A. A VSS is network system virtualization technology that pools multiple Cisco
® 6500 Series Switches into one virtual switch, increasing operational efficiency, boosting nonstop communications, and scaling system bandwidth capacity to 1.4 Tbps. At the initial phase, a VSS will allow two physical Cisco Catalyst 6500 Series Switches to operate as a single logical virtual switch called a virtual switching system 1440 (VSS1440). (See Figure 1.)
Figure 1. Virtual Switching System 1440 Compared to Traditional Network Design
Q. What is a VSS1440?
A. VSS1440 refers to the VSS formed by two Cisco Catalyst 6500 Series Switches with the Virtual Switching Supervisor 720-10GE. In a VSS, the data plane and switch fabric with capacity of 720 Gbps of supervisor engine in each chassis are active at the same time on both chassis, combining for an active 1400-Gbps switching capacity per VSS. Only one of the virtual switch members has the active control plane. Both chassis are kept in sync with the interchassis Stateful Switchover (SSO) mechanism along with Nonstop Forwarding (NSF) to provide nonstop communication even in the event of failure of one of the member supervisor engines or chassis.
Q. What are the benefits of VSS?
A. VSS offers superior benefits compared to traditional Layer 2/Layer 3 network design. Benefits can be grouped into four main categories:
1. VSS increases operational efficiency by simplifying the network, reducing switch management overhead by at least 50 percent.
• Single point of management, IP address, and routing instance for the Cisco Catalyst 6500 virtual switch
– Single configuration file and node to manage. Removes the need to configure redundant switches twice with identical policies.
– Only one gateway IP address is required per VLAN, instead of the three IP addresses per VLAN used today.
– Removes the need for Hot Standby Router Protocol (HSRP), Virtual Router Redundancy Protocol (VRRP), and Gateway Load Balancing Protocol (GLBP)
– CiscoWorks LAN Management System (LMS) 3.0 can be used to centrally manage a Cisco Catalyst 6500 virtual switch as a single entity.
• Multichassis EtherChannel® (MEC) is a Layer 2 multipathing technology that creates simplified loop-free topologies, eliminating the dependency on Spanning Tree Protocol, which can still be activated to protect strictly against any user misconfiguration.
• Flexible deployment options. The underlying physical switches do not have to be colocated. The two physical switches are connected with standard 10 Gigabit Ethernet interfaces and as such can be located any distance based on the distance limitation of the chosen 10 Gigabit Ethernet optics. For example, with X2-10GB-ER 10 Gigabit Ethernet optics, the switches can be located up to 40 km apart.
2. VSS boosts nonstop communications.
• Interchassis stateful failover results in no disruption to applications that rely on network state information (for example, forwarding table info, NetFlow, Network Address Translation [NAT], authentication, and authorization). VSS eliminates L2/L3 protocol reconvergence if a virtual switch member fails, resulting in deterministic subsecond virtual switch recovery.
• Utilizes EtherChannel (802.3ad or Port Aggregation Protocol (PAgP) for deterministic subsecond Layer 2 link recovery, removing the dependency on Spanning Tree Protocol for link recovery.
3. VSS scales system bandwidth capacity to 1.4 Tbps.
• Activates all available Layer 2 bandwidth across redundant Cisco Catalyst 6500 Series Switches with automatic, even load sharing. Link load sharing is optimized because it is based on more granular information, such as L2/L3/L4 parameters, unlike virtual LAN (VLAN)-based load balancing in Spanning Tree Protocol configuration.
• Enables standards-based link aggregation for server network interface card (NIC) teaming across redundant data center switches, maximizing server bandwidth throughput and increasing the number of standards-based components in the data center (that is, server NICs) with needing to configure proprietary NIC vendor mechanisms.
• Maximizes the utilization of all (132) 10 Gigabit Ethernet ports in a Cisco Catalyst 6500 virtual switch.
• Conserves bandwidth by:
– Eliminating unicast flooding caused by asymmetrical routing in traditional campus designs.
– Optimizing the number of hops for intracampus traffic using multichassis EtherChannel enhancements.
• VSS enhances existing multilayer switching architecture using simplification of architecture without fundamentally changing the architecture resulting in easy of adoption of the technology.
• Uses existing Cisco Catalyst 6500 investments, easing the deployment of VSS. The VSS is supported on non-E and E series Catalyst 6500 Series Switches chassis and supports all Cisco Catalyst 6500 series 6700 series modules.
• VSS uses standards-based 10 Gigabit Ethernet connectivity between the Cisco Catalyst 6500 virtual switch members, allowing for flexible distance options. The underlying physical switches do not have to be collocated.
Q. What are the target deployment areas for VSS?
A. The VSS is targeted to be deployed in the following locations in the network (Figure 2):
• Campus or data center core/distribution layer
• Data center access (server connectivity)
Figure 2. High Availability Network Design Simplified Using Virtual Switching System
Q. What makes up the VSS?
A. The VSS is made up of the following:
• Virtual switch members: Cisco Catalyst 6500 Series Switches (up to two switches with initial release) deployed with the Virtual Switching Supervisor 720 10GE
• Virtual switch link (VSL): 10 Gigabit Ethernet connections (up to eight using EtherChannel) between the virtual switch members. The 10 Gigabit Ethernet connections have to be one or more of the following modules:
– WS-X6708-10G module: any 10 Gigabit Ethernet port
– WS-X6716-10G module: only non-oversubscribed ports can be used for VSL (supported with 12.2(33)SXI)
VSLs can carry regular data traffic in addition to the control plane communication between the two virtual switch members. The distance of VSL link is limited only by the chosen 10 Gigabit Ethernet optics. For example, with a X2-10GB-ER optic, VSL can span distance up to 40 km. (See Figure 3.)
Figure 3. Virtual Switching System 1440 using Cisco Catalyst 6500 Series Switches
Q. What are the hardware and software requirements and restrictions for VSS?
A. Table 1 shows the hardware and software requirements and restrictions.
Table 1. Hardware and Software Requirements and Restrictions
Cisco IOS® Software Release 12.2(33)SXH1
Feature Set Requirement: IP Base*** or better
Virtual Switching Supervisor 720-10GE (VS-S720-10GE-3C and VS-S720-10GE-3CXL)
Note: Initial release supports a single supervisor engine per virtual switch member (or chassis). This restriction will be removed in a future software release.
• All 6700 series modules with Centralized Forwarding card (CFC)
• All 6700 series modules with Distributed Forwarding Card (DFC) 3C or DFC3CXL
Note: Support for WS-X6716-10G line card is available on 12.2(33)SXH2 and later version of software releases.
Distributed Forwarding Card (DFC)
DFC3C (WS-F6700-DFC3C and WS-F6700-DFC3C-XL)
VSL Ports: 10 Gigabit Ethernet Ports
• Virtual Switching Supervisor 720-10GE
• WS-X6708-10G-3C and WS-X6708-10G-3CXL
• WS-X6716-10G-3C and WS-X6708-10G-3CXL
Maximum VSL Distance
Maximum VSL distance depends on X2 optics used for VSL 10 Gigabit Ethernet connections:
• X2-10GB-CX4: 15m
• X2-10GB-LX4: 300m
• X2-10GB-SR: 26m (FDDI grade MMF), 300M with OM3 MMF)
• X2-10GB-LR: 10km
• X2-10GB-ER: 40km
• X2-10GB-LRM: 220m over MMF
• X2-10GB-ZR: 80km
All Cisco Catalyst 6500 chassis*
• Cisco Catalyst 6503-E and 6504-E Switches: all supported power supplies
• Cisco Catalyst 6506, 6506-E, 6509, 6509-E, 6509-NEB-A, 6509-V-E, and 6513 Switches: 2500W and above
Network Analysis Module 1 and 2
Intrusion Detection Module**
Wireless Integrated Services Module**
Firewall Integrated Services Module**
Application Control Engine Module**
Not currently supported
*Cisco Catalyst 6509-NEB Switch and Cisco Catalyst 6503 Switch (non-E) not supported
** Supported WITH 12.2(33)SXI
*** Supported WITH 12.2(33)SXI1
Q. What is multichassis EtherChannel?
A. Multichassis EtherChannel (MEC) is a Layer 2 multipathing technology. This form of EtherChannel allows a connected node to terminate the EtherChannel across the two physical Cisco Catalyst 6500 Series Switches that make up the VSS leading to creating simplified loop-free Layer 2 topology. Using MEC in VSS topology results in all links being active and at the same time provides for a highly available topology without the dependency of Spanning Tree Protocol. With the introduction of 12.2(33)SXI, the virtual switching system supports a maximum number of 512 MECs.
Q. What is the minimum software version needed on the service modules to operate with VSS?
Q. How many Cisco Catalyst 6500 Series Switches can be part of a VSS?
A. The VSS1440 will allow up to two physical Cisco Catalyst 6500 Series Switches to operate as a VSS. The two physical chassis does not need to be identical in the type of modules installed or even type of chassis. For example, a WS-C6503-E chassis can be combined with a WS-C6513 chassis to form a VSS.
Q. What high-availability mechanisms are available with a VSS?
A. A VSS uses interchassis NSF/SSO as the primary mechanism for high availability between the two chassis. One virtual switch member chassis will act as the active virtual switch member, while the other member will be in hot standby state for the control plane. Note that the data planes of both chassis are active and hence forward traffic at full combined capacity of 1440 Gbps. When one of the virtual switch members fails, there is no reconvergence of protocols in the network. The access layer or core layer switches continues to forward traffic because they only detect a link failure in an EtherChannel bundle and hence do not need to reconverge any protocols. No disruption occurs to the traffic flowing through the VSS. The VSS mechanism during switch failure is far superior when comparison with the traditional model where one switch failure results indeterminist convergence of multiple control protocols like STP, HSRP and routing protocol.
Q. What is enhanced fast software upgrade (eFSU)?
A. eFSU is a mechanism to perform software upgrades while maintaining high-availability. It leverages the existing features of Nonstop Forwarding (NSF) and Stateful Failover (SSO) and significantly reduces the downtime to less than 200ms.
Q. Is MPLS and IPv6 supported with the Virtual Switching System 1440?
Q. Is there a management tool that helps in migrating to VSS?
A. Yes, CiscoWorks LAN Management Solution (LMS) 3.0 will support the management of a VSS. LMS provides centralized management of VSS deployments with the following features:
• VSS setup wizard to help ease conversion from standalone switches.
• Inventory, configuration, and software image support of VSS-enabled switches in the Resource Management Essential (RME) tool
• Physical view and visual configuration of VSS using the CiscoView tool LMS 3.0 .
Q. What happens if all VSL connections between the virtual switch members are lost?
A. VSLs can be configured with up to eight links between the two switches across any combination of line cards or supervisor ports to provide a high level of redundancy. If for some rare reason all VSL connections are lost between the virtual switch members leaving both the virtual switch members up, the VSS will transition to the dual active recovery mode.
The dual active state is detected rapidly (subsecond) by any of the following three methods:
• Enhancement to PAgP used in MEC with connecting Cisco switches
• L3 Bidirectional Forwarding Detection (BFD) configuration on a directly connected link (besides VSL) between virtual switch members or through an L2 link through an access layer switch
• L2 Fast-Hello Dual-Active Detection configuration on a directly connected link (besides VSL) between virtual switch members (supported with 12.2(33)SXI)
In the dual active recovery mode, all interfaces except the VSL interfaces are in an operationally shut down state in the formerly active virtual switch member. The new active virtual switch continues to forward traffic on all links.
Q. How do the integrated service modules appear in a VSS environment?
A. The integrated service modules in a VSS environment appear similar to how they would in a standalone environment. For instance, two separate ACE modules in a standalone environment would continue to appear and operate as two separate ACE modules in a VSS environment.
Q. How does the Virtual Switching System 1440 operate in a server virtualization environment?
A. VSS greatly aids in higher bandwidth utilization, scaling (via elimination of reliance on Spanning-tree protocol) and availability of a virtualized server environment. For instance, dual-homed VMware ESX servers can operate in an Active-Active (send and receive on all links) state enabling them to increase Virtual Machine (VM), VMotion
® and IP Storage performance.
Q. Is VSS a validated Cisco design? When will the design guides be available for VSS?
A. Yes, VSS is a Cisco validated design (CVD). Cisco SRND for both Campus and Data Center networks will be available in CY'09.
Q. Is VSS Cisco Safe Harbor program tested and certified?