Cisco Subnet An independent Cisco community View more

Hands on with the Cisco Nexus, Part#2: Virtualization

Note: if you have been following my series on CCIE Voice / CCVP Exam Objectives, and are wondering why that series has stopped, don't worry because it hasn't. I'll be alternating between subjects over the next few weeks and months - and there will be plenty more on CCIE Voice / CCVP Exam objectives.

When the Nexus 7000 switch was introduced, one of its major features trumpeted by Cisco was virtualization in the form of Virtual Device Contexts (VDCs). But what exactly are VDCs, and how might they help you in your network?

You are probably already familiar with other forms of virtualization on switches such as Virtual LANs (VLANs) and more recently the Cisco 6500 Virtual Switching System 1440 (VSS 1440), but VDCs take virtualization on an individual switch to a new level. In this blog post, I'll take a look at what VDCs actually are, how they are configured, and how they can be used in real world networks.

VDCs, simply put, are a method of provisioning virtual Nexus switches. So, if you configure three VDCs on your Nexus switch, you'll have three virtual switches.

‘Very nice', you might be thinking, ‘but what happens if one of those virtual switches (VDCs) running on the same physical Nexus platform starts to misbehave?' Well, the other virtual switches just continue to operate normally. This is because each VDC has its own independent processes (OSPF, Spanning Tree, and so on), and NX-OS (the operating system that runs on the Nexus) is based on Linux. Linux has a pre-emptive scheduler that prevents a misbehaving process impacting the performance of the processes belonging to other VDCs. So, faults in one VDC will not impact the performance of another VDC.

Now that you have an understanding of what VDCs are and how they operate, it's time to take a look at how they can be configured.

It is possible to create a VDC and allocate resources using three simple steps:

  • 1. Create the VDC using the vdc vdcname command.
  • 2. Allocate ports to the VDC using the allocate interface ethernet slot/port command.
  • 3. Initialize the VDC using the switchto vdc vdcname command.

You can verify VDC configuration using a number of commands such as show vdc vdcname and show vdc vdcname membership.

Here's an example of the configuration and verification of a VDC:

Mark-Nexus01(config)# vdc TestVDC2

Note:  VDC creation is a time consuming process, please wait until the command completes

Mark-Nexus01(config-vdc)# allocate interface ethernet 10/1-12

Moving ports will cause all config associated to them in source vdc to be removed. Are you sure you want to move the ports?  [yes]

Mark-Nexus01(config-vdc)#

Mark-Nexus01(config-vdc)# show vdc TestVDC2

vdc_id  vdc_name                          state               mac            

------  --------                          -----               ----------     

2       TestVDC2                          active              00:1b:54:c2:29:42

Mark-Nexus01(config-vdc)# show vdc TestVDC2 membership

vdc_id: 2 vdc_name: TestVDC2 interfaces:

        Ethernet10/1          Ethernet10/2          Ethernet10/3         

        Ethernet10/4          Ethernet10/5          Ethernet10/6          

        Ethernet10/7          Ethernet10/8          Ethernet10/9         

        Ethernet10/10         Ethernet10/11         Ethernet10/12        

Mark-Nexus01(config-vdc)# exit

Mark-Nexus01(config)# exit

Mark-Nexus01# switchto vdc TestVDC2

         ---- System Admin Account Setup ----

  Enter the password for "admin":

  Confirm the password for "admin":

         ---- Basic System Configuration Dialog VDC: 2 ----

This setup utility will guide you through the basic configuration of

the system. Setup configures only enough connectivity for management

of the system.

Please register Cisco Nexus7000 Family devices promptly with your

supplier. Failure to register may affect response times for initial

service calls. Nexus7000 devices must be registered to receive

entitled support services.

Press Enter at anytime to skip a dialog. Use ctrl-c at anytime

to skip the remaining dialogs.

Would you like to enter the basic configuration dialog (yes/no): n

Cisco Nexus Operating System (NX-OS) Software

TAC support: http://www.cisco.com/tac

Copyright (c) 2002-2008, Cisco Systems, Inc. All rights reserved.

The copyrights to certain works contained in this software are

owned by other third parties and used and distributed under

license. Certain components of this software are licensed under

the GNU General Public License (GPL) version 2.0 or the GNU

Lesser General Public License (LGPL) Version 2.1. A copy of each

such license is available at

http://www.opensource.org/licenses/gpl-2.0.php and

http://www.opensource.org/licenses/lgpl-2.1.php

Mark-Nexus01-TestVDC2#

Mark-Nexus01-TestVDC2# conf t

Mark-Nexus01-TestVDC2(config)# int mgmt 0

Mark-Nexus01-TestVDC2(config-if)# ip addr 10.1.1.1 255.255.255.0

Mark-Nexus01-TestVDC2(config-if)# exit

Mark-Nexus01-TestVDC2(config)# exit

Mark-Nexus01-TestVDC2#

So, all pretty simple.

At this point you might be saying to yourself, ‘Nice feature, but what can I actually use it for?'.

Here are four initial usage scenarios:

1. Migration: if you are migrating to a new infrastructure, VDCs can be a very useful way of isolating different parts of your network during that migration.

2. Topology and device consolidation: VDCs allow you to virtualize different layers of a multilayer switched network. So, you could, for example, have a Nexus that performs both distribution and core layer functions, and has physical wiring between the interfaces allocated to the distribution VDC (virtual distribution layer switch) and core VDC (virtual core layer switch) that are on the same physical switch.

3. Hosting: if you are operating a secure hosting environment, VDCs can allow you to virtualize your network infrastructure and offer required isolation on shared physical Nexus switches.

4. Independent operation and security zoning: VDCs can allow different parts or units of a business that require independent operation and security zoning to share the same physical Nexus switches.

As I mentioned above, these are just four initial VDC usage scenarios. As Nexus deployments become more widespread, users will inevitably come up with their own ways of using VDCs.

So, in summary, VDCs are a very useful feature of the Nexus switches.

Mark

From CSO: 7 security mistakes people make with their mobile device
Join the discussion
Be the first to comment on this article. Our Commenting Policies