Cisco AVS is a hypervisor-resident distributed virtual switch that is specifically designed for Cisco Application Centric Infrastructure (ACI) and managed by the Application Policy Infrastructure Controller (APIC). Cisco AVS implements the OpFlex protocol for control plane communication.
Cisco AVS supports two modes of traffic forwarding: local switching and no local switching. The forwarding mode is selected during Cisco AVS installation.
Cisco AVS is supported as a vLeaf for Cisco APIC with the VMware ESXi hypervisor. It manages a data center defined by the vCenter Server.
Cisco AVS is compatible with any upstream physical access layer switch that complies with the Ethernet standard, including Cisco Nexus switches. Cisco AVS is compatible with any server hardware listed in the VMware Hardware Compatibility List.
Cisco AVS Software Compatibility
Cisco AVS Release 5.2(1)SV3(2.5) is supported as a vLeaf for Cisco APIC with releases 5.1, 5.5, and 6.0 of the VMware ESXi hypervisor.
Note When you choose a Cisco AVS VIB, you must choose the one compatible with the version of VMware ESXi hypervisor that you use. ESXi 5.1 uses xxxx.3.1.1.vib, ESXi 5.5 uses xxxx.3.2.1.vib, and ESXi 6.0 uses xxxx.6.0.1.vib.
Compatibility and Upgrade/Downgrade Considerations
The following table lists the compatibility of Cisco AVS with Cisco APIC. Note the following:
The “Recommended Cisco APIC Version” in the second column of the table is the version that has been thoroughly tested with the Cisco AVS version.
The “Upgrade Compatible” versions in the third column of the table are versions that you can upgrade from to the recommended Cisco APIC version.
For example, you cannot upgrade from Cisco APIC version 1.1(4l) to Cisco APIC version 2.1(1h); you can upgrade only from the versions in upgrade compatible list.
The “Downgrade Compatible” versions in the third column are versions to which you can downgrade to from the recommended Cisco APIC version.
For example, you cannot downgrade from APIC version 2.1(1h) to Cisco APIC version 1.1(4l); you can downgrade only to the versions in the downgrade compatible list.
Although you can upgrade or downgrade Cisco APIC to a compatible version, you also should upgrade or downgrade Cisco AVS to a recommended version.
For example, if you downgrade Cisco APIC from version 2.1(1h) to 2.0(2f), you also should downgrade Cisco AVS 5.2(1)SV3(2.5) to Cisco AVS 5.2(1)SV3(2.2). The Cisco AVS version in the first column is the recommended version for the Cisco APIC version in the second column.
In the table, all Cisco APIC versions in the third column are upgrade and downgrade compatible unless otherwise stated.
Cisco AVS Release 5.2(1)SV3(2.5) supports all of the features that were introduced in 5.2(1)SV3(1.10), 5.2(1)SV3(1.10a), 5.2(1)SV3(1.15), 5.2(1)SV3(1.16), 5.2(1)SV3(1.16a), 5.2(1)SV3(1.16b), 5.2(1)SV3(1.20), 5.2(1)SV3(1.20a), 5.2(1)SV3(1.25), 5.2(1)SV3(2.1), 2(1)SV3(2.1a), and 5.2(1)SV3(2.2). For details, see the Cisco Application Virtual Switch Release Notes for these releases.
VLAN/VXLAN Mixed-Mode Encapsulation
Beginning with Cisco AVS Release 5.2(1)SV3(2.5), you can configure a single VMM domain to use VLAN and VXLAN encapsulation. Previously, you needed to configure two separate VMM domains, one for VLAN EPG encapsulation and one for VXLAN EPG encapsulation. Consequently, a domain's encapsulation mode now specifies its preferred encapsulation, not its sole encapsulation. When you associate an EPG to a domain using auto encapsulation, the EPG uses the domain’s preferred encapsulation.
Note that Cisco APIC and Cisco AVS might show different encapsulation modes. This is expected: The Cisco APIC GUI shows the preferred encapsulation mode, while the Cisco AVS CLI shows the effective encapsulation mode. The latter is used internally by VXLAN load balancing and health status and doesn’t affect actual EPG encapsulation.
Beginning with Cisco AVS Release 5.2(1)SV3(2.5), you can execute vemcmd show commands to troubleshoot Cisco AVS remotely through Cisco APIC NX-OS style CLI. Previously, the only method you could use to execute vemcmd show commands was directly on the Cisco AVS host.
Beginning with Cisco AVS Release 5.2(1)SV3(2.5), you can configure LACP load balancing for Cisco AVS using one of more than a dozen different parameters. Previously, LACP load balancing was automatically configured, using the source MAC address. However, now you configure LACP load balancing by issuing a vemcmd command through the ESXi CLI.
You can now use the FirePOWER Next-Generation Intrusion Prevention System (NGIPS) for vulnerability detection, which then performs automatic microsegmentation of rogue endpoints in the ACI fabric for Cisco AVS, VMware vSphere Distributed Switch (VDS), and Bare-Metal workloads.
Limitations and Restrictions
Upgrades of Cisco APIC, Leaf Switches, and the Cisco AVS to Cisco APIC 1.2(2g) or Later
Starting with the Cisco APIC 1.2(2g) release, the Cisco AVS uses site-specific certifications; previously, the Cisco AVS used image-based certifications. So when you upgrade from an earlier release to Cisco APIC 1.2(2g) or later, you need to follow a particular sequence when upgrading Cisco APIC, leaf switches, and the Cisco AVS. See the section “Upgrading from a Previous Release to Cisco APIC Release 1.2(2g) or Later” in the Cisco AVS Installation Guide.
Distributed Firewall when Using Direct Service Return with Load Balancing
You should disable Distributed Firewall if you are using direct service return with load balancing. If Distributed Firewall is enabled, an HTTP session will not be established.
Features not Supported for Cisco AVS with Multipod
The following features are not supported for Cisco AVS with multipod in the Cisco APIC 2.0(1.x) release:
Storage vMotion with two separate NFS in two separate PODs
ERSPAN destination in different PODs
Distributed Firewall syslog server in different PODs
Pre-provisioning not Supported for EPG Resolution Immediacy
When you set EPG resolution immediacy, Cisco AVS does not support pre-provisioning, which downloads a policy to a switch before the switch is installed.
Intra-EPG Isolation of Microsegment EPGs not Supported
Using intra-EPG isolation on a Cisco AVS microsegment (uSeg) EPG is not currently supported. Communication will be possible between two endpoints that reside in separate uSeg EPGs if either has intra-EPG isolation enforced, regardless of any contract that exists between the two EPGs.
Using the Bug Search Tool
Use the Bug Search tool to search for a specific bug or to search for all bugs in a release.
Subscribe to What’s New in Cisco Product Documentation, which lists all new and revised Cisco technical documentation, as an RSS feed and deliver content directly to your desktop using a reader application. The RSS feeds are a free service.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.