Network World
Friday, December 5, 2008
DNSstuff.com
Get information about your IP
IP Information
50+ On-demand DNS and network tools

Michael Morris: From the Field

Cisco Subnet
NetworkWorld.com > Community > Michael Morris: From the Field

Navigation

NX-OS's Best Feature: Virtual Device Contexts (VDCs)

By michaeljmorris on Sun, 03/09/2008 - 6:22pm.

When I wrote about the Cisco Nexus 7000 NX-OS a few weeks back, I mentioned the pinnacle of new features in NX-OS was Virtual Device Contexts (VDCs). This is a feature I could've used a lot in the past during network design and is a long-time coming.

VDCs take a single physical switch and create many, unique virtual devices (switches), just as VMware does for servers. Each VDC is analogous to a virtual machine in VMware. NX-OS runs a single kernel and infrastructure layer to control the hardware and provide basic services. A single VDC Manager also runs and controls all the VDCs. It creates and deletes individual VDCs and launches necessary software services for the VDC.

Each VDC is its own switch. They have their own processes, VLANs, routing protocols, spanning-tree, management plane, and configuration. It's really a completely separate switch. Interfaces are assigned to the VDC to provide external connectivity.

Photobucket

Processes in each VDC are separate and run in their own protected memory space. Thus, if OSPF fails on VDC 12, it will not affect OSPF in the other VDCs. VDCs are created with the aid of a template, which specifies the resources a VDC can use. Inter-VDC communication is only via external interfaces, there is no internal switch like in VMware.

VDCs offer several direct benefits:

  • A completely separate partition between different groups or organizations (if you network requires this separation) while using only a single switch. This reduces hardware investment, DC space usage, and power.
  • VDCs can be created for development, testing, stage, and production on the same switch. Now, all four data center environments can exist inside the same physical switch, each with its own configuration. Again, this reduces DC OPEX and increases network capacity utilization, reduces cabling, and simplifies support.
  • Network testing and training can occur in a separate VDC. Now, testing of configurations and training can occur in the actual network instead of an expensive lab.
  • Separate administrative domains are created to give different groups control over their environment, lessening the load on core network engineering and operations teams.

Furthermore, VDCs also provide an interesting way to scale hardware resources beyond their documented limits. Each line card in the Nexus 7000 can support:

- 128,000 MAC addresses
- 128,000 FIB entries
- 64,000 ACLs
- 512,000 NetFlow entries

Normally, with a single VDC, entries for each of these tables are copied across every linecard so distributed (local) switching can occur. So, the limit of the entire Nexus 7000 is the numbers listed above. But, now consider the case with VDCs. Each VDC may not necessarily have ports on every linecard. Without a port in a VDC, the line card does not store entries for its MAC addresses, ACLs, NetFlow entries, etc. So, that linecard does use up any resources, even though a MAC address has been stored on another linecard. The entire capability of the single Nexus 7000 has just risen because of virtualization.

Photobucket

With this resource breakdown using VDCs, hardware maximums can be exceeded. Notice in the table below the number of routes (FIB entries) supported in a single Nexus 7000 is no longer 128,000, it's now 180,000:

Photobucket

Finally, VDCs, along with VSS, are going to introduce radical changes to network design. I'll be covering that soon.

More >From the Field blog entries:

* Come Visit Me at FutureNet

Tips on spending your time well at Cisco Networkers, plus: bring back the CCIE party!!

* NX-OS - Some Software For all that New Nexus 7000 Hardware

* A CCIE job that only offers $150K - ummm...maybe...well...no.....

* The DC3....err....Nexus 7000 brings some exciting hardware to the DC LAN

Go to Cisco Subnet for more Cisco news, blogs, discussion forums, security alerts, book giveaways, and more.

Recent Cisconet blog entries

20 useful sites for Cisco networking professionals

Network World's IT Buyer's Guide: Cisco products

Subscribe to Network World's Cisco Alert, which includes a weekly digest of all Cisco Subnet items

Permalink

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <i> <b> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <blockquote> <br /> <br> <p>
  • Lines and paragraphs break automatically.
  • You can use BBCode tags in the text.
  • Web page addresses and e-mail addresses turn into links automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.

About Michael Morris

Michael Morris is a communications engineering manager at a $3 billion high-tech company. His background is in enterprise WANs working with telcos, and developing large-scale routing designs. He has worked on networks at government and corporate organizations, including networks at two Fortune 10 companies. In his current role, he leads large-scale IT networking projects and develops and maintains architectural standards for data networks, storage area networks, IP Telephony, and security. Michael is a CCIE and has 11 years experience in networking and communications, including four years as a paratrooper in the U.S. Army. He has a bachelor's degree in MIS from the University at Buffalo. Recently, he was awarded the Network Professional Association® (NPA) Professional Excellence and Innovation Award for his work on network architecture, templates and enterprise MPLS design.

Contact him.

RSS feed XML feed

From the Field archive.

Cisco Subnet / RSS feed Cisco news RSS

The opinions expressed in this Weblog are those of the writer and may not represent the opinions of Network World.

Advertisement: