Cisco Blogs
Share

ITD: Load Balancing, Traffic Steering & Clustering using Nexus 5k/6k/7k

- September 16, 2014 - 4 Comments

best

Data traffic has grown dramatically in the recent years, leading to increased deployment of network service appliances and servers in enterprise, data center, and cloud environments. To address the corresponding business needs, network switch and router architecture has evolved to support multi-terabit capacity. However, service appliance and server capacity remained limited to a few gigabits, far below switch capacity.

Cisco Intelligent Traffic Director (ITD) is an innovative solution to bridge the performance gap between a multi-terabit switch and gigabit servers and appliances. It is an hardware based multi-terabit layer 4 load-balancing, traffic steering and clustering solution on the Nexus 7000 and 7700 series of switches.

It allows customers to deploy servers and appliances from any vendor with no network or topology changes. With a few simple configuration steps on a Cisco Nexus 7000/7700 series switch, customers can create an appliance or server cluster and deploy multiple devices to scale service capacity with ease. The servers or appliances do not have to be directly connected to the Cisco Nexus switch.

ITD (Intelligent Traffic Director) is a hardware based multi-Tbps Layer 4 load-balancing, traffic steering and clustering solution on Nexus 5k/6k/7k series of switches. It supports IP-stickiness, resiliency, NAT (EFT), VIP, health monitoring, sophisticated failure handling policies, N+M redundancy, IPv4, IPv6, VRF, weighted load-balancing, bi-directional flow-coherency, and IPSLA probes including DNS. There is no service module or external appliance needed. ITD provides order of magnitude CAPEX and OPEX savings for the customers. ITD is available on Nexus 7000/7700 series in NX-OS 6.2(8) or later. It is available for demo/EFT on Nexus 5k/6k. ITD is much superior than legacy solutions like PBR, WCCP, ECMP, port-channel, layer-4 load-balancer appliances.

ITD provides :

  1. ASIC based multi-terabit/s L3/L4 load-balancing at line-rate
  2. No service module or external L3/L4 load-balancer needed. Every N7k port can be used as load-balancer.
  3. Redirect line-rate traffic to any devices, for example web cache engines, Web Accelerator Engines (WAE), video-caches, etc.
  4. Capability to create clusters of devices, for example, Firewalls, Intrusion Prevention System (IPS), or Web Application Firewall (WAF), Hadoop cluster
  5. IP-stickiness
  6. Resilient (like resilient ECMP)
  7. VIP based L4 load-balancing
  8. NAT (available for EFT/PoC). Allows non-DSR deployments.
  9. Weighted load-balancing
  10. Load-balances to large number of devices/servers
  11. ACL along with redirection and load balancing simultaneously.
  12. Bi-directional flow-coherency. Traffic from A–>B and B–>A goes to same node.
  13. Order of magnitude OPEX savings : reduction in configuration, and ease of deployment
  14. Order of magnitude CAPEX savings : Wiring, Power, Rackspace and Cost savings
  15. The servers/appliances don’t have to be directly connected to N7k
  16. Monitoring the health of servers/appliances.
  17. N + M redundancy.
  18. Automatic failure handling of servers/appliances.
  19. VRF support, vPC support, VDC support
  20. Supported on both Nexus 7000 and Nexus 7700 series.
  21. Supports both IPv4 and IPv6
  22. N5k / N6k support : coming soon

For example,

  • Load-balance traffic to 256 servers of 10Gbps each.
  • Load-balance to cluster of Firewalls. ITD is much superior than PBR.
  • Scale up NG IPS and WAF by load-balancing to standalone devices.
  • Scale the WAAS / WAE solution.
  • Scale the VDS-TC (video-caching) solution.
  • Replace ECMP/Port-channel to avoid re-hashing. ITD is resilient.

ITD is already shipping in Nexus 7000 releases from 6.2(8) and scheduled to be release with more enhancements in 6.2(10). Please send us an email if you would like an EFT/PoC/demo on Nexus 5k/6k. It requires the ENHANCED LAYER2 PKG license.

Documentation:

Email Query or feedback:ask-itd@external.cisco.com

Please note that ITD is not a replacement for Layer-7 load-balancer (URL, cookies, SSL, etc). Please email: ask-itd@external.cisco.com for further questions.

Tags:

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.

4 Comments

  1. There is any LIC. Required to enable this technology.

    • The license required for this is ENHANCED LAYER2 PKG license.

  2. Hi Puneet Thanks for sharing nice blog on Intelligent Traffic Director. The configuration example focus on applying ITD on physical interface (here e3/1). N7k(config)# itd WebTraffic N7k(config-itd)# ingress interface e3/1 N7k(config-itd)# device-group FW-INSPECT N7k(config-itd)# no shut Is there any option on applying the ITD service on the SVI. like N7k(config-itd)# ingress interface v1102 Your answer will be quite helpful. Thanks !

    • Hi Umair, Thanks for your question. ITD can be applied to any L3 logical interface, whether it is SVI, port channel, sub interface etc. If your SVI is already configured then you should be able to. switch(config)# itd service switch(config-itd)# ingress interface ? ethernet Ethernet IEEE 802.3z port-channel Port Channel interface vlan Vlan interface ->>>>> SVI Supports If you need any demo of POC then let us know. You can email us on ask-itd@external.cisco.com.

Share