The Cisco AVS is a hypervisor-resident distributed virtual switch that is specifically designed for the Cisco Application Centric Infrastructure (ACI) and managed by the Application Policy Infrastructure Controller (APIC). Cisco AVS implements the OpFlex protocol for control plane communication.
The Cisco AVS supports two modes of traffic forwarding: local switching and no local switching. The forwarding mode is selected during Cisco AVS installation.
The Cisco AVS is supported as a vLeaf for the Cisco APIC with the VMware ESXi hypervisor. It manages a data center defined by the vCenter Server.
The Cisco AVS is compatible with any upstream physical access layer switch that complies with the Ethernet standard, including Cisco Nexus switches. The Cisco AVS is compatible with any server hardware listed in the VMware Hardware Compatibility List (HCL).
Cisco AVS Software Compatibility
The Cisco AVS Release 5.2(1)SV3(1.5) is supported as a vLeaf for the Cisco APIC with releases 5.1 and 5.5 of the VMware ESXi hypervisor.
Note When you choose a Cisco AVS VIB, you need to choose the one compatible with the version of VMware ESXi hypervisor that you use. ESXi 5.1 uses xxxx.3.1.1.vib, and ESXi 5.5 uses xxxx.3.2.1.vib.
The following table lists the compatibility of the Cisco AVS with the Cisco APIC.
Distributed Firewall is a new feature in Cisco AVS Release 5.2(1)SV3(1.5). It is a hardware-assisted firewall that supplements—but does not replace—other security features in the Cisco ACI fabric.
Part of Cisco AVS, Distributed Firewall resides in the ESXi (hypervisor) kernel and is in learning mode by default. No additional software is required for the Distributed Firewall to work. However, you must configure policies in the Cisco APIC to work with the Distributed Firewall.
For information about Distributed Firewall, see the Cisco ACI Virtualization Guide.
Microsegmentation with Cisco AVS
Microsegmentation with Cisco AVS is a new feature in Cisco AVS Release 5.2(1)SV3(1.5). It provides the ability to automatically assign VMs to logical security zones called endpoint groups (EPGs) based on VM, network, or custom attributes.
Microsegmentation polices used by the Cisco AVS are centrally managed by the Cisco APIC and enforced by the fabric.
For information about Microsegmentation with Cisco AVS, see the Cisco ACI Virtualization Guide.
Limitations and Restrictions
No Direct Upgrade to Release 5.2(1)SV3(1.5)
You cannot upgrade Cisco AVS Release 4.2(1)SV2(2.3), Release 5.2(1)SV3(1.1), or Release 5.2(1)SV3(1.2) directly to Release 5.2(1)SV3(1.5). If you want to upgrade one of these releases you must upgrade Cisco AVS to Release 5.2(1)SV3(1.3), Release 5.2(1)SV3(1.3b), or Release 5.2(1)SV3(1.3c) and then upgrade Cisco AVS to Release 5.2(1)SV3(1.5).
No Support in Release 5.2(1)SV3(1.5) for Set VLAN feature
The set VLAN feature, which allows you to assign a particular VLAN ID to an EPG for a particular VMM domain, appears in the Cisco APIC GUI; however, the feature is not supported for Cisco AVS in Release 5.2(1)SV3(1.5).
VXLAN Load Balancing and Microsegmentation with Cisco AVS not Supported on the Same vCenter Domain
If VXLAN load balancing is enabled in the VMware vCenter domain profile, Microsegmentation with Cisco AVS cannot be enabled on the domain.
Using the Bug Search Tool
Use the Bug Search tool to search for a specific bug or to search for all bugs in a release.
Subscribe to What’s New in Cisco Product Documentation, which lists all new and revised Cisco technical documentation, as an RSS feed and deliver content directly to your desktop using a reader application. The RSS feeds are a free service.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.