Nexus 9000 and ACI Update · STATE OF THE ART BACKPLANE FREE DESIGN ... Chassis Mgmt Power Supply...

Nexus 9000 and ACI Update

Product Management

INSBU

October 2014

Innovations in Software, Hardware, ASICs and Systems

NEXUS 9000

PRICE POWER EFFICIENCY PROGRAMMABILITY PORT DENSITY PERFORMANCE

PRICE COST STRUCTURE for 1G to 1/10GT and 10G to 40G migration 50% less ASICS

PERFORMANCE INDUSTRY LEADING PRICE / LINE CARD BANDWITH 1.92 Tbps per slot 100G ready

PORT DENSITY 20% HIGHER Non-blocking Density

PROGRAMMABILITY JSON/XML API Linux Container for customer apps

POWER EFFICIENCY STATE OF THE ART BACKPLANE FREE DESIGN 15% greater power and cooling efficiency

MERCHANT+ ASIC APPROACH Innovation in Cisco ASICs

ONE COMMON PLATFORM & TWO MODES OF OPERATION

Per-Box

Programmability Centralized Fabric

Programmability

NXOS Policy Controller

& NXOS

1/10/40G

Future 100G

Network Ops Driven,

Switch Automation

Application Centric, Policy

Based Fabric Automation

Nexus 9000

Cisco Confidential 4 © 2013-2014 Cisco and/or its affiliates. All rights reserved.

One Platform, two operational models

Standalone, or NXOS mode

NXOS feature-set

Well known CLI commands What is NEW in Software

• Ability to run scripts on the box

• embedded python interpreter

• Linux containers

• Ability to manage the switching infrastructure with the same tools as the servers

• etc…

What is NEW in Hardware:

• 40 Gig a the cost of 10 Gig

• Power efficiency

• Larger buffers

• VXLAN routing

• ACI mode or Fabric mode

• Multi-tenancy

• Multiple devices operating as a fabric

• Connectivity definition based on policies

• Next Generation QoS

• New Troubleshooting methods:

• Health scores

• Atomic counters

• etc…


Merchant/ Merchant Plus Portfolio

NX-OS

NX-OS (Leaf) & APIC

Controlled

Merchant Only

Merchant Plus

Modular Fixed

Nexus 9300

Nexus 3100 Nexus 9500


Merchant Plus

Modular Fixed

ACI Mode

Merchant Only Nexus 9500

X9600

X9400

Nexus 3000

Nexus 3100

NX-OS/standalone mode

Nexus 9500

X9700 (Spine)

X9500 (Leaf)

Nexus 9300

Spine

Leaf

Cisco Merchant/ Merchant Plus Portfolio

Can be deployed in either mode


Modular Nexus 9500 Common Components

Three Chassis Options

4, 8 and 16 Payload Slot 9504 9508 9516

Industry Most Dense 40G

Devices (upto 576x40G Port)

Supervisor

Redundant Configuration SUP-A 4-Core, 16G

Memory, 64G SSD

SUP-B 6-Core, 24G

Memory, 256G SSD

System Controller

Redundant Configuration Dual Core, Chassis Mgmt

Power Supply

N+N, N+1 Redundancy 3000W AC PSU, 92% Efficient


Introducing Sup-B

Memory CPU Storage

6 core 2.2GHz IVY Bridge 24GB 256GB

50% more 50% more 300% more

Faster BGP Convergence

Future ready for Application Intensive Deployment


Modular Linecards

1) High Performance 40G Aggregation

X9600 Series Line Cards (Trident 2)

3) High Performance 40G ACI Spine

X9700 Series Line Cards (ASE)

NX-OS NX-OS (Leaf) & APIC Controlled 2 Modes of Operation

Merchant Only Merchant Plus

2) Entry Level 10G/40G Access & Aggregation

X9400 Series Line Cards (Trident 2)

4) Performance 10G/40G ACI Leaf

X9500 Series Line Cards (ALE, Trident 2)


Modular Nexus 9500 NX-OS LineCard Modules

Merc

han

t M

erc

han

t+

40G Fiber

9636 (36x40G)

9432 (32x40G)

9536 (36x40G)

10G Copper

9464 (48x10G+4x40G)

9564 (48x10G+4x40G)

10G Fiber

9464 (48x10G+4x40G)

9564 (48x10G+4x40G)

• Additional buffer

• VXLAN routing*

• ACI Enabled*

100G Fiber

Roadmap Q1CY15

9612PC-CXP

9612PC-QSFP

9612C-SMF

9408PC-CFP2


Modular Nexus 9500 ACI LineCard Modules

Leaf

* S

pin

e

40G Fiber 10G Copper 10G Fiber

9536 (36x40G) 9564 (48x10G+4x40G) 9564 (48x10G+4x40G)

9736 (36x40G)


Fixed Nexus 9300/3000 NX-OS Switches

1G Fiber

3048 (48x1G+4x10G)

40G Fiber

3132 (32x40G)

3164 (64x40G)

10G Fiber

3072 (48x10G+6x40G)

9396 (48x10+12x40G)

9372 (48x10+6x40G)

10G Copper

9396 (48x10+12x40G)

93128 (96x10+8x40G)

9372 (48x10+6x40G)

• Incremental buffer

• VXLAN Routing*

• ACI Enabled

Merc

han

t M

erc

han

t+

9332 (32x40G)

New!

New!

New!


Fixed Nexus 9300/3000 ACI Switches

40G Fiber 10G Fiber

9396TX (48x10GBaseT+12x40G)*

9372 (48x10+6x40G)*

10G Copper

9396PX(48x10 SFP+12x40G)

93128 (96x10+8x40G)

9372 (48x10+6x40G)*

Leaf

Sp

ine

9336 (36x40G)

New! New!

* Q2CY2015

9332 (32x40G)*

New!

* Q4CY2014


Removing 40G Optics and Cabling Barriers

Problem • 40G Optics are significant portion of network

CAPEX

• 40G Optics require new cabling

Solution • Re-use existing 10G MMF cabling infrastructure

• Re-use patch cables (same LC connector)

Cisco 40G SR-BiDi QSFP • QSFP pluggable, MSA compliant

• Dual LC Connector

• Support for 100m on OM3 and 150m on OM4

• TX/RX on 2 wavelength @ 20G each

Shipping

since Jan’14

Nexus 9500/9300 Investment Protection Nexus 2200 FEX Support on Nexus 9000

• Investment protection

• Cost-effective 100 Mbps / 1 Gbps server access

• FEX support scalability

Up to 16 FEXs per Nexus 9300

FEX support on Nexus 9500 will be in Q1CY15 (up to 24 FEXs, increasing to 32 in the future)

Nexus 2248TP

Nexus 2248TP-E

Nexus 2232TM-E

Nexus 2248PQ

Nexus 2232PP-10Gbps

Nexus 2232TM

Nexus B22-Dell

Nexus B22-HP*

Nexus B22-IBM*

Nexus B22-Fujitsu*

* Future Support

New on

Nexus 9000!

New on

Nexus 9000!

New on

Nexus 9000!

Nexus 9500/9300 Investment Protection Nexus 2000 FEX Support (Q2CY2014)

Supported FEX Topology: • Single-homed FEX

• vPC port channel to hosts or

non-vPC to hosts

act/stdy

Collapsed Aggregation and Access

Option 1:

• Layer 2 and 3 boundary is on the core

• vPC between aggregation and core

• Nexus 9500 can be EoR with FEX in the racks

• Nexus 9300 can be MoR and EoR with FEX in the racks

Option 2:

• Layer 3 all the way to access

• ECMP between access and aggregation

• Nexus 9500 can be EoR with FEX in the racks

• Nexus 9300 can be MoR and EoR with FEX in the racks

Configuration Options

Nexus® 7000

DC Edge

DC Core

DC Aggr./

Access

Collapsed

Aggregation and Access

DC Aggr./

Access

Fabric

Extenders

Fabric

Extenders

N9300 N9300 N9300 N9300

N9500 N9500

N9500 N9500 N9500 N9500

Traditional 3-Tier Network Design

Option 1:

• Layer 2 or 3 boundary is on aggregation

• vPC between access and aggregation

• Nexus 9500 can be EoR

• Nexus 9300 can be ToR or MoR

Option 2:

• Layer 2 or 3 boundary is on aggregation

• vPC between access and aggregation

• Nexus 9500 can be EoR

• Nexus 9300 can be ToR or MoR

Configuration Options

Nexus® 7000

DC Edge

DC Core

DC Aggr./

Access DC

Access

Racks/Rows

Fabric

Extenders

Fabric

Extenders

N9300 N9300 N9300 N9300

N9500 N9500

N9500 N9500 N9500 N9500

N9500 N9500 N9500 N9500

Traditional

3-Tier Network

Configuration Options:

• Layer 3 IP fabric

• Layer 3 all the way to access

• Layer 2 extensibility can be provided by VXLAN

• Nexus® 9500 can be EoR

• Nexus 9300 can be ToR and MoR

Spine

Leaf

DC Edge

Fabric Extenders

2-Tier Fabric

Routing Leafs

Spine-Leaf Fabric Design

N9500 N9500 N9500 N9500

N9300 N9300 N9300 N9300 N9300 N9300 N9300 N9500 N9500

Nexus 9000 Series VXLAN Support

VXLAN is supported across the Nexus 9000 series platforms. The VXLAN Gateway functionality

is supported across all form factors and line cards. Integrated routing functionality is only

supported on ACI-enabled Modules…

Nexus 9500 Series Nexus 9300 Series

2

1

• Layer-2 Extension with VxLAN

• VxLAN VLAN (Gateway)

• VxLAN VxLAN (Bridging)

• VLAN VLAN (Bridging)

• Inter-VxLAN Routing

• VxLAN A VxLAN B (Routing)

(IP Subnet A IP Subnet B)

Host

Host

Hypervisor

VTEP

VxLAN VLAN

IP Network

VTEP (VxLAN Gateway)

Host Host

VLAN

VxLAN

VLAN

VxLAN

VxLAN Bridging

IP Network

VTEP VTEP

Host Host

VxLAN VxLAN VxLAN Routing

IP Network

VTEP VTEP

VXLAN Forwarding vPC VTEP

VXLAN

VLAN

vPC VTEP vPC VTEP

• When vPC is enabled an ‘anycast’ VTEP

address is programmed on both vPC peers

• Symmetrical forwarding behavior on both

peers provides

• Multicast topology prevents BUM traffic

being sent to the same IP address across

the L3 network (prevents duplication of

flooded packets)

• vPC peer-gateway feature must be

enabled on both peers

• VXLAN header is ‘not’ carried on the vPC

Peer link (MCT link)

Use MP-BGP with EVPN Address Family on the leaf nodes to distribute internal

host/subnet routes and external reachability information

MP-BGP also used to distribute IP multicast groups information

MP-BGP enhancements to carry up to 100s of thousands of routes and reduce

convergence time

Route-Reflectors deployed for scaling purposes

Host and Subnet Route Distribution

iBGP Adjacencies RR RR

RR

Leaf

Spine

VXLAN Phase 2 BGP Control Plane

References: A Network Virtualization Overlay Solution using EVPN (draft-sajassi-nvo3-evpn-overlay-01)

1. Host Attaches

2. Attachment VTEP advertises host’s MAC (+IP) through BGP RR

Host Advertisement

NLRI: Host MAC1, IP1 NVE IP 1 VNI 5000

Ext.Community: Encapsulation: VXLAN, NVGRE Cost/Sequence

Leaf

Spine RR RR

VNI 5000

Host 1 VLAN 10 MAC IP VNI Next-

Hop

Encap Seq

1 1 5000 IP1 VXLAN 0


1. Host Moves behind switch S3

2. VTEP-3 (S3) detects Host1 and advertises H1 with seq #1

3. VTEP-1 (S1) sees more recent route and withdraws its advertisement

Host Moves

NLRI: Host MAC1, IP3 NVE IP 1 VNI 5000

Ext.Community: Encapsulation: VXLAN, NVGRE Cost/Sequence 1

MAC IP VNI Next-

Hop

Encap Seq

1 1 5000 IP1 VXLAN 0

MAC IP VNI Next-

Hop

Encap Seq

1 1 5000 IP3 VXLAN 1

Leaf

Spine RR RR

VNI 5000

Host 1 VLAN 10

MAC IP VNI Next-Hop Encap Seq

1 1 5000 IP3 VXLAN 0


Provisioning

Package/Application

Management

Monitoring

Orchestration

Agent

Deployment

Provision Monitor

PXE/

Network Boot

LINUX Server Management Dev-Ops

Provisioning

Package/Application

Management

Monitoring

Orchestration

Std

Open API

Adapta

ble

NX

OS

TODAY IN PROGRESS

#/ifconfig

#/ip route

#/ bgpd

Consistent Dev-Ops Toolset and Operational Model Extended to the Network Devices

NX-API

<?xml version="1.0" encoding="ISO-8859-1"?>

<ins_api>

<type>cli_conf</type>

<version>0.1</version>

<sid>1</sid>

<input>show interface brief </input>

<output_format>xml</output_format>

</ins_api>

{

"ins_api": {

"type": "cli_show",

"version": "0.1",

"sid": "session1",

"outputs": {

"output": {

"TABLE_interface": {

"ROW_interface": [

{

"interface": "mgmt0",

"state": "up",

"ip_addr": "172.21.128.227",

"speed": "1000",

"mtu": "1500"

},

{

"interface": "loopback0",

"state": "up"

}

]

}

}

}

}

}

HTTP N9K

CLI Input

Programmability

Open RPC API – Extensible to support REST

Bash Access

Issue a CLI to gain access to Linux Bash Shell

Leverage favorite Linux commands like ps, grep etc. available and could be used for further monitoring and scripting

Role-based access to Bash

Bash Access (Cont’ed)

Monitor Memory Utilization and Processes through Bash:

Leverage the standard Linux command to monitor network processes

bash-4.2$ top

Shift + F

Select “N” for Memory

top - 15:00:48 up 1 day, 12:41, 4 users, load average: 0.22, 0.28, 0.33

Tasks: 219 total, 2 running, 215 sleeping, 0 stopped, 2 zombie

Cpu(s): 9.7%us, 3.3%sy, 0.0%ni, 86.4%id, 0.1%wa, 0.2%hi, 0.3%si, 0.0%st

Mem: 16402508k total, 3452904k used, 12949604k free, 258260k buffers

Swap: 0k total, 0k used, 0k free, 1477268k cached

PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND

5343 svc-isan 20 0 345m 54m 7936 S 0 0.3 0:01.13 vpx1

5361 root 20 0 371m 49m 32m S 0 0.3 3:10.56 clis

5470 root 20 0 770m 48m 11m S 1 0.3 10:12.65 netstack

5468 root 20 0 605m 44m 6952 S 0 0.3 0:11.99 arp

5344 svc-isan 20 0 335m 43m 7768 S 0 0.3 0:01.06 pixm

5683 root 20 0 324m 32m 8612 S 0 0.2 0:00.72 l2fm

5675 root 20 0 320m 31m 14m S 2 0.2 9:29.22 ipqosmgr

5508 root 20 0 597m 31m 10m S 0 0.2 0:41.30 snmpd

5682 root 20 0 334m 30m 10m S 0 0.2 0:01.94 ethpm

5681 root 20 0 321m 30m 7636 S 0 0.2 4:51.05 diag_port_lb

5706 root 20 0 936m 26m 11m S 0 0.2 0:14.00 pim

5664 root 20 0 314m 25m 8248 S 0 0.2 0:00.78 eltm

5703 root 20 0 604m 23m 8676 S 0 0.1 4:03.24 ospf

BCM Shell Access

Issue a CLI to get shell access to underlying BCM chips

Direct read/write access to hardware tables

Can Peek/Poke underlying registers

Python wrapper to get BCM Shell output

OpenStack Network (Neutron) Plugin Enables fully automated compute, storage and network resource

orchestration

Support for Grizzly OpenStack release

Enable VLAN-based tenant separation

Enhance efficient resource usage

Leverages NX-OS NetConf-XML programmatic interface

Controller Node

OpenStack Networking

Insieme

Plugin

OVS Plugin

Insieme

Interface

Driver

Host 1

br-eth0

Tenant A – VLAN

100

VM 1

10.0.0.3

br-int

Host 2

br-eth0

Tenant B – VLAN

200

VM 1

10.0.1.3

br-int

Host 3

br-eth0

Tenant A – VLAN

100

VM 2

10.0.0.4

br-int

Host 4

br-eth0

Tenant B – VLAN

200

VM 2

10.0.1.4

br-int

eth0 eth0 eth0 eth0

VLAN 100 VLAN 200 VLAN 100 VLAN 200

Communication with plugin

agents on hosts

Communication with Neuxs 9000 using Netconf

Enable Nexus 9000 switches to host customer applications using LXC virtualization technologies

Customers can compile & package their applications into OVAs for deployment on Nexus 9K

Base LXC to host trusted Cisco applications

• Namespace separation with LXC

• Cgroups to limit resource usage

Secure LXC to host customer applications and protect the integrity of the host system

• Drop capabilities to limit a privileged user

• Use of Secure Linux technology, like SMACK, to address risks to host 3rd party applications running at root privilege

• Restrict TIPC

Support for both 32-bit and 64-bit containers

Trust Boundary for

Secure LXC Containers

App TIPC

LXC Container

/root

/proc /dev

NOS

Host

cgroups

HOST

LXC

CPU MEM DISK

o

n

e

p

Secure LXC Containers New!

LXC – Linux Containers (Cont’ed)

3

4

LXC Benefits

• Isolates Applications and Operating Systems

• Provides nearly native performance as LXC

manages resource allocation in real-time

• More elastic than a full hypervisor

• Less time to start

• No need for a separate kernel boot

• Lightweight

LXC Limitations

• Shares kernel with underlying OS

• Only allows for Linux guests

• Not a full virtualization stack

• Security depends on the host system Kernel – 2.6.24+

Container

LXC Containers

User space

Libraries

Application 1

Application 2

Guest Shell

GUEST SHELL

Open Source

Packages

(Optional)

Apps

Apps

NXOS CLI

onePK

Cisco

Libraries

(Optional)

Python

enabled root

filesystem

Secure Linux Container (sLXC)

Python

System APIs

Nexus

DevOps

Open Source Tools, utilities, applications

3rd Party

Apps

Cisco

Repository DevNet

bootflash

Apps

NXOS CLI interface • Access the Guest Shell from

NXOS CLI

• Access NXOS CLI from within the

Guest Shell

onePK APIs • Access to a rich set of NXOS

APIs for interface to management

and datapath functions.

Python System APIs • BCM shell ?

• What else?

bootflash • Read/write access to the NXOS

bootflash.

Guest Shell is an embedded Linux

environment that allows customers

(DevOps) to develop and run custom

applications for automated control and

management of the Nexus family of

datacenter switches.

Guest Shell is

automatically enabled.

Zero-touch.

64bit application

environment

Guest Shell ships with

python support

enabled.

C and Java support can

be added through YUM

installs.

Upgradeable rootfs

packages

Built on Secure LXC.

New!

• Initially will run in an LXC

• Will run as native daemons and installed via RPM – Q1CY15

Puppet Master

Puppet Agent

NX-OS Puppet Integration New!

Cisco Puppet Resource Type Coverage: 1

Feature Resource Name Description

Cisco Device Access cisco_device Allows credentials for user access control &

accounting

Base L2/L3 interface cisco_interface General interface & L2/L3 base settings

VLAN cisco_vlan Create/destroy of VLANs and general settings

Interface-vlan (SVI) cisco_interface_vlan Create/destroy of SVIs and SVI specific

interface settings

VLAN Trunking Proto (VTP) cisco_vtp VTP global settings

SNMP cisco_snmp_server

cisco_snmp_community

cisco_snmp_group

cisco_snmp_user

SNMP monitoring settings. Notification receiver

settings not covered as of now.

OSPF cisco_ospf

cisco_ospf_vrf

cisco_interface_ospf

OSPF instance create/destroy, per-VRF

settings, and interface settings (area, cost, msg

digest, etc)

Cisco Puppet Resource Type Coverage: 2

Feature Resource Description

TACACS/AAA***

***full set not available at EFT target date

cisco_tacacs_server

cisco_tacacs_server_host

cisco_aaa_tacacs_group

cisco_aaa_authentication

cisco_aaa_authorization

cisco_aaa_accounting

• TACACS global settings

• TACACS per-host settings

• group association and settings

• mapping of groups to AAA features

(authentication, authorization, accounting).

Raw Config CLI commands cisco_command_config Resource to directly apply blocks of

configuration CLI commands.

vTracker – VM Visibility

Ability to track VM information per port – List of VMs attached

– VM’s IP Addresses, VLAN, Port Group, vNIC, MAC address

– Provide Upstream/Downstream Views

– Provision VLANs on trunks to ESX Hosts

Trace VM Movement history in network (SPLUNK integration)

Dynamic network policies

vCenter

Server

N1KV

VSM

VM1 Info:

IP: 10.1.1.1/24

VNIC: aabbccddeeff

Vlan: 10

Pinned: Eth1/1

New!

? • VLAN

• IP Address

• Subnets

• Firewalls

• Quality of Service

• Load Balancer

• Access Lists

• Application Tier Policy and Dependencies

• Security Requirements

• Service Level Agreement

• Application Performance

• Compliance

• Geo Dependencies

APPLICATION LANGUAGE NETWORK LANGUAGE

Network Infrastructure: What is Relevant Two Types of Languages

Group-Based Policies/ Network Profiles

WAN

Firewall

LB to App

Connect to DB

Connect to App

High Priority

APPLICATION

REQUIREMENTS

WEB APP DB

DB WEB APP F/W

ADC ADC

ACI UNDERSTANDS AND SPEAKS APPLICATION NEEDS

DIRECTLY MAP TO ACI NETWORK PROFILES

NETWORK

REQUIREMENTS

OPEN RESTFUL APIS

CENTRALIZED POLICY MODEL

OPEN SOURCE

CONTROLLER

APIC

ACI BUILDING BLOCKS NEXT GENERATION NEXUS—TRADITIONAL NETWORKS

POLICY MODEL

ACI >_ >_

50% SIMPLER CODE BASE

FUTURE PROOF UPGRADABLE

TO ACI

PROGRAMMABILITY AND AUTOMATION

NETWORK VIRTUALIZATION

SUPPORT

RESILIENCY: IN SERVICE PATCHING,

UPGRADE, FAST RESTART

ACI BUILDING BLOCKS FUTURE PROOF—SOFTWARE UPGRADABLE TO ACI

NEXUS 9500 and 9300 INNOVATIONS IN SOFTWARE HARDWARE AND SYSTEM DESIGN

PRICE POWER EFFICIENCY PROGRAMMABILITY PORT DENSITY PERFORMANCE

OPTIMIZED NX-OS

NEXUS 9508

SHIPPING NOW

Operational Simplicity: Agility And Automation

Latency

Health

Score

Isolation

Systems

Telemetry 25 Packets

dropped

• Centralized, Policy-Based

• Cloud management integration

• Full mobility

• Real-time visibility:

o Tenant

o Application

Latency

Isolation

Systems

Telemetry 0 Packets dropped

Health

Score

0 0 0 7 0 0 0 6

VIRTUAL PHYSICAL

Integrating ACI in to Current Data Center’s Add Nexus 9000 to Existing Nexus 2000-7000 Fabric

Deploy standalone Nexus 9000 into existing

Nexus fabric to add network capacity.

Common Management and NX-OS Software

vPC, FEX, BGP, OSPF, EIGRP, …

Existing Nexus 2K-7K Fabric

N1Kv

Nexus 9000

L2 or L3 Connection

Integrating ACI in to Current Data Center’s Interconnect a New Pod to the Existing

Deploy ACI Fabric in parallel with existing Nexus fabric. Connect via L2/L3.

Existing Nexus 2K-7K Fabric

N1Kv

Nexus 9000

ACI Fabric

APIC

Integrating ACI in to Current Data Center’s Standard Architecture with Services

Backbone

vSwitch

Services

Chassis

vSwitch vSwitch

Services Chassis

Backbone

vSwitch vSwitch vSwitch

APIC Policy

Controller

Services

“Fabric”

1. Leverage Existing Nexus/ IP Network

2. Deploy ACI: New PoDs For Cloud Build Outs

3. Extend ACI Model. Preserve - IP networks, L4-7 Services, Hypervisors

Existing Nexus PoDs

(2k-7k)

ACI POLICY

ACI Fabric

Nexus 9500 / 9300

Nexus 9300

Nexus 7000 DCI

Integrating ACI in to Current Data Center’s Extend ACI Policy Forwarding into Existing

PROFILE

Nexus 9300

ESX Hyper-V OVS Bare Metal

AVS

Bare Metal

ESX Hyper-V OVS

AVS

Single Fabric Scenarios Partially Meshed (Stretched) Fabric

• Single Fabric Scenarios

• Single Operational Zone (VMM, Storage, FW/LB are all treated as if it is ‘one’ zone)

• Use Cases

• Multi-Building cross campus and metro distances (Dual site design is a very common topology

in EMEA)

• Multi-Floor, Multi-Room Data Centers (cabling restrictions prevent full mesh)

Site/Room ‘A’ Site/Room ‘B’

300m - 40 km

Interconnect (Fully

Meshed) Leaf Nodes

Partially Meshed

Leaf Nodes Partially Meshed

Leaf Nodes

Multi-Fabric Scenarios ‘Availability + Policy Zone’ Models

• Multi-Fabric Scenarios

• Primary use case is to support multiple “Availability Zones”

• Use Cases

• Multiple Fabrics within a single site (includes Multi-Floor, Multi-Room Data Centers)

• Multi-Building cross campus and metro distances (Majority of larger customers require a dual

site active/active design)

Site ‘A’ Site ‘B’

Web/App DB

Web/App

Policy Zone ‘A’ Policy Zone ‘B’

Fabric ‘A’ Fabric ‘B’

Web/App DB

Web/App

Multi-Site

Traffic

mBGP - EVPN

Web1

App1

dB1

Web2

App2

dB2

Web2

dB1

App2

Web1

App1

Export Web, App,

DB to Fabric ‘B’ Import Web, App,

DB from Fabric ‘A’

Export Web & App

to Fabric ‘A’ Import Web & App

from Fabric ‘B’

Multi-Fabric Scenarios Policy and Connectivity


Release Timelines – Nexus 9000 Standalone

Ash2.1 Ash2.2

Ash2.2a

Ash2.3

Bronte Camden

N3K Train

Mar’14 Apr’14

Jun’14

Jun’14

Q3CY14 Q1CY15 QCY15

Jul’14

Shipped

To be Shipped

Ash2.2b

Ash3.1


Nexus 9000 advantages

Rich NXOS feature-set

Enables migration to 40 GigE

Power efficiency

Buffer space

Migration to VXLAN based transport

Comprehensive Linux feature set

Ready for upgrade to Application Centric Infrastructure

Thank you.


Release Ashfield1.x Hardware -

Chassis: Nexus 9508

Linecard: X9636PQ (36x 40G)

QSFP-40G-SR-BD (BiDi)

Software -

• IPv4/IPv6 Routing (BGP, OSPF, ISIS, EIGRP, RIP,

PIMv4, BFDv4)

• L3 Multicast

• VRF-Lite, VRF-Route Leak

• 64-way ECMP

• Programmability - Python, NX-API, Bash, Scripting

• Consistency Checkers

• QoS (ECN, PFC, Shaping, Policing)

• ACL

• SPAN and ERSPAN

• Config Rollback, Config Sessions

• GOLD, AAA, RADIUS, TACACS+, Callhome

• CoPP

• DHCP Relay (v4, v6)

• SNMPv2/v3, NetConf/XML

• Device Management Capabilities

Ash1.1 (shipped)

6.1(2)I1(1), Nov‘13


Release Ashfield2.x Hardware - TOR: 9396PX, 93128TX

Chassis: Nexus 9504

Linecards:

X9564PX (48p SFP+ & 4p 40G

QSFP+)

X9564TX (48p 1/10Gb-T & 4p 40G

QSFP+)

Software - • IGMP Snooping

• FHRP (IPv4/IPv6)

• vPC, PVRST+, MST, Storm Control

• Patching (Hot & Cold)

• Static route to SVI

• VXLAN Bridging/GW (for N93xx)

• OpenStack Network Plugin

• Cisco Prime DCNM & Infrastructure

Support

• XML-izing NXOS

• Chef (for hot/cold patching)

Ash2.1 (shipped)

6.1(2)I2(1), Mar’14

Hardware - QSA Support (SFP-10G-

SR, SFP-H10GB-CU1M,

SFP-10G-AOC1M

Software - • ECN w/ AFD (Approx.

Fair Drop) for 9300

• IGMP Snoop filtering

• SPAN destination 40G

(9300)

Ash2.2 (shipped)

6.1(2)I2(2), Apr’14

Software - • Up to 6 FEXes per N9300

• FEX Straight-through

• Host Active/Standby

• Host vPC

• Supported FEX

• N2224TP

• N2248TP, N2248TP-E

• N2232TM

• N2232PP

• B22HP

Ash2.3 (shipped)

6.1(2)I2(3), Jun’14

Hardware - N3164PQ

Chassis: Nexus 9516

Linecards:

X9536PQ (36p 40G,

1.5:1 OS)

X9432PQ (32p 40G

QSFP+)

X9464TX (48p 1/10GT

4p 40G QSFP+)

X9464PX (48p 1/10GF

4p 40G QSFP+)

Ash2.2a (shipped)

6.1(2)I2(2a), Jun’14

Controlled Release

Software - N3164PQ 40GE to

4x10GE Breakout

Support

Ash2.2b

6.1(2)I2(2b), Jul’14


Release Ashfield3.1

Hardware - TOR: 9396TX

TOR: 9372TX, 9372PX, 9332PQ

Coors GEM Module for N9300, 6p 40G

Supervisor: Sup-B (24G DRAM, 250G Flash, 6 core)

Software - • FEX scale increase on 9300 to 16

• B22-Dell FEX support

• Nexus 2232TM-E , Nexus 2248PQ FEX support

• Sub-interface support on 9300

• PBR support (9300, 9500)

• POAP Enhancements

• Puppet 1.0

• Secure LXC

• VM tracker for ToR

• 802.3x support

Ash3.1

6.1(2)I3(1), Q3CY14


Future Release Plans

Software - • 10G Dynamic Per-Port Break-out Support: X9636PQ

T2-Based 40GE

• FEX on N9500

• Scale up to 24 FEXes per 9500

• FEX (Straight-through) with Host A/S and Host

vPC

• New FEX models supported

• Tiburon FEX support

• VXLAN Routing (SVI Based), Ingress replication

• VXLAN Bridging/Gateway (Modular)

• VXLAN BudNode

• GRE

• IEEE 1588 PTP

• 1588 Timestamp in ERSPAN packets

• DHCP Snooping

• IPSG

• BFDv6

• Chef1.0

• XMPP

• Reserved VLAN Range

• VRRPv3 Bronte

Target: Q1CY15

Hardware - Line Card: X9612PC (12x100G)

Software - • FCoE NPV

• FastBoot on N9300

• NAT

• PVLAN

• ISSU on N9500 and N9300

• VxLAN EVPN Control Plane

• Static MPLS label pop & swap support

• IGMP Snooping on VxLAN enabled VLANs

• FEX scale increase on N9500 to 32

• FEX Pre-provisioning, Dual-Homing FEX

• FEX Support – B22-IBM, B22-Fujitsu

• Netdev

• RPM

Camden

Target: Q1CY15


Modular: Nexus 9500 Line Card Types

Line Cards Ports ASICs on Line Card OS Fabric

Modules Chassis Support

X9600

X9636PQ 36p QSFP+ 3 T2 NX-OS 6 N9504, N9508

X9612PC 12p 100G (form factor TBD) 3 T2 NX-OS 6 N9504, N9508

X9500

X9564PX 48p 1/10G SFP+ and 4p QSFP+ 2 T2 & 2 ALE NX-OS, ACI 3 N9504, N9508, N9516

X9564TX 48p 1/10G-T and 4p QSFP+ 2 T2 & 2 ALE NX-OS, ACI 3 N9504, N9508, N9516

X9536PQ 36p QSFP+ (1.5:1) 2 T2 & 2 ALE NX-OS, ACI 3 N9504, N9508, N9516

X9700

X9736PQ 36p QSFP+ 2 ASE ACI 6 N9504, N9508, N9516

X9400

X9464PX 48p 1/10G SFP+ and 4p QSFP+ 1 T2 NX-OS 2 N9504, N9508, N9516

X9464TX 48p 1/10G-T and 4p QSFP+ 1 T2 NX-OS 2 N9504, N9508, N9516

X9432PQ 32p QSFP+ 2 T2 NX-OS 4 N9504, N9508, N9516


Fixed: Nexus 9300 Line Cards Ports ASICs OS RU Uplink Module

N9396PX 48p 1/10G SFP+ and 12p QSFP+ 1 T2, 1 ALE NX-OS, ACI

2 Y

N9396TX 48p 1/10G-T and 12p QSFP+ 1 T2, 1 ALE NX-OS, ACI 2 Y

N93128TX 96p 1/10G-T and 8p QSFP+ 1 T2, 1 ALE NX-OS, ACI 3 Y

N93128TX2 96p 1/10G-T and 8p QSFP+ 1 T2, 1 ALE NX-OS, ACI 2 N

N93128PX2 96p 1/10G SFP+ and 8p QSFP+ 1 T2, 1 ALE NX-OS, ACI 2 N

N9372PX 48p 1/10G SFP+ and 6p QSFP+ 1 T2, 1 ALE NX-OS, ACI 1 N

N9372TX 48p 1/10G-T and 6p QSFP+ 1 T2, 1 ALE NX-OS, ACI 1 N

N9332PQ 32p QSFP+ 1 T2, 1 ALE NX-OS, ACI 1 N

N9332PQ2 32p QSFP+ 1 T2, 1 ALE NX-OS, ACI 2 Y

N9336PQ 36p QSFP+ 2 ASE, 2 T2 ACI 2 N

Nexus 9000 and ACI Update · STATE OF THE ART BACKPLANE FREE DESIGN ... Chassis Mgmt Power Supply...

Documents

Transcript of Nexus 9000 and ACI Update · STATE OF THE ART BACKPLANE FREE DESIGN ... Chassis Mgmt Power Supply...