Cisco Nexus 7000 Series Switches

Solution Overview

Features and Benefits

• Unified management throughout the data center network: Cisco DCNM simplifies the data center operating environment and provides a centralized management application that delivers the capability to be used across the entire data center network infrastructure: core, aggregation, access in particular top-of-rack and blade switches, and storage fabric.

• Inventory: Through the powerful and fully automated discovery capability built into Cisco DCNM, critical data from the network is uploaded into a relational database that models the network. Device details, topology information, and network service settings are stored in this network model and are available for inventory purposes. The user has quick access to information on equipments and other physical assets that constitute the network, such as chassis type, supervisors, line cards, ports, fans, and power supplies. The user also has visibility into the logical resources in use, such as IP addresses, MAC addresses, VLAN IDs, access control lists (ACLs), PortChannels etc. These resources are tracked on a permanent basis; hence, this inventory is a reliable and trustable source of information, easily viewed via the GUI or easily accessed programmatically.

• Configuration validation: Done manually, misconfigurations can happen throughout the entire configuration process leading to sub-optimal operation or even network downtime. Cisco DCNM validates configuration change requests before their deployment. Typically, when configuration data is entered in Cisco DCNM, it is checked for validity and consistency during a preprovisioning step that uses domain rules. Domain rules are network feature attributes and network feature behavior enforcement: for example, IP address overlap. This validation step occurs only when the configuration request is deployed, so that the most current network model is the reference for the network feature configuration. The Cisco DCNM configuration engine helps ensure error-free configuration.

• Graphical User Interface (GUI): The Cisco DCNM GUI is built with usability in mind and follows two paradigms (Figure 1):

– Network-feature-centric: Layer 2 and network security features are the network entities that the IT staff manipulates the most. Logically arranged, network features are immediately accessible.

– Data-led workflow: The data needed to complete a task is readily available from the main window. Network Administrators are automatically in the context of the configuration to be accomplished; navigation between windows is minimal. Intuitive drag-and-drop actions ease the configuration process.

Figure 1. Cisco DCNM Configuration Builder

• Topology maps: Cisco DCNM features an accurate graphical representation of the physical network (Figure 2) in a single window. The topology map visualizes devices and links and highlights configuration information such as chassis and ports configuration details as well as status information. Additionally, a layer 2 overlay map displays active VLANs and STP blocked ports clearly identifying the traffic path (Figure 3). The user can modify the topology map icon layout with an easy-to-use, drag-and-drop interface. A tabular list of the managed devices featuring a search tool helps the user to locate the device of interest. The view is redisplayed with the spotted device in the center of the window and its connected neighbors. Access to related configuration parameters is only a click away.

Figure 2. Cisco DCNM Topology Map: Physical View

Figure 3. Cisco DCNM Topology Map: Layer 2 View

• Virtualization: Cisco DCNM manages innovative data center features built into the Cisco Nexus 7000 Series and Cisco NX-OS: for example, network virtualization with Virtual Device Context and Virtual PortChannel.

Virtual Device Context

Cisco NX-OS offers the capability to segment OS and hardware resources into Virtual Device Contexts (VDC) that emulate a virtual device. Each VDC has its own software processes, dedicated hardware resources (interfaces) and an independent highly delineated management environment. Cisco DCNM enables network virtualization by creating VDC, by facilitating the resource allocation across VDCs and by providing independent management for each VDC. VDC are transparently handled throughout the application: the RBAC model and topology maps are VDC aware.

Virtual PortChannel

Virtual PortChannel (VPC) is another virtualization technology built in NX-OS which allows ports member of a PortChannel to be spread between two physical devices. This solution allows for a more efficient use of available ports by eliminating the need for STP and STP blocked ports. Hence, all available uplink bandwidth between a VPC end point and the 2 remote VPC peers can be utilized at any time.

DCNM fully automates the configuration of VPC which is guided, step by step, by a wizard. The challenge with VPC is to keep the VPC peers configuration in synchronization. With DCNM, both VPC peers can be managed as one logical device and DCNM can prevent and detect configurations mismatch between the Primary and Secondary VPC peers and automatically resolve any conflict. The VPC Peer Link joining the two VPC peers and its backup the VPC Peer Fault Tolerant Link are permanently monitored for failure.

In the topology map, both a physical view displaying the three devices involved in the VPC and a logical view collapsing the two VPC peers are available. It is easy to switch from the physical view to the logical view by a simple click.

• Configuration Change Control and OS Image Management

In today's evolving Data Center environment, networks are migrating toward a more virtualized and consolidated paradigm. Network redesign and introduction of new networking features compel Network Administrators to frequently modify the running configuration on devices and upgrade their Operating System to a newer version. Tracking these changes and who submitted them is key for maintaining the stability of the infrastructure. Doing these tasks manually does not scale.

Cisco DCNM configuration change control features:

– Periodically retrieves the configuration from the Nexus platform and maintain up to 50 versions.

– Flexible archiving system, for example the task can be schedule in the future, a group of Nexus devices can be set as target.

– Allows end users to browse through different versions of the configuration of one switch.

– Analyzes by comparison a given configuration with any version of that configuration for the same device including the running configuration.

– Changes from one configuration version can be merged to another.

– Rollback, in a granular way, to the desired configuration in the archive with the option to stop, skip erroneous commands and continue or undo all rollback changes if one step fails.

– Provides an option to save the configuration to start-up after rollback.

Cisco DCNM OS image management features:

– Wizard based installation of NX-OS images on multiple devices simultaneously.

– Performs validations before installation:

- Verifies switch's disk space availability for the image to download

- Verifies compatibility between currently running network services and the new image.

– Allows for time based deployment i.e. on-demand or scheduled.

– Fully leverages NX-OS ISSU unique software upgrade mechanism for non service disruption.

– Detects installation failure and automatically initiates recovery action.

– Images can be installed from external servers using TFTP, FTP and SFTP.

• Fault management: Network events are collected and displayed in an Event Browser window (Figure 4). Each event is correlated to the network feature it relates to. In addition, per-device filtering and alarm grouping are automatically performed. Color-coded status indicators make critical alarms easy to spot. The overall network health is summarized in a scoreboard-type interface. Alarms and messages can be forwarded to northbound applications.

Figure 4. Cisco DCNM Event Browser

• Performance monitoring: Numerous counters measure the traffic traversing the Cisco Nexus 7000 Series platform (Figure 5). When instructed to do so, Cisco DCNM collects port and bandwidth utilization, error count, traffic statistics, security violation count etc. The polling frequency and duration of the collection are user configurable. Real-time and historical performance statistics reports are displayed in chart and graph formats. The values and parameters of each report can be exported as a text file. Cisco DCNM capacity to produce both real-time and historical records provides the network administrators and planners with key performance indicators required in today's network environment.

Figure 5. Cisco DCNM Traffic Viewer

• Security: Through role-based access control (RBAC), Cisco DCNM controls network operations by assigning roles to users. A role is a set of credentials defining what operations can be and cannot be invoked. This granular RBAC mechanism structures access control and allows administrators to customize user access in a very flexible and extensible manner. In addition, Cisco DCNM protects against unauthorized management access with Secure Shell (SSH) Protocol for southbound communications and with Secure Sockets (SSL) Protocol for northbound communications when suited.

– Application Programmatic Interface (API): Based on industry-standard Web services (using Simple Object Access Protocol [SOAP] and Extensible Markup Language [XML]), Cisco DCNM exposes an API for northbound integration with third-party applications achieving, for example, flow-through provisioning, data mining and IT systems federation from a Configuration Management DataBase (CMDB) . The Web Services API technology is self-describing and extensible, keeping operating expenses (OpEx) related to upgrade and migration to a minimum. Web services are structured and allow rapid development of client applications.

Table 1. Features and Benefits

Network Features Management in Release 4.1

• Ethernet switching

– Port and PortChannel

– VLAN and Private VLAN (PVLAN)

– Rapid Spanning Tree Protocol (RSTP) and Multi-Instance Spanning Tree Protocol (MISTP)

• Network security

– ACL (Mac ACL, IP ACL, VLAN ACL)

– IEEE 802.1X

– Authentication, authorization, and accounting (AAA)

– Dynamic Host Configuration Protocol (DHCP) snooping

– Dynamic Address Resolution Protocol (ARP) inspection

– IP source guard

– Traffic storm control

– Port security

• General

– Virtual Device Context

– Virtual PortChannel

– Hot Standby Router Protocol (HSRP)

– Gateway Load Balancing Protocol (GLBP), Object Tracking and Key Chain

– Hardware resource utilization with Ternary Content Addressable Memory (TCAM) statistics

– Switched Port Analyzer (SPAN)

– OS Image Management with In Service Software Upgrade (ISSU)

– Config Change Control (configuration archive, roll-back and differentiation)

System Compatibility

• Supported OS: Cisco NX-OS Release 4.0

• Supported hardware:

– Cisco Nexus 7000 Series 10-Slot Chassis

– Cisco Nexus 700 Series 18-Slot Chassis

System Specifications

Windows Server Recommended Requirements:

• OS: Windows Server 2003 Enterprise Edition Service Pack 1

• RAM: 6 GB

• CPU 3.45 GHz dual-processor or dual-core

• Free disk space: 60 GB

Linux Server Recommended Requirements:

• OS: Red Hat Enterprise Linux AS release 4

• RAM: 6 GB

• CPU Speed: 3.40 GHz dual-processor or dual-core

• Free disk space: 60 GB

Windows and Linux Server Minimum Requirements:

• RAM: 4 GB

• CPU 2.5 GHz dual-processor or dual-core

• Free disk space: 60 GB

Client Requirements:

• OS: Microsoft Windows XP Professional Version 2002 Service Pack 2

• RAM: 1 GB

• CPU Speed: 2.16 GHz

Protocols

• Secure Shell (SSH) and Secure Sockets Layer (SSL)

• HyperText Transport Protocol Secure (HTTPS)

• Remote Method Invocation (RMI)

Licensing

Ordering Information

Table 2.

Service and Support

For More Information