Cisco has been the leader in virtual networking since the introduction of Nexus 1000V virtual switch more than 5 years ago. Now it is time to make the virtual network more application aware. With the introduction of the Application Centric Infrastructure (ACI), we are pleased to introduce the Application Virtual Switch (AVS), the virtual network edge of the Cisco ACI -enabled network that includes the Nexus 9000 series of switches.
In the ACI architecture, applications drive networking behavior, not the other way around. Pre-defined application requirements and descriptions (“policy templates”) automate the provisioning of the network – virtual and physical, application services, security policies, tenant subnets and workload placement. Automating the provisioning of the complete application network reduces IT costs, reduces errors, accelerates deployment and makes the business more agile.
Application Virtual Switches are the purpose-built, hypervisor-resident virtual network edge switches designed for the ACI fabric. They provide consistent virtual networking across multiple hypervisors to simplify network operations and provide consistency with the physical infrastructure.
- AVS is robustly integrated into the ACI architecture and supports Application Network Profile (ANP) enforcement at the virtual host layer consistent with the Nexus 9000 series physical switches.
- AVS is managed centrally along with rest of the ACI fabric components through the Application Policy Infrastructure Controller (APIC) and provides advanced telemetry features to allow end-to-end visibility and troubleshooting capabilities across both virtual and physical devices, .
- AVS enables optimal traffic steering between virtual and physical layers of the fabric to maximize performance and resource utilization. For example, if the web and app tier are located on the same host, AVS can route traffic or apply security policies between these end point groups within the hypervisor itself. On the other hand, if the database is a bare metal workload that is attached to the physical Nexus 9000, the application policy is consistently applied at the physical Nexus 9000 top of rack switches instead.
Application Centric Infrastructure with Application Virtual Switch
ACI eliminates the operational complexity of differences in managing virtualized environments vs. bare metal or legacy environments. It provides a consistent operational model across both AVS and Nexus 9000 respectively. ACI also allows for flexibility of placement of application workloads based on application requirements. Watch this short video.
Read More »
Tags: application centric infrastructure, Application Policy Infrastructure Controller, Application Virtual Switch, AVS, Nexus 9000, Nexus1000V
vPath, a Cisco innovative technology developed within Cisco Nexus 1000V, has been shipping for more than 2 years, enabling customers to seamlessly create policy-based multi-tenant / multi-container Data Centers across multiple hypervisor environment. Increasingly, customers are implementing network services into their virtualization and cloud networks in order to meet regulatory, security and service levels. To this end we are seeing increased deployments of virtual firewalls, load balancing, routing, WAN optimization & monitoring tools. Cisco’s vPath technology allows customers to deploy these best-in-class network services seamlessly in their Data Center and Cloud deployments. So, what makes vPath so unique in this industry?
#1 -- vPath Powered Service Chaining at a tenant level: For customers to create multi-tenancy architecture today, they have to configure the different network services and manually “stitch” them together for every unique combination. While this method provides the goals for regulatory compliance, security and service levels it often increases application provision time, and does not easily support application mobility. Additionally most applications have to follow the same manually stitched network services.
With Cisco Nexus 1000V vPath technology, the customer’s Data Center becomes very agile by enabling policy based services chaining at the application or tenant level. Customers can create policies and select the L3-7 virtual services appropriate for the application at the time of VM or Tenant creation. These policies are then dynamically instantiated and fulfilled in the Nexus 1000V distributed virtual switch. If the particular application VM moves, the Nexus 1000V network policy moves with it and hence the service chain remains intact.
Figure 1: Policy based dynamic service chaining through vPath
#2 -- vPath enables Distributed Cloud Network Services: As noted in the picture above, vPath controls the packet flow through all Services that are chained for that particular policy. Once the first few packets of the flow is inspected by each Service node, vPath offers the capability to off load flow decisions of the particular Service to the local host such that the subsequent packets of the same flow are locally inspected at the host. Through this mechanism, vPath improves the performance of the particular service since the subsequent packets of the flow are no longer required to be inspected by the individual Service node and hence enabling distributed behavior of the particular service.
Figure 2: Distributed Cloud Network Services through vPath Fast Path Offload
#3 -- vPath offers Best-In-Class Cloud Network Services across multiple hypervisors: vPath enables the customers to use the best-in-class Cloud Network Services from Cisco such as Virtual Security Gateway, ASA 1000V & virtual WAAS, and best-in-class ecosystem partners such as Citrix NetScaler 1000V & Imperva Secure Sphere Web Application Firewall. This vPath enabled architecture will be supported across all major hypervisors such as VMware vSphere, Microsoft Hyper-V, KVM and Xen.
#4 -- vPath to become a standard based Network Services Header: In traditional fashion, Cisco creates innovative solutions to help solve our customer’s IT challenges. Once proven, we offer these technologies such as VXLAN through standards bodies to allow greater interoperability and choice. Recently, vPath header format has been submitted to the IETF as a Network Service Header draft. In the future customers will be able to leverage dynamic policy based services chaining including both virtual and hardware based solutions that support Network Services Header!
To learn more about Cisco Nexus 1000V and Cloud Network Services, please visit our community site. Create a Cloud Lab account and checkout out the vPath in action today!
Lastly, if you are at VMworld, make a point to attend our sessions PHC6409 and NET6380, or stop by at the Cisco booth.
Tags: Cloud Network Services, data center, Nexus1000V, SDN, service chaining, virtualization, vPath
Today marks an important milestone for one of our most strategic data center products and the foundation of virtual networking portfolio. Five years ago, the Nexus 1000V virtual switch was the pioneer in the virtual networking market with its launch at VMworld in 2008. Since then it has been adopted by over 8000 customers and continues to grow on other platforms, such as Microsoft Hyper-V, and soon Linux/KVM. Today, Nexus 1000V represents the largest software controller-based networking solution (aka, Software Defined Networking or SDN) in the industry.
We continue to add hundreds of paying customers every quarter, in spite of offering a fully featured no-cost essential edition. The interest in the virtual networking space also continues to increase ever since the SDN trend started. There are also plenty of FUD or rumors being spread about the Cisco’s virtual networking solution. On this 5th year anniversary, let’s do some myth busting focused on Nexus 1000V based solutions. Read More »
Tags: ACI, application centric infrastructure, Cisco DFA, network virtualization, Nexus1000V, NVGRE, OpenStack, SDN, ucs director, VXLAN, VXLAN-VLAN Gateway