A. Cisco Nexus 1000V Switches provide a comprehensive and extensible architectural platform for virtual machine and cloud networking. The switches are designed to accelerate server virtualization and multitenant cloud deployments in a secure and operationally transparent manner.
Although server virtualization provides numerous benefits to the data center customers, the dynamic nature of virtual environments presents additional complexities at the network layer:
• Inconsistencies across physical and virtual networking domains create problems in policy provisioning, management, monitoring, and troubleshooting processes and workflows.
• Customers are increasingly adopting mixed hypervisor environments, compounding the complexity associated with the use of different operating models across different hypervisors.
• Increasing numbers of business-critical applications are being virtualized, requiring a more robust set of network services (firewalls, load balancers, etc.) at the virtual access layer.
• Customers are seeking broader mobility of their virtual machines to improve utilization of their data center resources.
The Cisco Nexus 1000V Switch is a distributed software switching platform that provides advanced networking features, integrated services, and a consistent operating model across physical and virtual environments.
Q. What is the Cisco Nexus 1000V Switch for Microsoft Hyper-V?
A. With the Cisco Nexus 1000V Switch for Microsoft Hyper-V, customers can rely on:
• Enterprise-class Cisco® NX-OS Software feature set and the associated partner ecosystem.
• Innovative network services architecture to support scalable, multitenant environments.
• Consistent operating model across physical and virtual environments and across hypervisors.
• Tight integration with Microsoft System Center Virtual Machine Manager (SCVMM).
The first release of the Cisco Nexus 1000V (in 2009) addressed virtual networking for VMware vSphere environments. The Cisco Nexus 1000V Switch for Microsoft Hyper-V extends the same solution to environments using Microsoft Windows Server 2012 with Hyper-V.
Product Architecture and Features
Q. What are the components of the Cisco Nexus 1000V Switch for Microsoft Hyper-V?
A. The Cisco Nexus 1000V brings the robust architecture associated with traditional Cisco physical modular switches to Microsoft Hyper-V environments. It has two main components (Figure 1):
• The Cisco Nexus 1000V virtual Ethernet module (VEM) is a software component deployed on each Microsoft Hyper-V host as a forwarding extension. Each virtual machine on the host is connected to the VEM through virtual Ethernet (vEth) ports.
• The Cisco Nexus 1000V virtual supervisor module (VSM) is the management component that controls multiple VEMs and helps in the definition of virtual machine-focused network policies. It is a virtual machine running Cisco NX-OS on a Microsoft Hyper-V host and is similar to the supervisor module on a physical modular switch.
Figure 1. Cisco Nexus 1000V Switch for Microsoft Hyper-V Components
The Cisco Nexus 1000V uses the extensible switch framework offered by Microsoft Windows Server 2012 with Hyper-V and the management ecosystem offered by Microsoft SCVMM.
Q. Can a single Cisco Nexus 1000V Switch manage hosts on multiple hypervisors (for example, Microsoft
Hyper-V and VMware vSphere)?
A. No. Separate Cisco Nexus 1000V Switches must be deployed for different hypervisor environments.
Q. Does the Cisco Nexus 1000V Switch for Microsoft Hyper-V support all Microsoft Hyper-V deployments?
A. No. The Cisco Nexus 1000V supports only Microsoft Windows Server 2012 Hyper-V deployments and is not available for earlier versions of Microsoft Hyper-V. It also requires Microsoft SCVMM 2012 SP1 or later versions.
Q. What features does the Cisco Nexus 1000V Switch for Microsoft Hyper-V support?
A. The Cisco Nexus 1000V Switch for Microsoft Hyper-V offers the same advanced switching feature set that is offered by the VMware vSphere version of the product (Table 1).
Table 1. Cisco Nexus 1000V Switch for Microsoft Hyper-V Features
Private virtual LANs (PVLANs), quality of service (QoS), access control lists (ACLs), port security, and Cisco vPath
Dynamic Host Configuration Protocol (DHCP) snooping, Dynamic Address Resolution Protocol (ARP) Inspection, and IP source guard
Cisco NetFlow, packet statistics, Switched Port Analyzer (SPAN), and Encapsulated Remote SPAN (ERSPAN)
Simple Network Management Protocol (SNMP), NetConf, syslog, and advanced troubleshooting command-line interface (CLI) features
Cisco Virtual Security Gateway (VSG); other services are planned
Comparison with Cisco Nexus 1000V Switch for VMware vSphere
Q. Are there any differences between Cisco Nexus 1000V Switch for Microsoft Hyper-V and Cisco Nexus 1000V Switch for VMware vSphere?
A. The Cisco Nexus 1000V Switch for Microsoft Hyper-V is consistent with the Cisco Nexus 1000V Switch for VMware vSphere in its feature set, user experience, manageability, services ecosystem, deployment tools, and operating model. However, there are some minor differences between the products, mainly associated with integration to the respective virtual machine management platforms. In the case of VMware, the VSM integrates with VMware vCenter; in the case of Microsoft, the VSM integrates with Microsoft SCVMM (Table 2).
Table 2. Comparison of Cisco Nexus 1000V Switch for Microsoft Hyper-V and Cisco Nexus 1000V Switch for VMware vSphere
Cisco Nexus 1000V Switch for VMware vSphere
Cisco Nexus 1000V Switch for Microsoft Hyper-V
Integration with VMware vSphere hypervisor
Uses Microsoft Hyper-V extensible switch framework offered by Microsoft Windows Server 2012
Virtual machine management integration
Integration with VMware vCenter and vCloud Director
Integration with Microsoft SCVMM
Policy profile and network profile combined into a port group
Policy profile and network profile are separate
Same for both products
Manageability (SNMP, etc.)
Monitoring (Cisco NetFlow, etc.)
Cisco Nexus 1110 Virtual Services Appliance deployment model
Integration with Microsoft Hyper-V
Q. How is the Cisco Nexus 1000V integrated with Microsoft Windows Server 2012 with Hyper-V?
A. The two important components of the Cisco Nexus 1000V, the VEM and VSM, are integrated with Microsoft Hyper-V:
• The VEM uses the Microsoft Hyper-V extensible switch framework and is installed as a forwarding extension on each Microsoft Hyper-V host managed by the Cisco Nexus 1000V.
• The VSM runs as a virtual machine on any Microsoft Windows Server 2012 Hyper-V host. It also communicates with Microsoft SCVMM to simplify policy provisioning.
Q. What is the Microsoft Hyper-V extensible switch framework?
A. A Microsoft Hyper-V extensible switch is a virtual Ethernet switch that runs in the management operating system of the Microsoft Hyper-V parent partition. The extensible switch framework allows independent software vendors (ISVs) to extend the capabilities of the native Microsoft Hyper-V switch. It supports the following types of extensions:
• Capture extensions: To capture and monitor packet traffic.
• Filtering extensions: To inspect and drop packets if necessary.
• Forwarding extensions: To perform packet forwarding and filtering tasks.
The Cisco Nexus 1000V VEM acts as a forwarding extension in the Microsoft Hyper-V extensible switch framework.
Integration with Microsoft SCVMM
Q. How is Cisco Nexus 1000V integrated with Microsoft SCVMM?
A. The Cisco Nexus 1000V VSM communicates with Microsoft SCVMM, and all configuration policies defined on the VSM are automatically propagated to Microsoft SCVMM, so the Microsoft SCVMM administrator can use these policies when creating virtual machines. The Microsoft SCVMM networking model introduces multiple user-defined constructs including logical networks, network sites, and virtual machine networks to abstract the underlying physical network. A new CLI has been added to the Cisco Nexus 1000V to define these constructs from the VSM.
Q. What is the networking model associated with Microsoft SCVMM 2012 SP1?
A. Microsoft SCVMM 2012 SP1 introduced multiple new networking abstractions to simplify virtual machine management (Figure 2):
• Logical network: A means of representing networks that have the same connectivity properties (DMZ, intranet, management network, etc.).
• Network site: Association of one or more subnets, VLANs, and subnet and VLAN pairs with a logical network; you can also associate a network site with a specific set of host groups.
• Virtual machine network: Connection of virtual machines to virtual machine networks, which can be backed by either VLANs or network virtualization using generic routing encapsulation (NVGRE) segments; the first release of the Cisco Nexus 1000V supports only VLAN-backed virtual machine networks.
• IP pools: IP address range allocated for virtual machines.
Figure 2. Virtual Machine Networks in a VLAN-Based Configuration (as Illustrated on the Microsoft TechNet Website)
Q. How do you assign networking properties to a virtual machine in Microsoft Hyper-V?
A. In Microsoft Hyper-V, you need the following attributes to establish virtual machine connectivity:
• Virtual machine network (or the VLAN) to which this virtual machine should belong.
• IP pool (or the allowed IP address range) for this virtual machine.
• Port classification (or policies such as QoS, ACL, and Cisco NetFlow policies) associated with the virtual machine.
Q. How does the port-profile configuration for the Cisco Nexus 1000V Switch for Microsoft Hyper-V differ from that for other versions?
A. In the Cisco Nexus 1000V Switch for Microsoft Hyper-V, network attributes are not included as part of the port-profile configuration. Instead, network properties are included as part of constructs such as logical networks, network sites, and virtual machine networks (Figure 3).
Figure 3. CLI for Creating Port Profiles
Q. What is the operating model associated with the Cisco Nexus 1000V Switch for Microsoft Hyper-V?
A. The operating model (Figure 4) is consistent with other versions of Cisco Nexus 1000V Switches:
• The network administrator defines the required network constructs (using the CLI associated with logical networks, network sites, virtual machine networks, and IP pools) and policy profiles (using the port-profile CLI) on the VSM. This information is automatically propagated to Microsoft SCVMM by the VSM.
• The Microsoft SCVMM administrator uses these policies when creating virtual machines or adding new Microsoft Hyper-V hosts.
• Microsoft SCVMM makes virtual machine placement decisions on the basis of the assigned policies.
• The VSM and VEMs communicate with each other to update network policy information.
Figure 4. Operating Model for Cisco Nexus 1000V Switch for Microsoft Hyper-V
REST APIs and Microsoft Windows PowerShell Integration
Q. Can I use Microsoft Windows PowerShell to control the Cisco Nexus 1000V Switch for Microsoft Hyper-V?
A. Yes. The Cisco Nexus 1000V supports a library of representational state transfer (REST) API calls, and these can be invoked directly from Microsoft Windows PowerShell to read and write information from and to the Cisco Nexus 1000V. Please refer to the Cisco Nexus 1000V documentation for more information about this function.
Q. What customer benefits does the Cisco Nexus 1000V Switch for Microsoft Hyper-V offer?
A. The Cisco Nexus 1000V reduces the operational complexities associated with virtual machine networking and thus helps customers gain more of the benefits of server virtualization technology. It offers the following benefits:
• Preserves your existing investments in operational processes and management tools.
– Network administrators can manage network policies across both physical and virtual environments using
the same interfaces, and staff does not need to be retrained.
– Customers can use existing network monitoring, management, and troubleshooting tools to manage both physical and virtual environments.
• Simplifies your virtual networking operations.
– Visibility into the traffic between virtual machines simplifies network troubleshooting.
– Virtualization-aware networking features simplify virtual machine network policy management.
– Tight integration with Microsoft SCVMM allows faster policy provisioning.
• Provides better security.
• Virtualization-aware networking provides better security by extending network policies and network visibility to the virtual machine level.
For More Information
Q. Where can I get more information about this product?