Cisco Dynamic Fabric
Automation (DFA) configuration in this guide is organized based on the
multi-tenancy segmentation that you use for various Cisco Nexus Series.
Cisco Nexus 5000
Cisco Nexus 6000
Cisco Nexus 7000
Overview of Cisco
Dynamic Fabric Automation
Cisco Dynamic Fabric
Automation (DFA) optimizes data centers through integration. The Cisco DFA
architecture eliminates the need for overlay networks that can hinder traffic
visibility and optimization and reduce scalability when physical server and
virtual machine environments are integrated. This architecture enables
zero-touch provisioning and greater orchestration, while delivering more
predictable performance and latency for large cloud networks. The following
building blocks are the foundation of Cisco DFA:
Automation — Integrates with automation and orchestration tools through
northbound Application Programming Interfaces (APIs) and also provides control
for provisioning fabric components by automatically applying templates that
leverage southbound APIs and/or standard-based protocols. These automation
mechanisms are also extensible to network services.
Networking — Uses a simple distributed gateway mechanism to support any subnet,
anywhere, concurrently. Existing redundancy models are also used to provide N+
redundancy across the entire fabric.
Virtual Fabrics —
Extends the boundaries of segmented environments to different routing and
switching instances by using logical fabric isolation and segmentation within
the fabric. All of these technologies can be combined to support hosting,
cloud, and multi-tenancy environments.
Components in the
Cisco DFA Network
The following figure
depicts various components of Cisco Unified Fabric.
A leaf in a Cisco
Unified Fabric is the node where virtual machines/physical machines are
directly connected. A leaf is connected to all the spines in a Clos topology as
shown in the figure above. The leaf manages VLAN allocation for physical and
virtual machines wherever required. The leaf encapsulates tenant’s traffic to
the spine in a FabricPath encapsulation, either using segment ID or the VLAN
based on the tenant traffic requirements. Cisco Unified Fabric leaf can also
fetch network information via standard protocols like LDAP to automatically
provision tenant networks.
A Border Leaf (BL) is
a special purpose leaf typically required to reach the external world or
provide connectivity for tenant networks that are spanning across a Cisco
Unified Fabric. Any Cisco Nexus 5600 Platform Switches and Cisco Nexus 6000 and
7000 Series Switches can also be configured as a border leaf.
The spine nodes can
load share the traffic between any leaf nodes and can also operate in a transit
FabricPath mode essentially requiring no intervention in the spine
configuration when a tenant is provisioned.
Cisco Prime Data
Center Network Manager (DCNM) provides Power On Auto Provisioning (POAP), of
the Cisco Unified Fabric nodes (spine, leaf and border leaf), cable-plan
consistency, Unified Fabric Data Center Interconnect (DCI) automation and most
importantly automated network provisioning with the help of northbound
integration with both Virtual Machine Orchestrators and Services Orchestrators.
OpenStack DFA enabler
seamlessly transforms and enables OpenStack compute nodes to be DFA capable.
DFA enabler communicates network information to the Cisco Prime DCNM by
invoking DCNM's rest APIs. The compute nodes support Virtual Station Interface
(VSI) Discovery and Configuration Protocol (VDP) to reliably pass the virtual
machines network information to the leaf nodes.
Computing System Director (UCSD) integrates perfectly with the Cisco Prime
DCNM, making virtual machine network information available to the unified
fabric leaf nodes. This clean and tighter integration provides for not only
touchless automated tenant network provisioning but also a flexible choice of
features that can be applied during the provisioning.
Cisco Prime Network
Service Controller (PNSC) provides a way to orchestrate services for tenants in
a touchless manner on the Cisco Unified Fabric. Cisco Prime DCNM network
information is available within the PNSC to identify services required (edge
firewall, load balancer) for a particular tenant network.
Cisco Nexus 1000V
Series Switch compliments automated network provisioning of the tenant via the
VSI discovery protocol (VDP) by reliably communicating virtual machine network
information to the leaf via standards based implementation of 802.1QBG.