Cisco AVS is a hypervisor-resident distributed virtual switch that is specifically designed for Cisco Application Centric Infrastructure (ACI) and managed by the Application Policy Infrastructure Controller (APIC). Cisco AVS implements the OpFlex protocol for control plane communication.
Cisco AVS supports two modes of traffic forwarding: local switching and no local switching. The forwarding mode is selected during Cisco AVS installation.
Cisco AVS is supported as a vLeaf for Cisco APIC with the VMware ESXi hypervisor. It manages a data center defined by the vCenter Server.
Cisco AVS is compatible with any upstream physical access layer switch that complies with the Ethernet standard, including Cisco Nexus switches. Cisco AVS is compatible with any server hardware listed in the VMware Hardware Compatibility List.
Cisco AVS Software Compatibility
Cisco AVS Release 5.2(1)SV3(2.1) is supported as a vLeaf for Cisco APIC with releases 5.1, 5.5, and 6.0 of the VMware ESXi hypervisor.
Note When you choose a Cisco AVS VIB, you must choose the one compatible with the version of VMware ESXi hypervisor that you use. ESXi 5.1 uses xxxx.3.1.1.vib, ESXi 5.5 uses xxxx.3.2.1.vib, and ESXi 6.0 uses xxxx.6.0.1.vib.
Compatibility and Upgrade/Downgrade Considerations
The following table lists the compatibility of Cisco AVS with Cisco APIC. Note the following:
The “Recommended Cisco APIC Version” in the second column of the table is the version that has been thoroughly tested with the Cisco AVS version.
The “Upgrade Compatible” versions in the third column of the table are versions that you can upgrade from to the recommended Cisco APIC version.
The “Downgrade Compatible” versions in the third column are versions to which you can downgrade to from the recommended Cisco APIC version.
Although you can upgrade or downgrade Cisco APIC to a compatible version, you also should upgrade or downgrade Cisco AVS to a recommended version. The Cisco AVS version in the first column is the recommended version for the Cisco APIC version in the second column.
In the table, all Cisco APIC versions in the third column are upgrade and downgrade compatible unless otherwise stated.
Cisco AVS Release 5.2(1)SV3(2.1) supports all of the features that were introduced in 5.2(1)SV3(1.10), 5.2(1)SV3(1.10a), 5.2(1)SV3(1.15), 5.2(1)SV3(1.16), 5.2(1)SV3(1.16a), 5.2(1)SV3(1.16b), 5.2(1)SV3(1.20), 5.2(1)SV3(1.20a), and 5.2(1)SV3(1.25). For details, see the Cisco Application Virtual Switch Release Notes for these releases.
Beginning with Cisco AVS Release 5.2.1(SV3)2.1, Cisco AVS is supported in VMware's products vRealize Automation (vRA) and vRealize Orchestrator (vRO), parts of the VMware vRealize Suite for building and managing multivendor hybrid cloud environments. For details, see the vRealize chapter of the Cisco ACI Virtualization Guide.
Cisco AVS Health Status
The Cisco Application Centric Infrastructure (ACI) reports faults that occur on nodes in the fabric to the Cisco Application Policy Infrastructure Controller (APIC) as an aid to troubleshooting. Beginning with Cisco AVS Release 5.2(1)SV3(2.1), Cisco AVS faults are reported as well as faults for leaf and spine switches in the ACI fabric. For details, see the “Cisco AVS Health Status” section in the Cisco AVS Troubleshooting Guide.
DFW Permit Logging
Beginning with Cisco AVS Release 5.2.1(SV3)2.1, Cisco AVS reports the flows that are permitted by Distributed Firewall to the system log (syslog) as well as flows that are denied. You can configure parameters for the flows in the CLI or REST API to assist with auditing network security. For details, see the section “Distributed Firewall Flow Logging” in the Cisco AVS chapter of the Cisco ACI Virtualization Guide.
Multipod Environment Support
Beginning with Cisco AVS Release 5.2.1(SV3)2.1, Cisco AVS can be part of a multipod environment. Multipod environments use a single APIC cluster for all the pods; all the pods act as a single fabric. Cisco AVS does not require any additional configuration to operate in a multipod environment. For details, see the following Cisco ACI/APIC documents : Cisco Application Centric Infrastructure Fundamentals, Cisco APIC Getting Started Guide, and Cisco APIC NX-OS Style Command-Line Interface Configuration Guide.
When creating a vCenter domain using Cisco AVS Release 5.2.1(SV3)2.1, you can specify a delimiter to use with the VMware port group name. For details, see the Cisco AVS Installation Guide and the AVS chapter of the Cisco ACI Virtualization Guide.
Beginning with Cisco AVS Release 5.2(1)SV3(2.1), Cisco AVS is supported for policy-based routing. Cisco ACI policy-based routing enables provisioning service appliances, such as firewalls, in managed nodes or unmanaged nodes—that is, without needing a Layer 4 to Layer 7 package. For details, see the Cisco APIC Layer 4 to Layer 7 Services Deployment Guide, Release 2.0(1).
Direct Server Return
Beginning with Cisco AVS Release 5.2(1)SV3(2.1), Cisco AVS is supported for direct server return. The direct server return feature enables a server to respond directly to clients without having to go through the load balancer, which eliminates a bottleneck in the server-to-client path. For details, see the Cisco APIC Layer 4 to Layer 7 Services Deployment Guide, Release 2.0(1).
Limitations and Restrictions
Upgrades of Cisco APIC, Leaf Switches, and the Cisco AVS to Cisco APIC 1.2(2g) or Later
Starting with the Cisco APIC 1.2(2g) release, the Cisco AVS uses site-specific certifications; previously, the Cisco AVS used image-based certifications. So when you upgrade from an earlier release to Cisco APIC 1.2(2g) or later, you need to follow a particular sequence when upgrading Cisco APIC, leaf switches, and the Cisco AVS. See the section “Upgrading from a Previous Release to Cisco APIC Release 1.2(2g) or Later” in the Cisco AVS Installation Guide.
Distributed Firewall when Using Direct Service Return with Load Balancing
You should disable Distributed Firewall if you are using direct service return with load balancing. If Distributed Firewall is enabled, an HTTP session will not be established.
Features not Supported for Cisco AVS with Multipod
The following features are not supported for Cisco AVS with multipod in the Cisco APIC 2.0(1.x) release:
Storage VMotion with two separate NFS in two separate PODs
ERSPAN destination in different PODs
Distributed Firewall syslog server in different PODs
Pre-provisioning not Supported for EPG Resolution Immediacy
When you set EPG resolution immediacy, Cisco AVS does not support pre-provisioning, which downloads a policy to a switch before the switch is installed.
Intra-EPG Isolation of Microsegment EPGs not Supported
Using intra-EPG isolation on a Cisco AVS microsegment (uSeg) EPG is not currently supported. Communication will be possible between two endpoints that reside in separate uSeg EPGs if either has intra-EPG isolation enforced, regardless of any contract that exists between the two EPGs.
Using the Bug Search Tool
Use the Bug Search tool to search for a specific bug or to search for all bugs in a release.
Subscribe to What’s New in Cisco Product Documentation, which lists all new and revised Cisco technical documentation, as an RSS feed and deliver content directly to your desktop using a reader application. The RSS feeds are a free service.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.