OpenStack at Cisco

Cisco Nexus Driver for OpenStack Neutron Data Sheet

  • Viewing Options

  • PDF (280.5 KB)
  • Feedback

Product Description

The Cisco Nexus® family of switches has been a staple in data centers since its introduction in 2008. The Cisco Nexus driver for OpenStack Neutron allows customers to easily build their infrastructure-as-a-service (IaaS) networks using the industry’s leading networking platform, delivering performance, scalability, and stability with the familiar manageability and control you expect from Cisco® technology.

The Cisco Nexus driver for OpenStack Neutron is capable of configuring Layer 2 tenant networks on the physical Nexus switches using either VLAN or VXLAN networks.

VLAN Programming

The Cisco Nexus Mechanism Driver (MD) for the Modular Layer 2 (ML2) plugin can configure VLANs on Cisco Nexus switches through OpenStack Neutron. The MD efficiently and intelligently uses VLAN ID assignment on switch ports by provisioning and deprovisioning VLANs across switches as virtual machines connected to tenant networks are created and destroyed. Moreover, connectivity from the compute hosts to the physical network is trunked to allow traffic only from the VLANs configured on the host by the virtual switch.

VXLAN Configuration

For larger multi-tenant OpenStack environments, the maximum 4094 VLANs is often a limiting factor. VXLAN is designed to provide the same Ethernet Layer 2 connectivity as VLAN, but with greater extensibility and flexibility. Hardware based VXLAN functions on the Nexus platform map VLANs tagged by the virtual switch on the host into VXLAN tunnels on physical switches. VLAN allocations are localized per switch, enabling tenant networks to reuse VLANs across switches. This configuration extends the layer 2 connectivity of end points across the layer 3 transport network and uses the physical hardware switch to perform VXLAN encapsulation and decapsulation. Each VXLAN segment ID, or VNID, is configured and mapped to an IP multicast group in the transport IP network using the Cisco Nexus MD.

Multihomed Host Deployments

Highly available OpenStack network configurations are now possible using virtual PortChannels (vPCs). In addition to the standard Ethernet interfaces, the driver can also provision and deprovision tenant VLANs dynamically and efficiently on Cisco Nexus PortChannel interfaces. Hosts using vPCs can provide network high availability in the event of link failure and offer better overall link utilization. The ports connected to hosts are configured as vPC ports with the correct VLAN to provide tenant network isolation.

Support for Cisco Nexus 3000, 5000, 6000, 7000 and 9000 Series Switches

The Cisco Nexus MD provides a driver interface to communicate with Cisco Nexus switches. The driver uses the standard Network Configuration Protocol (Netconf) interface to send configuration requests to program the switches. The driver supports the Cisco Nexus 3000, 5000, 6000, 7000 and 9000 Series Switches, which run Cisco NX-OS Software.

Figure 1 shows how the Cisco Nexus MD configures VXLAN tunnels on physical Nexus switches.

Figure 1.      Network Configuration with Cisco Nexus MD for OpenStack Neutron

The Cisco Nexus MD, supporting VLANs, is open source and part of the OpenStack Juno release. The first version of the VXLAN configuration feature through OpenStack Neutron, supported on Nexus 9000 switches only, can be downloaded from Cisco’s Neutron Tech Preview repository. Future releases will have support for other Nexus platforms.

Table 1 summarizes the ways in which the driver helps operators meet networking challenges.

Table 1.       Cisco Nexus MD for OpenStack Neutron



Cisco Nexus MD Resolution

Efficient use of VLAN IDs

Static provisioning of VLAN IDs on every switch rapidly consumes all available VLAN IDs, limiting scalability and making the network more vulnerable to broadcast storms.

The MD efficiently and intelligently uses VLAN IDs by provisioning and deprovisioning VLANs across switches as tenant virtual machines are activated and deactivated on compute hosts.

Scalable VXLAN tenant networks

Host based VXLAN tunneling consumes compute resources and adds additional network configuration complexity.

Hardware switches perform VXLAN tunneling for tenant traffic, enabling use of hardware devices for network functions and configuration.

Network link-level high availability

Hosts are typically connected by a single link to the top of the rack (ToR), resulting in a single point of failure and loss of network connectivity for virtual machines on that host in the event of a link failure.

Connecting multiple links from the hosts to a pair of ToR switches and bundling them as a single link provides protection against loss of network connectivity in the event of a link failure.

For More Information

Read more about the OpenStack and Cisco at

Instructions for configuring the Juno release Cisco Nexus Mechanism Driver are at

Instructions for configuring the Cisco Tech Preview Cisco Nexus Mechanism Driver are at