Nexus 1010 Overview and Deployment

Softw
a
vSph re Switch
ere an fo
d vClo r VMware
ud Dir
ector

Cisco Nexus 1010 Overview and Deployment

Sal Lopez
Technical Marketing Engineer
SAVBU

Nexus 1000V Public Webinar Series

Date
Business
Sessions

Date
Technical
Sessions

Nexus
1000V
New
Features
and
InstallaNon

22-‐Mar
Nexus
1000V
Family
Overview
and
Update
29-‐Mar
Overview

Virtual Network Services
5-‐Apr
(vPath, NAM, vWAAS) 12-‐Apr
Nexus1010
InstallaNon
&
Upgrade

Virtual
Security
Gateway
InstallaNon
and
Basic

19-‐Apr
Virtual Security Gateway Introduction 26-‐Apr
ConﬁguraNon

Journey
to
the
Cloud
w/
N1KV:
vCloud
Director
&

3-‐May
Long
Distance
vMoNon
10-‐May
Nexus
1000V
Advanced
ConﬁguraNon

17-‐May
Secure
VDI
with
Nexus1000V
&
VSG
24-‐May
Nexus
1000V
TroubleshooNng

N1K © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2

Nexus 1000V “My Community”
www.cisco.com/go/1000vcommunity


Nexus 1000V Screencasts


Nexus 1000V Architecture
Comparison to a Physical Switch

Modular Switch

Supervisor-1
Supervisor-2
Back Plane

Linecard-1
Linecard-2
…
Linecard-N

Server 1 Server 2 Server 3


Moving to a Virtual Environment

Modular Switch

Supervisor-1
Supervisor-2
Back Plane

Linecard-1
Linecard-2
…
Linecard-N

ESX ESX ESX


Supervisors Virtual Supervisor Modules (VSMs)
Virtual Appliance
VSM1

VSM2

Modular Switch

Supervisor-1
Supervisor-2
Back Plane

Linecard-1
Linecard-2
…
Linecard-N

ESX ESX ESX


Linecards Virtual Ethernet Modules (VEMs)
Virtual Appliance
VSM1

VSM2

Modular Switch

Supervisor-1
Supervisor-2
Back Plane

Linecard-1
Linecard-2
…
Linecard-N

VEM-1 VEM-2 VEM-N

ESX ESX ESX


VSM + VEMs = Nexus 1000V Virtual Chassis
Virtual Appliance
VSM1

VSM2

•  64 VEMs per 1000V
(connected by L2 or L3)

•  200+ vEth ports per VEM

L2 Mode

L3 Mode
•  2K vEths per 1000V

•  Multiple 1000Vs can be
created per vCenter

VEM-1 VEM-2 VEM-N

ESX ESX ESX
VSM: Virtual Supervisor Module
VEM: Virtual Ethernet Module


Customer Request: Host VSMs on a Physical Appliance
Virtual Appliance Physical Appliance?
VSM1

VSM2

L2 Mode

L3 Mode
•  64 VEMs per 1000V VEM-1 VEM-2 VEM-N
•  Multiple 1000Vs can be created per vCenter ESX ESX ESX


VSMs hosted on a Physical Appliance: Nexus 1010
Virtual Appliance Nexus 1010
VSM-A1 … VSM-A4

•  Up to 4 VSMs per Nexus 1010
VSM-B1 … VSM-B4

•  Nexus 1010s deployed in
redundant pair

L2 Mode

L3 Mode
•  64 VEMs per 1000V VEM-1 VEM-2 VEM-N
•  Multiple 1000Vs can be created per vCenter ESX ESX ESX


Embedding Intelligence for Virtual Services
vPath – Virtual Service Datapath
Virtual Appliance

vWAAS VSG VSM

vPath
•  Virtual Service Datapath

L2 Mode

L3 Mode
VSG
•  Virtual Security Gateway for 1000v
vWAAS vPath
•  Virtual WAAS
•  Traffic Steering

VEM-1 VEM-2
•  Fast -Path Offload
vPath vPath

ESX ESX •  Nexus 1000V ver 1.4
& above


Nexus 1010 – Hosting Platform for
Services
Virtual Appliance Nexus 1010

vWAAS VSG
VSM-A1 VSM-A4 NAM

VSM-B1 VSM-B4 NAM

vPath
•  Virtual Service Datapath

L2 Mode

L3 Mode
VSG
•  Virtual Security Gateway for 1000v
vWAAS
•  Virtual WAAS

VEM-1 VEM-2
vPath vPath

ESX ESX

*VSG on 1010 target: 2Q CY11


Cisco Nexus 1010 Overview and Deployment

Sal Lopez
Technical Marketing Engineer
SAVBU

Agenda

§  Nexus 1010 Hardware and Software
§  Nexus 1000V VSM connectivity on Nexus 1010
§  Nexus 1010 Network Integration and Data Center Design
§  Nexus 1010 Virtual Service Blade Configuration and Verification
§  Nexus 1010 Upgrade Process


Nexus 1010 Hardware
and Software

Software
Switch fo
vSphere r
4.0 and 4
.1


Nexus 1010 Hardware Configuration

Based on UCS Physical Appliance
§  2 x Intel X5650- 2.66GHz, 6 core
§  16 GB RAM
§  2 x 500GB SATA-II HDD
§  1 x Quadport GE NIC Card
§  1 x Serial Port
§  1 x Rail-Kit


Nexus 1010 Ports and Components
§  Cisco Integrated Management Controller for lights out, out of band
management (use KVM cable to setup), similar to CMP for other
NX-OS switches
§  6 Gigabit Ethernet ports (2 LOM for management/control, 4 on
PCIe card)

1 Power supply (one) 2 CIMC port (RJ-45) 10/100 Mbps
3 USB 2.0 connectors (two) 4 Serial connector (DB9)
5 Video connector (15-pin VGA) 6 Gigabit Ethernet Ports (1 and 2)
7 Gigabit Ethernet ports (3 to 6) 8 Standard-profile PCIe card slot (not used)


Nexus 1010 Virtual Service Blade
§  The Nexus 1010 comes with a new concept of Virtual
Services called Virtual Service Blade (VSB)
§  Shipping today:
VSM virtual service blade
NAM virtual service blade
§  VSG, DCNM in future releases
Network Analysis Module*

Nexus 1000V VSM

Nexus 1010 Manager
N1K © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential * Optional virtual service blade add-on 23

Nexus 1010 Scalability

Network Analysis
Module

Nexus 1000V VSM Nexus 1000V VSM Nexus 1000V VSM Nexus 1000V VSM

Nexus 1010 Manager
Nexus 1010 Manager: Cisco management experience
Manages a total of 5 virtual service blades (ie. 4 VSMs and 1 NAM)
Each VSM can manage up to 64 VEMs (256 total VEMs)


Feature Comparison

VSM as VM VSM on
Nexus 1010
Nexus 1000V features and scalability  
VEM running on vSphere 4 Enterprise Plus  
NX-OS high availability of VSM  
Software-only deployment 
Installation like a standard Cisco switch 
Network Team owns/manages the VSM 
VSM Isolation from production VM
environment in case of outage 
Least number of steps to deploy VSM 


Nexus 1010 Managed By Network Team

§  VSM planned and deployed on networking
equipment
§  Access to console consistent with existing network
gear (no additional software needed)
§  Troubleshoot via Cisco NX-OS CLI
§  Nexus 1010 platform can be managed via SNMP
§  Secured by AAA


Nexus 1010 High Availability
§ Process HA at NX-OS level
• Modular OS based on Linux

§ Virtual Service Blade redundancy
• Nexus 1010 automation and state synchronization
• Create primary VSM once and secondary VSM gets created for you

§ Chassis Level Redundancy
• Deployed in pairs
• Same mechanisms used as redundant supervisors on switches
• Prevent split brain scenario with CIMC as backup connection

§ Network Level Redundancy
• Flexible network integration options with traffic isolation, trunking and LACP


Nexus 1000V VSM
connectivity on Nexus
1010

Software
Switch fo
vSphere r
4.0 and 4
.1


VSM to VEM Communications
Two virtual interfaces are used to communicate between the
VSM and VEM
Control VLAN
VM VM VM VM • Extend the usual backplane of the switch
over the network
• Carries low level messages to ensure proper
configuration of the VEM.
• Maintains a 1 sec heartbeat with the VSM to
the VEM (timeout of 6 seconds)
• Maintains syncronization between primary
L2 Network and secondary VSMs

Control VLAN
Packet VLAN Packet VLAN
For control plane processing like CDP, IGMP
snooping, or stat collections like SNMP,
Nexus 1000V VSM Netflow
On Nexus 100

Layer 2 connectivity of the VSM and VEM

§ For L2 deployment, Control and Packet
VM VM VM VM VLAN needs to be configured end to end
to allow communication between the
VSM and the VEM

If those VLANs are not configured end to
end the VEM will not show up even if it
looks like it is in vCenter
L2 Network
Control VLAN and Packet VLAN needs to
Control VLAN be configured as system VLAN on the
Packet VLAN uplink port-profile

Can use 1 or 2 VLANs for Control/Packet
Nexus 1000V VSM traffic
On Nexus 100


Layer 3 connectivity of the VSM and VEM

VM VM VM VM
For L3 Control, L2 adjacency for
Control and Packet not required

VSM uses a svs mode type layer 3 using either
L3 Network
the control0 Interface or the mgmt0 interface

User can specify an IP address for control0 to use a
separate network for VEM – VSM communication

svs-domain
svs mode L3 interface (control0 | mgmt0)
Nexus 1000V VSM
On Nexus 100


Nexus 1010 Network
Integration and Data
Center Design

Software
Switch fo
vSphere r
4.0 and 4
.1


Nexus 1010 Network Integration Design

There are 4 uplink options to connect the Nexus 1010 to the
Network
This will influence how the control, packet, management and
data information will be connected to rest of the network


Nexus 1010 Network Integration –
Uplink Type 1
§  Nexus 1010 uplink type 1:Ports 1 and 2 carry Management, Control and Data
traffic

Sample Topology:
Common L2 Network with Setup 1 Setup 2
upstream switch N5K/N2K
Upstream Switch Access Ports:

interface ethernet 101/1/1-2
!-- multiple vlans trunked across link
switchport mode trunk
!--only allow mgmt, control and data vlans
switchport trunk allowed vlan 170,250-251
!-- enable portfast edge
spanning-tree port type edge trunk
Eth1 Eth2 Eth1 Eth2 Eth1 Eth2 Eth2 Eth1

Active VSM HA-Standby Active VSM HA-Standby
VSM VSM

N1010-1 N1010-2 N1010-1 N1010-2
Nexus 1010 Active Chassis HA-Standby Chassis Active Chassis HA-Standby Chassis
Eth1: active (forwarding)
Eth2: standby (not forwarding)
Total Bandwidth per device is 1Gbps


Uplink Type 2
§  Nexus 1010 uplink type 2:Ports 1 and 2 carry Management and Control; Ports 3-6 carry
Data traffic
§  Can use clustered switch technology (MCEC, vPC, VSS, etc.) for max bandwidth
Sample Topology:
Common L2 Network, upstream switch N5K/N2K with vPC
Upstream LACP Ports (both switches):
interface ethernet 101/1/2, 101/1/4
1
!-- only allow mgmt, control and data vlans
switchport trunk allowed vlan 251 6
2
!-- enable portfast edge 5 6
spanning-tree port type edge trunk 1 2 3 4 3 4 5
!-- add interface to port-channel, this is a vpc
channel-group 1010 mode active

!-- this is a unique vpc for N1010-1 E1 E2 E3 E4 E5 E6
E1 E2 E3 E4 E5 E6
interface port-channel 1010
vpc 1010
HA-Standby
Active VSM
VSM
**Config must be repeated for N1010-2 on interfaces 101/1/5-6
Nexus 1010 N1010-1 N1010-2
Eth1: active (forwarding) Active Chassis HA-Standby Chassis
Eth3-6:forwarding in LACP bundle


Uplink Type 3
(Most Common for VSM Deployment)
§  Nexus 1010 uplink type 3:Ports 1 and 2 carry Management; Ports 3-6 carry Control and
Data traffic
§  Can use clustered switch technology (MCEC, vPC, VSS, etc.) for max bandwidth
Sample Topology:
Common L2 Network, upstream switch N5K/N2K with vPC

Upstream LACP Ports (both switches):
interface ethernet 101/1/2, 101/1/4
switchport mode trunk 1
!-- only allow mgmt, control and data vlans 6
switchport trunk allowed vlan 250-251 2
5 6
!-- enable portfast edge 1 4 3 4 5
2 3
!-- add interface to port-channel, this is a vpc
channel-group 1010 mode active
E1 E2 E3 E4 E5 E6 E2 E3 E4
E1 E5 E6
!-- this is a unique vpc for N1010-1
interface port-channel 1010
vpc 1010 Active VSM
HA-Standby
VSM

**Config must be repeated for N1010-2 on interfaces 101/1/5-6
N1010-1 N1010-2
Nexus 1010 Active Chassis HA-Standby Chassis
Eth3-6:forwarding in LACP bundle

Uplink Type 4
§  Nexus 1010 uplink type 4:Ports 1 and 2 carry Management; Ports 3 and 4
carry Control, Ports 5 and 6 carry Data traffic

Sample Topology:
Common L2 Network with
upstream switch N5K/N2K
Upstream Switch Access Ports:
interface ethernet 101/1/1
!-- only allow mgmt, control and data vlans
switchport trunk allowed vlan 170
!-- enable portfast edge
E1 E2 E3 E4 E5 E6 E2 E3 E4
E1 E5 E6

HA-Standby
Nexus 1010 Active VSM
VSM

Eth2: standby (not forwarding) N1010-1 N1010-2
Eth3: active (forwarding) Active Chassis HA-Standby Chassis

Nexus 1010 Network Connectivity
Summary

Uplink Description

Option 1 Ports 1-2 Carry All Management, Control, and
Data Traffic
• Really easy to deploy
Option 2 Ports 1-2 Carry Management and Control,
Ports 3-6 Carry Data Traffic
• Most of the bandwidth available for other Virtual
Service Blades (ie. NAM)
Option 3 Ports 1-2 Carry Management, Ports 3-6 Carry
Control and Data Traffic
• Most bandwidth for VSM Virtual Service Blades
and other VSBs
Option 4 Ports 1-2 Carry Management, Ports 3-4 Carry
Control, Ports 5-6 Carry Data Traffic
• Clear separation of all the different types of traffic


Nexus 1010 in the Access Layer
Core

§  L2 Control for VSM to
VEM is easier here
Aggregation
All servers/switches below
L3
need Control/Packet
L2
VLANs
L2 Network Services such Access
as VSG (future) Nexus 1000V VSM VSB

§  L3 Control for VSM
possible
§  HA pair can be dedicated
Compute/Virtual Access

Nexus
per POD or customer 1000V
VEM
More VSBs available per
POD or customer
ESXi


Nexus 1010 in the Aggregation Layer
§  L3 Control for VSM to
Core

VEM is more flexible
here Aggregation

IP routing should be robust Nexus 1000V VSM VSB L3

Suitable for long distance L2
(future)

§  L2 Control for VSM Access

possible
§  HA pair can be shared
among PODs or Compute/Virtual Access

customers Nexus
1000V
VEM
If using L3, there should be
IP connectivity to VSM VSB
from each POD ESXi


Nexus 1010 and VSB
Configuration

Software
Switch fo
vSphere r
4.0 and 4
.1


Nexus 1010 Initial Setup - CIMC


Nexus 1010 Initial Configuration
§  Access Console via Telnet or Serial over LAN
§  Setup System Admin Account and Basic System Configuration
telnet 172.25.182.99 2005
Trying 172.25.182.99...
Connected to 172.25.182.99.
Escape character is '^]'

---- System Admin Account Setup ----

Enter the password for "admin":
Confirm the password for "admin": HA Role for each chassis
Enter HA role[primary/secondary]: primary

Enter network-uplink type <1-4>:
1. Ports 1-2 carry all management, control and data vlans
2. Ports 1-2 management and control, ports 3-6 data Network uplink type for
3. Ports 1-2 management, ports 3-6 control and data
4. Ports 1-2 management, ports 3-4 control, ports 5-6 data network integration
3

Enter control vlan <1-3967, 4048-4093>: 250

Enter the domain id<1-4095>: 201 Domain ID must be unique
Enter management vlan <1-3967, 4048-4093>: 170

Mgmt VLAN is shared with
Saving boot configuration. Please wait...
VSM
[########################################] 100%

VSM VSB Installation Steps on Nexus
1010

§  Create VSM as VSB on N1010
§  Register certificate as plug-in in vCenter
§  Define ethernet and vethernet port-profile
Includes VLANs and physical settings to upstream switch
For mac-pinning, upgrade feature level

§  Install VEM using vCenter


Creating and Configuring a VSM VSB
tme-1010-1(config)# virtual-service-blade VSM-1010-1
Create and name the VSB
tme-1010-1(config-vsb-config)# virtual-service-blade-type new nexus-1000v.4.0.4.SV1.3a.iso

tme-1010-1(config-vsb-config)# interface control vlan 251

tme-1010-1(config-vsb-config)# interface packet vlan 252

tme-1010-1(config-vsb-config)# enable

Enter vsb image: [nexus-1000v.4.0.4.SV1.3.iso]
One command deploys both
Enter domain id[1-4095]: 203 Primary and Secondary VSM
Management IP version [V4/V6]: [V4]

Enter Management IP address: 10.29.170.84
This is done only for HA
aware VSBs
Enter Management subnet mask: 255.255.255.0

IPv4 address of the default gateway: 10.29.170.1

Enter HostName: VSM-1010-1

Enter the password for 'admin': P@ssw0rd1

tme-1010-1(config-vsb-config)#no shut


VSB Control and HA Verification
§  The Network Admin has total control over the VSB deployment
tme-1010-1# show virtual-service-blade
virtual-service-blade AV2-1010-VSM
Description:
Slot id: 2
Host Name: AV2-VSM-1
Management IP: 10.29.170.254
VSB Type Name : VSM-1.0
Interface: control vlan: 254 Verify VSB IP address and Control,
Interface: management vlan: 170
Interface: packet vlan: 255
Mgmt and Packet VLANs
Interface: internal vlan: NA
Ramsize: 2048
Disksize: 3
Heartbeat: 132670
HA Admin role: Primary
HA Oper role: ACTIVE
Status: VSB POWERED ON
Location: PRIMARY
SW version: 4.0(4)SV1(3a)
VSBs deployed in an HA pair by
HA Admin role: Secondary default (result of enable
HA Oper role: STANDBY
command).
Status: VSB POWERED ON
Location: SECONDARY
SW version: 4.0(4)SV1(3a)
VSB Info:
Domain ID : 401

Nexus 1010 and VSB Network
Verification
tme-1010-1# show network-uplink type

Administrative topology id: 3 Configured and actual operating
Operational topology id: 3 topology are shown
tme-1010-1# show network summary

-----------------------------------------------------------------------

Port State Speed MTU

-----------------------------------------------------------------------

GigabitEthernet1 up 1000 1500



Po1 represents active/standby
bundle between E1 and E2

PortChannel1 up 1000 1500 Po2 represents the LACP bundle
PortChannel2 up 1000 1500 between E3-E6
VbEthernet1/1 up 1000 1500



NAM Virtual Blade on Nexus 1010
Optimize Application Performance and Network Resources

VM VM VM VM §  Application Performance Monitoring
§  Traffic Analysis and Reporting
Nexus Applications, Host, Conversations, VLAN,
1000V QoS, etc.
VEM
Per-application, per-user traffic analysis
vSphere
§  View VM-level Interface Statistics
§  Packet Capture and Decodes
§  Historical Reporting and Trending

ERSPAN
NAM
Virtual
Blade on
NetFlow Nexus
Nexus 1000V
VSM 1010
vCenter


Creating and Configuring a NAM VSB

N1010-1(config)# virtual-service-blade NAM-VSB

N1010-1(config-vsb-config)# virtual-service-blade-type name NAM-1.0

N1010-1(config-vsb-config)# interface data vlan 180

N1010-1(config-vsb-config)# enable
Data VLAN for Non-VSM
VSBs
Enter vsb image: nam-app-x86_64.4-2-1-fc5.iso

Enter Management IPV4 address: 10.29.180.99

Enter Management subnet mask: 255.255.255.0 IP address for Web GUI
IPv4 address of the default gateway: 10.29.180.1 administration
Enter HostName: vNAM-1

Setting Web user/passwd will enable port 80. Enter[y|n]: [n] y

Web User name: [admin]

Web User password: P@ssw0rd

N1010-1(config-vsb-config)# no shut


Access NAM VSB via Web GUI
§  Use the previously defined IP address and credentials


Nexus 1010 Upgrade
Process

Software
Switch fo
vSphere r
4.0 and 4
.1


Upgrading the Nexus 1010 Appliance
Software (1 of 2)

§  Download new ISO image from CCO
§  Log into active N1010 via console
§  Copy new image over to bootflash
§  Use the install command
install nexus1010 bootflash:nexus-1010.4.2.1.SP1.2.iso

§  Save configuration
§  Log into VSM VSB
§  Switch over HA active VSM VSBs to active N1010


Upgrading the Nexus 1010 Appliance
Software (2 of 2)

§  From N1010 CLI, reload standby when all active VSM
VSBs are switched over to active
ie. reload module 2 if Secondary is standby
§  From withing VSM VSB CLI, switchover HA active VSBs
to newly upgraded N1010 (originally standby from
above)
§  Reload the original active N1010
Non HA VSBs may experience disruption (NAM)
§  To upgrade VSM NX-OS, please follow N1KV upgrade
procedure
Note: Must make Secondary VSM the active first


For More Information
See the following Resources
§  Nexus 1010 Virtual Services Appliance Hardware
Installation Guide
§  Nexus 1010 Software Installation and Upgrade
Guide
§  Nexus 1010 Deployment Guide
§  Nexus 1000V Configuration, Installation and
Upgrade Guides
§  NAM VSB Configuration Guide
§  Nexus 1000V Webinar Series


Sign up at: http://tinyurl.com/1000v-webinar

Date
Business
Sessions

Date
Technical
Sessions

Nexus
1000V
New
Features
and
InstallaNon

22-‐Mar
Nexus
1000V
Family
Overview
and
Update
29-‐Mar
Overview

Virtual Network Services (vPath, vWAAS,
5-‐Apr
NAM)
12-‐Apr
Nexus1010
InstallaNon
&
Upgrade

Virtual
Security
Gateway
InstallaNon
and
Basic

19-‐Apr
Virtual Security Gateway Introduction 26-‐Apr
ConﬁguraNon

Overview

Journey
to
the
Cloud
w/
N1KV:
vCloud
Director
&

3-‐May
Long
Distance
vMoNon
10-‐May
Nexus
1000V
Advanced
ConﬁguraNon

17-‐May
Secure
VDI
with
Nexus1000V
&
VSG
24-‐May
Nexus
1000V
TroubleshooNng

Web Sites
www.cisco.com/go/1000v
www.cisco.com/go/nexus1010
www.cisco.com/go/vsg
www.cisco.com/go/vnmc
(Preso and Q&A posted here)

Nexus 1010 Overview and Deployment

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (20)

Similar to Nexus 1010 Overview and Deployment

Similar to Nexus 1010 Overview and Deployment (20)

Recently uploaded

Recently uploaded (20)

Nexus 1010 Overview and Deployment