Cisco Blogs


Cisco Blog > Data Center

Cisco ITD is Best of Interop 2015 Finalist

Transforming Cisco switches into highly scalable zero latency load balancers! Cisco Intelligent Traffic Director (ITD) does exactly that and much more!

Cisco ITD  has been selected as Best of Interop 2015 finalist in the Data Center Category. Finalists were chosen from nine categories including Data Center, Mobility, SDN and Cloud Technologies.

BOI15_Finalist_728x90-550x68
Cisco Intelligent Traffic Director (ITD)  is an innovative solution to bridge the performance gap between a multi-terabit switch and gigabit servers and appliances. It is a hardware based multi-terabit layer 4 load-balancing, traffic steering and clustering solution on the Nexus 9K,7K,6K,5K series of switches. Customers do not have to buy any new hardware. It works on all the existing hardware, linecards and supervisors.

Here are some of the quotes from customers, account teams, industry analysts and architects:
“Great milestone Samar Sharma, Mouli Vytla, Rajendra Kumar Thirumurthi  and team! We are very grateful for the work you guys did with pioneering and driving this new solution!”

ITD  helped us scale to 1Tbps of cache traffic in single Nexus 7700 ”

“This feature seems almost too good to be true! I am very excited about it.”

“Customers really enjoyed the time and the subject. They said it was the best presentation of the week at Cisco Live”

“Turns out we likely have a far superior solution in ITD  that we can bring to the table.  One of our web space principles is ‘state is the enemy of scale’ and ITD aligns very well with this mentality without sacrificing too much flexibility or control. It is still early in our conversations but we are confident that ITD will play a strategic role for scaling services”

Click  to find out more! You can also visit Cisco Interop Booth at Interop Las Vegas to find out about Cisco ITD Solution!

Tags: , , , , , , , , , , , , , , , , ,

A Summary of Cisco VXLAN Control Planes: Multicast, Unicast, MP-BGP EVPN

With the adoption of overlay networks as the standard deployment for multi-tenant network, Layer2 over Layer3 protocols have been the favorite among network engineers. One of the Layer2 over Layer3 (or Layer2 over UDP) protocols adopted by the industry is VXLAN. Now, as with any other overlay network protocol, its scalability is tied into how well it can handle the Broadcast, Unknown unicast and Multicast (BUM). That is where the evolution of VXLAN control plane comes into play.

The standard does not define a “standard” control plane for VXLAN. There are several drafts describing the use of different control planes. The most commonly use VXLAN control plane is multicast. It is implemented and supported by multiple vendors and it is even natively supported in server OS like the Linux Kernel.

This post tries to summarize the three (3) control planes currently supported by some of the Cisco NX-OS/IOS-XR. My focus is more towards the Nexus 7k, Nexus 9k, Nexus 1k and CSR1000v.

Each control plane may have a series of caveats in their own, but those are not covered by this blog entry. Let’s start with some VXLAN definitions:

(1) VXLAN Tunnel Endpoint (VTEP): Map tenants’ end devices to VXLAN segments. Used to perform VXLAN encapsulation/de-encapsulation.
(2) Virtual Network Identifier (VNI): identify a VXLAN segment. It hast up to 224 IDs theoretically giving us 16,777,216 segments. (Valid VNI values are from 4096 to 16777215). Each segment can transport 802.1q-encapsulated packets, theoretically giving us 212 or 4096 VLANs over a single VNI.
(3) Network Virtualization Endpoint or Network Virtualization Edge (NVE): overlay interface configured in Cisco devices to define a VTEP

VXLAN with Multicast Control Plane
VXLAN1

Read More »

Tags: , , , , , ,

Enabling Data Center Services with RISE : Remote Integrated Services Engine

Data Centers are becoming increasingly smart, intelligent and elastic. With the advancement in cloud and virtualization technologies, customers demand dynamic workload management, efficient and optimal use of their resources. In addition the configuration and administration of Data Center solutions is complex and is going to become increasingly so.RISE

With these requirements and architectures in mind we have a industry first solution called Remote Integrated Service Engine (RISE).  RISE is a technology that simplifies provisioning, out of box management of service appliances like load balancers, firewalls, network analysis modules. It makes data center and campus networks dynamic, flexible, easy to configure and maintain.

RISE can dynamically provision network resources for any type of service appliance (physical and virtual form factors). External appliances can now operate as integrated service modules with Nexus Series of switches without burning a  slot in a switch . This technology provides robust application delivery capabilities that accelerate the application performance manifold.

RISE is supported on all Nexus Series switches with services like Citrix NetScaler MPX, VPX, SDX and Cisco Prime NAM with many more in the pipeline.

Advantages & Features

  1. Simplified Out-of-Box experience : reduces the administrator’s manual configuration steps from 30 to 8 steps !!
  2. Supported on Citrix NetScaler MPX, SDX, VPX, and Nexus 1KV with VPX
  3. Supported on Cisco Prime Network Analyzer Module
  4. Automatic Policy Based Routing – Eliminates need for SNAT or Manual PBR
  5. Direct and Indirect Attach mode integration
  6. Show module for RISE
  7. Attach module for RISE
  8. Auto Attach – Zero touch configuration of RISE
  9. Health Monitoring of appliance
  10. Appliance HA and VPC supported
  11.  Nexus 5K/6K support (EFT available)
  12. IPV6 support (EFT available)
  13. DCNM support
  14. Order of magnitude OPEX savings: reduction in configuration, and ease of deployment
  15. Order of magnitude CAPEX savings: Wiring, Power Rackspace and Cost savings

For more information, schedule an EFT or POC Contact us at nxos-rise@cisco.com

Resources

RISE press release on Wall Street Journal : http://online.wsj.com/article/PR-CO-20140408-905573.html
RISE At A Glance white paper: http://www.cisco.com/c/dam/en/us/products/collateral/switches/nexus-7000-series-switches/at-a-glance-c45-731306.pdf
RISE Video at Interop: https://www.youtube.com/watch?v=1HQkew4EE2g
Cisco RISE page: www.cisco.com/go/rise
Gartner blog on RISE: “Cisco and Citrix RISE to the Occasion”: http://blogs.gartner.com/andrew-lerner/2014/03/31/cisco-and-citrix-rise-to-the-adc-occasion/

Tags: , , , , , , , , , , , , ,

New Cisco Nexus Data Broker Release 2.0 Now Available

We are excited to announce the availability of Cisco Nexus Data Broker software release 2.0. Using the Cisco Nexus Data Broker software, Cisco’s approach replaces the traditional purpose-built matrix switches used for network taps or SPAN aggregation with one or more OpenFlow-enabled Cisco Nexus switches.

Visibility into application traffic has traditionally been important for infrastructure operations to maintain security, resolve problems, and perform resource planning. Now, however, as a result of technological advances and the ubiquity of the Internet, organizations increasingly are seeking not just visibility but real-time feedback about their business systems to more effectively engage their customers. Also, with the rapid evolution of cloud-based technologies, there is a strong need for scalable and cost-effective network traffic tap/SPAN aggregation for traffic monitoring solutions. The traditional approach that uses purpose-built matrix switches for netowrk tap/SPAN aggregation to feed traffic to multiple systems for security, compliance and application performance monitoring has three primary challenges:

  • This approach is too expensive to scale the visibility to meet today’s business requirements.
  • The purpose-built switches are statically programmed with predetermined filtering and forwarding rules, so they cannot act in an event-based way to provide traffic visibility in real time.
  • Support for interconnecting multiple switches for a scalable deployment that suits your data center architecture is limited.

With Cisco Nexus Data Broker (see Figure 1), the traffic is tapped into this bank of switches in the same manner as in a purpose-built matrix network. However, with Cisco Nexus Data Broker, you can interconnect these Cisco Nexus switches to build a scalable tap and SPAN aggregation infrastructure. You also can use a combination of network taps and SPAN sources to bring the copy of the production traffic to this infrastructure. In addition, you can distribute the network tap and SPAN sources and traffic monitoring and analysis tools across multiple Cisco Nexus switches.  Cisco Nexus Data Broker also provides the flexibility to aggregate traffic from multiple tap or SPAN sources and replicate and forward traffic to multiple analysis tools for monitoring.  See Table 1 for a list of important features and functions.

Figure 1

Visibility leads to insight

Table 1

Features of the New Cisco Data Broker Release 2.0

Features/Benefits

Scalability

Supported topology for Cisco® Monitor Manager network

  • Cisco Nexus Data Broker software discovers the Cisco Nexus switches and associated topology for Tap/SPAN aggregation.
  • The software allows you to configure ports as monitoring tool ports or input Tap/SPAN ports.
  • You can set end-device names for easy identification in the topology.
Support for QinQ to tag input source Tap/SPAN port

  • You can tag traffic with a VLAN for each input Tap or SPAN port.
  • Q-in-Q support in edge Tap and SPAN ports allow you to uniquely identify the source of traffic and preserve production VLAN information.
Symmetric hashing or symmetric load balancing*

  • You can configure the hashing based on Layer 3 (IP address) or Layer 3 + Layer 4 (protocol ports) for load balancing the traffic across a port-channel link.
  • You can spread the traffic across multiple tool instances to meet the high-traffic-volume scale.
Rules for matching monitored traffic

  • You can match traffic based on Layer 1 through Layer 4 criteria.
  • You can configure the software to send only the required traffic to the monitoring tools without flooding the tools with unnecessary traffic.
  • You can configure action to set the VLAN ID for the matched traffic.

Visibility

Replicate and forward traffic

  • You can configure the software to aggregate traffic from multiple input Tap/SPAN ports that could be spread across multiple Cisco Nexus switches.
  • You can replicate and forward traffic to multiple monitoring tools that can be connected across multiple Cisco Nexus switches.
  • This solution is the only one that supports any:many forwarding across a topology.
Time stamping**

  • You can time-stamp a packet at ingress using the Precision Time Protocol (PTP; IEEE 1588), thereby providing nanosecond accuracy. You can use this capability for critical transaction monitoring and archiving data for regulatory compliance and advance troubleshooting.
Packet truncation**

  • You can configure the software to truncate a packet beyond specified bytes.
  • The minimum is 64 bytes.
  • You can retain a header for only analysis and troubleshooting.
  • You can configure the software to discard the payload for security or compliance reasons.
End-to-end path visibility

  • For each traffic forwarding rule, the solution provides a complete end-to-end path visibility all the way from source ports to the monitoring tools, including the path through the network.

Security

React to changes in the Tap/SPAN aggregation network states

  • You can monitor and keep track of network condition changes.
  • You can configure the software to react to link or node failures by automatically reprogramming the flows through an alternative path.
Management for multiple disjointed Cisco Monitor Manager networks

  • You can manage multiple independent traffic monitoring networks, which may be disjointed, using the same Cisco Nexus Data Broker instance. For example, if you have five data centers and you want to deploy an independent Cisco Monitor Manager solution for each data center, you can manage all of these five independent deployments using a single Cisco Nexus Data Broker instance by creating a logical partition (network slice) for each monitoring network.
Role Based Access Control (RBAC)

  • Application access can be integrated with corporate AAA server for both authentication and authorization
  • You can create port groups and associate the port groups with specific user roles
  • Capability to assign users to specific roles and port groups; users can manage only those ports

*Feature supported only on Cisco Nexus 3500.

**Feature supported only on Cisco Nexus 3100.

Please visit the Cisco NDB website for more information.  If you are going to be in NYC at Interop Sep 29 – Oct 2, please visit us to hear Jothi Prakash Prabakaran talk about Nexus Data Broker as a scalable network traffic monitoring solution in the Cisco booth (#611) theater.

Tags: , , , , , ,

Cisco and Citrix Partnership will shine at Citrix Synergy 2014

CitrixSynergyCisco

In case you didn’t notice , the partnership between Citrix and Cisco has been growing nicely over the part 2 years in many areas .
Amongst numerous areas of collaboration here are some common solutions that will be highlighted at the coming conference Citrix Synergy

  • Cisco Enterprise Mobility solution for business to employee with Citrix XenMobile
  • Cisco Desktop Virtualization with Citrix Xen Desktop 7.1 on Cisco UCS
  • Cisco DaaS with Citrix (CloudPlatform or UCS director on UCS)
  • Cisco’s Citrix NetScaler 1000V  (vPath and RISE)
  • Cisco ACI strategy and how Citrix integrates OpFlex.

The last bullets point, especially the endorsement by Citrix of RISE ,  the new protocol for Nexus 7000  have been amply covered over the past weeks  in blogs from Gary Kinghorn  as well as video – You will find links at the bottom of this blogs. But check also Citrix page on Netscaler 1000V.

Citrix was  one of the close partner present  when we announced  last month at Interop  OpFlex, a new open standards- based protocol (OpFlex)  for Application Centric Infrastructure  (ACI) .In this video, Sunil Potti, Citrix VP & GM Netscaler,  explained why Citrix is standing shoulder to shoulder with Cisco on this topic.

Cisco and Citrix have been also working diligently to offer the best solutions in terms of mobility . You may want to check this blog from Jonathan Gilad on Cisco strategy and solutions around mobile workplace . Check his recent blog Beyond BYOD to Workspace mobility 

Read More »

Tags: , , , , , , , , , , , , , , , , , , , , ,