Contents
- Release Notes for Cisco Nexus 1000V for KVM, Release 5.2(1)SK3(2.2)
- Overview of the Cisco Nexus 1000V for KVM Switch
- New Features and Enhancements in Release 5.2(1)SK3(2.2)
- Important Notes and Limitations
- Software Compatibility with Cisco Nexus 1000V
- Server and NIC Requirements
- Installation of Cisco Nexus 1000V for KVM
- Using the Bug Search Tool
- MIB Support
- Related Documentation
- Documentation Feedback
First Published: May 26, 2015
Last Updated: May 12, 2016
Release Notes for Cisco Nexus 1000V for KVM, Release 5.2(1)SK3(2.2)
This document describes the features, limitations, and bugs for this release.
Overview of the Cisco Nexus 1000V for KVM Switch
The Cisco Nexus 1000V for KVM is a virtual distributed switch that works with the Linux Kernel-based virtual machine (KVM) open source hypervisor.
Cisco Nexus 1000V for KVM Release 5.2(1)SK3(2.2) software works with Red Hat Enterprise Linux OpenStack Platform (RHEL-OSP), Release 6.0. RHEL-OSP provides interacting services that control its computing, storage, and networking resources and is the foundation on which to build a private or public Infrastructure-as-a-Service (IaaS) cloud.
The networking function of OpenStack is controlled and managed by the OpenStack Neutron Service. Neutron enables the Cisco Nexus 1000V switch to provide the networking capabilities to compute nodes and virtual machines (VMs). As Neutron creates and configures its networks for its environment, this configuration is passed to the Cisco Nexus 1000V switch.
Using OpenStack, you create VM networks and subnets on the Cisco Nexus 1000V for KVM by defining components such as the following: On the Virtual Supervisor Module (VSM), you create port profiles, which define feature policies for different types or classes of VMs and security policies for the VM’s traffic.When a VM is deployed, a port profile is dynamically created on the Cisco Nexus 1000V for KVM for each unique combination of policy (or feature) port profile and network segment. All other VMs deployed with the same policy to this network reuse this dynamic port profile.
Note
You must consistently use OpenStack for all VM network, subnet, and port configurations. If you create VM networks, subnets, and ports directly on the VSM, the configuration is lost when the OpenStack synchronization occurs. For information about OpenStack, see the Cisco Nexus 1000V for KVM Virtual Network Configuration Guide.
New Features and Enhancements in Release 5.2(1)SK3(2.2)
Cisco Nexus 1000V for KVM Release 5.2(1)SK3(2.2) introduces the following features, enhancements, and support:
Feature
Notes
Layer 3 Forwarding
This feature is available with a Cisco Nexus 1000V Advanced Edition license.
In a distributed Layer 3 forwarding model, the VSM manages all the configurations and the VEMs are instantiated on each host to provide packet forwarding functionality. For more information, see the Cisco Nexus 1000V for KVM Virtual Network Configuration Guide.
VLAN Trunk vEthernet Port Configuration
See the Cisco Nexus 1000V for KVM Port Profile Configuration Guide.
The Installation Guide was updated to support these new features:
Neutron-to-VSM Configuration Synchronization
An automatic state mismatch check between the VSM and Neutron is performed. For more information, see the Cisco Nexus 1000V for KVM Virtual Network Configuration Guide.
Cisco VSG for KVM, Release 5.2(1)VSG2(1.2b)
Cisco VSG for the Cisco Nexus 1000V Series switch is a virtual firewall appliance that provides trusted access to virtual data center and cloud environments with dynamic policy-driven operation, mobility-transparent enforcement, and scale-out deployment for dense multitenancy. For more information, see the Cisco Virtual Security Gateway product documentation.
Cisco Prime Network Service Controller, Release 3.4
Cisco Prime Network Services Controller (PNSC) is the centralized, automated multidevice and policy management solution for Cisco Nexus 1000V switches and services. Cisco PNSC enables transparent, scalable network management of virtualized data center and hybrid cloud environments. For more information, see the Cisco Prime Services Controller product documentation.
Cisco Prime Virtual Network Analysis Module (vNAM), Release 6.2
Cisco Prime Network Analysis Module (NAM) gives network administrators a holistic view of how the network is performing and how users are experiencing the delivery of applications and services. For more information, see the vNAM product documentation.
Important Notes and Limitations
Deprecated Command
You can no longer create network profiles from the OpenStack CLI or the Horizon UI. Instead, network profiles are created automatically. As a result of this change, the neutron net-create name --n1kv:profile_id networkProfileId command has been deprecated.
Changed Command
The port-create command syntax has changed. The --n1kv:profile_id argument has been replaced with --n1kv:profile. The full command is neutron port-create network-name --n1kv:profile policyProfileID.
If you do not choose a policy profile while creating a port or launching a VM, the default policy profile (default-pp) is used.
OpenStack Horizon Dashboard
If you have more than 200 ports provisioned in the Cisco Nexus 1000V, the OpenStack Horizon dashboard navigation becomes very slow.
If you are using the OpenStack Horizon dashboard, all vNIC interfaces on the same VM must have the same policy profile. If you need to have different policy profiles assigned to vNICs on the same VM, use the OpenStack CLI.
Access Control Lists
If the applied Access Control List (ACL) has a rule with Layer 4 parameters, fragmented packets use the slow path. Otherwise, fragmented packets get switched to the fast path.
DHCP Port
When you bring up a VSM, it should have the default port profile named default-pp. This port profile is not automatically created. You must create this port profile.
The default-pp port profile is used to create DHCP ports. Do not apply any features on this port profile because it impacts the functioning of the DHCP ports. In addition, do not use this port profile to bring up a VM to which you want to apply the port profile features.
Multicast
The maximum multicast traffic throughput without packets being dropped is 3 Gbps on a single VEM.
NetFlow
If the NetFlow record has Layer 4 match criteria, the fragmented packets use the slow path. Otherwise, the fragmented packets get switched in the fast path.
Network Segmentation Manager
The VSM CLI does not prevent you from deleting or modifying objects on the VSM—such as a network segment pool, IP pool template, network segment, or dynamic port profile—that were created by the Network Segmentation Manager (NSM). If you delete or modify objects, your VSM configuration could become out-of-sync with the network configuration on OpenStack.
Scheduler for Neutron DHCP Port and Linux Router
The Linux router scheduling is random. At any time, one controller node might be provisioned with a greater number of Linux routers than other controller nodes.
The default DHCP agent scheduler algorithm is also random. At any time, one controller node might be provisioned with a greater number of DHCP ports than other controller nodes.
Each controller node can support up to 990 ports (DHCP and router ports). When this limit is reached, any additional DHCP or router ports are not brought up on the VEM.
vEthernet Trunks
Deploying vEthernet trunk ports is possible using a trunk policy profile configured on the VSM. With this profile configured on the port, all VLANs configured in the VSM are allowed. You can restrict the set of allowed VLANs by editing the trunk policy profile on the VSM. However, this change is applied to all ports configured with this profile.
Virtual Ethernet Modules
The slow path is the path a packet takes when it is handed off to the user-space process level for a switching decision before its kernel fast-path flow cache is established. The VEM has a slow path maximum throughput of 300 Mbps, and when the maximum throughput is reached and CPU utilization reaches 100 percent for switching processes, traffic is dropped.
OpenStack does not support live migration to headless VEMs.
If a VLAN reaches the 4000 MAC address limit, any additional traffic from new MAC addresses uses the slow path.
Any configuration change to a port profile results in flows getting reprogrammed, which temporarily slows traffic.
VSM
If you reboot the VSM before you enter the copy running-config startup-config command on the VSM, you must create the missing policy port profiles in the VSM with the same UUID. For more information, see the Cisco Nexus 1000V for KVM Troubleshooting Guide.
VXLAN Gateway
Starting with Release 5.2(1)SK3(1.1), Cisco Nexus 1000V for KVM does not support the VXLAN Gateway feature.
VXLAN Native and VXLAN Enhanced
Having multiple VXLAN Tunnel Endpoints (VTEPs) in the same subnet requires an additional configuration file for the Address Resolution Protocol (ARP) to function. You must add the following sysctl settings in the /etc/sysctl.conf file:
net.ipv4.conf.default.rp_filter=2 net.ipv4.conf.all.rp_filter=2 net.ipv4.conf.default.arp_ignore=1 net.ipv4.conf.akll.arp_ignore=1 net.ipv4.conf.all.arp_announce=2 net.ipv4.conf.default.arp_announce=2Multicast traffic on a VXLAN might impact performance.
Troubleshooting Tools
The show logging information has been removed from the show tech-support svs command output because the information it displayed was not related to the Cisco Nexus 1000V for KVM. If you need additional technical support information, you can use the show tech-support svs detail command. Optionally, you can add the exclude interface pipe; for example, show tech-support svs detail | exclude interface.
Software Compatibility with Cisco Nexus 1000V
This table lists the supported software versions required for a Cisco Nexus 1000V for KVM Release 5.2(1)SK3(2.2).
Note
Depending on your specific Cisco Nexus 1000V for KVM release, it is your responsibility to monitor and install all relevant Linux patches on Linux hosts.
Server and NIC Requirements
Cisco Nexus 1000V for KVM has been verified using the following Cisco UCS deployment models:
Installation of Cisco Nexus 1000V for KVM
This release of Cisco Nexus 1000V for KVM uses the Red Hat Enterprise Linux OpenStack Platform (RHEL-OSP) installer to facilitate the installation of OpenStack and Cisco Nexus 1000V for KVM. A description of each is as follows:
RHEL-OSP—Linux operating system with Red Hat's distribution of OpenStack. RHEL-OSP provides a collection of interacting OpenStack services that control the compute, storage, and networking resources.
OpenStack—Scalable cloud operating system that controls large pools of compute, storage, and networking resources throughout a data center.
Cisco Nexus 1000V for KVM—Distributed virtual switch (DVS) that works with several different hypervisors. This DVS version is integrated with the KVM open source hypervisor.
You must deploy RHEL-OSP before you can deploy OpenStack with the Cisco Nexus 1000V for KVM. For information about installing Cisco Nexus 1000V for KVM, see the Cisco Nexus 1000V for KVM Installation Guide.
Using the Bug Search Tool
Procedure
Step 1 Go to http://tools.cisco.com/bugsearch. Step 2 In the Log In screen, enter your registered Cisco.com username and password, and then click Log In. The Bug Search page opens.
Note If you do not have a Cisco.com username and password, you can register for them at http://tools.cisco.com/RPF/register/register.do. Step 3 To search for a specific bug, enter the bug ID in the Search For field and press Enter. Step 4 To search for bugs in the current release:
MIB Support
The Cisco Management Information Base (MIB) list includes Cisco proprietary MIBs and many other Internet Engineering Task Force (IETF)-standard MIBs. These standard MIBs are defined in Requests for Comments (RFCs). To find specific MIB information, you must examine the Cisco proprietary MIB structure and related IETF-standard MIBs supported by the Cisco Nexus 1000V Series.
For a list of MIBs that the Cisco Nexus 1000V for KVM supports, see the Cisco Nexus 1000V for KVM System Management Configuration Guide.
Related Documentation
For the latest documentation related to Cisco Nexus 1000V for KVM, see http://www.cisco.com/c/en/us/support/switches/nexus-1000v-kvm/tsd-products-support-series-home.html.
Copyright © 2015-2016, Cisco Systems, Inc. All rights reserved.