The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
The Cisco NX-OS Software advantage
Cisco® NX-OS Software is an extensible, open, and programmable network operating system for next-generation data centers and cloud networks. It is the industry’s most deployed data center operating system, based on a highly resilient, Linux-based software architecture, built to enable the most performance-demanding cloud environments. Cisco NX-OS runs on Cisco Nexus® data center and Cisco MDS storage networking switches.
Cisco NX-OS Software is a data center-class operating system built with modularity, resiliency, and serviceability at its foundation. Cisco NX-OS helps ensure continuous availability and sets the standard for mission-critical data center environments. The self-healing and highly modular design of Cisco NX-OS makes zero-impact operations a reality and enables exceptional operational flexibility.
Focused on the requirements of the data center, Cisco NX-OS provides a robust and comprehensive feature set that fulfills the switching and storage networking needs of present and future data centers. Cisco NX-OS provides state-of-the-art implementations of relevant networking standards as well as a variety of true data center–class Cisco innovations.
Cisco NX-OS offers reliability, innovation, and operational consistency across data center platforms. Cisco NX-OS runs on the Cisco Nexus family of network switches, which include Cisco N9000, 7000, 6000, 5000, 3000 series switches, Cisco N2000 Series Fabric Extenders, and the Cisco MDS family of storage network switches.
A single Cisco NX-OS image runs on flagship Cisco Nexus switching platforms – N9000 and N3000 series switches based on Cisco Cloud Scale ASICs and merchant silicon ASICs. The latest release, 10.6(2)F, continues to expand capabilities across the portfolio.
The Cisco NX-OS Network operating system’s key capabilities include the following:
Architectural flexibility
● Comprehensive protocol support for Layer 3 (v4/v6) unicast and multicast routing protocol suites, including BGP, Open Shortest Path First (OSPF), Enhanced Interior Gateway Routing Protocol (EIGRP), Routing Information Protocol Version 2 (RIPv2), Protocol Independent Multicast Sparse Mode (PIM-SM), Source-Specific Multicast (SSM), and Multicast Source Discovery Protocol (MSDP)
● Industry-leading support for standards-based VXLAN EVPN overlay fabrics, inclusive of hierarchical multisite support
● Three-tier routed architectures (based on routing protocols such as BGP), enabling horizontal, nonblocking IPv6 network fabrics at web scale
● Tenant Routed Multicast (TRM) with a standards-based next-generation multicast VPN (ngMVPN) control plane, efficiently delivering overlay Layer-3 multicast traffic in a multitenant VXLAN EVPN data center network
● TRM Multisite support, which brings seamless communication between sources and receivers spread across multiple VXLAN EVPN networks
● VXLAN EVPN vPC fabric peering for enhanced dual-homing access solution without the overhead of wasting physical ports for vPC peer links and also preserving vPC characteristics
● Segment routing (SR-MPLS), which allows the network to forward Multiprotocol Label Switching (MPLS) packets and engineer traffic without Resource Reservation Protocol (RSVP) Traffic Engineering (TE). It provides a control-plane alternative for increased network scalability and virtualization
● Cisco IP Fabric for Media (IPFM) solution with Nonblocking Multicast (NBM), which helps transition media networks from Serial Digital Interface (SDI)–based infrastructure to an IP-based infrastructure that allows carrying multiple bidirectional traffic flows with different flow sizes without changing the physical infrastructure
● Unified ports on Cisco N9000 Series Switches with 10/25GbE and 16/32G Fibre Channel. Cisco NX-OS helps lower TCO by enabling both FC/FCOE NPV and native mode on N9000 switches.
● Dynamic host tracking for EVPN VXLAN on Cisco N9300 FX, FX3, GX, and GX2 platform switches, enhancing endpoint management
● Link-state tracking, which binds the states of uplink and downlink interfaces, ensuring redundancy Micro-segmentation capability, AI/ML architecture with Front-end and back-end fabrics
Extensive programmability
● Day-zero automation through Power On Auto Provisioning, which streamlines the deployment of production fabrics down to minutes
● Industry-leading integrations for leading DevOps configuration-management applications, including Ansible, Chef, Puppet, and SaltStack
● Model-based APIs exposing both Native YANG and industry-standard OpenConfig models through RESTCONF/NETCONF and gNMI
● Pervasive APIs for all-switch CLI functions with NX-API (JSON-based RPC over HTTP/HTTPs)
● Comprehensive software development kit for custom Cisco NX-OS applications with NX-SDK in Python, Go, and C++
● Modular and secure application integration architecture, with support for Secure LXC and Docker, and third-party application-hosting options natively on Cisco NX-OS
● Container-specific DNS resolution for third-party Linux applications running in containers
Pervasive visibility
● Network-software state is exposed through a comprehensive publish/subscribe centralized database, while also being accessible through dial-out gRPCs/Protobufs, http/JSON, and also via Dial-in gNMI, in both industry standard and Cisco NX-OS formats.
● The unique capabilities of N9000 switches enable monitoring real-time flows, flow paths, and latency, which allows organizations to gain invaluable visibility into their fabrics with Cisco Nexus Dashboard.
● Network traffic management and monitoring with Cisco Nexus Data Broker (NDB), a simple, programmable, highly scalable, and very cost effective packet broker solution. NDB uses Test Access Points (TAPs) and Cisco Switched Port Analyzer (SPAN) to capture and aggregate all traffic within the data center and facilitate network performance, security, and threat analysis.
● Flexible NetFlow, which enables enhanced network anomalies and security detection, including full NetFlow v9 support on selected platforms. New in 10.6(2)F: Full NetFlow v9 support provides up to 64k v4/v6 flow-records/sec and caching for export to any collector, improving visibility and analytics capabilities.
● Support for sFlow (sampled flow) to monitor real-time traffic in data-center networks. New in 10.6(2)F: Sampled NetFlow (SNF) is now supported on N9364E-SG2-O and N9364E-SG2-Q switches for advanced packet-level sampling.
● New in 10.6(2)F: Dropped flow notification, allowing network administrators to capture dropped packets and export the information to a collector to identify the cause of packet loss
● New in 10.6(2)F: Multicast flow counters for IPv4 on Cisco N9300 Series Smart Switches, providing deeper visibility into multicast traffic
Modularity, network resiliency, and high availability
● Enables service-level high availability with (a) process isolation and (b) process restartability. Process isolation provides a highly fault-tolerant software infrastructure and fault isolation between the services. Cisco NX-OS processes run in protected memory spaces that are independent of each other and the kernel. Process restartability ensures that process-level failures do not cause system-level failure.
● Enables system-level high availability by supporting physical redundancy (power, fan, system controller, supervisor, fabric)
● Supports nondisruptive, zero-packet-loss upgrades using:
◦ ISSU and enhanced ISSU with zero data-plane down time and limited control-plane down time
◦ Graceful insertion and removal (GIR) allows devices to be seamlessly removed from and re-inserted into the network during maintenance operations.
◦ Software Maintenance Upgrade (SMU) packages or RPM patches through Cisco NX-OS CLI or Linux workflows coupled with process restarts for selective process upgrades
◦ New in 10.6(2)F: MACsec-enabled interfaces now support nondisruptive ISSU on N9300-GX2, H2R, and H1 switches, enabling seamless software upgrades with MACsec security.
● Cisco vPC (virtual port-channel) creates redundancy by increasing bandwidth, enabling multiple parallel paths between nodes and provides a loop-free topology, fast-convergence during either link or device failure, link-level resiliency, and load-balancing of traffic where alternative paths exist.
● Equal-Cost Multipath (ECMP) offers a substantial increase in bandwidth by load-balancing traffic over multiple paths.
Security and services
● Elastic services redirection provides the capability to selectively load balance, redirect, or service chain workflows across various services within the data center.
● Strong line-rate encryption capability and secure communication on Ethernet links with MACsec (hop-by-hop encryption). New in 10.6(2)F: Non-disruptive ISSU for MACsec-enabled interfaces on N9300-GX2, H2R, and H1 switches.
● Secure VXLAN EVPN Multi-Site Using CloudSec, which provides strong encryption capabilities for traffic running across VXLAN tunnels between VXLAN EVPN multisite Border Gateways (BGW)
● MAC Authentication Bypass (MAB) to authorize a supplicant based on the supplicant MAC address
● FIPS 140 compliance
● Measured boot support allows the switch to display the SUDI certificate chain and generate a signature for device identity verification. New in 10.6(2)F: Enhanced device identity verification and integration with external systems.
Cisco Data Center Interconnect (DCI) and edge DC connectivity
● Telco far-edge connectivity enablement with support of PTP Telecom profiles (G8275.1 and G8273.2 – Class B), SyncE capability along with PTP boundary clock functionality
● Seamless hand-off between VXLAN EVPN networks to L3VPN SR-MPLS, L3VPN SRv6, and L3VPN MPLS LDP networks for Cisco Data Center Interconnect (DCI) and WAN edge use cases
● Seamless integration of VXLAN EVPN (TRM) with MVPN (Rosen Draft) enables packets to be handed off between VXLAN (TRM) and an MVPN network.
New hardware support
● Cisco N9396Y12C-SE1: A 2RU fixed-port ToR switch with 12 QSFP28 ports, using the Cisco Silicon One® E100 ASIC for Layer-2 and Layer-3 configurations
● Cisco N9396T12C-SE1: A 2RU fixed-port ToR switch with MACsec capability on all ports, also based on the Silicon One E100 ASIC
● N9K-C9800-SUP-B: A new supervisor for the Cisco N9800 platform, featuring an 8-core CPU, 64GB RAM, and 256GB SSD storage for enhanced performance and capacity
● Cisco N9000v Switch (virtual NX-OS), with both 9300 and 9500 form factors, extends automation and operational models for DevOps and NetOps integration, with images built for Vagrant, VMware ESXi, KVM, and Fusion.
● Extensive support for N9000v is available the Cisco Virtual Internet and Routing Lab (Cisco VIRL) and Cisco Modeling Labs (CML).
● Broad support for developer community through Cisco DevNet portal
Closed-loop automation with Cisco Nexus Dashboard
● Cisco Nexus Dashboard is the automation and operations platform for all Cisco NX-OS–enabled deployments, spanning classic LAN, VXLAN EVPN, IP Fabric for Media, AI/ML and storage networking deployments for the Cisco Nexus and MDS powered data center.
● Accelerate provisioning from days to minutes and simplify deployments from day 0 through day N
● Reduce troubleshooting cycles with graphical operational visibility for topology, network fabric, and infrastructure
● Eliminate configuration errors and automate ongoing changes in a closed loop, with templated deployment models and configuration-compliance alerts with automatic remediation
● Receive real-time health summaries for fabric, devices, and topology
● Get correlated visibility for the fabric (underlay and overlay, and virtual and physical endpoints), including compute visualization with Sphere and Kubernetes
The NX-OS licensing model has three tiers: Essentials, Advantage, and Premier, and add-on licenses for storage, security, and Nexus Data Broker.
● Essentials is required for NX-OS software running a data center fabric in a single site.
● Advantage is required for NX-OS software running on switches that extend a data center across two or more sites or enabling multicast overlays in single or multiple sites.
● Premier is required for enabling the assurance and insights capabilities of NX-OS data center fabrics.
● Security add-on license provides MACsec and Secure VXLAN EVPN Multi-Site Using CloudSec.
● Storage add-on license offers FC/FCoE on supported platforms.
● Nexus Data Broker add-on provides data broker functionality.
Tier-based licensing offers the following benefits:
● Consistency across ACI and NX-OS licensing (for Cisco N9000 Series Switches).
● The simplicity of being able to purchase a group of feature licenses as packages: Essentials, Advantage, and Premier.
● Subscription-based or perpetual licenses
● A subscription-based license enables you to purchase a license for a specific period of time based on your requirements. A subscription-based license is offered as an Essentials, Advantage, or Premier license package.
● Purchasing a subscription-based license gives you the opportunity to adjust/upgrade the terms of the license (such as moving from Advantage to Premier) at the time of license renewal.
● A perpetual license enables you to make a one-time purchase of a license that does not expire. A perpetual license is offered as an Essentials or Advantage license package.
Please refer to the Cisco Data Center licensing page for more details.
https://www.cisco.com/site/us/en/products/networking/cloud-networking/nx-os/index.html
Cisco offers a range of professional, solution, and product support services for each stage of your Cisco Nexus platform deployment:
● Cisco Data Center Deployment Services for Cisco N9000 Bundle: To achieve your modernization goals, Cisco Services provide the tools and knowledge that can help you successfully migrate your existing platform to the Cisco N9500 next-generation switching platform. You can take advantage of project management plan development, basic design and topology definition, and implementation support as well as an implementation and migration plan with deployment configurations.
● Cisco Data Center Accelerated Deployment Service for Cisco N9000 Series Switches: This service delivers planning, design, and implementation expertise to bring your project into production. The service also provides recommended next steps, an architectural high-level design, and operation-readiness guidelines to scale the implementation to your environment
● Cisco N9000 Advise and Implement Service for VXLAN EVPN: This service helps deliver a seamless VXLAN EVPN experience using Cisco Data Center Network Manager (DCNM) covering planning, design, implementation and migration.
● EOS/EOL data can be found on the following pages.
◦ Cisco Nexus 9000 Series Switches
◦ Cisco Nexus 3000 Series Switches
For more information, visit https://www.cisco.com/c/en/us/solutions/data-center-virtualization/service-listing.html
For more information on Data Center products please visit the following: