Deploying Nexus 7000 in Data Center Networks BRKDCT-2951 Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Cisco Public Prerequisites : Session Abstract ƒ This session is targeted to network administrators and operators who have deployed or are considering the deployment of the Nexus 7000 The session starts with a brief introduction to the Nexus 7000 hardware components and NX-OS software followed by a brief design discussion how the Nexus 7000 can be inserted into existing as well as green field data centers environments The focus of the presentation is moving to best practices of areas like environmental, Layer & protocols, high availability and system management aspects Lastly the session will step through a migration example that will outline a step by step how-to While CLI differences between IOS switching platforms and NX-OS on the Nexus 7000 are covered, troubleshooting is not part of this presentation’s scope ƒ Attendee should have a basic knowledge of the Nexus 7K hardware and software platform as well as solid knowledge of L2 and L3 protocols BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public Associated Sessions/Labs ƒ Cisco Nexus 7000 Switch Architecture - BRKRST-3470 ƒ Cisco NX-OS Software Architecture - BRKRST-3471 ƒ Evolution of Hierarchical Network Design for the Data Center - BRKDCT-2961 ƒ Nexus 7000/NX-OS Hands On Lab - LRTDCT-2847 ƒ NX-OS Virtual Port Channel Lab - LABDCT-2870 BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public Agenda ƒ Hardware and Software Overview ƒ Common Data Center Designs ƒ Implementation Best Practices ƒ Case Study – Data Center Migration BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public Hardware Overview 7010 Chassis ƒ I/O slots, supervisor slots ƒ Supervisor in slot and ƒ Front to Back air flow utilizing system fan trays and fabric fan trays ƒ 21 RU (2 per 45 RU rack) ƒ Up to three power supplies ƒ SUP and I/O modules insert vertically BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public Front view Rear view Hardware Overview 7018 Chassis ƒ 16 I/O slots, supervisor slots ƒ Supervisor in slot and 10 ƒ Left to Right air flow utilizing system fan trays ƒ 25 RU ƒ Up to four power supplies ƒ SUP and I/O modules insert horizontally Front view BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public Rear view Hardware Overview Supervisor Module ƒ Performs control plane and management functions ƒ High-performance dual-core 1.6GHz Intel Xeon processor with 4GB DRAM ƒ Connectivity Management Processor (CMP) for lightsout management via dedicated 10/100/1000 Ethernet ƒ 2MB NVRAM, 2GB internal bootdisk, external compact flash slots ƒ Out-of-band 10/100/1000 management interface ƒ Console & Auxiliary serial ports ƒ USB ports for file transfer N7K-SUP1= BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public Hardware Overview I/O Modules ƒ 32 port 10GE (80G) SFP+ N7K-M132XP-12 ƒ 48 port 10/100/1000 Ethernet (40G) RJ45 N7K-M148GT-11 ƒ 48 ports 1GE (40G) SFP+ N7K-M148GS-11 BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public Hardware Overview Fabric Modules ƒ Fabric module is unique to chassis type, 10-slot and 18-slot fabric are not interchangeable 10-slot fabric insert horizontally, 18-slot fabric insert vertically ƒ Provide 46Gbps per I/O module slot Two 23G channels per I/O slot One 23G channel per supervisor slot ƒ Up to 230Gbps per slot with fabric modules ƒ fabric modules provides N+1 redundancy with current I/O modules N7K-C7018-FAB-1= N7K-C7010-FAB-1= BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public Hardware Overview Power Supplies ƒ Common power supplies for both 7010 and the 7018 ƒ Dual Inputs per power supply (220v and 110v) ƒ 20A circuit for 6000W PS and 30A circuit for 7500W PS ƒ Hot swappable for availability and migration ƒ Use power calculator in planning power requirement URL link for Cisco Power Calculator http://tools.cisco.com/cpc/ N7K-AC-7.5KW-INT N7K-AC-6.0KW BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public N7K-AC-7.5KW-US 10 Role Based Access Control (RBAC) ƒ New (Nexus 7K) – Create local user accounts for AAA fail back authentication – Configure username ”admin” with network-admin role – Configure username ”netop” with network-operator role Nexus7K(config)# Nexus7K(config)# username username admin admin password password role role network-admin network-admin username netop password role network-operator username netop password role network-operator BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public 89 QoS ƒ Current (Catalyst 6K) ƒ New (Nexus 7K) Enable MLS QoS QoS is enabled by default Trust received DSCP Default queueing policies is to “trust” 6500(config)# 6500(config)# mls mls qos qos Nexus Nexus 7K(config)# 7K(config)# 6500(config-if)# 6500(config-if)# mls mls qos qos trust trust dscp dscp BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public 90 QoS (Cont.) ƒ Current (Catalyst 6K) ƒ New (Nexus 7K) CoS to queue mapping for interface (interface group) CoS to queue mapping for all interfaces with same hardware ASIC 1P2Q2T Queuing 6500(config-if)# 6500(config-if)# wrr-queue wrr-queue cos-map cos-map 11 11 11 wrr-queue wrr-queue cos-map cos-map 11 22 00 wrr-queue cos-map wrr-queue cos-map 22 11 22 44 wrr-queue wrr-queue cos-map cos-map 22 22 33 66 77 priority-queue priority-queue cos-map cos-map 11 55 Nexus Nexus 7K(config)# 7K(config)# class-map class-map type type queuing queuing match-any match-any 1p3q4t-out-pq1 1p3q4t-out-pq1 match cos match cos class-map class-map type type queuing queuing match-any match-any 1p3q4t-out-q2 1p3q4t-out-q2 match cos 3,6-7 match cos 3,6-7 class-map class-map type type queuing queuing match-any match-any 1p3q4t-out-q3 1p3q4t-out-q3 match cos 2,4 match cos 2,4 class-map class-map type type queuing queuing match-any match-any 1p3q4t-out-q-default 1p3q4t-out-q-default match cos 0-1 match cos 0-1 BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public 48 port GE (1P3Q4T) 91 QoS (Cont.) ƒ Current (Catalyst 6K) ƒ New (Nexus 7K) BW 30 (Q1) 70 (Q2) Queue Limit 40 (Q1) 30 (Q2) WRED drop threshold 6500(config-if)# 6500(config-if)# wrr-queue wrr-queue bandwidth bandwidth 30 30 70 70 wrr-queue wrr-queue queue-limit queue-limit 40 40 30 30 wrr-queue random-detect min-threshold wrr-queue random-detect min-threshold 11 40 40 80 80 wrr-queue wrr-queue random-detect random-detect min-threshold min-threshold 22 70 70 80 80 wrr-queue random-detect max-threshold 80 100 wrr-queue random-detect max-threshold 80 100 wrr-queue wrr-queue random-detect random-detect max-threshold max-threshold 22 80 80 100 100 BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public BW, queue-limit and drop threshold are performed using the policy-map Nexus Nexus 7K(config)# 7K(config)# policy-map policy-map type type queuing queuing GE-outbound GE-outbound class type queuing 1p3q4t-out-pq1 class type queuing 1p3q4t-out-pq1 priority priority level level 11 queue-limit queue-limit percent percent 15 15 class class type type queuing queuing 1p3q4t-out-q2 1p3q4t-out-q2 queue-limit queue-limit percent percent 25 25 queue-limit cos percent queue-limit cos percent 100 100 queue-limit cos percent 100 queue-limit cos percent 100 queue-limit queue-limit cos cos 33 percent percent 70 70 class class type type queuing queuing 1p3q4t-out-q3 1p3q4t-out-q3 queue-limit queue-limit percent percent 25 25 queue-limit cos percent queue-limit cos percent 100 100 queue-limit queue-limit cos cos 22 percent percent 50 50 bandwidth remaining percent bandwidth remaining percent 33 33 class type queuing 1p3q4t-out-q-default class type queuing 1p3q4t-out-q-default queue-limit queue-limit percent percent 35 35 queue-limit queue-limit cos cos 11 percent percent 50 50 queue-limit cos percent 100 queue-limit cos percent 100 bandwidth bandwidth remaining remaining percent percent 45 45 92 QoS (Cont.) ƒ Nexus 7K Apply the service policy to all interface with the same hardware ASIC Nexus Nexus 7K(config-if)# 7K(config-if)# service-policy service-policy type type queuing queuing output output GE-outbound GE-outbound It is important to note that in IOS, the QoS configuration has to be configured on all the individual interfaces The NX-OS leverages Modular QoS CLI (MQC), and only the servicepolicy command is applied to the interface BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public 93 Conclusion DC Networking Design Best Practices Recent Publications ƒ Server Farm Security ƒ Fibre Channel over IP ƒ Blade Server Integration ƒ Large Scale Clusters ƒ Virtual Machine Integration Ease Deployment, Reduce Risk, Improve Resilience www.cisco.com/go/datacenter BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public 94 Q&A BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public 95 Interested in Data Center? ƒ Discover the Data Center of the Future Cisco booth: #617 See a simulated data center and discover the benefits including investing to save, energy efficiency and innovation ƒ Data Center Booth Come by and see what’s happening in the world of Data Center – demos; social media activities; bloggers; author signings Demos include: Unified Computing Systems Cisco on Cisco Data Center Interactive Tour Unified Service Delivery for Service Providers Advanced Services BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public 96 Interested in Data Center? ƒ Data Center Super Session Data Center Virtualization Architectures, Road to Cloud Computing (UCS) Wednesday, July 1, 2:30 – 3:30 pm, Hall D Speakers: John McCool and Ed Bugnion ƒ Panel: 10 Gig LOM Wednesday 08:00 AM Moscone S303 ƒ Panel: Next Generation Data Center Wednesday 04:00 PM Moscone S303 ƒ Panel: Mobility in the DC Data Thursday 08:00 AM Moscone S303 BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public 97 Please Visit the Cisco Booth in the World of Solutions See the technology in action ƒ Data Center and Virtualization DC1 – Cisco Unified Computing System DC2 – Data Center Switching: Cisco Nexus and Catalyst DC3 – Unified Fabric Solutions DC4 – Data Center Switching: Cisco Nexus and Catalyst DC5 – Data Center 3.0: Accelerate Your Business, Optimize Your Future DC6 – Storage Area Networking: MDS DC7 – Application Networking Systems: WAAS and ACE BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public 98 Complete Your Online Session Evaluation ƒ Give us your feedback and you could win fabulous prizes Winners announced daily ƒ Receive 20 Passport points for each session evaluation you complete ƒ Complete your session evaluation online now (open a browser through our wireless network to access our portal) or visit one of the Internet stations throughout the Convention Center BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public Don’t forget to activate your Cisco Live Virtual account for access to all session material, communities, and on-demand and live activities throughout the year Activate your account at the Cisco booth in the World of Solutions or visit www.ciscolive.com 99 Backup Slides BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public 100 Bridge Assurance ƒ Ensures spanning tree fails “closed” rather than “open” ƒ Enabled globally by default ƒ All ports configured with “network” port type send BPDUs ƒ If network port stops receiving BPDUs, port is placed in BA Inconsistent state (blocked) Malfunctioning switch BPDUs Root Blocked BPDUs BPDUs Without Bridge Assurance Stopped receiving BPDUs! Root Malfunctioning switch BPDUs BA Inconsistent Blocked BPDUs BPDUs BA Inconsistent With Bridge Assurance Stopped receiving BPDUS! Cat6500 supports BA from 12.2(33)SXI onwards BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public 101 Dispute Mechanism ƒ IEEE 802.1D-2004 RSTP standard to detect unidirectional link failures that cause loops ƒ Checks the consistency of the port role/state in the received BPDUs Root Superior BPDUs N7010-1 N7010-2 Inferior BPDUs received!! ƒ After detecting a conflict, keeps its role, reverts to discarding (blocking) state %STP-2-DISPUTE_DETECTED: Dispute detected on port Ethernet1/2 on VLAN0700 N7010-1# sh spanning vlan 700 | in BLK Eth1/2 Desg BLK 2000 128.130 Network P2p Cat6500 supports Dispute Mechanism from 12.2(33)SXI onwards BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public 102 BRKDCT-2951_c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public 103 ... Channel L2 link L3 L2 L2 BRKDCT- 2951_ c1 © 2009 Cisco Systems, Inc All rights reserved Cisco Public 18 DC Topology Inserting Nexus 7K in the Core With VPC ƒ Eliminate L2 loops and increase STP... © 2009 Cisco Systems, Inc All rights reserved Cisco Public 16 Nexus 7000 Series Insertion Points/Needs 10G Core Performance Nexus 7000 10G Aggregation Density Access 1G/10G to the Host Data Center. .. calculator in planning power requirement URL link for Cisco Power Calculator http://tools .cisco. com/cpc/ N7K-AC-7.5KW-INT N7K-AC-6.0KW BRKDCT- 2951_ c1 © 2009 Cisco Systems, Inc All rights reserved Cisco