Guest

Cisco Nexus 5000 Series Switches

Cisco NX-OS Software Release 5.0(3)N1(1) for Cisco Nexus 5000 Series Switches and 2000 Series Fabric Extenders

PB658155

Cisco® NX-OS Software is a data center-class operating system built with modularity, resiliency, and serviceability at its foundation. Based on the industry-proven Cisco MDS 9000 SAN-OS Software, Cisco NX-OS helps ensure continuous availability and sets the standard for mission-critical data center environments. The self-healing and highly modular design of Cisco NX-OS makes zero-effect operations a reality and enables exceptional operational flexibility.

Cisco NX-OS Software Release 5.0(3)N1(1) introduces latest generation of Cisco Nexus 5000 Series Switches, the Nexus 5500 platform, extending the industry-leading versatility of the purpose-built 10 Gigabit Ethernet data center-class Cisco Nexus 5000 Series Switches and providing innovative advances toward higher density, lower latency, multilayer services. This software release also introduces Layer 3 hardware and software capabilities for the Cisco Nexus 5500 platform, allowing Layer 3 routing performance of up to 160 Gbps.
Beginning with Cisco NX-OS Software Release 5.0(3)N1(1), a maximum of 24 Cisco Nexus 2000 Series Fabric Extenders are supported on the Cisco Nexus 5500 platform for Layer 2 switching, allowing up to 1152 Gigabit Ethernet ports and 768 10 Gigabit Ethernet ports to be managed by a single point of management. For Layer 3 switching, a maximum of 8 fabric extenders are supported on the Cisco Nexus 5500 platform.
This software release adds support for enabling 1 Gigabit Ethernet on all interfaces on the Cisco Nexus 5500 platform switches.
In addition, several new software features are introduced to improve the performance, scalability, security, and management of the product line. Cisco NX-OS 5.0 also supports all hardware and software supported in previous Cisco NX-OS Software releases.
The combination of the Cisco Nexus 2000 Series and 5000 Series offers a highly cost-effective access layer architecture for 100 Megabit Ethernet, Gigabit Ethernet, 10 Gigabit Ethernet, and mixed Gigabit Ethernet in 10 Gigabit Ethernet server, Ethernet or unified fabric, and physical or virtual server environments.

Hardware Support

Cisco Nexus 5548UP Switch

The Cisco Nexus 5548UP Switch (Figure 1) is the first unified port switch in the Cisco Nexus 5500 platform. It is a one-rack-unit (1RU) 10 Gigabit Ethernet and Fibre Channel over Ethernet (FCoE) switch offering up to 960-Gbps throughput and up to 48 ports. The switch has 32 fixed Enhanced Small Form-Factor Pluggable (SFP+) unified ports and one expansion slot. Each port on the base chassis (unified port) is capable of supporting 1 and 10 Gigabit Ethernet and FCoE using the SFP+ interface, or 8/4/2/1-Gbps native Fibre Channel connectivity using the SFP+ or SFP interface. The use of 1 and 10 Gigabit Ethernet or 8/4/2/1-Gbps Fibre Channel on a port is mutually exclusive, but either option can be selected for any of the 32 physical ports on the chassis.

Figure 1. Cisco Nexus 5548UP Switch

Expansion Module Options for the Cisco Nexus 5548UP and 5548P

The Cisco Nexus 5548UP and 5548P Switches support one expansion module from the following offerings (Figure 2):

• Ethernet module that provides sixteen 1 and 10 Gigabit Ethernet and FCoE ports using the SFP+ interface

• Fibre Channel plus Ethernet module that provides eight 1 and 10 Gigabit Ethernet and FCoE ports using the SFP+ interface, and eight ports of 8/4/2/1-Gbps native Fibre Channel connectivity using the SFP interface

• A unified port module that provides up to sixteen 1 and 10 Gigabit Ethernet and FCoE ports using the SFP+ interface or up to 16 ports of 8/4/2/1-Gbps native Fibre Channel connectivity using the SFP+ or SFP interface; the use of 1 and 10 Gigabit Ethernet or 8/4/2/1-Gbps Fibre Channel on a port is mutually exclusive, but either option can be selected for any of the 16 physical ports on the module

Figure 2. From Left to Right: 16-Port 1 and 10 Gigabit Ethernet and FCoE Module; 8-Port Fibre Channel plus 8-Port 1 and 10 Gigabit Ethernet and FCoE Module; and Unified Port Module

Layer 3 I/O Daughter Card for Cisco Nexus 5548P and 5548UP

Cisco NX-OS Software Release 5.0(3)N1(1) introduces the Cisco Nexus 5548 Layer 3 daughter card (Figure 3), an I/O module that can be ordered with the system or as a spare (field upgradable). The Cisco Nexus 5548 Layer 3 daughter card provides up to 160 Gbps of Layer 3 forwarding capability (240 million packets per second [mpps]), which can be shared by all 48 ports on the chassis. Note that the daughter card does not take up one of the expansion slots on the rear of the chassis, but rather is installed by replacing the I/O module, which is located on the front of the chassis.

Figure 3. Layer 3 I/O Daughter Card for Cisco Nexus 5548P and 5548UP

Cisco Nexus 5596UP Switch

The Cisco Nexus 5596UP Switch (Figure 4) is a 2RU 10 Gigabit Ethernet, Fibre Channel, and FCoE switch offering up to 1920-Gbps throughput and up to 96 ports. The switch has 48 unified ports and three expansion slots.

Figure 4. Cisco Nexus 5596UP Switch Configured with Three 16-Port Expansion Modules

Expansion Module Options for the Cisco Nexus 5596UP

The Cisco Nexus 5500 platform is equipped with expansion modules that can be used to increase the number of 10 Gigabit Ethernet and FCoE ports or connect to Fibre Channel SANs with 1/2/4/8-Gbps Fibre Channel switch ports, or both.
The Cisco Nexus 5596UP supports three expansion modules from the following offerings (Figure 5):

• Ethernet module that provides sixteen 1 and 10 Gigabit Ethernet and FCoE ports using the SFP+ interface

• Fibre Channel plus Ethernet module that provides eight 1 and 10 Gigabit Ethernet and FCoE ports using the SFP+ interface, and eight ports of 8/4/2/1-Gbps native Fibre Channel connectivity using the SFP interface

• Unified port module that provides up to sixteen 1 and 10 Gigabit Ethernet and FCoE ports using the SFP+ interface or up to 16 ports of 8/4/2/1-Gbps native Fibre Channel connectivity using the SFP+ or SFP interface; the use of 1 and 10 Gigabit Ethernet or 8/4/2/1-Gbps Fibre Channel on a port is mutually exclusive, but either option can be selected for any of the 16 physical ports on the module

• Layer 3 module provides up to 160 Gbps of Layer3 forwarding capability (240 mpps), which can be shared by all the I/O ports in the chassis

Cisco NX-OS Software Release 5.0(3)N1(1) supports only one Layer 3 module on the Cisco Nexus 5596P. Future software releases will support additional Layer 3 modules (maximum of three).

Figure 5. From Left to Right: 16-Port 1 and 10 Gigabit Ethernet and FCoE Module; 8-Port Fibre Channel plus 8-Port 1 and 10 Gigabit Ethernet and FCoE Module; Unified Port Module; and Layer 3 Module

Software Support

Cisco NX-OS 5.0(3)N1(1) supports all the software features previously supported on the Cisco Nexus 5000 Series up through Cisco NX-OS 5.0(2)N2(1). Cisco NX-OS 5.0(3)N1(1) is compatible with the In-Service Software Upgrade (ISSU) feature supported on Cisco NX-OS 4.2. In addition, Cisco NX-OS 5.0(3)N1(1) supports the new software features described in Table 1.

Table 1. New Software Features in Cisco NX-OS 5.0(3)N1(1)

Software Feature

Description

Support for 1 Gigabit Ethernet on Cisco Nexus 5500 platform

Cisco NX-OS 5.0(3)N1(1) adds support for the following 1 Gigabit Ethernet optics on all SFP+ ports on the base chassis as well as on expansion modules of the Cisco Nexus 5500 platform (including Cisco Nexus 5548P, 5548UP, and 5596UP):

• GLC-T, GLC-SX-MM, and GLC-LH-SM
• SFP-GE-T, SFP-GE-S, and SFP-GE-L

Layer 3 Support

 

Unicast routing

Cisco NX-OS 5.0(3)N1(1) adds unicast routing to the Cisco Nexus 5500 platform through support for the following routing protocols in addition to static routing:

• Routing Information Protocol Version 2 (RIPv2)
• Enhanced Interior Gateway Routing Protocol (EIGRP)
• Open Shortest Path First Version 2 (OSPFv2)
• Border Gateway Protocol (BGP)

Cisco NX-OS 5.0(3)N1(1) supports implementations of two First-Hop Redundancy Protocols (FHRPs) for systems that require a single-destination IP default gateway address for traffic destined for the local subnet:

• Hot Standby Router Protocol (HSRP)
• Virtual Router Redundancy Protocol (VRRP)

Multicast

Beginning with Cisco NX-OS 5.0(3)N1(1), Cisco NX-OS extends support for the Protocol Independent Multicast (PIM) sparse mode and Internet Group Management Protocol (IGMP) v1, v2, and v3 on the Cisco Nexus 5500 platform. In the PIM sparse mode, multicast traffic is sent only to locations of the network that specifically request it. IGMP snooping allows interception of IGMP control-plane packets to influence the Layer 2 forwarding behavior.

Interfaces

A port can be configured as a Layer 3 interface capable of routing IP packets to another device. In addition, a VLAN interface or switch virtual interface (SVI) can now be created. An SVI is a virtual routed interface that connects a VLAN on the device to the Layer 3 routing engine.

Virtual Routing and Forwarding lite (VRF-lite)

VRF-lite provides a solution for network segmentation by enabling a single routing device to support multiple virtual routers. Each logical router contains its own set of interfaces as well as a routing table and a forwarding table. VRF-lite enables support for scenarios in which IP addresses can be overlapped among the VPNs. Each VRF instance maintains an independent routing domain.

Security

 

Unicast Reverse Path Forwarding (uRPF)

The uRPF feature helps mitigate problems that are caused by the introduction of malformed or forged (spoofed) IP source addresses into a network by discarding IP packets that lack a verifiable IP source address. When uRPF is enabled on an interface, the router examines all packets received as input on that interface to make sure that the source address and source interface appear in the routing table and match the interface on which the packet was received. The uRPF feature does this by performing a reverse lookup in the Cisco Express Forwarding table.

Dynamic Address Resolution Protocol (ARP) Inspection (DAI)

DAI is used to verify the validity of ARP requests and the responses sent by hosts connected to a switch. Today, widely available software tools enable man-in-the-middle attacks by poisoning the ARP caches of hosts and routers. These attacks can be devastating because users can eavesdrop for unencrypted passwords or even record voice-over-IP (VoIP) conversations. DAI helps prevent these attacks by not relaying invalid ARP requests and responses to other ports.

IP source guard

IP source guard is a security feature that restricts IP traffic on untrusted Layer 2 ports to clients with assigned IP addresses. Any IP traffic with a source IP address other than that assigned through Dynamic Host Configuration Protocol (DHCP) or static configuration will be filtered out on the untrusted Layer 2 ports. This feature can prevent a malicious host from attacking the network by taking over its neighbor host's IP address. IP source guard provides IP and MAC address filters to restrict DHCP traffic from snooping untrusted ports, allowing network administrators to prevent end users from spoofing or stealing IP addresses.

Router access control lists (ACLs)

IPv4 or IPv6 ACLs applied to Layer 3 interfaces are known as router ACLs. Cisco NX-OS 5.0(3)N1(1) supports router ACLs on the following interfaces:

• Layer 3 routed ports
• SVI routed interfaces

Licensing Information

Layer 3 capability is available in two incremental license levels. A comprehensive feature set is provided with the Base software license, which is bundled with the hardware at no extra cost. The Enterprise license enables incremental functions that are applicable to many enterprise deployments. Table 2 summarizes the license packages.

Table 2. Layer 3 License Packages Available with Cisco NX-OS 5.0(3)N1(1)

License

Part Number

Supported Features

List Price

Cisco Nexus 5500 Layer 3 Base software license

N55-BAS1K9=

Static routing, RIPv2, OSPFv2, EIGRP stub, HSRP, VRRP, IGMP v2 and v3, PIMv2 (sparse mode), routed ACL, and uRPF; OSPF scalability is limited to 256 dynamically learned routes

Included with hardware

Cisco Nexus 5500 Layer 3 Enterprise software license

N55-LAN1K9=

Full EIGRP, OSPF with scalability up to 8000 routes, BGP, and VRF-lite (IP-VPN); maximum routes supported by Layer 3 hardware: 8000 entries

US$10,000

Cisco Services and Support

Cisco offers a wide range of services to help accelerate your success in deploying and optimizing Cisco Nexus 5000 Series Switches in your data center. Cisco's innovative services are delivered through a unique combination of people, processes, tools, and partners and are focused on helping you increase operational efficiency and improve your data center network. Cisco Advanced Services uses an architecture-led approach to help you align your data center infrastructure with your business goals and achieve long-term value.
Cisco SMARTnet ® Service helps you resolve mission-critical problems with direct access at any time to Cisco network experts and award-winning resources. With this service, you can take advantage of the Smart Call Home service capability, which offers proactive diagnostics and real-time alerts on your Cisco Nexus 5000 Series Switches. Spanning the entire network lifecycle, Cisco Services helps protect your investment, optimize network operations, support migration, and strengthen your IT expertise. For more information about Cisco Data Center Services, visit http://www.cisco.com/go/dcservices.

For More Information

For more information about Cisco Nexus switches, please visit http://www.cisco.com/go/nexus5000 and http://www.cisco.com/go/nexus2000.