BRKDCT 2951

Deploying Nexus 7000 in Data Centre Networks
BRKDCT -2951
BRKDCT-2951
2013 Cisco and/or its affiliates. All rights reserved.
Cisco Public
Session Abstract
This session is targeted to Network Engineers, Network Architects and IT administrators who have deployed or are considering the deployment of the Nexus 7000. The session begins with a Nexus 7000 hardware overview and primarily focuses on Data Centre related features and implementation best practices. The session covers recent hardware enhancements to Nexus 7000 product line such as the new Nexus 7004 chassis, the new supervisors modules (SUP2/2E) and the new highperformance 10/40/100G linecards (M2 and F2e).
The session also discusses some of the Data Centre design examples and its best practices section will cover features such as VDC, VPC, Cisco FabricPath, Layer2, Layer3, Fabric Extenders(FEX), etc.
Attendee should have a basic knowledge of the Nexus 7000 hardware platform and software features as well as good understanding of L2 and L3 protocols.
BRKDCT-2951
Cisco Public
Agenda
Evolution of Data Centre Trends & Observations Changes to Data Centre Fabric Nexus 7000 Switching Hardware Overview Features Overview & Best Practices Data Centre Design Examples
BRKDCT-2951
Cisco Public
Evolution of Data Centre Trends & Observations
The IT Landscape Mega Trends Causing Ripples

Cloud
Video Service Provider Campus Mobility/ BYOD Virtualisation & Cloud Data Centre Consolidation
Branch Security Data Centre
Business Continuity Disaster Recovery
CAPACITY
Do I have the right performance to scale?
COMPLEXITY
How do I simplify deployments?
COST
How can I be operationally efficient?
The IT Challenge: Is My Network Ready?

BRKDCT-2951 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
What Makes Designing Networks for Data Centre Different?

Extremely high density of end nodes and switching
Power, cooling, and space management constraints

Mobility of servers a requirement, without DHCP The most critical shared end-nodes in the network, high availability required with very small service windows Multiple logical multi-tier application architectures built on top of a common physical topology
Server load balancing, firewall, other services required
BRKDCT-2951
Cisco Public
Data Centre Architecture

One design used to fit most
Switching Design was based on the
hierarchical switching - three tiers: Access, Aggregation and Core

L2/L3 boundary at the aggregation
Layer 3
Core
Services in aggregation
What has changed? Most everything Hypervisors Cloud IaaS, PaaS, SaaS MSDC Ultra Low Latency
BRKDCT-2951 2013 Cisco and/or its affiliates. All rights reserved.
Layer 2
Aggregation
Services
Access
Cisco Public
Workload Virtualisation
Flexibility & Provisioning
Partitioning Physical devices partitioned into virtual devices
Virtual Machines
App OS App OS App OS OS OS
Clustering Applications distributed across multiple servers

App
OS App OS
Physical Servers
BRKDCT-2951
Cisco Public
Changes to Data Centre Fabric
Data Centre Architecture

There is no single design anymore
Spectrum of Design Evolution
blade1 slot 1 blade2 slot 2 blade3 slot 3 blade4 slot 4 blade5 slot 5 blade6 slot 6 blade7 slot 7 blade8 slot 8 blade1 slot 1 blade2 slot 2 blade3 slot 3 blade4 slot 4 blade5 slot 5 blade6 slot 6 blade7 slot 7 blade8 slot 8 blade1 slot 1 blade2 slot 2 blade3 slot 3 blade4 slot 4 blade5 slot 5 blade6 slot 6 blade7 slot 7 blade8 slot 8
Ultra Low Latency High Frequency Trading Layer 3 & Multicast No Virtualisation Limited Physical Scale Nexus 3000 & UCS 10G edge moving to 40G
BRKDCT-2951
HPC/GRID Layer 3 & Layer 2 No Virtualisation Nexus 2000, 3000, 5500, 7000 & UCS 10G moving to 40G
Virtualised Data Centre
MSDC Layer 3 Edge (iBGP, ISIS) 1000s of racks Homogeneous Environment No Hypervisor virtualisation 1G edge moving to 10G Nexus 2000, 3000, 5500, 7000 & UCS
SP and Enterprise Hypervisor Virtualisation Shared infrastructure Heterogenous 1G Edge moving to 10G Nexus 1000v, 2000, 5500, 7000 Cisco Public 2013 Cisco and/or its affiliates. All rights reserved. & UCS
Building Efficient DC Fabric to Scale

Tightly Coupled WorkloadActive/Active
L2/L3
Active workload migration (e.g. vMotion) currently constrained by the latency requirements associated with storage synchronisation Tightly coupled workload domain has specific network, storage, virtualisation and services requirements
BRKDCT-2951 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public
Building an Efficient DC Fabric to Scale

Loosely Coupled WorkloadBurst and Disaster Recovery
WAN DCI and Routing
Asynchronous Storage
Burst workload (adding temporary processing capacity) and Disaster Recovery leverage out of region facilities Loosely coupled workload domain has a different set of network, storage, virtualisation and services requirements
Building an Efficient DC Fabric to Scale

Scaling Up the Network Pod and Scaling out the Fabric Scaling Up of the building blocks (High Density 10G, FEX, AdapterFEX, vPC, FabricPath)
Scaling Out of the Fabric (FabricPath, OTV, SPF/EIGRP/ISIS/BGP, MPLS)

Scaling out the Fabric
VM #2 VM VM #2 #3 BRKDCT-2951 VM #4 VM VM VM
VM #3
VM #4
Scaling up the aggregation block (POD)
2013 Cisco and/or its affiliates. rights reserved. #2 #3 All #4
Cisco Public
Massively Scalable Data Centres

Requires Large Fabrics
N way load sharing designs Topologies flattening and spreading wider Spine/Leaf (Core/Edge) design to address
Oversubscription & Buffering (non-blocking in the extreme case) Workload Traffic Pattern Changes (East-West) Availability (moving to N + 1 models)
...
Nexus 3000 32 way ECMP
Nexus HW provides a solid toolset for these designs FabricPath 16 way ECMP & 16 way port
Scaling Port channel Bandwidth: 8 links 16 links, Virtual Port Channels FabricPath Nexus 7K, Nexus 5K
channels x 10G links
L3 ECMP Nexus 7K,5K,3K

Overlay Protocols
vPC Port Channel 32 x 10G links
Cisco Fabric Extender Architecture

Scaling the Access Layer Fabric
FEX
FEX
FEX
.. ...
Benefits
...
...
End of Row (EoR)
Nexus 5000 or Nexus 7000
Top of Rack (ToR)
De-coupling and optimisation of Layer 1 and Layer 2 Topologies Simplified Top of Row cabling with End of Row Management paradigm Support for Rack and blade server connectivity Reducing number of management points in a ToR Model Fewer devices to
manage, monitor, upgrade

Virtual Port Channel (vPC)

Scalable L2 Network, Maximise Uplink Bandwidth and Resiliency
Traditional STP Based Network
L3 L2
Nexus VPC Based Network

L3 L2
Blocked Links
Active Links
Only 50% Links Forwarding
100% Links Forwarding
Features
Overcomes spanning tree
Benefits
Double the Bandwidth
limitations in access and distribution layers

Both uplinks are active on all VLANs Extends link aggregation to two
all links forwarding

Fast convergence around failed link Increased data centre resiliency Maximise investment in
separate physical switches

infrastructure
Cisco Public
Cisco FabricPath
Extend VLANs Within the Data Centre
Nexus FabricPath Network
POD 1 VLAN1
POD 2 VLAN1
Span VLANs Within the Data Centre Benefits
POD 3 VLAN1
Features
Scalable up to 12,000+ 10GE
Seamless workload mobility beyond
racks/pods Leverage compute resources across data High cross-sectional bandwidth centre for any workload Extend VLANs across data centre Simplify scale out by adding compute resources for any app, anywhere in the data centre Cisco Public BRKDCT-2951 2013 Cisco and/or its affiliates. All rights reserved.
servers in single domain
Overlay Transport Virtualisation (OTV)

Extend VLANs Across Data Centres
IP/MPLS (Internet/Private)
OTV
DC 1 VLAN1
DC 2 VLAN1
Extend VLANs Across Data Centres
DC 3 VLAN1
Features
Ethernet LAN Extension
Benefits
Many physical sitesone logical data centre
over any network

Multi datacentre scalability Seamless overlayno network re-
Seamless workload mobility
design
between data centres Leverage and optimise compute resources across data centres for any workload Enables disaster avoidance and simplifies recovery
Cisco Public
Nexus 7000 Hardware Features
What is the Nexus 7000 ?

Data-Centre class Ethernet switch designed to deliver highavailability, system scale, usability, investment protection
I/O Modules
Supervisor Engine
Chassis
Fabrics
BRKDCT-2951
Cisco Public
Cisco Nexus 7000 Series Chassis

Multiple Chassis Form factor
NEW
Highest 10GE Density in Modular Switching Nexus 7004 Nexus 7009 Nexus 7010 Nexus 7018
Height Max BW per Slot Max 10/40/100GE ports Air Flow Power Supply Configurations
7 RU 440 Gig/Slot 96/12/4 Side-to-Rear 4 x 3KW AC Small to Medium Core/Edge
14 RU 550 Gig/Slot 336/42/14 Side-to-Side 2 x 6KW AC/DC 2 x 7.5KW AC Data Centre and Campus Core
21 RU 550 Gig/Slot 384/48/16 Front-to-Back 3 x 6KW AC/DC 3 x 7.5KW AC Data Centre
25 RU 550 Gig/slot 768/96/32 Side-to-Side 4 x 6KW AC/DC 4 x 7.5KW AC Large Scale Data Centre
Application
BRKDCT-2951
Cisco Public
22
Nexus 7004
2 Supervisors + 2 Modules No Fabric Modules Required Up to 4 3kW Power Supply AC/DC Air Flow: Side to Rear Use cases: DC Edge, Small core/agg Supports FabricPath, OTV, LISP etc
Side-to-back airflow Fan tray Air exhaust
Supported Modules
M1-XL M2-XL F2/F2e SUP2/SUP2E Sup1 F1 M1-NonXL
7RU
Supervisor slots (1-2) I/O module slots (3-4) Power supplies
BRKDCT-2951
6.1 maintenance
Front
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public
Rear
23
Nexus 7000 Supervisor Overview

Performs control plane and management functions
Console, AUX (Sup1) and out-of-band management interfaces Interfaces with I/O modules via 1G switched EOBC
Supervisor 2/2E
ID LED Status LEDs
Console Port
Management Ethernet
USB Host Ports
USB Flash / Compact Flash
Reset Button
Supervisor 1
AUX Port
USB Host Ports

Cisco Public
CMP Ethernet
Supervisor Comparison
Sup1
CPU Speed Dual-Core Xeon 1.66 Ghz
Sup2
Quad-Core Xeon 2.13 GHz
Sup2E
2 x Quad-Core Xeon 2.13 GHz
Memory
8G
12 GB
32 GB
Flash Memory
Compact Flash
USB
USB
CMP
Supported
Not Supported
Not Supported
NX-OS Release
4.0 or later
6.1 or later
6.1 or later
VDCs
4+1
8+1
FEX
BRKDCT-2951
32 FEX/1536 Ports
32 FEX/1536 Ports
Cisco Public
48 FEX/2048 Ports
25
Fabric Modules
Fabric 1 Each module provides 46Gbps per I/O module slot
Up to 230Gbps per slot with 5 fabric modules
N7K-C7018-FAB-1 N7K-C7018-FAB-2
I/O modules leverage different amount of fabric bandwidth Fabric access controlled using QoS-aware central arbitration with VOQ Fabric 2
Increases bandwidth to 110Gbps per I/O module slot!
Up to 550Gbps per slot with 5 fabric modules
Backward compatible with existing modules
Requires NX-OS 5.2 (N7009) & NX-OS 6.0 (N7010/N7018)

Fabric 1 to Fabric 2 Migration

In-service upgrade
In-Service upgrade from Fabric 1 to Fabric2
Fabric2
Fast. Simple. Non-Disruptive.
Fabric2
Fabric2
230 550 Gbps Gbps

Per Slot
Fabric2
Fabric2
Fab1 to Fab2 Migration - In-Service Upgrade

Fab2 supports all existing Modules Fab2 is required to utilise F2 / F2e Modules to full 48 port 10GE line rate capacity
Nexus 7000 I/O Module Families M and F

M family L2/L3/L4 with large forwarding tables and rich feature set
N7K-M148GT-11/N7K-M148GT-11L
New !
N7K-M224XP-23L
N7K-M148GS-11/N7K-M148GS-11L
N7K-M206FQ-23L
N7K-M202CF-22L
F family Low-cost, high performance, low latency, low power and streamlined feature set
New !
BRKDCT-2951
Cisco Public
Which Module to Choose ?

Software Supported Features
MPLS Multicast Features Set Classic Layer 2 Feature Set QoS Feature Set OTV LISP
FabricPath
FCoE
Classic Layer 3 Feature Set

Security Features Set
Virtual Device Context
Common (M or F) Baseline Features
Advanced Features
BRKDCT-2951
Cisco Public
29
Supported in NX-OS release 6.1(1) and later
24-Port 10GE M2 I/O Module

N7K-M224XP-23L
24-port 10G with SFP+ transceivers
240G full-duplex fabric connectivity

Two integrated forwarding engines (120Mpps) Support for XL forwarding tables (licensed feature)
Distributed L3 multicast replication

802.1AE LinkSec Supports Connections to Nexus 2000 (FEX)
N7K-M224XP-23L
BRKDCT-2951
Cisco Public
30

N7K-M206FQ-23L 6-port 40G with QSFP transceivers
100G
CORE / ISP
Option to breakout to 4X10G interfaces per 40G port

40 /100G
240G full-duplex fabric connectivity Two integrated forwarding engines (120Mpps)
Support for XL forwarding tables (licensed feature)

Distributed L3 multicast replication 802.1AE LinkSec
10 G 10 G 10 G
40 /100G
BRKDCT-2951
Cisco Public
31

N7K-M202CF-22L 2-port 100G with CFP transceivers
100G
CORE / ISP
Option to breakout to 2X40G or 10X10G interfaces

40 /100G
200G full-duplex fabric connectivity Two integrated forwarding engines (120Mpps)
Support for XL forwarding tables (licensed feature)

Distributed L3 multicast replication 802.1AE LinkSec
10 G 10 G 10 G
40 /100G
BRKDCT-2951
Cisco Public
32
F2-Series Solution Enhanced with F2e

High Density 48 ports 1/10GE ports (SFP+) F2e Series modules enables tighter integration
of FabricPath with LISP & MPLS by providing M/F2e VDC Inter-operability support* Better scaling by utilising larger M tables Ports 41-48 capable of Wire rate encryption with MacSec*
Interop options Software required F2e Behaviour
*No dedicated VDC requirement for F2e !
Interop with F2 Series

Interop with M1/M2 Series
*Hardware Capable -Requires NX-OS 6.2, No inter-op with F1
6.1.2 Nov 2012

6.2 1HCY13
In an F2 VDC, F2e behaves like F2 with full L2 and L3 feature set

In an M VDC, F2e works in L2 Mode with M-Series providing L3 Proxy forwarding
BRKDCT-2951
Cisco Public
F2e Copper Supports EoR/MoR

48 Copper -1/10 GE line rate ports Low Power Consumption: ~8W per Port Low Latency ~6usec Full Layer 2 and Layer 3 Support All ports (1-48) are MACSEC capable** FabricPath support for next gen Layer 2 designs
*No dedicated VDC requirement for F2e !
Ideal for EoR and MoR design Enables Cost Effective MoR/EoR Designs
No Need for optics, standard RJ-45 connectors

**Macsec support will be added in a future release *Hardware Capable -Requires NX-OS 6.2, No inter-op with F1
BRKDCT-2951
Cisco Public
F2e Incremental Features

Features Common to F2 and F2e: 48 port 1 and 10GE (SFP+)
*No dedicated VDC requirement for F2e!
Incremental Features in F2e: Interoperability with M1XL/M2* (F1 Interop not planned) MACSec (802.1AE) * Bidir PIM * SVI stats * IPv6 DSCP-to-Queue Mapping 48 Port 1G/10G Copper modules
Layer 2 and Layer 3 forwarding

1G/10G dual-speed on each interface Low Latency Nexus 2000 Support
FabricPath
IEEE 1588 PTP
* Not available at FCS

F2e+M for FabricPath + MPLS Designs

Tighter Integration of FabricPath & MPLS F2e + M2 (or M1-XL) at the aggregation in the same VDC* Layer 3 Routing performed by the MSeries. F2e in Layer2 mode FabricPath towards the Access MPLS towards the Core
FabricPath
MPLS
* Requires NX-OS 6.2

F2e+M for FabricPath + LISP Designs

Integrate LISP with Fabricpath
F2e + M1-32XL at the aggregation in the same VDC* Layer 3 Routing performed by the MSeries. F2e in Layer2 mode
FabricPath towards the Access

LISP to provide seamless workload mobility
FabricPath
If M2 are present must be excluded from the Layer3 proxy

* Requires NX-OS 6.2
FEX Support
System scale
Nexus 7000
Up to 20481 host ports
FEX supported (Pre NX-OS 6.1)

Cisco Nexus 2248TP Cisco Nexus 2232PP Cisco Nexus 2224TP
NEW in NX-OS 6.1
Cisco Nexus 2248TP-E N2K-C2248TP-E Cisco Nexus 2232TM N2K-C2232TM-10GE
Cisco Nexus 7000

1 Requires SUP2E
FEX supported with SUP1, SUP2 and SUP2E support FEX M132XP, M224XP & F2 series modules Up to 48 FEX (both 1GE and 10GE FEX) modules supported with SUP2E (6.1) Choice of 1G/10G interfaces with FEX
Nexus 7000 Features & Leading Practices Virtual Device Contexts
Nexus 7000 Virtual Device Contexts (VDC)

Partition One Physical Switch to Multiple Secure Virtual Switches
Consolidate Multiple Physical Switches into One
VDC 1 VDC 2 Layer 2 Protocols Layer 2 Protocols
VLAN PVLAN VLAN STP PVLAN STPLACP LACP UDLD
Core
Layer 3 Protocols Layer 3 Protocols
OSPF OSPFBGP EIGRP BGP EIGRPPIM PIM
Agg
VDC 1
GLBP
UDLDCDP 802.1X CDP CTS 802.1X CTS
HSRP GLBP IGMP HSRP SNMP IGMP SNMP
Admin VDC
VDC 2
VDC 8
DMZ
Internet
Features Flexible separation/distribution of hardware resources and software components Complete data plane and control plane separation Complete software fault isolation Securely delineated administrative contexts BRKDCT-2951 2013 Cisco and/or its affiliates. All rights reserved.
Benefits Device consolidation, both vertical and horizontal Reduced number of deviceslower power usage, reduced footprint and lower CapEx/OpEx Fewer devices to manage Optimise investment
40 Cisco Public
Virtual Device Contexts (VDCs)

VDC Port Allocation
Nexus7K(config)# vdc Nexus7K(config-vdc)# Nexus7K(config-vdc)# Nexus7K(config-vdc)# secure-net id 2 allocate interface e2/1,e2/3,e2/5,e2/7 allocate interface .. exit
Any individual ports on the 48 Port 1GE & 8 Port 10GE M1( ex : Port 1 , Port 2 etc ) Any individual ports on the 24 Port 10GE,6 port 40GE & 2 Port 100GE M2 ( ex : Port 1 ,Port 2 etc)
M108
All ports in the same port-group on 32 port 10GE M1 modules ( Ex : 1,3,5,7 2,4,6,8 etc )
M2-10G
M132
M148
M2-40G
All Ports in a SoC (Port-Group) on 32/48 port 10GE F1 / F2/F2e Modules (ex Ports 1,2 Ports 7,8 etc on F1) & ( Ports 1,2,3,4.. Ports 13,14,15,16 etc on F2/F2e )
F1 F2/F2e
M148
M2-100G
BRKDCT-2951
Cisco Public
41
Virtual Device Contexts (VDCs)

VDC Module Allocation
If VDC has both M1(non-XL) and M1-XL /M2-XL modules, system will operate with least common denominator mode
VDC resource-limit module-type customise as needed
VDC1 Admin
VDC2 INET VDC3 ENET
Lab VDC M1 Modules only
Default VDC mode allows M1 / F1/ M1-XL / M2-XL Modules Other dedicated modes (ex:F1,M1,M1-XL,M2-XL & F2 only) are configurable
Nexus7K(config)# vdc inet Nexus7K(config-vdc)# limit-resource module-type m2-xl
INET Facing VDC M2-XL modules only
It is recommended to allocate whole modules per VDC, Helps with better hardware resource scaling
Communication Between VDCs Must use front panel port to communicate between VDCs No soft cross-connect or backplane inter-VDC communication
VDC2 VDC3
42
Admin VDC
Purely Administrative Context
Available on Supervisor 2/2E Provides pure administrative context
CoPP configuration / HWRL Configuration ISSU and EPLD VDC creation, suspension and deletion, interface allocation Show tech-support, tac-pac, debugs, GOLD Diagnostics System-wide QoS, Port Channel load-balancing Poweroff & out-of-service Modules License Management
Admin
Management Functions
CoPP ISSU GOLD Licensing EPLD
Admin
VDC
Infrastructure Kernel
Doesnt require Advanced or VDC License
Can use 1 Admin VDC + 1 Data VDC (1+1)
Simplify configuration for data plane VDCs

No boot statements, CoPP policies, etc in NonAdmin VDCs
Addresses customer security concerns about network administrator rol

Can better leverage VDC administrator role
Initially only available on Supervisor 2/2E
Scheduled for SUP1 in 6.2 release (Q1CY13)

Cisco Public
VDC CPU Shares

Enables per-VDC CPU Access & Prioritisation Provides more control and protection per VDC for users Network administrator controls each VDCs priority CPU share is controlled by VDC priority & CPU is shared equally among VDCs
VDC1
Shares = 2
VDC2
Shares = 4
VDC3
Shares=1
User can control allocation priorities are linear in effect

The more VDCs configured, the lower the overall percentage per VDC
VDC4
Shares=8
VDC5
Shares=10
VDC6
Shares=5
Comes into use when CPU utilisation increases (contention)

Available on SUP2/2E only* CPU shares take effect immediately (no need to restart/reload)
Controlled by NX-OS scheduler in the kernel Processes that do not want the CPU do not affect CPU time of other processes *SUP2 and SUP2E Require NX-OS 6.1
Cisco Public
VDC CPU Resource Allocation

CPU Shares
Configured under each VDC
Shares are defined on a scale of 1-10 with default of 5

10 is highest priority, 1 lowest
vdc Agg1 id 2
limit-resource module-type m1 f1 m1xl m2xl allow feature-set ethernet allow feature-set fabricpath allow feature-set fex cpu-share 5 allocate interface Ethernet4/1-8 boot-order 1 <snp> N7K-1# show vdc Agg1 det vdc vdc vdc vdc vdc vdc vdc CPU CPU vdc vdc vdc vdc vdc id: 2 name: Agg1 state: active mac address: 00:26:98:0f:d9:c2 ha policy: RESTART dual-sup ha policy: SWITCHOVER boot Order: 1 Share: 5 Share Percentage: 20% create time: Mon Apr 23 15:13:39 2012 reload count: 0 restart count: 0 type: Ethernet supported linecards: m1 f1 m1xl m2xl
Default CPU Share
CPU Share Percentage shows minimum % during contention
BRKDCT-2951
Cisco Public
45
Nexus 7000 Features & Leading Practices Virtual Port Channel
vPC Virtual Port Channel

vPC allows a single device to use a port channel across two neighbour switches (vPC peers) (Layer 2 port channel only) Eliminate STP blocked ports & reduces STP Complexity (Do not disable STP)
vPC Peers
MCEC vPC Peers
Uses all available uplink bandwidth - enables dualhomed servers to operate in active-active mode
Provides fast convergence upon link/device failure If HSRP enabled, both vPC devices are active/active on forwarding plane Available since NX-OS 4.1(3) on the Nexus 7000 & NX-OS 4.1(3)N1 on N5K
! Enable vpc on the switch dc11-7010-1(config)# feature vpc ! Check the feature status dc11-7010-1(config)# show feature | include vpc vpc 1 enabled
MCEC
47
vPC/STP Best Practices

Do not disable STP !! Configure vPC peers in aggregation layer as primary/secondary root
VLAN 1 - 4094 STP Pri 8192 VLAN 1- 4094 STP Pri 16384
BA (Bridge Assurance) is enabled by default on vPC peerlink

Do not enable Loopguard and BA on vPC (disabled by default)
agg1a
BA Enabled (Default) No No BA BA, or Loopguard Loopguard (Default) (Default) agg1b
Enable STP port type edge and port type edge trunk on host ports
Enable STP BPDU-guard globally on access switches Selectively allow vlans on trunks
BPDU-guard
Port Type Edge / Edge Trunk
BRKDCT-2951
Cisco Public
48
vPC Additional Recommended Config

Strong Recommendations Implement IGP routing between vPC peers Enable vPC peer-gateway Enable vPC auto-recovery Enable vPC ARP Sync Use VPC Graceful Consistency check enhancement Use Per Vlan Type-1 Check enhancement Optional Recommendations Enable peer-switch in a pure vPC topology
vPC ARP Sync vPC ARP Sync
Designate vPC primary / secondary peer device
Enable PeerGateway
vPC Autorecovery vPC_PKL agg1a

routing peer
vPC Autorecovery
Enable PeerGateway
vPC Primary role pri 8192
agg1b
vPC Secondary role pri 16384
vPC_PL
Enable Orphan port-suspend if needed
BRKDCT-2951
Cisco Public
49
vPC Best Practices Configuration

Use dedicated connection for vPC peer keepalive link and assign to a separate VRF Port-channel is recommended but not required
10.1.1.1 VRF vPC-Keepalive
10.1.1.2 VRF vPC-Keepalive
vPC_PKL agg1a e3/47- 48) agg1b
Connect via an OOB mgmt network if using mgmt 0 interface

Do not use SVI interface between vPC peer-link as vPC keepalive link
Utilise diverse 10GE modules to form vPC peer-link (must be 10GE port-channel)
Peer-Link port-channel requires identical modules on same & other side and can use any 10GE Module (M1,M2,F1,F2/F2e) Dedicated mode (For M132) recommended , Shared mode is supported but not recommended vPC peer-link must be configured as a trunk
Identical Dedicated modules required Rate-Mode on both sides
e1/1 agg1a e2/1
Po1
e1/1 agg1b e2/1
vPC_PL
Trunk Trunk allowed Allowed VLANs VLANs = vPC vPC VLANs VLANs
50

Always dual home all devices to vPC domain using vPC !! Failure of peer-link can isolate single attached devices Match vPC with port-channel number for better administration Clear unnecessary VLANs on trunks
Nexus7K-1a(config)# int e3/1-2 switchport switchport mode trunk channel-group 11 mode active ! int port-channel 11 switchport switchport mode trunk switchport trunk allowed vlan 100-110 vpc 11
Core
vPC Primary vPC_PKL agg1a vPC_PL agg1b
vPC Secondary Shut SVIs vPC VLANs
Orphan port
Isolated!!
Acc1 Acc2 Acc3
If vPC peer-link fails, the secondary vPC peer suspends local vPCs and shuts down SVIs of vPC VLANs
Cisco Public 51

For better vPC Management & Troubleshooting : Designate vPC primary peer role with lower role priority Align vPC primary peer with STP primary root, HSRP active router and PIM DR Configure one peer as HSRP active router for all VLANs Implement IGP routing between vPC peers to re-route traffic in case of complete uplink failure by using one of the options A routing VLAN over vPC peer-link Dedicated L3 port-channel or leverage a non-VPC trunk Static routing, Do not create L3 dynamic routing protocol peering adjacency with a VPC (access) device (not supported)
STP Primary root & HSRP active router
vPC Primary (role priority 8192)
vPC Secondary role priority 16382
agg1a
agg1b
Acc1a
Acc1b
vPC Primary role priority 8192
vPC Secondary role priority 16384
Routing Peer (vlan 99) e1/1 e1/1 agg1a e2/1 e2/1
agg1b vPC_PL
52
vPC Graceful Type-1 Check

S1 -Primary
NX-OS N7K - 5.2 N5K - 5.0(3)N1(1) Keepalive S2-Secondary vPC peer-link
vPC member ports on S1 and S2 should have identical parameters (MTU, speed, ) Any inconsistency in such parameters is Type 1 all vlans on both vpc legs are brought down in such Inconsistency With graceful type-1 check, only Secondary vPC members are brought down.
Type-1 Inconsistency
vPC 1
po1 CE-1
S1(config-vpc-domain)# graceful consistency-check S2(config-vpc-domain)# graceful consistency-check Graceful Type-1 check enabled by default.
vPC member ports on primary peer device remain up
BRKDCT-2951
Cisco Public
53
Orphan-Port Suspend
vPC Active / Standby NIC teaming support
A vPC orphan port is an non-vPC interface on a switch where other ports in the same VLAN are configured as vPC interfaces Prior to release 5.0(3)N2 on Nexus 5000/5500 and 5.2 on Nexus 7000 an orphan port was not shut down on loss of vPC peer-link With the supported release the orphan ports on the vPC secondary peer can (configurable) also be shut down triggering NIC teaming recovery for all teaming configurations Configuration is applied to the physical port*
N5K-2(config)# int eth 100/1/1 N5K-2(config-if)# vpc orphan-port suspend vPC Supported Server fails over correctly
NX-OS N7K - 5.2 N5K - 5.0(3) N2
vPC
eth 100/1/1
Active/Standby Server does not fail over correctly since orphan port is still active
orphan-port suspend with FEX host interface requires 6.1.2 release due to CSCua35190
* VPC
BRKDCT-2951 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
Layer 3 over vPC

Unicast & Multicast
Platform Support Dynamic Layer 3 peering over vPC
P
5k1
5k2
Nexus 7K Unicast Traffic
Nexus 5K
Currently not supported !

P
Multicast Traffic
Switch Router Routing Protocol Peer Dynamic Peering Relationship
Dynamic Layer 3 peering support over VPC with F2 Modules on N7K is targeted for 6.2 release (1HCY13 )
Nexus 7000 - Features & Leading Practices FabricPath
Cisco Fabric Path

FabricPath connects a group of switches using an arbitrary topology and provides Scalability, High Bandwidth, High Resiliency, L3 integration and L2 integration
Benefits of FabricPath

Eliminate Spanning tree limitations Multi-pathing across all links, high cross-sectional bandwidth High resiliency, faster network re-convergence Any VLAN, any where in the fabric eliminate VLAN Scoping
Nexus7K(config)# feature fabricpath Nexus7K(config)# feature switch-id <#> Nexus7K(config)# interface ethernet 1/1 Nexus7K (config)# switchport mode fabricpath
With a simple CLI, aggregate them into a Fabric
FabricPath
BRKDCT-2951
Cisco Public
FabricPath Terminology
Interface connected to another FabricPath device Sends/receives traffic with FabricPath header Does not perform MAC learning, No STP Exchanges topology info through L2 ISIS adjacency Forwarding based on Switch ID Table
FP Core Ports
S10 S20 S30 S40 Ethernet frames transmitted on a Cisco FP CORE port always carry an IEEE 802.1Q tag, and as such can be conceptually considered a trunk port.
Spine Switch
FabricPath (FP)
S100 S200 S300
Leaf Switch 1/1 A CE Edge Ports 1/2
Classical Ethernet (CE)

B
Interface connected to traditional network device Sends/receives traffic in standard 802.3 Ethernet frame format Participates in STP domain Forwarding based on MAC table CE Edge port can be switchport access or trunk
BRKDCT-2951
Cisco Public
FabricPath
Conversational Learning & VPC+
MA C A IF e1/1 MA C IF s1,e1/1 e1/2
B
s8, e1/2
FabricPath
s3
e1/1
A
s8
e1/2
s5
VPC+
MA C
VLAN X VLAN Y VLAN Z
IF
Per-port MAC address table only needs to learn the peers that are reached across the fabric A virtually unlimited number of hosts can be attached to the fabric Allows extending VLANs with no limitation (no risks of loop) Devices can be attached active/active (VPC+) to the fabric using IEEE standard port channels and without resorting to STP
BRKDCT-2951
FabricPath switch-id
Configure switch-ID manually for all switches in the network fabricpath switch-id 1 Make sure switch-ID (as well as vPC+ emulated switch-ID) is unique in the whole FP fabric
Suggested numbering scheme for switch-ID

SPINE switch : 2 digit switch-ID LEAF switch : 3 digit switch-ID vPC+ system : 4 digit switch-ID Enable FP mode VLAN in all FP fabric switches
Nexus7K(config)# vlan 10-400 Nexus7K(config-vpc-domain)# mode fabricpath
VLAN pruning must be performed manually on CE Edge port

Nexus7K(config)# int eth1/10 Nexus7K(config-if)# switchport mode trunk Nexus7K(config-if) # switchport trunk allowed vlan 100-1000
BRKDCT-2951
Cisco Public
Routing At Aggregation
Centralised Routing Evolutionary extension of current design practices
Design benefits:
Simplified configuration Removal of STP
L2/L3 boundary
SVIs
L3
SVIs
Routed core
Aggregation
Traffic distribution over all uplinks without VPC port-channels Active/active gateways VLAN anywhere at access layer Topological flexibility
FabricPath
Access
Scalability considerations
Today: 16K unique host MACs across all routed VLANs
Routing At Aggregation
Option to Scale-out the Spine Layer
VLAN 100-200 VLAN 300-400
VLAN 100-400
VLAN 100-400
FabricPath
FabricPath
FabricPath
Split VLANs
GLBP
Host is pinned to a single gateway Less granular load balancing
Anycast HSRP All active Available in NX-OS 6.2 release
Some polarisation Inter-VLAN traffic can be suboptimal
BRKDCT-2951
Cisco Public
Centralised Routing
Removing Routing from the FP Spine Layer
Centralised Routing Design Alternate View
L3
FabricPath spine L2/L3 boundary Layer 3 services leaf switches
FabricPath
FabricPath spine
FabricPath
Layer 3 services border leaf switches L2/L3 boundary
L3
Server access leaf switches
Run VPC+ for active/active HSRP
All VLANs available at all leaf switches FHRP between L3 services switches for FHRP
BRKDCT-2951
Cisco Public
Centralised Routing
Key Design Highlights Traditional aggregation layer becomes pure FabricPath spine
Provides uniform any-to-any connectivity between leaf switches Only FabricPath bridging occurs in spine
FabricPath leaf switches, connecting to spine, have specific personality

Most leaf switches provide server connectivity, like traditional access switches in Routing at Aggregation designs
Two or more leaf switches provide L2/L3 boundary, inter-VLAN routing and North South routing (Border Leaves)
Other (or same) leaf switches provide access to L4-7 services or have L4-7 services personality (future)
Same MAC scalability considerations of routing at aggregation design

BRKDCT-2951
16K unique host MACs today, 128K MACs with 6.2 release and Nexus 6K (at FCS) Cisco Public 2013 Cisco and/or its affiliates. All rights reserved.
Nexus 7000 Software Features

Overlay Transport Protocol
Overlay Transport Virtualisation

Virtual/ Private Cloud VLAN 1
MAC in IP supporting Layer 2 VPNs Over any Transport
DC2
Unified Fabric
Physical SAN HFT/HPC NAS
Cisco
DC3 VLAN 1 Storage
USE CASES Inter and intra DC connectivity across L3 Use all data centre capacity Back up data centre, rapid recovery Reduced Data centre maintenance outage
RESULTING IN Scalability across multiple data centres Seamless overlayno network redesign required Single-touch site configuration High resiliency Maximised bandwidth
Cisco Public
OTV at a Glance
Ethernet traffic between sites is encapsulated in IP: MAC in IP
Dynamic encapsulation based on MAC routing table

No Pseudo-Wire or Tunnel state maintained
MAC1 MAC2 Encap
MAC MAC1 MAC2 MAC3 IF Eth1 IP B IP B
IP A IP B
MAC1 MAC2 Decap

OTV
MAC1 MAC2
OTV
IP A
IP B
Server 1 MAC 1
BRKDCT-2951
Communication between MAC1 (site 1) and MAC2 (site 2)

Server 2 MAC 2
OTV Terminology
Edge Device (ED): connects the site to the (WAN/MAN) core; responsible for performing all the OTV functions Authoritative Edge Device (AED): Elected ED that performs traffic forwarding for a set of VLAN Internal Interfaces: interfaces of the ED that face the site. Join interface: interface of the ED that faces the core. Overlay Interface: logical multi-access multicast-capable interface. It encapsulates Layer 2 frames in IP unicast or multicast headers.
OTV Overlay Interface
L2
L3
Internal Interfaces
BRKDCT-2951
Join Interface
Core
Cisco Public
OTV & SVI

On Nexus 7000 a given VLAN
can either be associated with an SVI or extended using OTV This would theoretically require a dual-system solution
OTV VDC Default VDC Default VDC OTV VDC
The VDC feature allows to deploy a dual-vdc solution

N7K-1 N7K-2
OTV VDC as an appliance Single L2 internal interface and single Layer 3 Join Interface
L3 Link L2 Link Physical View
BRKDCT-2951
Cisco Public
OTV Control Plane

MAC Address Advertisements (Multicast-Enabled Transport)
When an Edge Device learns a new MAC address it advertises it together with its associated VLAN IDs and the IP address of the join-interface A single OTV update can contain multiple MACs from different VLANs With a multicast-enabled transport a single update reaches all neighbours.
4
VLAN MAC
MAC A MAC B MAC C
IF
IP A IP A IP A
1
3 New MACs are learned on VLAN 100 Vlan 100 Vlan 100 Vlan 100 MAC A MAC B MAC C
100
OTV update is replicated by the core 2 IP A
100
100
East
VLAN MAC
MAC A MAC B
IF
IP A IP A
West
100 100
100
MAC C
IP A
South
OTV Configuration
OTV over a Multicast Transport Minimal configuration required to get OTV up and running
feature otv otv site-identifier 0x1* otv site-vlan 99 interface Overlay100 otv join-interface e1/1 otv control-group 239.1.1.1 otv data-group 232.192.1.0/24 OTV feature otv otv extend-vlan 100-150 otv site-identifier 0x2* otv site-vlan 99 IP A interface Overlay100 West otv join-interface Po16 otv control-group 239.1.1.1 IP C otv data-groupOTV 232.192.1.0/24 otv extend-vlan 100-150 feature otv otv site-identifier 0x3* otv site-vlan 99 interface Overlay100 otv join-interface e1/1.10 otv control-group 239.1.1.1 otv data-group 232.192.1.0/24 otv extend-vlan 100-150
OTV
IP B
East
South *Introduced from release 5.2

Nexus 7000 Features & Leading Practices LISP
Nexus 7000 LISP

Location ID/Separation Protocol Global IP Address Portability
Internet/Private
User
LISP Route Server
x.x.x.x
y.y.y.y
z.z.z.z
DC 1 VLAN1 10.10.10.2
DC 2 VLAN2
DC 3 VLAN3
Features IP address portability across subnets Auto detection and re-route of traffic/session Highly scalable technology
BRKDCT-2951
Benefits Seamless workload mobility between data centres and cloud Direct Path (no triangulation), connections maintained during move No routing re-convergence, no DNS updates required Transparent to the hosts and users Cisco Public
N7K Placement Considerations

Greenfield Site
N7K requires M1-32 to enable LISP encapsulation To allow usage of F2 or other at aggregation layer To allow smooth integration of LISP in Greenfield put LISP in a dedicated VDC on a stick of the aggregation LISP VDC is the default gateway for the dynamic subnet under migration
No definition of this subnet in the Aggregation layer

LISP VDC is attracting L3 traffic to it using the announcement in IGP of its home subnet This home subnet is not advertised to the WAN
WAN traffic is still pointing to brownfield site until migration is over

LISP VDC is acting as Proxy ARP for intra subnet traffic
Nexus 7000 Software Features

FCoE
Extending Convergence Beyond Access

SAN Core
FC FCoE
Nexus 7000 FCoE
Hosts
FCoE
Access Nexus 7000

FCoE
Common Core Nexus 7000

FCoE
Storage Targets
Features
Industry's highest performance
Benefits
Wire once flexibility over single
Director-Class SAN platform Lossless Ethernet (DCB) Multi-hop FCoE support: Spans Nexus 7000, Nexus 5000, and MDS 9500
Ethernet Fabric Reduce network Sprawl switches, cables, adapters, etc. Up to 45% access layer CapEx savings Seamlessly integrate converged networks with existing MDS FC SANs
Cisco Public
76
FCoE ON F2 MODULE
High Performance Director Class Convergence
Highest performance storage platform in the industry 15-Tbps
Highest density of line-rate 10G FCoE ports - Access, Aggregation, or Core

Multi-protocol: FCoE, iSCSI, and NAS
REQUIRES
SUP2/2E Fabric 2 Modules for full bandwidth
F2 module: N7K-F248XP-25
BRKDCT-2951
Cisco Public
Storage VDC Supported Options

Logical representation
Dedicated VDC - No shared interfaces
F2 VDC
Storage VDC
F1 or F1-M1 VDC
F2 VDC
Storage VDC
F1 or F1-M1 VDC
F2
F1
Any non-F2
F2
F2
Any non-F2
Notes
F1 and F2 cannot co-exist in the same VDC Only one storage VDC per chassis
BRKDCT-2951
Cisco Public
Storage VDC Supported Options

Logical representation
Dedicated VDC Shared interfaces
Storage VDC
F1 or F1-M1 VDC
Storage
VDC
F2 VDC
F1
F2
Notes
F1 and F2 cannot co-exist in the same VDC Only one storage VDC per chassis
Nexus 7000 - Implementation Leading Practices
Software Licensing
Features installed by individual licenses or enabling the license grace period (120 days)
Grace period not recommended
Installation is non-disruptive to features already running under the grace period Backup the license after license is installed System generates periodic Syslog, SNMP or Call home messages
Feature License Enterprise LAN OSPF, EIGRP, BGP, Advanced LAN Scalable Feature Transport Services Enhanced L2 Package CTS, VDC M1-XL TCAM OTV FabricPath Features
Nexu7K# show license usage Feature LAN_ADVANCED_SERVICES_PKG LAN_ENTERPRISE_SERVICES_PKG

BRKDCT-2951
Ins Yes No
Lic Count -
Status Expiry Date Comments In use Never In use Grace 119D 22H
Cisco Public
---------------------------------------------------------------------------------------------------------------
Software Upgrade
Synchronise the kickstart image with the system image Utilise cold start upgrade procedure for non-production devices
Nexus7K(config)# boot system bootflash:<system-image> Nexus7K(config)# boot kickstart bootflash:<kickstart-image> Nexus7K# copy run startup-config Nexus7K# reload
Utiliseinstall all to perform ISSU with zero service interruption Issue show install all impact to determine upgrade impact
Nexus7K# install all kickstart bootflash:<kickstart-image> system bootflash:<system-image>
Refer to release notes and installation guide
Avoid disruption to the system during ISSU upgrade (STP topology change, module removal, power interruption, etc)
BRKDCT-2951
Cisco Public
EPLD Upgrade
EPLD upgrade is used to enhance HW functionality or to resolve known issues EPLD upgrade is an independent process from software upgrade and not dependent on NX-OS EPLD upgrade is typically not required Performed on all Field Replaceable Modules
Nexus7K# sh ver <type> <#> epld Nexus7K# sh ver mod 3 epld EPLD Device Version -------------------------------Power Manager 4.008 IO 1.016 Forwarding Engine 1.006 FE Bridge(1) 186.006 FE Bridge(2) 186.006 Linksec Engine(1) 2.006 ---deleted--Linksec Engine(8) 2.006
In redundant configuration, requires reload of IO modules
BRKDCT-2951
Cisco Public
EPLD Upgrade Best Practices

Upgrade to the latest EPLD image prior to bringing hardware into production environment (staging HW, replacement HW, etc) Only use Install all EPLD on non-production systems
Nexus7K# install all epld bootflash:<EPLD_image_name>
When performing supervisor EPLD upgrade for a system with dual-sup, first upgrade the standby supervisor, then switchover and upgrade previous active supervisor
Make sure EPLD image is on both supervisors flash
Nexus7K# install module <module> epld bootflash:<EPLD_Image_name>
In a redundant system, only EPLD upgrade for I/O modules can disrupt traffic since the module needs to be power-cycled
BRKDCT-2951
Cisco Public
Hardware Installation Considerations

Two supervisors for high availability and ISSU Two M1 modules in mixed mode chassis (M1/F1) A minimum of three fabric modules to provide N+1 redundancy for all M1/M1-XL I/O modules Use five 2nd generation fabric modules for full performance from F2 I/O modules
Perform chassis / system grounding

Perform additional diagnostics on staged devices before production Configure complete boot-up diagnostic level (default) Administratively shutdown all ports to run Portloopback test over night Power-cycle after burn-in period to perform boot-up diagnostic
BRKDCT-2951
Cisco Public
Nexus 7000 Design Examples
Data Centre Design Example 1

3-Tier Data Centre Design Leveraging VDCs
Large Data Centre utilising 3-Tier DC design Nexus 7000s in Core and Aggregation 10GE/GE ToR and GE MoR access layer switches 40GE/100GE high density Aggregation to Core connections Implement vPC / double-sided vPC for redundant active/active server connections
Core Aggregation Nexus 7000 Access Nexus 5500
BRKDCT-2951 SW-1a vPC VDC2 SW-1b VDC2 SW-1a VDC3
Nexus 7000
Core1
Core2
L3
L3 Channel L3 link L2 Channel L2 link
vPC
SW-1b VDC3
SW-2a VDC2
vPC
SW-2b VDC2
SW-2a vPC VDC3
SW-2b VDC3
L3 L2 L2
87
vPC active standby active standby
vPC active active
active
active
Cisco Public

3 Tiered DC Design with Nexus 5000 & Nexus 2000
Nexus 7000 in core and aggregation, N5K / N2K in access layer Utilise Nexus 2000 for scaling with Nexus 7000 Implement vPC / double-sided vPC / Host vPC for redundancy Different vPC redundancy models can be utilised to support active/active or active/standby server connections
Core Nexus 7000 Aggregation Nexus 5500 Access Nexus 7000
agg1a
VPC
Core1
Core2
L3
aggNa
VPC
agg1b
..
aggNb
L3 L2
Nexus 2000
vPC
VPC
VPC
vPC
vPC vPC active
Nexus 2000
Active/Standby
Active/Active
Active
BRKDCT-2951
Active
active
Cisco Public
88

Small DC with Virtualised 3-Tier Design using N7004
Small Data Centre with a virtualised 3-Tier DC design using Nexus 7004 Utilise VDCs on two devices to create a core and aggregation layer GE and 10GE ToR access layer switches Implement vPC / double-sided vPC for redundant active/active server connections
Nexus 7004
N7004
N7004
SW-1b VDC2
Core
SW-1a VDC2
L3
Nexus 7004
Aggregation
SW-1a VDC3
vPC
SW-1b VDC3
L3 L2
vPC
Nexus 5500
Access
active standby
active
L2
active
Cisco Public 89
BRKDCT-2951

FabricPath Design with Routing at Aggregation
Fabric Path High-level design options with Routing at Aggregation Aggregation serves as FabricPath spine as well as L2/L3 boundary Provides FabricPath bridging for East West intra-VLAN traffic Provides SVIs for East West inter-VLAN routing Provides routed uplinks for North South routed flows L3 Core
Layer 3 Link Layer 2 CE Layer 2 FabricPath
L3
Aggregation
L2/L3 boundary L2/L3 boundary
FabricPath Access
FabricPath
Cisco Public

Cisco FabricPath Centralised Routing Design
Centralised routing at FabricPath Leafs, Aggregation layer no longer does the routing Transparent spine Interconnecting the leafs together Leaf switches provide server access and some leaf can provide L3 Services Very flexible in terms of scaling and enables vlan anywhere
L3
L2/L3 boundary Layer 3 services leaf switches
FabricPath spine
FabricPath
Server access leaf switches


FabricPath Design with Distributed Routing
Fabric Path High-level design options with Distributed routing For POD-local VLANs, same as Routing at Aggregation options For DC-wide and multi-POD VLANs, Routing at Aggregation or Centralised Routing options
FABRICPATH BRIDGED FLOWS
FabricPath
SVI 100 SVI 100 SVI 100
SVI 100
SVI 100
SVI 100
VPC+
SVI 40
SVI 30 SVI 30
SVI 10
SVI 20
VPC+
SVI 10
SVI 20
SVI 40
SVI 50
VPC+
SVI 50
L3
INTER-VLAN ROUTED FLOWS INTER-VLAN ROUTED FLOWS
Rack 1 VLAN 10
Rack 2 VLAN 20
Rack 3 VLAN 30
Rack 4 VLAN 40
Rack 5 VLAN 50
Rack 6 VLAN 30
Layer 2 CE Layer 2 FabricPath
BRKDCT-2951
Cisco Public

Cisco FabricPath with Multi-Pod Design
Fabric Path High-level Multi-PoD Design Option
Combines Routing at Aggregation and Centralised Routing
Three possible classes of VLAN in FabricPath domain

POD-local VLANs exist only in one POD (Vlans 100 199, 200 299 & 300 399) DC-wide VLANs exist in all PODs ( Vlans 2000 2099) Multi-POD VLANs exist only in subset of PODs (not illustrated)
L3
Fabric Path Core
Vlans 100 - 199 Vlans 200 -299 Vlans 300 - 399 Vlans 2000 - 2099
Aggregation
L2/L3 boundary
FabricPath Access
POD 1
Vlans 100 - 199 Vlans 2000 - 2099
BRKDCT-2951
POD 2
Vlans 200 - 299 Vlans 2000 - 2099
Cisco Public
POD 3
Vlans 300 - 399 Vlans 2000 - 2099
Q&A
Complete Your Online Session Evaluation

Give us your feedback and receive a Cisco Live 2013 Polo Shirt!
Complete your Overall Event Survey and 5 Session Evaluations. Directly from your mobile device on the Cisco Live Mobile App By visiting the Cisco Live Mobile Site www.ciscoliveaustralia.com/mobile Visit any Cisco Live Internet Station located throughout the venue Polo Shirts can be collected in the World of Solutions on Friday 8 March 12:00pm-2:00pm
Dont forget to activate your Cisco Live 365 account for access to all session material, communities, and on-demand and live activities throughout the year. Log into your Cisco Live portal and click the "Enter Cisco Live 365" button. www.ciscoliveaustralia.com/portal/login.ww
Cisco Public 95
BRKDCT-2951
BRKDCT-2951
Cisco Public

BRKDCT 2951

Uploaded by

Copyright:

Available Formats

BRKDCT 2951

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

BRKDCT 2951

Uploaded by

Copyright:

Available Formats

Deploying Nexus 7000 in Data Centre Networks

2013 Cisco and/or its affiliates. All rights reserved.

2013 Cisco and/or its affiliates. All rights reserved.

2013 Cisco and/or its affiliates. All rights reserved.

Evolution of Data Centre Trends & Observations

The IT Landscape Mega Trends Causing Ripples

Branch Security Data Centre

Business Continuity Disaster Recovery

The IT Challenge: Is My Network Ready?

What Makes Designing Networks for Data Centre Different?

Power, cooling, and space management constraints

Server load balancing, firewall, other services required

2013 Cisco and/or its affiliates. All rights reserved.

Data Centre Architecture

hierarchical switching - three tiers: Access, Aggregation and Core

Clustering Applications distributed across multiple servers

2013 Cisco and/or its affiliates. All rights reserved.

Changes to Data Centre Fabric

Data Centre Architecture

Spectrum of Design Evolution

Virtualised Data Centre

Building Efficient DC Fabric to Scale

Building an Efficient DC Fabric to Scale

Building an Efficient DC Fabric to Scale

Scaling Out of the Fabric (FabricPath, OTV, SPF/EIGRP/ISIS/BGP, MPLS)

Scaling up the aggregation block (POD)

2013 Cisco and/or its affiliates. rights reserved. #2 #3 All #4

Massively Scalable Data Centres

L3 ECMP Nexus 7K,5K,3K

vPC Port Channel 32 x 10G links

Cisco Fabric Extender Architecture

Nexus 5000 or Nexus 7000

Top of Rack (ToR)

manage, monitor, upgrade

Virtual Port Channel (vPC)

Nexus VPC Based Network

Only 50% Links Forwarding

100% Links Forwarding

limitations in access and distribution layers

all links forwarding

separate physical switches

Scalable up to 12,000+ 10GE

Seamless workload mobility beyond

Overlay Transport Virtualisation (OTV)

over any network

Seamless workload mobility

Nexus 7000 Hardware Features

What is the Nexus 7000 ?

2013 Cisco and/or its affiliates. All rights reserved.

Cisco Nexus 7000 Series Chassis

7 RU 440 Gig/Slot 96/12/4 Side-to-Rear 4 x 3KW AC Small to Medium Core/Edge

21 RU 550 Gig/Slot 384/48/16 Front-to-Back 3 x 6KW AC/DC 3 x 7.5KW AC Data Centre

2013 Cisco and/or its affiliates. All rights reserved.

Nexus 7000 Supervisor Overview

ID LED Status LEDs

USB Host Ports

USB Flash / Compact Flash

USB Host Ports

Increases bandwidth to 110Gbps per I/O module slot!