Cisco Nexus 1110-S, Nexus 1110-X Deployment Manual
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 39
Cisco Nexus 1100 Series
Virtual Services Appliances
Deployment Guide Version 1.0
June 2013
Deployment Guide
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 2 of 39
Overview ................................................................................................................................................................... 4
Audience ................................................................................................................................................................... 4
Introduction .............................................................................................................................................................. 4
Cisco Nexus 1000V Series Switches ...................................................................................................................... 4
Cisco Nexus 1100 Series VSAs: Cisco Nexus 1110-S and 1110-X Models ......................................................... 5
Cisco Nexus 1110-S Physical Components .......................................................................................................... 5
Cisco Nexus 1110-X Physical Components .......................................................................................................... 5
Virtual Service Blades ............................................................................................................................................. 5
Sample Cisco Nexus 1110-S Configurations ........................................................................................................ 6
Sample Cisco Nexus 1110-X Configurations ........................................................................................................ 6
Cisco Nexus 1100 Series High Availability ............................................................................................................ 7
Network Connectivity .............................................................................................................................................. 8
Management VLAN ............................................................................................................................................... 8
Control VLAN ........................................................................................................................................................ 8
Network Connectivity Options ................................................................................................................................ 9
Network Connection Option 1 ............................................................................................................................... 9
Network Connection Option 2 ............................................................................................................................. 10
Network Connection Option 3 ............................................................................................................................. 12
Network Connection Option 4 ............................................................................................................................. 13
Network Connection Option 5 (Flexible Network) ............................................................................................... 15
Deployment Considerations ................................................................................................................................. 17
Topology Examples ............................................................................................................................................... 18
Uplink Type 1 ...................................................................................................................................................... 18
Cisco Nexus 5000-1 and Nexus 5000-2 Configuration ................................................................................... 18
Uplink Type 2 ...................................................................................................................................................... 19
Cisco Nexus 5000-1 and Nexus 5000-2 Configuration ................................................................................... 19
Uplink Type 3 ...................................................................................................................................................... 20
Cisco Nexus 5000-1 and Nexus 5000-2 Configuration ................................................................................... 21
Uplink Type 4 ...................................................................................................................................................... 21
Cisco Nexus 5000-1 and Nexus 5000-2 Configuration ................................................................................... 22
Uplink Type 5 ...................................................................................................................................................... 22
Cisco Nexus 5000-1 and Nexus 5000-2 Configuration ................................................................................... 23
Deploying the Cisco Nexus 1000V Series VSM on the Cisco Nexus 1100 Series ............................................ 24
VSM High Availablity ............................................................................................................................................. 24
Cisco Nexus 1000V Series Backup and Restore Procedures ............................................................................ 24
Backup Procedure .............................................................................................................................................. 24
Restore Procedure .............................................................................................................................................. 24
Deploying the Cisco Nexus 1100 Series Across Data Centers .......................................................................... 25
Appendix: Quick Configuration Guide ................................................................................................................. 26
Configure the Upstream Cisco Nexus 5000 Series Switch ................................................................................. 27
Cisco Nexus 1100 Series LOM Ports Connected to Cisco Nexus 2248 ......................................................... 27
Cisco Nexus 1100 Series Control, Packet, and Data Gigabit Ethernet Ports Connected to Cisco Nexus 2248
....................................................................................................................................................................... 27
Set Up the Primary Cisco Nexus 1100 Series VSA ............................................................................................ 29
Set Up the Secondary Cisco Nexus 1100 Series VSA ........................................................................................ 31
Verify the Cisco Nexus 1100 Series Setup ......................................................................................................... 32
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 3 of 39
Instantiate the Cisco Nexus 1000V Series VSM ................................................................................................. 32
Verify the Cisco Nexus 1000V Series VSB ......................................................................................................... 34
Complete the Cisco Nexus 1000V Series Installation ......................................................................................... 35
For More Information ............................................................................................................................................. 38
Cisco Nexus 1100 Series Technical Documentation .......................................................................................... 38
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 4 of 39
Overview
This document provides design guidelines for deploying Cisco Nexus® 1100 Series Virtual Services Appliances
(VSAs). The Cisco Nexus 1110-S and 1110-X VSAs are the first appliances in the Cisco Nexus 1100 Series.
For detailed feature-level configuration documentation, please refer to the respective Cisco® product configuration
guides located at http://www.cisco.com/go/1100. Links to additional information can be found in the “For More
Information” section of this document.
Audience
This document is intended for network architects, network engineers, virtualization administrators, and server
administrators interested in understanding and deploying the Cisco Nexus 1000V Series Swtiches utilizing the
Cisco Nexus 1100 Series in a Cisco data center environment.
Introduction
The Cisco Nexus 1100 Series VSAs (Figure 1) are members of the Cisco Nexus 1000V Series Switches portfolio.
They host the Cisco Nexus 1000V Series Virtual Supervisor Modules (VSMs) and provide support for Cisco virtual
service blades (VSBs) to offer a more comprehensive solution for virtual access switching. Because the Cisco
Nexus VSAs provide dedicated hardware for the VSM, they makes virtual access switch deployment easier for the
network administrator. Support for additional VSBs such as the Cisco Virtual Security Gateway (VSG), Cisco
Prime™ Network Analysis Module (NAM), and Cisco Data Center Network Mangager (DCNM) makes the Cisco
Nexus VSAs crucial components of a virtual access switch solution.
Figure 1. Cisco Nexus 1110-S and 1110-X Virtual Services Appliances
Cisco Nexus 1000V Series Switches
Cisco Nexus 1000V Series Switches are virtual machine access switches. They are intelligent switches designed
for hypervisor environments running the Cisco NX-OS Software operating system. Operating inside the hypervisor,
the Cisco Nexus 1000V Series supports server virtualization technology to provide:
●
Policy-based virtual machine connectivity
●
Mobile virtual machine security and network policy
●
Nondisruptive operational model for server virtualization and networking teams
When server virtualization is deployed in the data center, virtual servers typically are not managed the same way
as physical servers. Server virtualization is treated as a special deployment, leading to longer deployment times,
with a greater degree of coordination needed among server, network, storage, and security administrators. With
the Cisco Nexus 1000V Series, you can have a consistent networking feature set and provisioning process all the
way from the virtual machine access layer to the core of the data center network infrastructure. Virtual servers can
now use the same network configuration, security policy, diagnostic tools, and operation models as their physical
server counterparts attached to dedicated physical network ports. Virtualization administrators can access a
predefined network policy that follows mobile virtual machines to help ensure proper connectivity, saving valuable
time to allow you to focus on virtual machine administration. This comprehensive set of capabilities helps you
deploy server virtualization and achieve its benefits more quickly.
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 5 of 39
Cisco Nexus 1100 Series VSAs: Cisco Nexus 1110-S and 1110-X Models
The Cisco Nexus 1110-S and 1110-X VSAs each offer a physical platform for deploying and managing the Cisco
Nexus 1000V VSMs and other virtual services. The platform consists of the physical server coupled with the Cisco
Nexus VSA Manager software, which houses multiple Cisco VSBs.
Cisco Nexus 1110-S Physical Components
The physical components of the Cisco Nexus 1110-S are based on the Cisco UCS® C220 M3 Rack Server
containing:
●
Two 2.00-GHz Intel Xeon E5-2650 processors, each with eight cores
●
Four 8-GB DDR3 1600-MHz RDIMMs
●
Two 1-terabyte (TB) SATA HDDs
●
One Intel Quad Gigabit Ethernet adapter and two 1 Gigabit Ethernet LAN-on-motherboard (LOM) interfaces
●
One serial port
●
One rail kit
●
One RAID controller using RAID 1
Cisco Nexus 1110-X Physical Components
The physical components of the Cisco Nexus 1110-X are based on the Cisco UCS C200 M2 High-Density Rack
Server physical appliance containing:
●
Two 2.00-GHz Intel Xeon E5-2650 processors, each with eight cores
●
Eight 8-GB DDR3 1600-MHz RDIMMs
●
Four 1-TB SATA HDDs
●
One Intel Quad Gigabit Ethernet adapter and two 1 Gigabit Ethernet LOM interfaces
●
One Cisco UCS Virtual Interface Card (VIC) 1225 dual-port 10-Gbps Enhanced Small Form-Factor
Pluggable (SFP+) converged network adapter (CNA)*
●
One serial port
●
One rail kit
●
One RAID controller using RAID 10
*
10-Gbps networking will be enabled in a later Cisco NX-OS software release; the Cisco Nexus 1110-X ships with
the 10-Gbps VIC.
Virtual Service Blades
A VSB provides expansion capabilities so that new services can be added to the Cisco Nexus 1100 Series in the
future. The Cisco Nexus VSA Manager enables customers to install, configure, and manage a variety of VSBs.
The Cisco Nexus 1110-S and 1110-X currently support the following VSBs:
●
Cisco Nexus 1000V Series VSM
●
Cisco VSG for Nexus 1000V Series Switch
●
Cisco Prime NAM
●
Cisco DCNM
●
Imperva SecureSphere Web Application Firewall
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 6 of 39
Cisco VSM
Cisco VSG
Cisco NAM
Cisco DCNM
Total Weight
Cisco Nexus 1110-S
1
1
2
2
<=6
Cisco Nexus 1110-X
1
1
2
2
<=10
VSB deployments support the ISO and OVA image formats. OVA support allows users to deploy a VSB from a
VMware virtual machine file format. A common use case is migration of the VSM as a virtual machine to the Cisco
Nexus 1100 Series.
The Cisco Nexus 1110-S can host up to 6 VSBs, and the Cisco Nexus 1110-X can host up to 10 VSBs. These
VSBs can be any combination of the VSBs supported. Figure 2 shows an example of a configuration.
Figure 2. Cisco Nexus 1100 Series with Four VSBs: Cisco VSMs, VSGs, NAM, and DCNM
Table 1 shows the weight of each virtual service in the Cisco Nexus 1110-S and 1110-X platforms.
Table 1. Weighting Matrix to Determine Maximum Capacity of VSBs on Cisco Nexus 1100 Series VSAs
Sample Cisco Nexus 1110-S Configurations
●
Six Cisco VSMs
●
Six Cisco VSGs
●
Three Cisco VSMs and three Cisco VSGs
●
One Cisco VSM, one Cisco VSG, one Cisco NAM, and one Cisco DCNM
Sample Cisco Nexus 1110-X Configurations
●
Ten Cisco VSMs
●
Ten Cisco VSGs
●
Five Cisco VSMs and five Cisco VSGs
●
Three Cisco VSMs, three Cisco VSGs, one Cisco NAM, and one Cisco DCNM
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 7 of 39
Cisco Nexus 1100 Series High Availability
To achieve high availability, you should deploy redundant Cisco Nexus 1100 Series appliances, with one Cisco
Nexus 1100 Series VSA as the primary device, and the second Cisco Nexus 1100 Series VSA as the secondary
device. The two appliances run in an active-standby configuration to offer high availability for both management
and VSB deployments. Certain virtual services, such as Cisco NAMs, do not support high availability. Please refer
to the documentation for the particular Cisco VSB to determine whether the VSB supports high availability. Figure 3
shows the built-in high availability for both the Cisco VSMs and VSGs.
Figure 3. Cisco Nexus 1100 Series High-Availability Pair
If one Cisco Nexus 1100 Series VSA fails, management automatically fails over to the other Cisco Nexus 1100
Series VSA without disruption of traffic or operations. For two Cisco Nexus 1100 Series appliances to form a highavailability pair, the control VLAN and domain ID of both Cisco Nexus 1100 Series appliances must match.
Another high-availability feature built into the Cisco Nexus 1100 Series is the capability of the Cisco Nexus VSA
Manager to automatically distribute the placement of the active VSBs across the two appliances. This feature helps
balance the distribution of traffic and reduce the size of the potential fault domain.
The pairing of the Cisco Nexus 1100 Series appliances must match the hardware platform. A Cisco Nexus 1100
Series VSA must be paired with another identical Cisco Nexus 1100 Series platform; mixing of platforms is not
supported, such as mixing a Cisco Nexus 1110-S with a Cisco Nexus 1110-X.
Not every VSB is the primary module on the primary Cisco Nexus 1100 Series VSA. With connectivity between the
primary and secondary Cisco Nexus 1100 Series VSA, access through a serial connection to any virtual service is
maintained. When one Cisco Nexus 1100 Series VSA fails, the remaining Cisco Nexus 1100 Series VSA becomes
active, and all virtual services in the standby state on that Cisco Nexus 1100 Series VSA become active
automatically.
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 8 of 39
A virtual service can be removed completely from both redundant Cisco Nexus 1100 Series appliances, or from
only one. If one of the redundant pair of virtual services becomes unusable, it can be removed from the Cisco
Nexus 1100 Series platform on which it resides. This approach facilitates recovery by preserving the remaining
virtual service in the pair. Use of this service may be needed if a new instance of the service must be provisioned.
Network Connectivity
The Cisco Nexus 1110-S has six 1 Gigabit Ethernet interfaces available for network connectivity: two 1 Gigabit
Ethernet LOM interfaces and four 1 Gigabit Ethernet interfaces, available through a PCI card (Figure 4). In additon,
the Cisco Nexus 1110-X has two 10 Gigabit Ethernet interfaces that will be enabled in a later software release.
These interfaces are not shown in Figure 4.
Figure 4. Connections on Cisco Nexus 1100 Series VSAs
Four types of traffic flow through these interfaces: management, control, packet, and VSB data traffic. The Cisco
Nexus 1100 Series is not in the data path of everyday virtual machine data traffic. However, when Cisco NAM or
VSG VSBs are deployed, data traffic from selected virtual machines will flow to the Cisco Nexus 1100 Series to be
processed by the respective network service. The decision to use or not use these other VSBs influences the
choice of network connectivity option used for connecting the Cisco Nexus 1100 Series to the network.
Management VLAN
The management VLAN is used for management of the Cisco Nexus 1100 Series VSA. When one of the four static
uplink options is used, the Cisco Nexus 1100 Series and its hosted VSBs share the same management VLAN. In a
static topology, the management VLAN on a VSB cannot be changed directly. Since the management VLAN is
inherited from the Cisco Nexus 1100 Series VSA, if you change the management VLAN for the Cisco Nexus 1100
Series, then the change is applied to both the Cisco Nexus 1100 Series VSA and all its hosted VSBs at the next
reload.
However, this constraint does not exist in flexible topology, and the management VLAN of a VSB can be different
from the Cisco Nexus 1100 Series host.
Control VLAN
The control VLAN is a Layer 2 interface used for communication between the redundant Cisco Nexus 1100 Series
appliances. This interface handles low-level control packets such as heartbeats as well as any configuration data
that needs to be exchanged between the Cisco Nexus 1100 Series appliances.
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 9 of 39
Network Connectivity Options
The interfaces on the Cisco Nexus 1100 Series can be connected to the network in five ways. The choice of the
connectivity option, or uplink type, for the Cisco Nexus 1100 Series depends on the customer’s needs and
requirements. When the Cisco Nexus 1100 Series VSA is first initialized, the setup script requests some basic
configuration information, including selection of the network connectivity option. This section explains the five
uplink types (or network connectivity options) and discusses best practices for choosing the best option.
Network Connection Option 1
Option 1, the simplest way of connecting the Cisco Nexus 1100 Series to the network, uses the two LOM interfaces
to carry all traffic types: management, control, packet, and data. In this configuration, each uplink connects to two
different upstream switches to provide redundancy (Figure 5).
Figure 5. Network Connection Option 1
Option 1 is preferred in cases in which customers are not using a Cisco NAM and therefore have little or no data
traffic traversing the uplinks to the Cisco Nexus 1100 Series. This option is commonly used when the Cisco Nexus
1100 Series is used only for VSMs. The management, control, packet, and data traffic can all use different VLANs,
although this is not a requirement. This option is recommended for the simplest configuration and lowest risk of
misconfiguration (Figure 6).
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 10 of 39
Figure 6. Option 1 Configuration
Note: The LOM ports are active-standby only and cannot be part of a PortChannel or virtual PortChannel (vPC).
Network Connection Option 2
Option 2 uses the two LOM interfaces to carry management, control, and packet traffic. The other four interfaces
on the PCI card carry only data traffic. In this configuration, the two interfaces used for management, control, and
packet traffic should be connected to two separate upstream switches for redundancy. In addition, the four ports
used for data traffic should be split between two upstream switches for redundancy. Not all four interfaces are
required, and their use depends on bandwidth requirements. Use a minimum of two interfaces that are also
connected to two separate physical switches. In addition, if multichassis EtherChannel is available, that technology
is preferred, to provide additional bandwidth and redundancy (Figure 7).
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 11 of 39
Figure 7. Network Connection Option 2
Option 2 is well suited for customers who are deploying a Cisco NAM in the Cisco Nexus 1100 Series. The
management, control, and packet traffic is kept physically separate from the data traffic, helping ensure that data
traffic does not divert cycles from the other traffic. Of the four available connectivity options, option 2 provides the
most dedicated bandwidth for Cisco NAM traffic and should be used by customers who want to increase the Cisco
NAM capabilities (Figure 8).
Figure 8. Option 2 Configuration
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 12 of 39
Option 2 is well suited for customers who are deploying a NAM module in the Cisco Nexus 1100 Series VSA. The
management, control, and packet traffic is kept physically separate from the data traffic, helping ensure that data
traffic does not divert cycles from the other traffic. Out of the four available connectivity options, this option provides
the most dedicated bandwidth for NAM traffic and should be used by customers who want to take full advantage of
the NAM capabilities.
Note: The 4-port network interface card (NIC) adapter does support PortChannel and vPC capabilities and can
provide added bandwidth utilization and redundancy. The example here shows the use of a PortChannel, but a
vPC configuration would also be valid.
Network Connection Option 3
Option 3 uses the two LOM interfaces for management traffic only, and it uses the four interfaces on the PCI card
to carry control, packet, and data traffic. In this configuration, the two management interfaces should be connected
to two separate upstream switches for redundancy. In addition, the four ports used for control, packet, and data
traffic should be split between two upstream switches for redundancy (Figure 9).
Figure 9. Network Connection Option 3
Option 3 is well suited for customers who are deploying a Cisco NAM or VSG in the Cisco Nexus 1100 Series but
require a separate management network. Because there is little control and packet traffic, customers can still use
most of the bandwidth from the four 1 Gigabit Ethernet interfaces for Cisco NAM traffic. This option is
recommended for most deployments because it provides the flexibility to handle both currently supported and
future VSBs (Figure 10).
Loading...