Cisco Nexus 1000V Port Profile Configuration Guide, Release 4.0(4)SV1(3)

Overview

---

This chapter provides an overview of port profiles, the primary mechanism by which network policy is defined and applied to switch interfaces.

This chapter includes the following sections:

•Port Profiles and Port Groups

•Live Policy Changes

•Uplink Profiles

•Port Profile Inheritance

Port Profiles and Port Groups

A port profile is a collection of interface-level configuration commands that are combined to create a complete network policy.

A port group is a representation of a port profile on the vCenter server. Every port group on the vCenter server is associated with a port profile on the Cisco Nexus 1000V. Network administrators configure port profiles, and then server administrators can use the corresponding port groups on the vCenter server to assign ports to port profiles.

In the VMware vCenter Server, a port profile is represented as a port group. You assign the vEthernet or Ethernet interfaces to a port group in vCenter to do the following:

•Define port configuration by policy.

•Apply a single policy across a large number of ports.

Port profiles are created on the VSM and propagated to VMware vCenter Server as VMware port groups using the VMware VIM API. After propagation, a port profile appears within VMware vSphere Client and is available to apply to the vNICs on a virtual machine.

When a newly-provisioned virtual machine is powered on, a vEthernet interface is created on the Cisco Nexus 1000V for each of the virtual machine vNICs. The vEthernet inherits the definitions in the selected port profile.

Live Policy Changes

Port profiles are not static entities but dynamic policies that can change as network needs change. Changes to active port profiles are applied to each switch port that is using the profile. This simplifies the process of applying new network policies or changing an existing policy.

Uplink Profiles

Port profiles also manage the physical NICs within a VMware ESX host. When a port profile is defined, the network administrator determines whether the profile will be used to manage vEthernet interfaces or physical NICs. By default, the port profile is assumed to be used for vEthernet management.

To define a port profile for use on physical NICs, the network administrator must create the profile as an Ethernet type. When this option is used, the port profile will be available only to the server administrator to apply to physical NICs within an VMware ESX server.

---

Note In an installation where multiple Ethernet port profiles are active on the same VEM, it is recommended that they do not carry the same VLAN(s). The allowed VLAN list should be mutually exclusive.

Overlapping VLANs can be configured but may cause duplicate packets to be received by virtual machines in the network.

---

Uplink port profiles are applied to a physical NIC when a VMware ESX host is first added to the Cisco Nexus 1000V. The server administrator is presented with a dialog box in which they can select the following:

•physical NICs to associate with the VEM

•uplink port profiles to associate with the physical NICs

In addition, the server administrator can apply uplink port profiles to interfaces that are added to the VEM after the host has been added to the switch.

Port Profile Inheritance

You can apply the configuration from an existing port profile as the default configuration for another port profile. This is called inheritance. The configuration of the parent is copied to and stored in the child port profile. You can also override the inheritance by configuring the attributes explicitly in the child port profile.

You can also explicitly remove port profile inheritance, so that a port profile returns to the default settings, except where there has been a direct configuration.

For more information, see the "Configuring Port Profile Inheritance" section on page 3-1.