Cisco Blogs


Cisco Blog > Data Center

ITD: Load Balancing, Traffic Steering & Clustering using Nexus 5k/6k/7k/9k

Cisco Intelligent Traffic Director (ITD) is an innovative solution to bridge the performance gap between a multi-terabit switch and gigabit servers and appliances. It is a hardware based multi-terabit layer 4 load-balancing, traffic steering and clustering solution on the Nexus 5k/6k/7k/9k series of switches.

It allows customers to deploy servers and appliances from any vendor with no network or topology changes. With a few simple configuration steps on a Cisco Nexus switch, customers can create an appliance or server cluster and deploy multiple devices to scale service capacity with ease. The servers or appliances do not have to be directly connected to the Cisco Nexus switch.

ITD won the Best of Interop 2015 in Data Center Category.

With our patent pending innovative algorithms, ITD (Intelligent Traffic Director) supports IP-stickiness, resiliency, consistent hash, exclude access-list, NAT (EFT), VIP, health monitoring, sophisticated failure handling policies, N+M redundancy, IPv4, IPv6, VRF, weighted load-balancing, bi-directional flow-coherency, and IPSLA probes including DNS. There is no service module or external appliance needed. ITD provides order of magnitude CAPEX and OPEX savings for the customers. ITD is much superior than legacy solutions like PBR, WCCP, ECMP, port-channel, layer-4 load-balancer appliances.

ITD provides :

  1. Hardware based multi-terabit/s L3/L4 load-balancing at wire-speed.
  2. Zero latency load-balancing.
  3. CAPEX savings : No service module or external L3/L4 load-balancer needed. Every Nexus port can be used as load-balancer.
  4. Redirect line-rate traffic to any devices, for example web cache engines, Web Accelerator Engines (WAE), video-caches, etc.
  5. Capability to create clusters of devices, for example, Firewalls, Intrusion Prevention System (IPS), or Web Application Firewall (WAF), Hadoop cluster
  6. IP-stickiness
  7. Resilient (like resilient ECMP), Consistent hash
  8. VIP based L4 load-balancing
  9. NAT (available for EFT/PoC). Allows non-DSR deployments.
  10. Weighted load-balancing
  11. Load-balances to large number of devices/servers
  12. ACL along with redirection and load balancing simultaneously.
  13. Bi-directional flow-coherency. Traffic from A–>B and B–>A goes to same node.
  14. Order of magnitude OPEX savings : reduction in configuration, and ease of deployment
  15. Order of magnitude CAPEX savings : Wiring, Power, Rackspace and Cost savings
  16. The servers/appliances don’t have to be directly connected to Nexus switch
  17. Monitoring the health of servers/appliances.
  18. N + M redundancy.
  19. Automatic failure handling of servers/appliances.
  20. VRF support, vPC support, VDC support
  21. Supported on all linecards of Nexus 9k/7k/6k/5k series.
  22. Supports both IPv4 and IPv6
  23. Cisco Prime DCNM Support
  24. exclude access-list
  25. No certification, integration, or qualification needed between the devices and the Cisco NX-OS switch.
  26. The feature does not add any load to the supervisor CPU.
  27. ITD uses orders of magnitude less hardware TCAM resources than WCCP.
  28. Handles unlimited number of flows.

For example,

  • Load-balance traffic to 256 servers of 10Gbps each.
  • Load-balance to cluster of Firewalls. ITD is much superior than PBR.
  • Scale IPS, IDS and WAF by load-balancing to standalone devices.
  • Scale the NFV solution by load-balancing to low cost VM/container based NFV.
  • Scale the WAAS / WAE solution.
  • Scale the VDS-TC (video-caching) solution.
  • Scale the Layer-7 load-balancer, by distributing traffic to L7 LBs.
  • ECMP/Port-channel cause re-hashing of flows. ITD is resilient, and doesn’t cause re-hashing on node add/delete/failure.

Documentation, slides, videos:

Email Query or feedback:ask-itd@external.cisco.com

Please note that ITD is not a replacement for Layer-7 load-balancer (URL, cookies, SSL, etc). Please email: ask-itd@external.cisco.com for further questions.

Connect on twitter: @samar4

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Next Stop Dallas: Learn How to Automate, Optimize, and Transform your Service Delivery

Screen Shot 2015-09-02 at 12.28.03 PMGuest blog by Ram , SP Infrastructure Marketing Manager

Service providers everywhere are trying to simplify their networks – moving services to the cloud that are easier to roll out, can be provisioned by the customer, and enable new business models.

Cisco’s virtual managed service (vMS) solution uses a self-service online portal to give end users a simple way to select, subscribe to and activate highly secure and scalable network services – even if the underlying network is multivendor. The VMS platform service function packages includescloud VPNs for branch, site-to-site and remote access encrypted VPNs, as well as firewall and web security, all offered as a cloud-managed IT solution on a subscription basis.

EANTC

End users have access to a management dashboard on which they can track the Read More »

Tags: , , , , , , , ,

ACI and Infoblox DDI Deliver Highly Automated, Secure, Reliable Core Network Services

Modern demands  in virtualization, cloud, and the Internet of Things are shifting the network landscape and require advanced solutions to manage critical network services across physical, virtual, and cloud environments.

Recently, I had the opportunity to speak with InfoBlox’s Chief Technology Officer, Alan Conley, about automating core network services – DNS, DHCP, and IP Address Management (DDI) – with Cisco Application Centric Infrastructure (ACI).  In this video interview, Alan spoke about the common challenges InfoBlox and Cisco customers face in security and automation in their data centers.

Alan eloquently explains how ACI micro segmentation to enhance security for East-West traffic in the data center complements InfoBlox’s secure DNS server that detects and mitigates malware and botnets trying to attack customer networks.

Alan Conley, InfoBlox CTO

He also shared how a number of InfoBlox customers are looking for the integration of InfoBlox DDI and Cisco ACI to deliver highly secured solutions but also ones that are operationally agile.

I really encourage you to listen to Alan Conley’s enlightening interview.

For more information:

www.cisco.com/go/aci

www.cisco.com/go/aciecosystem

InfoBlox Enterprise-grade DNS, DHCP, and IP Address Management (DDI) datasheet

InfoBlox Demonstrates a New Approach to DNS Security blog

 

 

 

 

Tags: , , , , , , , , ,

ITD Deployment with Transparent mode security devices

ITD (Intelligent Traffic Director) is getting a lot of interest about transparent (Layer 2) mode device support.

Here is a 10 minute video that shows step by step ITD deployment for Transparent mode security devices, such as Firewalls, IPS, IDS, Web application Firewalls (WAF), ASA, Cisco Sourcefire, etc:

ITD is a hardware based multi-Tbps Layer 4 load-balancing, traffic steering and clustering solution on Nexus 5k/6k/7k/9k series of switches. It supports IP-stickiness, resiliency, NAT (EFT), VIP, health monitoring, sophisticated failure handling policies, N+M redundancy, IPv4, IPv6, VRF, weighted load-balancing, bi-directional flow-coherency, and IPSLA probes including DNS. There is no service module or external appliance needed.

Solution Guide: ITD with Layer 2 Firewall / IPS / IDS

Here is more information about ITD: www.cisco.com/go/itd

Please send email to nxos-itd@cisco.com if you have any questions.

 

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

F5 Agility 2015: Next Stop Down Under

In a few weeks Spring season will set in, and it’ll be a Ripper Down Under. For the Data Center technology geeks there is plenty of action in store to celebrate the onset of Aussie spring. I am talking about F5 Agility that is getting ready to rock Melbourne (Aug 18) and Sydney (Aug 20)

aus1

Just last week, I was at F5 Agility, Washington DC. It was an electrifying experience meeting customers and partners of Cisco and F5 and culminating in a powerful guest keynote by Colin Powell, the legendary American statesman and retired four-star general. Colin’s passion to help youth and transform the globe is totally extra-ordinary and most of us attendees were privileged to listen to him that day. That speech has super charged me to last for a long time, and in that mindset, let me switch context to F5 Agility, Melbourne Aug 18, and Sydney Aug 20. The agenda for both these events are identical. We have a packed set of activities from early morning till late evening. We are going to hear F5’s leaders, customers, and partners share how the latest solutions from F5 are transforming what’s possible for today’s organizations. In about a year’s time Cisco ACI and F5 partnership has demonstrated significant success in our joint solution momentum and customer adoption. I am pleased to invite you all to attend this premier industry event and get insights on how F5 and Cisco are bringing the power of cloud, data centers, converged systems, and as-a-Service together to enable fast, efficient, and secure application delivery in today’s challenging hybrid environments.

aus2

The keynote by Julian Eames, F5 EVP of Business Operations, centers on “Innovate, Expand and Deliver” and lays the foundation for your business to innovate new paths to success, expand through barriers to growth, and deliver the applications your customers need to succeed. Julian will take you a tour of current market trends, how F5 has grown under John McAdam’s tenure, the evolution of the F5 Platform from simple load balancer to ADC to support Cloud based business models, the growing importance of enterprise security, recent F5 acquisitions, and last but not the least the growing eco-system of Partners. I recommend getting started with Julian’s keynote.

aus3

Following the keynote, Cisco Exec Shashi Kiran is hosting the Plenary, Platinum Sponsor session titled “Deliver Application Agility with Cisco Application Centric Infrastructure (ACI)”, 10.30 am local time. What’s unique about this Breakout Session? You will get the opportunity to hear Shashi eloquently walk you through the role of Cisco ACI in today’s Application-Oriented Economy, also see a key partner join him on stage and share their success stories with ACI. Shashi will discuss how emerging applications are placing huge demands on Data Center Infrastructure and how grossly unprepared they are to meet the same. Shashi will then introduce Cisco ACI, an open, scalable, programmable SDN solution that helps address these infrastructure challenges. Shashi will illustrate how Cisco’s open architecture enables seamless integration of F5 into ACI’s policy framework and how the joint solution brings unprecedented agility and end-end L2-L7 accelerated application delivery.

Shashi is also doing the Plenary Panel Session in the evening jointly with F5 Execs and the Guest Customer speaker. The topic centers around global trends and themes around Cloud adoption and drivers, SDN, Security etc. This session will be invigorating and sets the stage for a lively evening solutions expo tour.

For the technically oriented among you, we also have a number of technical breakout sessions hosted by F5 and its Partners. These sessions cover Security, Cloud in detail along-with other emerging Data center topics.

That is not all. Cisco ACI brings you additional customer engagement opportunity in the solutions expo hall. We are featuring cool demos showcasing our joint solutions namely, ACI -F5 BIG-IP and ACI – BIG-IQ on both Aug 18 and 20, during the expo hours. Stop by the Cisco booth where product experts are available to engage in white-board sessions and to compliment the demos, we also run short duration presentations in the Cisco theatre at periodic intervals. Should you desire, we are happy to meet you in 1-1 meetings, so let us know how we can enrich your experience at the event

For all the hard work we all do at the event, there is plenty F5 offers to let us relax and enjoy. The networking event at the solutions expo in the evening (5 – 7 PM) provides drinks and prize draws in addition to an exciting showcase of state of art technology innovations and demos. Network with your fellow attendees while enjoying tasty food and drink, knowledgeable guides, and more are awaiting you.

I am eager to see you all in Australia next week. There are some useful links for you to check out before your visit on how Cisco ACI and F5 work together on the innovation front.

For more information, Visit www.cisco.com/go/acif5

Join our Community discussions on ACI and find outWhat is your SDN Spirit Animal?”

Take the quiz and find out! 

Tags: , , , , ,