Cisco Nexus 9000 Series Switches license
Cisco Nexus 9000 Series Switches are ideal for small-to-midsize data centers, offering five key benefits: price, performance, port-density, programmability, and power efficiency.
Cisco Nexus 9000 Series Switches are cost-effective by taking a merchant-plus approach to switch design. Both silicon developed by Cisco- plus merchant silicon application-specific integrated circuits (ASICs) Trident II, or T2, power Cisco Nexus 9000 Series Switches. The T2 ASICs also deliver power efficiency gains. Additionally, Cisco Nexus 9000 Series Switches lead the industry in 10 and 40 Gb price-per-port densities. The cost-effective design approach coupled with a rich feature set make Cisco Nexus 9000 Series Switches a great fit for commercial data centers.
Licensing is greatly simplified on the Cisco Nexus 9000 Series Switches. At the time of this writing, there are two licenses available: the Enterprise Services Package license enables dynamic routing protocol and VXLAN support, and the Cisco Data Center Network Manager (DCNM) license provides a single-pane-of-glass GUI management tool for the entire data center network. Future licenses may become available as new features are introduced.
Cisco Nexus 9000 Series Switches offer powerful programmability features to drive emerging networking models including automation and DevOps, using tools, such as the Cisco NX-OS API (NX-API), as well as Python, Chef, and Puppet.
For small-to-midsize commercial customers, the Cisco Nexus 9000 Series Switches product family is the best platform for 1-to-10 Gb migration, 10-to-40 Gb migration, and is an ideal replacement for aging Cisco Catalyst switches in the data center. The Cisco Nexus 9000 Series Switches can easily be integrated with existing networks. This white paper introduces a design as small as two Cisco Nexus 9000 Series Switches and provides a path to scale out your data center as it grows, highlighting both access and aggregation designs, and spine-leaf designs.
About Cisco Nexus 9000 Series Switches
The Cisco Nexus 9000 Series consists of larger Cisco Nexus 9500 Series modular switches and smaller Cisco Nexus 9300 Series fixed-configuration switches. The product offerings are discussed in detail later in this white paper.
Cisco provides two modes of operation for the Cisco Nexus 9000 Series. Customers can use Cisco NX-OS Software to deploy the Cisco Nexus 9000 Series in standard Cisco Nexus switch environments.
Alternately, customers can use the Cisco Application Centric Infrastructure (ACI), which is ready for the hardware infrastructure to take full advantage of an automated, policy-based, systems management approach.
In addition to traditional Cisco NX-OS features, such as Cisco virtual PortChannels (vPC), PowerOn Auto Provisioning (POAP), and Nexus 2000 Series Fabric Extenders support, the single-image Cisco NX-OS running on Cisco Nexus 9000 Series Switches introduces several key new features:
- The intelligent Cisco NX-API provides administrators a way to manage the switch through remote procedure calls (JSON or XML) over HTTP and/or HTTPS, instead of accessing the Cisco NX-OS command line directly.
- Linux shell access enables the switch to be configured through Linux shell scripts, helping automate the configuration of multiple switches and helping ensure consistency among multiple switches.
- Continuous operation is maintained through cold and hot patching, which provides fixes between regular maintenance releases or between the final maintenance release and the end-of-maintenance release, in a nondisruptive manner (for hot patches).
- Virtual Extensible LAN (VXLAN) bridging and routing in hardware at full line rate facilitates and accelerates communication between virtual and physical servers. VXLAN is designed to provide the same Layer 2 Ethernet services as VLANs, but with greater flexibility and at a massive scale.
Cisco Nexus 9000 Series Switches support the plug-in for OpenStack Networking, also known as Neutron. With the plug-in you can build an infrastructure as a service (IaaS) network and to deploy a cloud network. With OpenStack, you can build an on-demand, self-service, multitenant computing infrastructure. However, implementing the OpenStack VLAN networking model across virtual and physical infrastructures can be difficult.
The OpenStack Networking extensible architecture supports plugins to configure networks directly. However, when you choose a network plug-in, only that plug-in’s target technology is configured. When you are running OpenStack clusters across multiple hosts with VLANs, a typical plug-in configures either the virtual network infrastructure or the physical network, but not both.
The Cisco Nexus plug-in solves this difficult problem by including support for configuring both the physical and virtual networking infrastructure. The Cisco Nexus plug-in accepts OpenStack Networking API calls and uses the Network Configuration Protocol (NETCONF) to configure Cisco Nexus devices, as well as Open vSwitch (OVS), which runs on the hypervisor.
The Cisco Nexus plug-in configures VLANs on both the physical and virtual network. It also allocates scarce VLAN IDs by deprovisioning them when they are no longer needed and reassigning them to new tenants whenever possible. VLANs are configured so that virtual machines running on different virtualization (computing) hosts that belong to the same tenant network transparently communicate through the physical network. In addition, connectivity from the computing hosts to the physical network is trunked to allow traffic only from the VLANs that are configured on the host by the virtual switch.
This white paper focuses on basic design, integration of features, such as vPC, VXLAN, access layer device connectivity, and Layer 4-7 service insertion. Please refer to the addendum For an introduction to the advanced programmability features of Cisco NX-OS on Cisco Nexus 9000 Series Switches, see Addendum A, “Automation and Programmability,” in this document. Other features are out of the scope of this white paper.
Cisco ACI Readiness
What Is Cisco ACI?
The future of networking with Cisco Application Centric Infrastructure (ACI) is about providing a network that is deployed, monitored, and managed in a way that supports rapid application change. ACI does this through the reduction of complexity and a common policy framework that can automate provisioning and managing resources.
Cisco ACI works to solve the business problem of slow application deployment due to focus on primarily technical network provisioning and change management problems by enabling rapid deployment of applications to meet changing business demands. Cisco ACI provides an integrated approach by providing application-centric end-to-end visibility from a software overlay down to the physical switching infrastructure while accelerating and optimizing Layer 4-7 service insertion to build a system that brings the language of applications to the network.
Cisco ACI delivers automation, programmability, and centralized provisioning by allowing networks to be automated and configured based on business-level application requirements. Cisco ACI provides accelerated, cohesive deployment of applications across network and Layer 4-7 infrastructure, and enables visibility and management at the application level. Advanced telemetry for visibility into network health and simplified day two operations also opens up troubleshooting to the application itself.
The Cisco ACI diverse and open ecosystem is designed to plug in to any upper-level management or orchestration system and attract a broad community of developers. With the integration and automation of both Cisco and third-party Layer 4-7 virtual and physical service devices, you can use a single tool to manage the entire application environment.
With the Cisco ACI mode, customers can deploy networks based on application requirements in the form of policies, removing the need to translate the complexity of current network constraints. In tandem, Cisco ACI ensures security and performance while maintaining complete visibility into application health on both virtual and physical resources.
Converting Cisco Nexus 9000 NX-OS Mode to ACI Mode
This white paper features the Cisco Nexus 9000 Series Switches in NX-OS (standalone) mode. However, the Cisco Nexus 9000 hardware is ready for Cisco ACI. Cisco Nexus 9300 switches and many of the Cisco Nexus 9500 line cards can be converted to ACI mode.
The Cisco Nexus 9000 Series Switches are the foundation of the Cisco ACI architecture and provide the network fabric. A new operating system is used by the Cisco Nexus 9000 switches running in ACI mode. The switches are then coupled with a centralized controller called the Cisco Application Policy Infrastructure Controller (APIC) and its open API. The Cisco APIC is the unifying point of automation, telemetry, and management for the Cisco ACI fabric, enabling an application policy model approach to the data center.
Conversion from standalone NX-OS mode to ACI mode on the Cisco Nexus 9000 switch is out of the scope of this white paper. For more information about the ACI mode on the Cisco Nexus 9000 Series Switches, see the Cisco ACI homepage.
Data Center Design Evolution
Cisco Nexus 9000 Series Switches can be used in a number of potential designs in a midsize commercial data center. Cisco Nexus 9000 Series Switches can be used as end-of-row or top-of-rack access layer switches, as aggregation or core switches in traditional hierarchical two- or three-tier network designs, or deployed in a modern leaf-spine architecture. This white paper discusses both access and aggregation designs and leaf-spine designs.
Traditional Data Center Design
Traditional data centers are built on a three-tier architecture with core, aggregation, and access layers, or a two-tier collapsed core with the aggregation and core layers combined in one layer. This architecture accommodates a north-south traffic pattern where client data comes in from a WAN or the Internet to be processed by a server in the data center and is then pushed back out of the data center. This is common for applications, such as web services, where most communication is between an external client and an internal server. The north-south traffic pattern permits hardware oversubscription, because most traffic is funneled in and out through the lower-bandwidth WAN or Internet bottleneck.