In a recent post, I previewed some new hybrid cloud market research from Forrester that spoke to the business drivers and technical hurdles to cloud integration, and Shashi Kiran has recently posted about lowering the barriers to hybrid cloud adoption. Today, as part of a larger cloud technology launch, Cisco is announcing a new hybrid cloud solution, Nexus 1000V InterCloud.
One of the fundamental capabilities for the world of many clouds is the ability to link various cloud environments into a single extended fabric with consistent capabilities, operations and management. While previous Unified Fabric innovation has focused on physical/virtual consistency of the DC fabric, this announcement brings that consistency to the cloud. This new technology from Cisco extends the existing networking capabilities, L4-7 services and manageability of your enterprise into public and provider clouds to create a single consistent, reliable, predictable environment for all your physical, virtual and cloud workloads. This secure and seamless degree of integration to the hybrid cloud frees you to run and move applications where it makes the most sense, on-demand, without compromise.
[Note: Join us for a Live Announcement Webcast February 5: Register Here]
Read More »
Tags: ASA 1000V Cloud Firewall, Cisco Intelligent Automation for Cloud, Cisco Prime NAM, forrester, Hybrid Cloud, InterCloud, LISP, Nexus 1000v, OTV, private cloud, Public Cloud, Virtual Security Gateway, vPath, vsg, vWAAS, VXLAN
At Cisco Live! in London this week, Cisco is demonstrating some enhancements to its Nexus 1000V virtual switch that greatly ease some of the challenges in deploying VXLAN in large scale cloud networks. VXLAN was designed to solve the problem of setting up traditional virtual networks (VLANs) in large multi-tenant cloud environments: the limited ID range for VLAN tags was quickly exhausted and a larger ID pool was needed for larger shared infrastructures. VXLAN thus becomes the foundation for a virtual network tunnel or virtual network overlays on top of physical networks. And unlike VLANs, VXLANs are designed to act as L2 virtual networks over L3 physical networks. For a more in-depth refresher on VXLAN, start here.
[Note: Join Cisco for a Live Announcement Webinar on Cloud Innovations on February 5: Register Here]
While VXLANs have certainly enabled a whole new level of scalability for virtual networks, one of the challenges in deploying VXLAN is its use of IP Multicast to implement the L2 over L3 network capability. Why is this? VXLAN is a MAC-in-IP encapsulation protocol in a UDP frame. The virtual switch that acts as the VXLAN termination (in Cisco’s case, the Nexus 1000V virtual switch) takes the L2 packet from the VM, wraps it in a L3 IP header, and sends it out over UDP. But the challenge is that there’s no way to determine which IP address should be used for the destination host (VXLAN termination point) at which the desired MAC address can be found. In other protocols, this can be accomplished within the network control plane and some MAC to IP mapping protocol, but the VXLAN specification indicates there should be no reliance on a control plane or a physical to virtual mapping table.
Read More »
Tags: cisco live, IP Multicast, Nexus 1000v, UDP, virtual network overlays, VXLAN
I am going to spend the next couple of posts digging through one of the more interesting new technologies we are working on: a standard called Locator/ID Separation Protocol (or LISP). Why should you care—well if you are looking at deploying clouds, supporting mobility of end-points or VMs or are managing a routing architecture or any meaningful size or complexity, I think it will be worth your while to check out LISP.
LISP is a new approach to routing that is designed to address the changes in how we are using our networks. Lets explore LISP through the lens of one of the biggest challenges facing network architects today: properly tackling mobility, whether its mobile endpoints like smartphones, tablets or squirrels or the mobile workloads that are at the heart of server virtualization and cloud computing. While mobility this is probably the “sexiest” use case right now, there are a number of other use cases, like routing architecture scalability and IPv6 migration, which, while less alluring to all but the biggest networking nerds, are no less important.
Read More »
Tags: Cisco, LISP, VXLAN
[See Also: Follow-Up Q&A on Freemium Pricing Model]
[Update 11/26/12: the free Nexus 1000V virtual switch is available for download from here.]
Following on the heels of the announcement of our Nexus 1000V 2.1 release last month, Cisco is today announcing a new pricing and packaging strategy for its flagship virtual switch portfolio. Starting with that new 2.1 release, which is now in beta, we will have two editions of the Nexus 1000V, an Essential Edition and an Advanced Edition. The Nexus 1000V Essential Edition will be available for free, plus a nominal annual support fee, in a move that we believe will encourage customers and our partners to proliferate what has already become the most popular virtual switch in the industry with over 6,000 customers to date.
The Nexus 1000V Essential Edition provides all the rich Layer-2 networking features to connect virtual applications to the network and integrate into VMware environments, including: VXLAN capability, Cisco vPath service insertion, integration with vCloud Director, and a plug-in for management and monitoring in VMware’s vCenter Server. This free version will enable rapid, low-risk adoption of Cisco’s virtual network technology environments.
The Advanced Edition, priced at $695 per CPU, the same price as the current 1.5 release, includes:
- The Cisco Virtual Security Gateway (VSG) for Nexus 1000V, a virtual firewall with visibility to virtual machine attributes for building sophisticated compliance policies, and logical trust zones between applications (VSG was previously sold as a separate product).
- Support for advanced capabilities, such as DHCP snooping, IP Source Guard, Dynamic ARP inspection and Cisco TrustSec Security Group Access (SGA).
Read More »
Tags: ASA 1000V, Cisco ONE, Cisco TrustSec, KVM, Nexus 1000v, Nexus 1100, OpenStack, SDN, virtual network overlays, Virtual Security Gateway, vPath, vsg, VXLAN, Xen
The networking industry has recently developed a renewed interest in virtual overlays, often wrapped in an “SDN as the controller” context. Amidst the promise, the hope and the hype, the following questions present themselves:
- What exactly is an overlay?
- What distinguishes an overlay from a VPN?
- How decoupled can an overlay be from the underlay network and what are the tradeoffs?
- What are the advantages of overlays and will they emerge as the new networking world order? Read More »
Tags: E-VPN, LISP, Overlay, TRILL, VXLAN