WIXLIB

Data Center VirtualizationFundamentalsGustavo Alessandro Andrade Santana, CCIE No. 8806Cisco Press800 East 96th StreetIndianapolis, IN 46240

ContentsForewordxxiiiIntroductionPart IChapterxxvWhat Is Virtualization?1VirtualizationHistoryand DefinitionsData Center Essential DefinitionsData Center EvolutionOperational123Areas and Data Center ArchitectureThe Origins of Data Center VirtualizationVirtualMemoryMainframe VirtualizationHotStandby10Router ProtocolDefining Virtualization1112Data Center Virtualization TimelineClassifyingVirtualizationA rt II1218Classification ExamplesFurther88Reading22Virtualization in Network Technologies2Data Center Network Evolution25Ethernet Protocol: Then and NowEthernet MediaCoaxial CableTwisted-PairOptical Fiber2627272830Direct-Attach Twinaxial CablesEthernet Data Rate TimelineData Center Network TopologiesData Center Network LayersDesign32333435Factors for Data Center NetworksPhysicalNetworkLayoutConsiderationsThe ANSI/TIA-942 Standard403639

xData Center Visualization FundamentalsNetwork Virtualization BenefitsNetworkLogical PartitioningNetworkSimplification4242and Traffic LoadBalancing43Management Consolidation and Cabling OptimizationNetwork Extension44SummaryFurtherChapter344ReadingThe HumbleBeginningsNetwork Partitioningfrom theConceptsBridgingVLANs4952Two CommonWorldMisconceptions47About VLANsTree Protocol and VLANsSpanning TreePort StatesProtocol at Work6370Tree InstancesPrivate VLANsVLANISpxeciifk S3 4BteHHiwidl LAMx MHSliuiramg;GosnmrasU mdM 5 faujggmmaniir Hame85GoiJKirftts jromni Ae BtowninagWorldOwrlkppiiimg Addresses, iin aData CenterDefiiniiinig auidl\"RFs andQmAgmm ,VRFsRotjjiinig RrwaxQakVRF-AwarenessS»SHOTVRF Resource Allocation Control105Reading87nUse Case: Data Center NetworkFurther§79(9)VRFs and the .\lanageiro« PfaraeSummary72747 Mariiw VLANStesMMttie5861Spanning Tree Protocol EnhancementsSpanning5656Misconception Number 2: Layer 3 VLANsSpanning45Number 1: A VLAN Must Be Associated toMisconceptionSubnetof Network Virtualization47VLAN TrunksDefining4444107101Segmentation103anIP

xiChapter4AnArmy of One:ACE Virtual ContextsApplication Networking ServicesThe Use of Load Balancers4Switching111111Load-Balancing ConceptsLayer109115VersusLayerConnection Management1227SwitchingAddress Translation and Load BalancingServer NATDual NAT124126Transparent Mode126Load-Balancing ApplicationsFirewall Load ancingServers128130130OffloadOffloadHTTP124125Port RedirectionOther120133134CompressionLoad Balancer Proliferation in the Data CenterLoad Balancer PerformanceSecurityPolicies137EnvironmentACE Virtual ContextsApplication135136Suboptimal TrafficApplicationControlIndependencyCreating andIntegratingRoutedEngine PhysicalACE ModuleAllocating144Resources to Virtual Contextsthe Data Center Network156160Configuring ACEVirtual ContextsAllowing Management Traffic toLoadto145158One-Armed DesignAllowing141156Bridged DesignandConnections141ACE Virtual ContextsDesignManaging138139Connecting an ACE ApplianceConnecting an135a162Virtual ContextBalancing Traffic ThroughControlling Management Access to Virtuala162Virtual ContextContexts171163

xiiData Center Virtualization FundamentalsACE Virtual Context Additional CharacteristicsSharingFurtherChapter 5177Data CenterUse Case: MultitenantSummary177VLANs Among ContextsVirtual Context Fault Tolerance179181182ReadingInstant Switches: Virtual Device ContextsExtendingWhyDevice VirtualizationUse VDCs?VDCs in DetailandCreating187188Configuring VDCs190PromptsVirtualization Nesting199ResourcestoVDCsUsing Resource TemplatesManaging VDCsVDC198202211214Operations214Processes Failures and VDCsVDC Out-of-Band216217ManagementRole-Based Access Control and VDCsGlobal ResourcesFurtherChapter6225229Fooling SpanningLinkSecurity Zones227ReadingSpanningTree231Tree Protocol and Link UtilizationAggregationCross-Switch PortChannelsVirtual PortChannels1:Virtual241242PortChannelsDefining theDomainStep 2: EstablishingPeerStepPeer Link3:238240Virtual PortChannel DefinitionsConfiguring232234Server Connectivity and NICTeamingStep222225Use Case: Data CenterSummary183184VDC Names and CLIAllocating176Creating the247248Keepalive Connectivity250248

Step4:Creating theVirtual PortChannel252Spanning Tree Protocol and Virtual PortChannelsPeer Link Failure andFirst-Hop RoutingOrphanvPC FabricPath Data Plane265Spanning269Tree ProtocolVirtual PortChannel PlusChapter7286ReadingVirtualized Chassis with Fabric ExtendersUnderstanding FabricFabric ExtenderConnectingExtendersOptions291295Fabric Extenderato aParent SwitchFabric Extended Interfaces andSpanningFabric Interfaces Redundancy301Topologies305309Use Case: Mixed Access Data CenterSummaryFurther318A Tale of Two Data CentersA BriefHistory of DistributedThe Cold315317ReadingAge (Mid-1970sto319Data CentersMid-2000s)The Active-Active Age(Mid-2000sThe Case forLayerChallengesof2 ExtensionsLayer 2Ethernet ExtensionsoverVirtual sionsOptical3213211980s)The Hot Age (1990s to296Tree Protocol305Straight-Through TopologiesDual-Homed287288Fabric Extender Topologies8281285Server Access ModelsChapter272276Use Case: Evolution of Network PODsFurther259266FabricPath Control PlaneSummary254258Protocols and Virtual PortChannelsLayer 2 Multipathing andFabricPath andPorts325Connections327299

xivData Center Virilization FundamentalsEthernet ExtensionsMPLS BasicEthernetoverMPLSConceptsoverMPLS338Virtual Private LAN ServiceEthernet ExtensionsMPLSoverGREoverIPTerminologyOTVAvoidance andtoOTVMultihoming365373VLAN Identifiers andRouting359366OTV Site ualizationOTV BasicLoop342352Overlay TransportOTV332333Layer 2Extensions377in Connected Data Centers380Use Case: Active-Active Greenfield Data Centers384SummaryFurtherPart IIIChapterReading386Virtualization in Storage Technologies9Storage EvolutionData Center387Storage DevicesHard Disk DrivesDisk ArraysTape DrivesAccessing388389and LibrariesData in Rest391Block-Based Access392Small387390Computer Systems InterfaceMainframe Storage AccessAdvanced396Technology AttachmentFile Access397Network FileSystem398Common Internet File SystemRecord Access399Visualizing Storage DevicesVisualizing398398Storage VirtualizationLUNs404392402397382

XVVirtualizingFile SystemsVirtualizingSANsChapter 10407408SummaryFurther406Reading408Islands in the SAN409Some Fibre Channel DefinitionsFibre ChannelLayersFibre ChannelTopologies andFibre Channel411Flow ControlandFabric ProcessesExchanges422424NotificationChangeFibre Channel LoginsSAN Islands427VSANs432434VSANTrunkingand VSANsFSPF and VSANs439442445ScopingUse Case: SAN ConsolidationFurther11447450451ReadingSecret IdentitiesFibre ChannelFCIP430430VSAN CreationSummary426429Defining and ExploringVSAN415420Fabric Shortest Path FirstZoningover453IP454High Availability460Use Case: SAN Extension with TrafficInter-VSAN RoutingIVR InfrastructureIVR412420Fabric InitializationZoningTypes417Classes of ServiceRegister StatePort413AddressingFrames, Sequences,Chapter410Zoning464465467Use Case: Transit VSAN472Engineering462

473NPort VirtualizationConfiguring N Port Virtualization482NPV Traffic ManagementDeployingPort WTOUse Case: Blade ServerSummaryFurtherChapter 12VirtualizationonNPVData CenterHosting486488490491Reading493One Cable to Unite Us AllThe Case for Data CenterData CenterNetworking Convergence498Flow ControlEnhanced Transmission SelectionData CenterIntroducing Fibre Channel501503Congestion NotificationoverEthernet504505FCoE Initialization507Protocol509Unified Server AccessConfiguring500eXchange ProtocolBridgingFCoE ElementsUnified Server AccessConfiguring UnifiedConfiguring MultihopServer AccessonSingle-Context Switcheswith Storage VDCs523FCoEConfiguring Virtual Fibre Channel PortChannelsUnified Fabric Designs535Layer Unified DesignsFCoE and Virtual PortChannelsFCoE and Blade Sewers540the Access Layer542BeyondConverged Access ModelConverged AggregationFCoE and SAN ExtensionUse Case: LAN and SANSummaryFurther556Reading557528532FCoE N Port VirtualizationServer 38542Model543545Management Separation546519510

xviiPart IVVirtualization in Server TechnologiesChapter 13Server Evolution559Server ArchitecturesMainframes560560RISC Servers561x86 Servers562x86 Hardware EvolutionCPU Evolution562564Memory EvolutionExpansion566Bus Evolution569Format EvolutionPhysicalx86 Server VirtualizationIntroducingVirtualization aryFurther571580ReadingChangingPersonalitiesServer ProvisioningServer Domain581ChallengesOperationsInfrastructure Domain583584Operations585Unified Computing and Service ProfilesBuildingService ProfilesIdentifyingStoragea588Service ProfileDefinitions599Virtual Interface signment594595Network DefinitionsServer Boot Order586608608Management ConfigurationIP AddressAdditional Policies611610609

xviiiData Center Virtualization FundamentalsAssociatingInstallingan625Verifying Stateless ComputingBIOS620Operating SystemUsing Policies626627Setting PoliciesFirmware Policies633637Industrializing Server Provisioning638CloningPools639Service ProfileTemplatesServer Pools649640653Use Case: Seasonal Workloads655Summary656Further ReadingChapter15Transcending the RackIntroductiontoVirtualVirtual Switch657658Networking660ChallengesCisco Nexus 1000V Architecture661Nexus 1000V Communication ModesPort Profiles andDeployingExternalDynamicNexus 1000V663Interface ProvisioningConnectivity andMAC Address TableAccess ListsLink688691and Nexus 1000V693Virtual Extensible Local Area NetworksDeploying697Virtual Machine Fabric ExtenderVM-FEX705707Enabling cing664666NX-OS Features in the Virtual WorldOnline612a ServerService Profile toaVMwarevNICson avSphereUCS Service ProfileHost to707Deploy VM-FEXUsing the UCS Manager VMware Integration WizardMigrating VirtualOnlineMigrationsMachinestoVM-FEXand VM-FEX720VM-FEX High-Performance Mode723716709711

xixUse Case: Data CenterSummary16731733Further ReadingChapterMerging734Moving Targets735Virtual Network Services DefinitionsVirtual Network Services Data Path736738vPath-Enabled Virtual Network ServicesCisco VirtualInstallingSecurity Gateway: ComputeVirtualSecurity GatewayCreating SecuritySendingData740PoliciesTraffic toVirtual Firewall743745VSG747Virtual Machine Attributes and Virtual ZonesCisco ASA 1000V:InstallingSendingEdge VirtualASA 1000VDataTrafficApplicationASA 1000VinAccelerationMigrationBalancingUse Case: Virtual Data CenterFurtherPart VChapter775775Injection777Location/ID Separation ProtocolSummary769771Site Selection and Server VirtualizationGlobal Server Load761763the Virtual WorldRoute Health758Policies on ASA 1000VWAN Acceleration and OnlineRouting754755toConfiguring SecurityFirewall751779781783Reading784End-to-End Virtualization17The Virtual Data Center and CloudThe Virtual Data Center786Automation and StandardizationWhat Is Cloud Computing?Cloud ImplementationJourneytothe CloudNetworking793Example799in the Clouds789800797Computing785742

xxFundamentalsData Center VirtualizationSoftware-Defined NetworksOpenStack800801802Network Overlays804Cisco Open Network EnvironmentBefore We Go.Summary806Further ReadingPart VI:805807AppendixesAppendixACisco Data Center Portfolio809CiscoApplication Control Engine809CiscoAdaptive Security Appliances5585-XCisco ASA 1000V Cloud FirewallCiscoCatalystCisco8126500 Series SwitchesCisco Cloud PortalIntelligent811813816Automation SolutionsAutomation Software817817ComponentsCiscoIntelligent Automation for Cloud SolutionCiscoIntelligentAutomation for SAPCisco MDS 9000 SeriesCisco Prime NetworkMultilayer820SwitchesAnalysis ModuleCisco Nexus Data Center Switches823824Nexus 1010 and 1100 Virtual ServicesAppliancesCisco Nexus 2000 Series Fabric ExtendersCisco Nexus 3000 Series Switches827Cisco Nexus 4000 Series Switches828Cisco Nexus 5000 and 5500 Series SwitchesCisco Nexus 6000 Series Switches831Cisco Nexus 7000 Series Switches832Computing System820823Cisco Nexus 1000V Series SwitchesCisco Unified829835Cisco UCS 5100 Series Blade Server Chassis837838836836Cisco U CS 2100 and 2200 Series Fabric ExtendersCisco UCS C-Series Rack Servers824825Cisco 6100 and 6200 Series Fabric InterconnectsCisco UCS B-Series Blade Servers819837