Cisco Blogs

Cisco Blog > Data Center

Cisco @ Strata-Hadoop World Wrap-Up: If we can make it there, we’ll make it anywhere…



We made it…another successful Strata-Hadoop World show for Cisco’s Big Data & Analytics team. This year we had a few unique challenges – the Pope was leaving town when we arrived; then the UN General Assembly made traffic a bit more difficult than normal; finally towards week’s end the threat of ‘The Hurricane’ for the East Coast…

Cisco had an active presence at Strata this year with several newsworthy and interesting highlights:

• Introducing Cisco Data Preparation. Cisco Data Preparation (Data Prep) makes it easy for non-technical business analysts to gather, explore, cleanse, combine and enrich the data that fuels analytics. Read Kevin Ott’s Data Prep blog here. Read More »

Tags: , , , , , , , , , , , , , , ,

Capitalizing on Your Evolved Programmable Network through Faster and More Efficient Cloud Services Delivery

SDN (Software Defined Networking) and NFV (Network Functions Virtualization) technologies are expected to help Service Providers gain new efficiencies and previously unimagined speed and agility in cloud services delivery so they can seize new business opportunities and achieve continued growth. Specifically, SDN in the data center helps you abstract services and applications from the complexities of the underlying network, making services operations drastically simpler. However, this abstraction layer, referred to as the SDN overlay, must meet very specific requirements to support today’s dynamic cloud environments.

Using a mobile device

I’d like to briefly discuss a recently released product, the Cisco Virtual Topology System (VTS), a high performance SDN overlay system designed to meet these requirements.

VTS is an important component of Cisco’s services management and orchestration software portfolio, aligned with Cisco’s Open Network Architecture and the Cisco Evolved Services Platform, a flexible and agile SP cloud service delivery platform. There are a number of capabilities of VTS Read More »

Tags: , , , , , , , , , , , , , , , ,

ITD: Load Balancing, Traffic Steering & Clustering using Nexus 5k/6k/7k/9k

Cisco Intelligent Traffic Director (ITD) is an innovative solution to bridge the performance gap between a multi-terabit switch and gigabit servers and appliances. It is a hardware based multi-terabit layer 4 load-balancing, traffic steering and clustering solution on the Nexus 5k/6k/7k/9k series of switches.

It allows customers to deploy servers and appliances from any vendor with no network or topology changes. With a few simple configuration steps on a Cisco Nexus switch, customers can create an appliance or server cluster and deploy multiple devices to scale service capacity with ease. The servers or appliances do not have to be directly connected to the Cisco Nexus switch.

ITD won the Best of Interop 2015 in Data Center Category.

With our patent pending innovative algorithms, ITD (Intelligent Traffic Director) supports IP-stickiness, resiliency, consistent hash, exclude access-list, NAT (EFT), VIP, health monitoring, sophisticated failure handling policies, N+M redundancy, IPv4, IPv6, VRF, weighted load-balancing, bi-directional flow-coherency, and IPSLA probes including DNS. There is no service module or external appliance needed. ITD provides order of magnitude CAPEX and OPEX savings for the customers. ITD is much superior than legacy solutions like PBR, WCCP, ECMP, port-channel, layer-4 load-balancer appliances.

ITD provides :

  1. Hardware based multi-terabit/s L3/L4 load-balancing at wire-speed.
  2. Zero latency load-balancing.
  3. CAPEX savings : No service module or external L3/L4 load-balancer needed. Every Nexus port can be used as load-balancer.
  4. Redirect line-rate traffic to any devices, for example web cache engines, Web Accelerator Engines (WAE), video-caches, etc.
  5. Capability to create clusters of devices, for example, Firewalls, Intrusion Prevention System (IPS), or Web Application Firewall (WAF), Hadoop cluster
  6. IP-stickiness
  7. Resilient (like resilient ECMP), Consistent hash
  8. VIP based L4 load-balancing
  9. NAT (available for EFT/PoC). Allows non-DSR deployments.
  10. Weighted load-balancing
  11. Load-balances to large number of devices/servers
  12. ACL along with redirection and load balancing simultaneously.
  13. Bi-directional flow-coherency. Traffic from A–>B and B–>A goes to same node.
  14. Order of magnitude OPEX savings : reduction in configuration, and ease of deployment
  15. Order of magnitude CAPEX savings : Wiring, Power, Rackspace and Cost savings
  16. The servers/appliances don’t have to be directly connected to Nexus switch
  17. Monitoring the health of servers/appliances.
  18. N + M redundancy.
  19. Automatic failure handling of servers/appliances.
  20. VRF support, vPC support, VDC support
  21. Supported on all linecards of Nexus 9k/7k/6k/5k series.
  22. Supports both IPv4 and IPv6
  23. Cisco Prime DCNM Support
  24. exclude access-list
  25. No certification, integration, or qualification needed between the devices and the Cisco NX-OS switch.
  26. The feature does not add any load to the supervisor CPU.
  27. ITD uses orders of magnitude less hardware TCAM resources than WCCP.
  28. Handles unlimited number of flows.

For example,

  • Load-balance traffic to 256 servers of 10Gbps each.
  • Load-balance to cluster of Firewalls. ITD is much superior than PBR.
  • Scale IPS, IDS and WAF by load-balancing to standalone devices.
  • Scale the NFV solution by load-balancing to low cost VM/container based NFV.
  • Scale the WAAS / WAE solution.
  • Scale the VDS-TC (video-caching) solution.
  • Scale the Layer-7 load-balancer, by distributing traffic to L7 LBs.
  • ECMP/Port-channel cause re-hashing of flows. ITD is resilient, and doesn’t cause re-hashing on node add/delete/failure.

Documentation, slides, videos:

Email Query or

Please note that ITD is not a replacement for Layer-7 load-balancer (URL, cookies, SSL, etc). Please email: for further questions.

Connect on twitter: @samar4

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

ITD Deployment with Transparent mode security devices

ITD (Intelligent Traffic Director) is getting a lot of interest about transparent (Layer 2) mode device support.

Here is a 10 minute video that shows step by step ITD deployment for Transparent mode security devices, such as Firewalls, IPS, IDS, Web application Firewalls (WAF), ASA, Cisco Sourcefire, etc:

ITD is a hardware based multi-Tbps Layer 4 load-balancing, traffic steering and clustering solution on Nexus 5k/6k/7k/9k series of switches. It supports IP-stickiness, resiliency, NAT (EFT), VIP, health monitoring, sophisticated failure handling policies, N+M redundancy, IPv4, IPv6, VRF, weighted load-balancing, bi-directional flow-coherency, and IPSLA probes including DNS. There is no service module or external appliance needed.

Solution Guide: ITD with Layer 2 Firewall / IPS / IDS

Here is more information about ITD:

Please send email to if you have any questions.


Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Open NX-OS featured on TechWiseTV

Only on TechWiseTV

Only on TechWiseTV

This is the first in a multi-part series where we cover ‘programmability’ for networking.  The idea is to fully review the programming options now available inside the Nexus switches, (3000, 9000).  This first episode covers new access with Linux tools, NX-API and more. Further shows will be diving into the details around Object Models and orchestration partners.

The primary point for any of these is to understand how Cisco Open NX-OS extensibility exposes greater programmability and automation capabilities.  It is fascinating and full of new learning opportunities.  It does not come without a few career questions of course…usually, something along the lines of: do network engineers need to become programmers now too?  

Two answers:  Yes.  It depends.

Networking knowledge and skill should not be undersold here.  Programming capabilities should be additive.  They are useful in just about any tech career and obviously affecting the networking space.  I think it’s foolish to ever quit learning but it does depend on your aspirations, your current level of satisfaction and perhaps how narrowly defined your skill set might be.

Full disclosure: I am not a programmer. I have been learning the fundamentals of python and a few others as I work on this series but I am not hire-able for this skill by any means. But the distinct feeling I get, and the feedback I hear from you guys: its not that hard.  You are probably well versed in scripting for various CLI operations…take it up a few notches and work on some of these ‘readable’ languages that will have similar syntax.  This will give you the ability to judge the appeal of what we are offering with ACI and other solutions much more credibly…and I guarantee you will find ways to get rid of redundant crap and stupid errors you may be fighting with yourself or your team.


Live, interactive, never dull.

September 21, 2015

Programmable networks will forever change the way you manage infrastructure enabling you to dramatically accelerate configuration and deployment of your network, automate time consuming manual tasks, and allocate IT resources far more efficiently.  Are you ready for the revolution?  

Discover how to create a programmable network as we discuss and demonstrate the NX-API and NX-API REST (Object Model) in detail. Understand how Cisco Open NX-OS extensibility exposes greater programmability and automation capabilities that eliminate costly manual errors.

– You can sign up at the workshop tab when the date gets a bit closer,


Nicolas Delecroix in the TechWiseTV Lab

Nicolas Delecroix in the TechWiseTV Lab

TechWiseTV 176: Open NX-OS: Programmability


Two great experts on this episode.

Six Key Points: What OPEN means for NX-OS

Six Key Points: What OPEN means for NX-OS

Shane Corban shares Six Key Points: What OPEN means for NX-OS

Changes made across the software stack to address Extensibility, Openness, Programmability.

  1. Auto Deployment (Bootstrap and Provisioning)
    • Added support for PXE server, operationalize NX-OS software to match an existing server environment
  2. Extensibility – how we package software
    • We did not use to expose much beyond a bash shell
    • Now you can install native RPM’s, and third party applications running processes as they would on a Linux server
  3. Open Interfaces
    • We are now adding support to leverage Linux like tools for debugging, configuration and troubleshooting…manipulate those front panel ports as native Linux interfaces within our switch software stack.
  4. Application Integration (Adaptable SDK)
    • Published an SDK, a build environment that you can install on any Linux server, download the build agent, and put your source into that directory structure and build into an RPM for installation and run it natively.
    • Build your own custom automation apps, monitoring agents, and have them run natively on our platform
  5. Programmability Tool Choice
    • Sandbox
    • We have a native Python shell today that has a Native Cisco Library that you can utilize for automation
    • NX-API – the ability to embed CLI commands and structured data (JSON, XML) for execution on the switch via HTTP/HTTPS Interface to get back structured data back on show commands.
  6. Management Tools
    • Support for Chef and Puppet
    • Agents will be publicly available on the enterprise sites
    • Support for Open Stack, Neutron

NX-OS is now more modular, more open, more capable of third party integration providing a  wide variety of programmability choices ideal for Dev-Ops environments.  

Five case study examples

Five case study examples

Nicolas provides five case study examples. 

  1. Checking Software Version
  2. Using Python script with NXAPI and JSON to pull version numbers
  3. Python script to query multiple switches to check compliance against a specific version
  4. VLAN Provisioning
  5. Checking for proper VLAN provisioning

Special thanks behind the scenes to Rami Rammaha and Mark Jackson


More Reading:

Cisco Nexus 9000 Programmability Guide

Matt Oswalt is a great writer. You should follow his blog: Keeping it Classless.   I enjoy his angles on things.  Read up on his blog entry: Evolution of Network Programmability, Nexus 9000 NX-API,NX-API Update.

Some Learning Basics:

What do you think still needs to be covered?  I would love any thoughts on how the rest of this series should be shaped.  Leave your comments below and just to make sure…tag me on twitter.  We are diving into Object Models (taping next week) and then some angle with the Orchestration Partners.   Case in point: Puppet Labs is making available today a native Puppet NX-OS agent and Cisco Puppet Module.

Let me know!


Tags: , , , , , , , , , , , ,