2 - Nexus Presentation
-
Upload
vikrama010 -
Category
Documents
-
view
141 -
download
2
Transcript of 2 - Nexus Presentation
© 2009 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 14
Virtual Switching
Establishing A Platform for Virtual Network Services
© 2010 Cisco and/or its affiliates. All rights reserved. 15
Cisco’s Virtual Networking Vision Accelerate Data Center Virtualization
Virtual Network Link (VN-Link)
Virtualized
Agile Policy-driven Multi-tenant
Virtual Network Services
Extend network services to virtualized environments
• Virtual Security Gateway for Nexus 1000V
• Virtual WAAS
• NAM virtual service blade on Nexus 1010
Compute Environment
Extend networking to virtualized environments
• Hypervisor Switch (SW): Nexus 1000V • Standards based, Feature rich
• External Switch (HW): UCS 6100/N5K + VIC (Pre-standard, IEEE 802.1 Qbh)
Virtual Network Management (UCSM, VNMC) Policy-driven, Programmatic, Multi-device, Multi-tenant
© 2010 Cisco and/or its affiliates. All rights reserved. 16
Server Virtualization Issues
1. vMotion moves VMs across physical ports—the network policy must follow
2. Impossible to view or apply network policy to locally switched traffic
3. Need shared nomenclature for security policies between network and server admin
Port Group
vCenter
Physical Switch Interface
© 2010 Cisco and/or its affiliates. All rights reserved. 17
Cisco Nexus 1000V Distributed Virtual Switch for VMware vSphere
Policy-Based
VM Connectivity
Mobility of Network &
Security Properties
Non-Disruptive
Operational Model
vSphere
Nexus
1000V
VEM
Nexus 1000V
Virtual Supervisor Module (VSM)
VM VM VM VM
Industry’s most advanced virtual switch
for VMware vSphere
Standards based – interoperates with all
IEEE 802.1Q switching platforms
Built on Cisco NX-OS
Feature and operational consistency
across physical and virtual networks
Provides advanced switching features
Non-disruptive provisioning model
Network team manages virtual network
No change for server administration
Host
Hypervisor
vSphere
Nexus
1000V
VEM
VM VM VM VM
Host
Hypervisor
© 2010 Cisco and/or its affiliates. All rights reserved. 18
Features of the Nexus 1000V
Switching L2 Switching, 802.1Q Tagging, VLAN Segmentation, Rate Limiting (TX)
IGMP Snooping, QoS Marking (COS & DSCP), Class-based WFQ*
Security Policy Mobility, Private VLANs w/ local PVLAN Enforcement
Access Control Lists (L2–4 w/ Redirect), Port Security
Dynamic ARP inspection, IP Source Guard, DHCP Snooping
Provisioning Automated vSwitch Config, Port Profiles, Virtual Center Integration
Optimized NIC Teaming with Virtual Port Channel – Host Mode
Visibility VMotion Tracking, NetFlow v.9 w/ NDE, CDP v.2
VM-Level Interface Statistics
Policy-based SPAN & ERSPAN*
Management Virtual Center VM Provisioning, Cisco Network Provisioning, CiscoWorks
Cisco CLI, Radius, TACACs, Syslog, SNMP (v.1, 2, 3)
Hitless upgrade*
*In 1.4 Release, 4Q CY2010
© 2010 Cisco and/or its affiliates. All rights reserved. 19
VSM on Nexus 1010 VSM on Virtual Machine
Nexus 1010: VSM on an Appliance
vSphere
1000V
VEM
Server
VM VM VM
vSphere
Cisco Nexus 1010
Server
VM VM VM VM
1000V
VEM
1000V
VSM x 1
1000V
VSM x 4
© 2010 Cisco and/or its affiliates. All rights reserved. 20
Feature Comparison
VSM on Virtual Machine VSM on Nexus 1010
Nexus 1000V features and scalability
VEM running on vSphere 4 Enterprise Plus
NX-OS high availability of VSM
Installation like a standard Cisco switch
Network Team manages the switch hardware
Nexus 1000V features and scalability
VEM running on vSphere 4 Enterprise Plus
NX-OS high availability of VSM
VSM Virtual Appliance VSM hosted on Nexus 1010
© 2010 Cisco and/or its affiliates. All rights reserved. 21
NAM Virtual Blade on Nexus 1010 Optimize Application Performance and Network Resources
Application Performance Monitoring
Traffic Analysis and Reporting
Applications, Host, Conversations, VLAN, QoS, etc.
Per-application, per-user traffic analysis
View VM-level Interface Statistics
Packet Capture and Decodes
Historical Reporting and Trending
ERSPAN
Nexus 1000V
VSM
vSphere
Nexus
1000V
VEM
vCenter
NetFlow
NAM
Virtual
Blade on
Nexus
1010
VM VM VM VM
© 2010 Cisco and/or its affiliates. All rights reserved. 22
Introducing: Cisco Virtual Security Gateway Securing Virtualized Data Center and Cloud Environments
FEATURES
Secure segmentation with zone-based
firewall
VM-level granularity with context-aware
rules
Virtual Network Management Center:
Policy-based centralized management
BUSINESS BENEFITS
Operational simplicity
Deployment flexibility
Consistent security policy compliance
and auditing
Virtual Security
Gateway (VSG)
On Nexus 1000V
Virtual Network
Management
Center (VNMC)
© 2010 Cisco and/or its affiliates. All rights reserved. 23
Example Use Case: 3-tier Server Zones
Web
Server Web
Server
App
Server App
Server
DB
server DB
server
Port 80 (HTTP)
and 443 (HTTPS)
of Web Servers
open
Only Port 22 (SSH)
of App Servers open
All other
traffic
denied
Only Permit Web Servers
access to App servers via
HTTP/HTTPS
Only Permit App
servers access to
DB servers
Tenant_A Tenant_A
© 2010 Cisco and/or its affiliates. All rights reserved. 24
Virtual Network
Management
Center
(VNMC)
Virtual Security Gateway - Capabilities
VM context aware rules Context aware
Security
Establish zones of trust Zone based
Controls
Policies follow vMotion Dynamic, Agile
Efficient, Fast, Scale-out SW Best-in-class
Architecture
Security team manages security Non-Disruptive
Operations
Central mgmt, scalable deployment,
multi-tenancy
Policy Based
Administration
Virtual
Security
Gateway
(VSG)
XML API, security profiles Designed for
Automation
© 2010 Cisco and/or its affiliates. All rights reserved. 28
Nexus 1000V
vCenter VNMC
Virtual Network
Management Center
Virtual Network Management Center (VNMC) Seamless Policy-Based Management
Port Profile
VM Context
Security Profile
VM
VM
VM
VM
VM
VM
VM
VM
VM
Server
Team
Network
Team
Security
Team
Nexus 5000 and 2000 Series Data Center
Business
Advantage
30 30 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Cisco Nexus 5548UP Switch Compelling “Unified Ports” Value Proposition
Expansion Modules (GEM2)
16p SFP+ Ethernet Ports
8p Eth + 8p Native FC
16p Unified Ports
32 Fixed SFP+ Ports
Line Rate
Hardware Capable of 1/10GE Traditional Ethernet *, Fibre
Channel over Ethernet, and 8/4/2/1G Native Fibre Channel
Front to Back Airflow
Redundant 750W AC
Power Supplies
Redundant Fan
Modules
Mgmt 0,
Console, USB
Back of
the Switch
Front of
the Switch
* 1G Support NOW available with 5.0(3)N1(1)
31 31 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Cisco Nexus 5596UP Switch Industry’s Highest Density Fixed Form-Factor Switch
Expansion Modules (GEM2)
16p SFP+ Ethernet Ports
8p Eth + 8p Native FC
16p Unified Ports
48 Fixed SFP+ Ports
Line Rate
Hardware Capable of 1/10GE Traditional Ethernet *, Fibre
Channel over Ethernet, and 8/4/2/1G Native Fibre Channel
Back of
the Switch
* 1G Support NOW available with 5.0(3)N1(1)
Front to Back Airflow
Redundant Fan Modules Redundant 1100W AC Power Supplies Mgmt 0, Console, USB
Front of
the Switch
Cisco Nexus 5500 Platform Cisco ® All Rights Reserved 32
Generic Expansion Modules (GEM2) Ultimate Flexibility
N55-M16UP
• 16 “Unified Ports”
• Ports can be configured as either
Ethernet or Native FC Ports
• Ethernet operation at 1/10 Gigabit
Ethernet
• Fibre Channel operation at 8/4/2/1G
• Uses existing Ethernet SFP+ and
Cisco 8/4/2G and 4/2/1G FC Optics
AND Simplicity Flexibility
Minimum software required: 5.0(3)N1(1)
Cisco Nexus 5500 Platform Cisco ® All Rights Reserved 33
Nexus 5500 Layer 3 Modules Two Distinct Form Factors, Same Performance
Nexus 5548P
Nexus 5548UP Nexus 5596UP
L3 Hardware
List Price
$5,000
L3 Hardware
List Price
$5,000
Cisco Nexus 5500 Platform Cisco ® All Rights Reserved 35
Cisco Nexus 7000 with 2000 Fabric Extender (FEX) Platform Update
Model Nexus 2224TP Nexus 2248TP Nexus 2232PP-10G
Form Factor 1 RU 1 RU 1 RU
Uplink Ports 2 x 10GbE SFP+ 4 x 10GbE SFP+ 8 x 10GbE SFP+
Uplink Transceivers Supported
Copper CX-1 (passive): 1m, 3m, 5m. (active ) 7M,10M Optical: FET (Nexus 2200 platforms), SR, LR [distance limited to 300m]
Host Facing Ports 24 x 100/1000Base-T RJ45 48 x 100/1000Base-T RJ45
32 x SFP/SFP+ (1/10G) (note: 1GE SFP support in
4.2(1)N2(1))
FCoE N/A N/A Yes ( for Nexus 7000 On future line module)
Dimensions 1.72 x 17.3 x 17.7in 1.72 x 17.3 x 17.7in 1.72 x 17.3 x 17.7 in
Operational Power 95W 110W 270W
Supports FET Yes Yes Yes
Multiple PortChannel member ports on a FEX
Yes Yes Yes
Scalability
32 FEX per Nexus 7000
768 FEX GbE Ports per Nexus 7000
1536 FEX GbE Ports per Nexus 7000
1024 FEX 10GbE Ports per Nexus 7000
38 38 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Nexus 7000 Platform Overview
Next Generation Modular
Linecard Modules
Nexus 7000 and NX-OS
• 9, 10 & 18 Slot Chassis
• 15+ Terabit System (18 Slot)
• Unified Fabric
• Modular NX-OS
• Device Virtualization
• Hitless ISSU
• Highest Availability Ethernet Switch
and Director Class SAN
Supervisor
Cisco NX-OS Multi-protocol Operating System
Data Center Network Manager (DCNM)
10G Ethernet – M Series
• 32 Port SFP+ 10G - XL
• 8 Port X2 10G - XL
1G Ethernet – M Series
• 48 Port 10/100/1000 -XL
• 48 Port 1G - XL
10G Ethernet – F Series
DCB/FabricPath/FCoE
• 32 Port SFP+ 10G
© 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External 51 51
NX-OS Software
53 53 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
NX-OS Modular Architecture
Based on MDS-9000 Series SAN-OS 3.1
Every process runs in protected memory for fault containment
Automatic stateful process restart
Modular code only runs in DRAM when invoked
System Infrastructure
Kernel (Linux)
HA
Man
ag
er
Storage Protocols Layer 3 Protocols
OSPF
BGP
EIGRP
GLBP
HSRP
IGMP
PIM SNMP
…
Layer 2 Protocols
VLAN
PVLAN
UDLD
CDP
802.1X STP
LACP CTS
…
VSANs
FCIP
Zoning
FSPF
IVR …
Future
Cisco Confidential
55 55 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Release 4.0
Release 4.1
In-Service Software Upgrade
Linux Kernel
OS
PF
BG
P
PIM
etc
.
HA Manager
N7K Data Plane
Linux Kernel
HA Manager
Active
I/O Module Images
Upgrade and reboot
Release 4.0
Release 4.1
OS
PF
BG
P
PIM
etc
.
Standby
Initiate stateful failover
Upgrade and reboot
Upgrade and reboot I/O modules
Active
Standby
Needed for animation,
don’t remove!
N7K# install all kickstart bootdisk:4.1-kickstart system bootdisk:4.1-system N7K#
N7K#
Release 4.0
Release 4.1
56 56 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
High Availability - Independently Verified Zero Packet Loss
Zero Packet Loss when Upgrading and Downgrading the software image - ISSU
Zero Packet Loss when removing Fabric Cards
Zero Packet Loss when killing and restarting OSPF
Zero Packet Loss when failing over Supervisors
http://www.networkworld.com/reviews/2008/090108-test-cisco-switch.html
Test Conditions: Nexus 7000 I/O modules load balance all of the traffic across all
5 Fabric Cards. The test was performed with 51,200 OSPF routes, 256 OSPF
neighbors (one on each 10GbE port), every packet going through a security ACL of
7000 lines, every packet being rewritten using a 500 line QOS ACL, each line cards
was doing 48 Mpps lookup, and Cisco Netflow to track up to 512,000 flows .
Cisco Confidential
57 57 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Virtual Switches
One physical switch can act as multiple virtual switches
Reduces the number of physical switches in the network, lowers capex and power
Applications Include separating Networks, Isolating Security Domains using the same physical switch
Note: Should not be used for dual homing high availability. Physical redundancy is more robust
Prod
DMZ Extranet
58 58 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Collapsed Aggregation/Core Using Virtual Switches
Core
Aggregation
Access
Switch 1 Switch 2
59 59 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Nexus 7000 Virtualization with VDCs
VDC – Virtual Device Context
Flexible separation/distribution of hardware resources and software components
Complete data plane and control plane separation
Complete software fault isolation
Securely delineated administrative contexts
Forwarding engine scalability with appropriate interface allocation
Infrastructure
Kernel
VDC 1
VDC 2
VDC 3
Layer 2 Protocols Layer 3 Protocols
VLAN
PVLAN
OSPF
BGP
EIGRP
GLBP
HSRP
IGMP
UDLD
CDP
802.1X STP
LACP PIM CTS SNMP
… …
VDC 1
VDC 4
Layer 3 Protocols
OSPF
BGP
EIGRP
GLBP
HSRP
IGMP
PIM SNMP
…
VDC 2
Layer 2 Protocols
VLAN
PVLAN
UDLD
CDP
802.1X STP
LACP CTS
…
60 60 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Virtual Port Channel - vPC
vPC is a Port-channeling concept extending link aggregation to two separate physical switches
Allows the creation of resilient L2 topologies based on Link Aggregation.
Eliminates the need for STP in the access-distribution
Provides increased bandwidth
All links are actively forwarding
vPC maintains independent control planes
Virtual Port Channel
L2
SiSi SiSi
Increased BW with vPC
Non-vPC vPC
Physical Topology Logical Topology
63 63 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
FabricPath Shipping, Tested and Published Solution
How we tested Cisco FabricPath : http://www.networkworld.com/reviews/2010/102510-cisco-fabricpath-test-how.html?source=NWWNLE_nlt_cisco_2010-10-25
“Impressive performance Our tests examined FabricPath functionality in five ways. All these involved six Nexus 7010
chassis linked to create one FabricPath network connecting 12,800 emulated hosts….”
“No multicast performance penalty Cisco also claims FabricPath load-shares multicast source-receiver trees across multiple
spine switches, compared with the single tree formed in STP networks…”
“Fast Fabric failover For networking in general and data centers in particular,
resiliency is an even more important consideration than high
performance. …”
http://www.networkworld.com/reviews/2010/102510-cisco-fabricpath-test.html
“Cisco FabricPath enables faster, simpler, flatter data center
networks” By David Newman, Network World October 25, 2010
69 69 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Applications leveraging LAN extensions
VMware Cluster (Local)
VMware Vmotion
Microsoft MSCS (with all your backoffice on it)
Veritas Cluster Server (Local)
Solaris Sun Cluster Enterprise
Oracle RAC (Real Appl.Cluster)
IBM HACMP
EMS/Legato Automated Availability Mgr
NetApp Metro Cluster
HP Metrocluster
BACnet (building automation/control - http://www.bacnet.org/)
70 70 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Introducing – Overlay Transport Virtualization
O
T
V
Overlay - A solution that is independent of the infrastructure technology and services, flexible over various inter-connect facilities Transport - Transporting services for layer 2 and layer 3 Ethernet and IP traffic Virtualization - Provides virtual connections, connections that are in turn virtualized and partitioned into VPNs, VRFs, VLANs and Bridge Domain instances
IETF Standard - http://tools.ietf.org/html/draft-hasmit-otv-00
OTV delivers a virtual L2 transport
78 78 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Nexus 7000 Worldwide Deployment
3 Years of Shipments
4,000+ Customers
13,000+ Chassis Shipped
79 79 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External 79 79
Selected Customers With Nexus Deployments
80 80 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
StrataScale: Service Provider Selects Nexus
Fully automated managed server hosting
Need infrastructure to support 100% uptime SLA for IronScale service
Service built upon Nexus 7000
“Zero Service Loss Architecture” meets IronScale SLA requirements
Density and performance delivered higher utilization and improved ROI
Manageability and IOS-consistency allowed for quick, painless deployment
81 81 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Three segments: advertising, business service, personal service
7 data centers, new DC to meet growth
Demanding requirements for virtualization, stateful fault recovery
Nexus 7000 selected for scalability, switching performance, 10GbE density, and security policy migration and management
Benefits
Increased bandwidth and capacity for server-to-server traffic
Reduced core server footprint from 4 to 2
Infrastructure virtualization provides better management and improved space and power utilization
82 82 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Nexus 7000 – Proven Performance
Continuous Operations High Availability verified Zero Service Disruption Upgrades Virtual Port Channel- improves L2 Availability
Scalability 18-Slot Chassis: 768 GbE and 512 10GbE Port Density. Increased network efficiency. 48p 1Gb Fiber – more deployment scenarios
Virtualization Virtual Device Contexts (VDCs) Consolidate network layers for medium-business Data Center Interconnect Simplified with OTV
512 x 10GbE 768 x 1GbE
256 x 10GbE 384 x 1GbE
83 83 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
84 84 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Disclaimer
Some of the products and features described herein remain in varying stages of development and will be offered on a when-and-if-available basis. The information in this Seminar is subject to change at the sole discretion of Cisco, and Cisco will have no liability for delay in the delivery or failure to deliver any of the products or features set forth in this document.
85 85 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Nexus 7000 I/O Module Family Roadmap
Shipping 2010 2011
M1 Series Modules
32 port 10G (80G/slot)
48 port 1G RJ45 (46G/slot)
48 port 1G (46G/slot)
M1 Series XL Modules
8 port 10G-XL (80G/slot)
32 port 10G-XL (80G/slot)
48 port 1G-XL (46G/slot)
48 port 1G RJ45-XL (46G/slot)
F1 Series I/O Modules
32 port 10G SFP+ (230G/slot) F2 Series I/O Modules
48 port 10G SFP+ w/L3 (480G/slot)
40 port 10G 10G-T w/L3 (400G/slot)
M2-XL Series Modules
10G/40G/100G modules
… 2012
Cisco Confidential – Under NDA
© 2010 Cisco Systems, Inc. All rights reserved. Cisco Confidential C97-591706-00 86
1HCY’12 1HCY’11 2HCY’12 2HCY’11
Delhi (5.2) Target: June, 2011 Status: EC
Edinburgh (6.0) Target: Q4, CY2011 Status: EC
Freetown (6.1) Target: 1H, CY2012 Status: EC
Gibraltar Target: 2H, CY2012 Status: Planning
Helsinki Target: 2013 Status: Planning
1HCY’13
NX-OS Long Term Planning Software Releases Target Dates for the Nexus 7000
© 2010 Cisco Systems, Inc. All rights reserved. Cisco Confidential C97-591706-00 87
NX-OS Roadmap for Nexus 7000
Q4CY10 Q1CY11 Q2CY11 Q3CY11 Q4CY11 1HCY12
Cairo Delhi Freetown
Freetown (EC)
Target 1HCY12
M2 Series: 6-port 40G I/O module
M2 Series: 2-port 40/100G I/O module
F2 Series: 40-port 10GBase-T I/O Module
F2 Features Phase 2: FEX, FCoE, FabricPath
CCN – Phase I*
IPSLA*
MPLS Phase 2-VPLS*
LISP Phase 2 – Multi-Tenancy
Delhi (EC) 5.2
Target 2QCY11
9-slot Nexus 7000 chassis (maint)
MPLS Phase 1 – L3VPN
FCoE / FCF (F1)
LISP Phase 1 – VM Mobility, IPv6, Map Server
VACL Capture (M1)
Static M’cast Mac (M1)
Nexus 2232, 2224 (FEX)
1588 PTP (F1)
OTV Adjacency Server
Edinburgh (EC)
Target Q4CY11
F2 Series: 48-port 10G I/O module
F2 Features Phase 1: L2, L3, vPC, SPAN
7010 Fab 2 Module
7018 Fab 2 Module
Cisco Confidential – Under NDA
Edinburgh
Cairo (SHIPPING) 5.1
FabricPath and VPC+
F1 Series: 32-port 10G SFP+ I/O module
M1 Series: 32-port 10G XL SFP+ I/O module
M1 Series: 48-port 10/100/1000 XL I/O module
VTP client/server
ERSPAN (M1)
Nexus 2248T (FEX)
*Pending Separate EC
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 88
Today 6500 Service node
CY2012+ 6500 & Nexus 7000
FWSM
ACE
NAM
Next Generation Service Module Strategy
• Data plane unification with appliance
• HTTP Compression
ACE30
Ap
pli
ca
t
ion
Deli
ve
ry
Secu
rity
A
pp
licat
ion
Vis
ibil
ity
&
Mo
nit
ori
ng
CY2011 6500 Service node
ASA SM
NAM10
• 10+ Gbps
• 10+ Gbps Performance
• ASA Software Parity • 40Gbps Forwarding
• 1000 contexts
NG FW For N7K
Common HW Platform for FW, NAM
• 20Gbps Monitoring
NG NAM For N7K
• 40Gbps Forwarding
• 300K CPS
Cisco Confidential – Under NDA
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 89
Nexus 7000 Unique Innovations Drivers for transitioning
Value
Continuous Operations
Hitless ISSU Perform software upgrades with zero packet loss
and no service disruptions
Stateful Process
Restart for NX-OS
High-Availability Modular Operating System
Lossless Fabric Lossless fabric with Virtual Output Queues
Virtualization Enabler
Unified Fabric Enable I/O Consolidation with FCoE capable
modules in the Nexus 7000
Nexus 2000 Fabric
Extender Support
Support high-density 1GE ToR Designs with a
greatly reduced management touchpoints
Overlay Transport
Virtualization
Simple solution for L2 Extensions within and
across Data Center
TRILL / Layer 2 Multi-
Pathing
Build large L2 Networks without running spanning
tree
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 90
Nexus 7000 Unique Innovations Drivers for transitioning
Value
Security & Cost
Optimization
Cisco TrustSec (CTS) Line rate hop by hop link encryption, Group-based
tags for access control in network
Virtual Device Contexts Virtualize a single physical switch into multiple
virtual switches
Operational Excellence
Front-to-back Airflow Allows optimized Air-Cooling/consumption DC
deployments for greater resources utilization& cost
Fabric, PS, FAN in the
back of the chassis
Allows upgrade or maintenance operation without
impact on Cabling => shorten time & cost
Shutdown lock-buttons
on Fabric Modules
Properly shut down sequence for Fabric module
when unlocking=> prevents any packet loss
Blue Beacon LED on
modules
Remote controlled identification of components
requiring operations. Eliminate errors & optimize
costs
Integrated Wireshark
port
Integrated deep packet inspection capabilities for
faster initial troubleshooting operations
© 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External 91 91
Nexus Series Network Management
92 92 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Data Center Network Manager (DCNM)
Comprehensive data-center class administration architecture:
Multi-protocol aware – consolidates and automates Ethernet, IP and Fiber Channel management
Manages specific data-center network features
Offers FCAPS coverage for full network service life cycle administration, with emphasis on provisioning, performance and accounting
Provides management solution for all layers of Cisco-based data center networks
93 93 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
DCNM - Intelligent Information Solution
Centralized management throughout
the data center network
- Fiber Channel, Ethernet, IP routing and Network
Security domain awareness
Enables error-free provisioning
- Configuration validation via syntax and semantics
checks
Health monitoring - Real-time alarms and key traffic performance
indicators
Facilitates the insertion of innovative
network features - Network virtualization transparently supported day 1
Discovery & Inventory
Fault Management
Performance Monitoring
System & Infrastructure
Configuration
94 94 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Cisco TrustSec
First Cisco product to deliver Cisco TrustSec, a cross-platform, multi-phase policy-based admission- and access-control solution
FC FC
Unified I/O
Unified I/O
FC FC
GbE
GbE
Unified Fabric
Intelligent Fabric Applications
95 95 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Cisco TrustSec – Network Admission Control
1. Authentication Request
5. Links Up
3. SGT Dynamically Assigned
Employee
Partner
Guest Cisco ACS 5.0 External
Directory Server
General
2. Radius & AD Authc/Authz
4. SGACL Dynamically Applied
Source: Ken Hook
CRM
Internet
E C
P
I
U
G
SGACL
Process Authorization Rules Verify Identity Credentials
& Obtain Additional Attributes
C
U
I
E
P
G
96 96 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Employee
Partner
Guest
General
Source: Ken Hook
CRM
Internet
E C
P
I
U
G
Source: Ken Hook
SGACL
Matrix
Destination Groups
So
urc
e G
rou
ps
E
C U
P
G
I
Access Denied
Cisco TrustSec – Topology Independent Access Control
C
U
I
E
P
G
© 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External 97 97
VOQ and Central Arbitration Theory
98 98 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Lossless Fabric with Single Queues
A
B
C
B
ARB
Request
Grant
Credit
99 99 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Head of Line Blocking
A
A
B
C
ARB
Request
Grant
Credit
100 100 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Head of Line Blocking
A B C ?
A
B
C
ARB
Request
Grant
Credit
101 101 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Virtual Output Queues and Arbitration
B F
ARB
Request
Grant
Credit
A
B
C
102 102 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
A A C B A
Virtual Output Queues and Arbitration
ARB
F
A
B
C
Request
Grant
Credit
103 103 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Cable Management
Can route up to 384 Cat6A cables to one side of chassis – worst-case scenario
Cable tray cover and lockable front doors prevent accidental interference
104 104 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Nexus 7000 Data Center Operations Power and Environmentals
Power efficiency and scalability for today and tomorrow’s data center environment
Power supply efficiency rated above 90%
Redundancy modes for N+1 or GRID redundancy
Variable Speed Fans
Real-time Power Meter capable
Virtualization allows switch consolidation
220V
Grid 1 Grid 2
220V
Power Consideration
105 105 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
System Power
6000W or 7500W AC power supply for Nexus 7000 series chassis
Dual inputs at 220/240V or 110/120V
Proportional load-sharing among supplies
Hot swappable
Blue beacon LED for easy identification
106 106 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Nexus 7000 DC Power Supply
-48V 6kW DC Power Supply
Supports 2 independent inputs
3kW per input connection
1+1 resilience for battery plant
15’ Custom Power Cable with connector plug and terminal ends for hot swap
Compatible with all shipping Nexus 7000 Series
7018 Supports up to 24kW
1+1 mode up to 12kW
N+1 mode up to 18kW
7010 Supports up to 18kW
1+1 mode up to 9kW
N+1 mode up to 12kW
107 107 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
32-Port 10GE I/O Module, 80G Fabric
80G full duplex fabric connectivity
4:1 oversubscription at front panel
Two operational modes per group of 4 ports,
Dedicated mode
Shared mode
IEEE802.1AE MACSec on every port
Buffering:
Dedicated mode: 65MB ingress, 80MB egress
Shared mode: 1MB per port Plus 65MB shared ingress, 80MB egress (4 ports)
Queues: 8q2t ingress, 1p7q4t egress
SFP+
SR – 300m over MMF (OM3)
LR – 10km over SMF
ER – 40km over SMF
108 108 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
8-Port 10GE XL I/O Module, 80G Fabric
8 ports of Line Rate 10GE
80G full duplex fabric connectivity
Dual M1 Forwarding Engines for 120Mpps
64 byte packet line rate performance on all 8 ports
Flexible XL Option with Feature License
Up to 1M FIB entries, 128K ACL/QoS TCAM
IEEE802.1AE MACSec on every port
Buffering:
Dedicated mode: 65MB ingress, 80MB egress
Queues: 8q2t ingress, 1p7q4t egress
X2 Optics
LRM – 220m over FDDI, OM1..
SR – 300m over MMF (OM3)
LR – 10km over SMF
ER – 40km over SMF
DWDM – 80 km, 32 colors
109 109 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
48-Port 1GE I/O Module - Copper
48 1GE 10/100/1000 RJ-45 ports
46G full duplex fabric connectivity
Line rate on 48-ports
With ~10% local switching
Integrated 60Mpps forwarding engine
48 ports wire-rate L3 multicast replication
IEEE 802.1AE MACSec on every port
110 110 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
48-Port 1G –XL I/O Module - Fiber
48 1G SFP ports
SX, LX, ZX, T, CWDM, DWDM
Supports Digital Optical Monitor
46G full duplex fabric connectivity
Line rate on 48-ports
With ~10% local switching
Integrated 60Mpps forwarding engine
48 ports wire-rate L3 multicast replication
Flexible XL Option with Feature License
802.1AE MacSec on every port
111 111 © 2009 Cisco Systems, Inc. All rights reserved. Nexus 7000 EBC External
Integrated Forwarding Engine
Advanced hardware forwarding engine
Up to 60Mpps IPv4 unicast, 30Mpps IPv6 unicast throughput
M1 Series Forwarding Engine
Equal to Cat 6K EARL 8
Integrated on every I/O module (NOT a FRU)
Non-XL XL
FIB TCAM 128K Up to 1M
IPv4 Routes 128K Up to 1M
IPv6 Routes 64K Up to 500K
Classification TCAM (ACL and QoS) 64K 128K
NetFlow TCAM (Ingress and Egress) 512K 512K
MAC table 128K 128K
Bridge Domains (VDC + VLAN) 16K 16K
Table sizes