CISCO has aggressively virtualized their product line which they refer to as the vStack. They have introduced new Nexus 1000v products at the show. These will be supported on Hyper-V and Opensource hypervisors like KVM. The products are:
ASA 1000v - a virtual Adaptive Security Appliance
Nexus CSR - a virtualized Nexus router
vWAAS - a virtual appliance for providing WAN acceleration
VSG - Virtual Security Gateway
CISCO is promoting VXLAN which allows you to overlay a layer 2 (L2) network over a layer 3 network (L3). CISCO developed the technology and shared it with their partners like VMware and Citrix. This made setting the standard easier as there was widespread support for VXLAN. It is based on providing a tunnel through the network so it requires gateways. This has some implications on the underlying network.
The L2 frame is encapsulated in UDP. It uses a 24-bit VXLAN identifier so it is possible to provide 16 million networks. The virtual machine is unaware that they are actually passing between L3 networks. It believes it is on the same L2 network.
VXLAN uses IP multicast to understand the network. The underlying physical hosts join multicast groups. Multicast groups can be shared for VXLANs so the networks (16 million) are not limited by the number of multicast groups. Packets are filtered to prevent sharing multicast groups from becoming similar to one large broadcast network (example: one multicast group being used for all potential 16 million networks). In addition learning is done by multicast but packets are sent by unicast.
On the physical switches you need to have IP Multicast turned on and Proxy ARP. From a Layer 2 perspective you have to turn on IGMP Snooping (the default on Cisco switches). You also need to ensure UDP port based load distribution is enabled.
In vCloud Director 5.1 the integration of Nexus 1000v is available natively in the GUI once you enable the feature.
- Posted using BlogPress from my iPad
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment