application traffic has traditionally been important for infrastructure
operations to maintain security, troubleshooting, and compliance and perform
resource planning. With the technological advances and growth in cloud-based
applications, it has become imperative to gain increased visibility into the
network traffic. Traditional approaches to gain visibility into network traffic
are expensive and rigid, making it difficult for managers of large-scale
Cisco Nexus Data Broker with Cisco Nexus Switches provides a software-defined,
programmable solution to aggregate copies of network traffic using Switched
Port Analyzer (SPAN) or network Test Access Point (TAP) for monitoring and
visibility. As opposed to traditional network taps and monitoring solutions,
this packet-brokering approach offers a simple, scalable and cost-effective
solution that is well-suited for customers who need to monitor higher-volume
and business-critical traffic for efficient use of security, compliance, and
application performance monitoring tools.
With the flexibility
to use a variety of Cisco Nexus Switches and the ability to interconnect them
to form a scalable topology provides the ability to aggregate traffic from
multiple input TAP or SPAN ports, and replicate and forward traffic to multiple
monitoring tools which may be connected across different switches. Combining
the use of Cisco plugin for OpenFlow and the Cisco NX-API agent to communicate
to the switches,
Cisco Nexus Data Broker provides advance features for traffic management.
Cisco Nexus Data Broker provides management support for multiple disjointed
Cisco Nexus Data Broker networks. You can manage multiple
Cisco Nexus Data Broker topologies that may be disjointed using the same
application instance. For example, if you have 5 data centers and want to
deploy an independent
Cisco Nexus Data Broker solution for each data center, you can manage all 5
independent deployments using a single application instance by creating a
logical partition (network slice) for each monitoring network.
Cisco Nexus Data Broker provides the following:
Support for the
OpenFlow mode or the NX-API mode of operation.
mode and the NX-API mode are supported on both Cisco Nexus 3000 Series and
Cisco Nexus 9000 Series switches. Cisco Nexus 9500 supports only NX-API mode of
deployment. Cisco Nexus 3500 supports only Openflow mode of deployment. You can
enable only one mode, either OpenFlow or NX-API mode, at a time.
In order to
start or stop the Cisco Nexus Data Broker application in embedded mode, you
should activate or de-activate the ofa file. Do not use ./runxnc.sh as it is
not the right way to start the application.
You can enable
only one mode, either OpenFlow or NX-API mode, at a time.
Cisco Nexus 3000 Release 7.x, the NX-API configuration is supported on the
following Cisco Nexus Series switches:
Nexus 3172 switches
Nexus 3132 switches
Nexus 3164 switches
Nexus 31128 switches
Nexus 3232 switches
Nexus 3264 switches
Layer-7 filtering for the HTTP traffic using the HTTP methods.
Support for VLAN
and MPLS tag stripping.
topology for TAP and SPAN port aggregation.
Q-in-Q to tag input source TAP and SPAN ports.
matching monitoring traffic based on Layer 1 through Layer 4 information.
The ability to
replicate and forward traffic to multiple monitoring tools.
using Precision Time Protocol (PTP).
beyond a specified number of bytes to discard payload.
changes in the TAP/SPAN aggregation network states.
such as role-based access control (RBAC), and integration with an external
Active Directory using RADIUS or TACACS for authentication, authorization, and
accounting (AAA) functions.
visibility, including both port and flow level statistics for troubleshooting.
Representational State Transfer (REST) API and a web-based GUI for performing
Support for Cisco
plugin for Open Flow, version 1.0
Cisco Nexus Data
Broker adds NX-API plugin to support Cisco Nexus 9000 Series switches as
TAP/SPAN aggregation. The NX-API supports JSON-RPC, XML, and JSON.
Cisco Nexus Data Broker interacts with Cisco Nexus 9000 Series using the NX-API
in JSON message formats.
Cisco Nexus Data Broker, you can:
Port Analyzer (SPAN) and Test Access Point (TAP) ports.
Cisco ACI through Cisco APIC to configure SPAN destinations and SPAN sessions.
devices to capture traffic.
traffic should be monitored.
from a single or multiple SPAN or TAP ports to multiple monitoring devices
users can view and modify the monitoring system.
additional features, depending upon the type of switch:
Set VLAN ID on
Cisco Nexus 3000 Series switches.
3100 Series switches and Cisco Nexus 9000 Series switches.
Cisco Nexus 3000 Series switches, 3100 Series switches, and Cisco Nexus 9000
tagging and packet truncation on
Cisco Nexus 3500 Series