We are excited to announce the availability of Cisco Nexus Data Broker software release 2.0. Using the Cisco Nexus Data Broker software, Cisco’s approach replaces the traditional purpose-built matrix switches used for network taps or SPAN aggregation with one or more OpenFlow-enabled Cisco Nexus switches.
Visibility into application traffic has traditionally been important for infrastructure operations to maintain security, resolve problems, and perform resource planning. Now, however, as a result of technological advances and the ubiquity of the Internet, organizations increasingly are seeking not just visibility but real-time feedback about their business systems to more effectively engage their customers. Also, with the rapid evolution of cloud-based technologies, there is a strong need for scalable and cost-effective network traffic tap/SPAN aggregation for traffic monitoring solutions. The traditional approach that uses purpose-built matrix switches for netowrk tap/SPAN aggregation to feed traffic to multiple systems for security, compliance and application performance monitoring has three primary challenges:
This approach is too expensive to scale the visibility to meet today’s business requirements.
The purpose-built switches are statically programmed with predetermined filtering and forwarding rules, so they cannot act in an event-based way to provide traffic visibility in real time.
Support for interconnecting multiple switches for a scalable deployment that suits your data center architecture is limited.
With Cisco Nexus Data Broker (see Figure 1), the traffic is tapped into this bank of switches in the same manner as in a purpose-built matrix network. However, with Cisco Nexus Data Broker, you can interconnect these Cisco Nexus switches to build a scalable tap and SPAN aggregation infrastructure. You also can use a combination of network taps and SPAN sources to bring the copy of the production traffic to this infrastructure. In addition, you can distribute the network tap and SPAN sources and traffic monitoring and analysis tools across multiple Cisco Nexus switches. Cisco Nexus Data Broker also provides the flexibility to aggregate traffic from multiple tap or SPAN sources and replicate and forward traffic to multiple analysis tools for monitoring. See Table 1 for a list of important features and functions.
Supported topology for Cisco® Monitor Manager network
Cisco Nexus Data Broker software discovers the Cisco Nexus switches and associated topology for Tap/SPAN aggregation.
The software allows you to configure ports as monitoring tool ports or input Tap/SPAN ports.
You can set end-device names for easy identification in the topology.
Support for QinQ to tag input source Tap/SPAN port
You can tag traffic with a VLAN for each input Tap or SPAN port.
Q-in-Q support in edge Tap and SPAN ports allow you to uniquely identify the source of traffic and preserve production VLAN information.
Symmetric hashing or symmetric load balancing*
You can configure the hashing based on Layer 3 (IP address) or Layer 3 + Layer 4 (protocol ports) for load balancing the traffic across a port-channel link.
You can spread the traffic across multiple tool instances to meet the high-traffic-volume scale.
Rules for matching monitored traffic
You can match traffic based on Layer 1 through Layer 4 criteria.
You can configure the software to send only the required traffic to the monitoring tools without flooding the tools with unnecessary traffic.
You can configure action to set the VLAN ID for the matched traffic.
Replicate and forward traffic
You can configure the software to aggregate traffic from multiple input Tap/SPAN ports that could be spread across multiple Cisco Nexus switches.
You can replicate and forward traffic to multiple monitoring tools that can be connected across multiple Cisco Nexus switches.
This solution is the only one that supports any:many forwarding across a topology.
You can time-stamp a packet at ingress using the Precision Time Protocol (PTP; IEEE 1588), thereby providing nanosecond accuracy. You can use this capability for critical transaction monitoring and archiving data for regulatory compliance and advance troubleshooting.
You can configure the software to truncate a packet beyond specified bytes.
The minimum is 64 bytes.
You can retain a header for only analysis and troubleshooting.
You can configure the software to discard the payload for security or compliance reasons.
End-to-end path visibility
For each traffic forwarding rule, the solution provides a complete end-to-end path visibility all the way from source ports to the monitoring tools, including the path through the network.
React to changes in the Tap/SPAN aggregation network states
You can monitor and keep track of network condition changes.
You can configure the software to react to link or node failures by automatically reprogramming the flows through an alternative path.
Management for multiple disjointed Cisco Monitor Manager networks
You can manage multiple independent traffic monitoring networks, which may be disjointed, using the same Cisco Nexus Data Broker instance. For example, if you have five data centers and you want to deploy an independent Cisco Monitor Manager solution for each data center, you can manage all of these five independent deployments using a single Cisco Nexus Data Broker instance by creating a logical partition (network slice) for each monitoring network.
Role Based Access Control (RBAC)
Application access can be integrated with corporate AAA server for both authentication and authorization
You can create port groups and associate the port groups with specific user roles
Capability to assign users to specific roles and port groups; users can manage only those ports
*Feature supported only on Cisco Nexus 3500.
**Feature supported only on Cisco Nexus 3100.
Please visit the Cisco NDB website for more information. If you are going to be in NYC at Interop Sep 29 -- Oct 2, please visit us to hear Jothi Prakash Prabakaran talk about Nexus Data Broker as a scalable network traffic monitoring solution in the Cisco booth (#611) theater.
In this week’s episode of Engineers Unplugged, Intel’s Damion Desai and Cisco’s Frank D’Agostino (@fdagosti) discuss cloud in the enterprise with the challenges modern applications bring. Don’t miss it!
**Want to be Internet Famous? Join us for our next shoot: VMworld Barcelona. Tweet me @CommsNinja!**
This is Engineers Unplugged, where technologists talk to each other the way they know best, with a whiteboard. The rules are simple:
Episodes will publish weekly (or as close to it as we can manage)
Following on an excellent introduction to this blog series from Scott Ciccone on how Cisco’s solutions can help customers unlock the power of Big Data, this blog focus on management innovation that Cisco UCS brings to Big Data ecosystem.
Access to more and better data is creating new sources of competitive advantage and it has increased relevance in the connected world of IoE. This is aptly reflected in quote from Stanford’s Anand Rajaram - “More data usually beats better algorithms”. Organizations are realizing the essence of this statement as they see increased value from adding more data sources, to discover hidden insights, anticipate trends and make better decisions. New opportunities are constantly being identified and new datasets are added, requiring IT teams to have an agile, reliable and scalable infrastructure. Bottlenecks in infrastructure and complexity in management can have a profound impact on the ability of an organization to react to rapidly changing business needs. This calls for an infrastructure that is flexible, adaptable, scalable and easy to manage, to meet the both the growing and changing workloads in the Big Data ecosystem.
At the core of UCS ability to provide unified management across network, server and storage, is UCS Manager. Every element of the physical infrastructure including server identity (LAN addressing, I/O configurations, firmware versions, boot order, QoS policies) can be dynamically configured through software. This logical abstraction simplifies the configuration of Big Data Hadoop nodes and adapts it dynamically to changing workloads, leading to dramatic reduction in OpEx costs. UCS Central brings these same capabilities across multiple domains and provides the ability to extend to large clusters up to 10,000 nodes within the same management pane.
With the new UCS Director Express for Big Data, these same advantages of flexibility and agility at the physical infrastructure level are now extended into the Hadoop application space. UCS Director Express for Big Data delivers an integrated policy based Hadoop infrastructure on UCS Common Platform Architecture (CPA) for Big Data, delivering a world-class infrastructure architected to provide performance at scale. It is integrated with major Hadoop vendors to provide centralized visibility across the entire Hadoop infrastructure. Enterprises can now provision on-demand Hadoop clusters and manage both physical and software infrastructure from a single management pane.
The advent of Hadoop 2.0 has triggered newer workloads including interactive and streaming workloads that can now run on Hadoop. The industry is poised to witness an unprecedented data growth with IoE and new wave of applications. This calls for architecture that is designed from the grounds-up to be extremely nimble to changing workloads. UCS has been built on this very foundation and is constantly innovating to simplify the operational complexity of managing Big Data clusters. With an agile and automated Big Data infrastructure, enterprise can now shift their focus to realizing business value from Big Data analytics, and faster time to market.
In the next part of this blog series, we take a step further into a more application centric approach. Sandeep Agarwal is going to share how Cisco ACI uses high level policies to dramatically improve cluster performance, secure and end-to-end data path and reprovision automatically for other workloads. To learn more about Cisco’s vision for the pervasive use of Big Data within enterprises, register for the October 21st executive webcast ‘Unlock Your Competitive Edge with Cisco Big Data Solutions’.
Recovery as a Service (RaaS) is one of those services that bring the value of cloud into focus. The ability to recover from a disaster is a mission-critical consideration for organizations. For many, it’s a requirement to operate in their industry or to work with specific customers such as governments.
In “DRaaS And The Cloud: The Why, What, and How of Recovery Services”, cloud provider Sungard Availability Services describes the different options for deploying this essential service. The bottom line is that effective disaster recovery — the kind that you have confidence will work in time of crisis— is not trivial to implement. Most organizations have little to no experience with the complexities of reliable cloud-based recovery. This is their first time trying to implement it, and they’re learning as they go. Which means that the stability of their business during a disaster is based on the skills of a team that may have never actually experienced a disaster.
The cloud provides more than redundant data centers for failover recovery. It enables businesses to leverage the hard-earned expertise of companies like Sungard AS and Cisco working together to provide the most reliable recovery available. These recovery services aren’t home-grown implementations with the latest features added and bolted on as needed. These services are integrated solutions, built upon best-in-class technologies and proven in the market. And when your DRaaS is a Cisco Powered service like Sungard AS’, it has been certified and audited by a third-party to verify its reliability.
This week is exciting, had opportunity to sit on round table with Cisco’s largest customers on an open ended architecture discussion and their take on past, present and future. More on that some other time let’s pick up last critical aspect of High Performance Data Center design namely flexibility. Customers need flexibility to adapt to changing requirements over time as well as to support diverse requirements of their users. Flexibility is not just about protocol, although protocol is very important aspect, but it is also about making sure customers have choice to design, grow and adapt their DC according to their needs. As an example if customers want to utilize the time to market advantage and ubiquity of Ethernet they can by adopt FCoE.
Moreover flexibility has to be complemented by seamless integration where customers can not only mix and match the architectures/protocols/speeds but also evolve from one to other over time with minimal disruption and without forklift upgrades. Investment protection of more than a decade on Cisco director switches allows customer to move to higher speeds, or adopt new protocols using the existing chassis and fabric cards. Finally any solution should allow scalability over time with minimal disruptions and common management model. As an example on MDS 9710 or MDS 9706 customers can choose to use 2/4/8 G FC, 4/8/16G FC, 10G FC or 10G FCoE at each hop.
Let’s review each aspect of flexibility at a time.
Cisco SAN product family is designed to support Architecture flexibility. From smallest to the largest customers and everything in-between. Customers can grow from 12 16G ports to 48 ports on a single 9148S. They can grow from 48 16G Line Rate Ports to 192 16G Line Rate with MDS 9710 and upto 384 ports on MDS 9710. Finally having seamless FC and FCoE capability allows customers to use these directors as edge or core switches . With the industry leading scalability numbers, customers can scale up or scale out as per their needs. Two examples show how customers can use Director class switches (9513, 9506, 9710 or 9706) based Architecture for End of Row designs. Similarly customers can orchestrate Top of Rack designs using Nexus fixed family or MDS 9148S.
If they want to continue with FC for foreseeable future or have sizable FC infrastructure that they want to leverage (and have option to go to FCOE) then MDS serves their needs. Similarly they can support edge core designs, and edge core edge designs or even collapsed cores if so desired.
If customers need converged switch then Nexus 2K, 5K and 6K provides the flexibility, ability to collapse two networks, simplify management as shown in the picture below.
Customers can mix and match the FC speeds 2G/4G/8G, 4G/8G/16G on the latest MDS 9148S, and MDS 9700 product family. With all the major optics supported, customers can pick and choose optics for the smallest distance to long distance CWDM and DWDM solutions in addition to SW, LW and ER optics choices. In addition MDS 9700 supports 10GE optics running 10G FC traffic for ease of implementing 10G DWDM solutions based on ubiquitous 10GE circuits.
FC is a dominant protocol with DC but at the same time a lot of customers are adopting FCoE to improve ROI, simplify the network or simply to have higher speeds and agility. Irrespective of the needs and timeline MDS solution allows customer to adopt FCoE today or down the road without forklift upgrades on the existing MDS 9700 platforms while leveraging the existing FC install base.
The diagram above shows how customers can collapse LAN and SAN networks on the edge into one network. The advantage of FEX include reduced TCO, simplified operations (Parent switch provides a single point of management and policy enforcement and Plug-and-play management includes auto-configuration).
Another example to allow non transition less disruptive for customers Cisco has supported the BiDi optics on the Nexus product family. This allows customers to use the the same same OM2, OM3 and OM4 fabrics for 40G FCoE connectivity and still don;t have to rip and replace cabling plant.
For customer who are not ready to converge networks but want to achieve faster time to market, higher performance, Ethernet scale economies can use separate LAN and SAN network and use FCoE for that dedicated SAN .
Coupled with broad Cisco product portfolio means that customers have the maximum flexibility to tune the architecture precisely to their needs. Cisco product portfolio is tightly integrated, all the SAN switches use same NxOS and DCNM provides seamless manageability across LAN, SAN, Converged infrastructure to Fabric Interconnects on UCS.
From the last 3 blogs lets quickly capture what are the unique characteristics of MDS 9700 that allows for High Performance Scalable Data Center Design.