. Online support: Cisco SASU provides access to a wide range of online tools and communities to help you resolve problems quickly, support business continuity, and improve competitiveness. For More Information For more information about the Cisco Virtual Networking portfolio, visit http://www.cisco.com/go/1000v. For more information about the Cisco Nexus 1000V Switch for KVM, visit http://www.cisco.com/c/en/us/products/switches/nexus-1000v-kvm/index.html. For more information about Cisco Nexus 1100 Series Cloud Services Platforms, visit http://www.cisco.com/go/1100. For more information about the Cisco Nexus 1000V community, visit http://communities.cisco.com/community/technology/datacenter/nexus1000v. For more information about Cisco NX-OS Software, visit http://www.cisco.com/go/nxos. Printed in USA C78-730833-03 08/14 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 10 of 10

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback