At the most recent Gartner Data Center Conference in Las Vegas, after some insightful discussions with customers and analysts, we came up with a great demo idea and proof point that highlights a key feature in our Application Centric Infrastructure (ACI) platform. This particular demo centers on the unique visibility of the ACI Fabric to faults in the underlying physical network.
Joe Onisick, Principal Engineer in the ACI team at Cisco, compares this ability in ACI to SDN technologies that employ only virtual overlay networks in the following video. With overlay networks, such as a VXLAN tunnel, the resulting virtual network (and all the management and analytics tools) has a much harder time isolating faults within the physical infrastructure. The overlay is designed to “tunnel” through the physical network, simplifying and obscuring the physical topology and issues with any specific network node. Before going much further, I’ll let Joe provide the details in this quick, 3 minute video:
There has been some seismic activity happening in Bay Area and the epicenter for all Virtual Networking shifts is right here at Cisco HQ in San Jose. (Our sympathies go to all those affected by the real earthquake further to the north.) At Cisco, it’s all about the applications and the shift to dynamic network virtualization. Cisco pioneered virtual networking with Nexus 1000V virtual switch and recently incorporated it in the application aware Application Virtual Switch (AVS), for Cisco ACI-enabled networks. Cisco is excited to announce the availability of Nexus 1000 Release 3.1 of Nexus1000V for vSphere (available for download here). We are showing the upcoming generation of the virtual switch at VMworld in San Francisco this week.
Nexus1000V is the edge switch for virtual environments, bringing the network edge right up to the virtual machine, and connecting virtual ports to the physical network and beyond. The Nexus 1000V is the foundation for our virtual network overlay portfolio, including all of our virtual L4-7 application and security services, our cloud orchestration software, VXLANs and more. It is also at the heart of AVS, a purpose-built, hypervisor-resident virtual network edge switch designed for the Application Centric Infrastructure.
Release 3.1 is a new major release enabling enterprise and cloud provider customers running the vSphere hypervisor to leverage the distributed virtual firewall VSG, expand VXLAN footprint in the datacenter, improve secure isolation thru Cisco TrustSec and dramatically simplify updates through Cisco VSUM (Virtual Switch Update Manager). Most of the new features are value add to the Advanced Edition. New customers will need a Ver 3 specific license to use the full functionality of Ver 3. Existing customers with support contract are automatically entitled to free upgrade to Ver 3. AVS incorporates Nexus 1000V capabilities with consistent application policy enforcement for virtual workloads and unprecedented end-to-end visibility for applications in your data center.
Increased Scalability (Advanced Edition)– More than doubles the scale from the previous release. The virtual switch now supports 250 hosts/servers per switch with 10,000 ports per switch. In addition it supports 4094 active VLANs and 16 million VXLAN (6144 active VXLANs) per switch across 6144 port profiles.
VXLAN control plane: BGP based control plane across multiple virtual switches provide expanded Layer 2 domain footprint that can potentially support nearly 40,000 VMs in a single domain
Increased Resiliency – Supports headless Port bring up where Virtual Machines can be bought up on the host even if VEM is offline i.e. the VSM is not reachable by VEM. Both VSM headful and headless VM vMotion is supported.
Cisco TrustSec 2.0 (Advanced Edition) – Continues to extended Cisco TrustSec solutions for network based segmentation of users and physical workloads, leveraging Security Group Tags (SGT) for defining security segments and SGACL support (Enforcement) and Native(in-line) SGT tagging.
BPDU Guard -- Keeps virtual network safe from misconfigured VLANs and strictly enforces VLAN boundries. It prevents Misconfigured VLAN Rogue devices from flooding the network
Storm Control -- Prevent network disruptions from a broadcast, multicast, or unknown-unicast traffic storm.
Simplified Deployment, upgrade and visibility with Cisco VSUM – Cisco VSUM is a FREE virtual appliance that enables Server and Network administrators to Deploy, Upgrade and Monitor Nexus1000V and to Deploy and Upgrade Cisco AVS from within their vCenter web interface.
Customer Experience -Here’s what one of our Beta customers, Josh Coen says about Cisco VSUM. Josh is a Principal Cloud Architect with Varrow and has been working in the IT industry since 1999, with a heavy focus on virtualization and storage since 2008.
Nexus 1000V has already reached the 10,000 customer milestone with some customers purchasing 1000+ CPU licenses. Nexus 1000V continues to provide the foundation for the most advanced virtual networks by supporting, 1) multiple hypervisor environments, such as VMware vSphere, Microsoft Hyper-V and Openstack KVM 2) the most extensive set of virtual network services, including ASA 1000V Cloud Firewall, distributed zone-based virtual firewall, vWAAS WAN optimization, the Cloud Services Router (CSR) 1000V, Cisco Prime Network Analysis Module (NAM) and advanced service insertion and chaining technology, vPath and 3) a true management control plane that provides greater policy and control features for richer networking functionality.
We’ll be showing a lot of these features this week. Come by our booth and check it out. If you are around #VMworld this week, give us a shout out on twitter using Cisco hash tag #ciscovmw. For those of you that can’t make it out to VMworld, listen to the review of these new features in Ver 3.1 in this webcast.
I don’t think that anyone can deny that being in the IT industry at this time is exciting and interesting. It’s also exhausting. There is a ton of hyperbole floating about on Twitter and the Blogosphere concerning the need for network engineers to become programmers, and that ‘whatever’ technology du jour is only minutes away from capturing the market and being the de-facto standard. Oh by the way, all networking gear will be white box gear too — didn’t you hear? I’ve tried to NOT write a post that I fear will be read and dismissed as mere rhetoric, but here I am anyway.
As of late, I’ve had the awesome opportunity to work with some very cool customers who are Read More »
In November last year, I introduced via my blog, the powerful capabilities of the ACI Fabric and the unique hardware based VXLAN implementation in Cisco Nexus 9000 Series switching platform. In this blog, I am happy to present a powerful Video based demonstration of the ACI Fabric. The demo presents a single view of an entire spine-leaf fabric based deployment, and how the fabric allows full integration and full normalization of any encapsulation be it vlan or vxlan, with full bridging/routing capabilities across all of these including bare-metal servers. The demo also shows how data can jump in and out of physical/virtual environment within the Fabric, and how the Fabric treats everything with a consistent policy based approach to deploying apps on top of ACI. Check out the demo here:
Earlier this year Cisco announced the Cisco Prime Virtual Network Analysis Module (vNAM), an integral component of the Cisco Cloud Network Services portfolio. While a virtual NAM has been available on the Nexus 1100 Cloud Services Platform (a UCS appliance for virtual services), it has not been available in a generic VM form factor, which now provides greater deployment flexibility for NAM customers, as they look to monitor application and network performance in their virtual data centers. The result is greater visibility at more points in the network.
Cisco Prime vNAM combines application-awareness with the ability to look deeper into various network overlays, such as VXLAN, LISP, and CAPWAP, to deliver rich analytics that help assure services levels, accelerate operational decisions, and increase business agility. Its versatility permits it to be used to:
Monitor workloads in multi-tenant cloud deployments
Analyze network usage by application, host or virtual machine (VM) to identify unusual traffic patterns or bottlenecks that may affect performance and availability
Troubleshoot performance problems consistently across physical and virtual environments
Take advantage of an integrated web-based interface to remotely manage a site
Validate infrastructure updates such as WAN optimization, Cisco TrustSec, and quality-of-service policy changes
Prime vNAM can be deployed in the cloud to monitor hosted workloads, at remote sites to monitor the end-user experience, or almost anywhere in the network to eliminate blind spots.