application traffic has traditionally been important for infrastructure
operations to maintain security, troubleshooting, and compliance mechanisms,
and to perform resource planning. With the technological advances and growth in
cloud-based applications, it has become imperative to gain increased visibility
into the network traffic. Traditional approaches to gain visibility into
network traffic are expensive and rigid, making it difficult to do in
Cisco Nexus Data Broker Embedded with Cisco Nexus Switches provides a software-defined,
programmable solution to aggregate copies of network traffic using Switched
Port Analyzer (SPAN) or network Test Access Points (TAP) for monitoring and
visibility. As opposed to traditional network taps and monitoring solutions,
this packet-brokering approach offers a simple, scalable and cost-effective
solution that is well suited for customers who need to monitor higher-volume
and business-critical traffic for efficient use of security, compliance, and
application performance monitoring tools.
Cisco Nexus Data Broker Embedded option provides the flexibility for you to run the
Cisco Nexus Data Broker software directly on a Cisco Nexus 3000, 3100, 3200,
3500, or 9000 Series switch in a single-switch deployment. This is suitable for
smaller, co-located facilities where customers need only a single Cisco Nexus
3000, 3100, 3200, 3500, or 9000 Series switch for TAP/SPAN aggregation, because
it eliminates the requirement to have a separate virtual machine for the
Cisco Nexus Data Broker application.
The activator script is different for the various Cisco NXOS versions:
NDBActivator2.0_A6_A8_Plus.py: For Cisco NXOS versions A6 and A8.
NDBActivator2.0_I3_I4.py: For Cisco NXOS versions I3 and I4.
NDBActivator3.0_I5_Plus.py: For Cisco NXOS version I5.
When the Python
script is run, it creates a file in the virtual machine that is known as the
interfaces file. It contains the details of the interfaces and the management
IP address and it updates the
launcher.sh file. The
embndb folder is created by the Python script.
Cisco Nexus Data Broker Embedded solution supports the following:
Support for the
OpenFlow mode or the NX-API mode of operation.
The OpenFlow mode and the NX-API mode are supported on both Cisco Nexus 3000 Series and Cisco Nexus 9000 Series switches. Cisco Nexus 9500 supports only NX-API mode of deployment. Cisco Nexus 3500 supports only OpenFlow mode of deployment. Starting with Cisco NXOS release 7.0(3)I7(2), OpenFlow is supported in Embedded mode.
You can enable
only one mode, either OpenFlow or NX-API mode, at a time.
In order to start or stop the Cisco Nexus Data Broker application in embedded mode, you should activate or de-activate the ofa file. The use of ./runxnc.sh command to start application is not suggested.
In embedded mode, though the NDB is installed on a switch, you need to manually add the switch to the NDB controller (Navigate to Add Device).
Cisco Nexus 3000 Release 7.x, the NX-API configuration is supported on the
following Cisco Nexus 3100 Series switches:
Nexus 3172 switches
Nexus 3132 switches
Nexus 3164 switches
Nexus 31128 switches
Nexus 3232 switches
Nexus 3264 switches
that includes production switch and APIC configurations are not supported in
Embedded Nexus Data Broker.
Layer-7 filtering for the HTTP traffic using the HTTP methods.
Support for VLAN
and MPLS tag stripping.
The ability to
aggregate traffic from multiple TAP or SPAN ports connected to a single switch.
Q-in-Q to tag input source TAP and SPAN ports.
Symmetric hashing, or symmetric and non-symmetric load balancing.
matching monitoring traffic based on Layer 1 through Layer 4 information.
The ability to
replicate and forward traffic to multiple monitoring tools.
tagging using the Precision Time Protocol.
truncation beyond a specified number of bytes to discard payload.
features, such as role-based access control (RBAC), and integration with an
external Active Directory using RADIUS or TACACS for authentication and
visibility and both port and flow level statistics for troubleshooting.
Representational State Transfer (REST) API and web-based GUI for all functions.