The misunderstanding of Cisco’s enhanced network products for VMware environments has hit critical mass.\u00a0 At this point very few people know what does what, how, and when to use it.\u00a0 Hopefully this will demystify some of it.<\/p>\n
VN-Link:<\/strong><\/p>\n Product name for a family of products, does not specifically refer to any one product so forget the idea of hardware vs. software implementation, etc.\u00a0 Think of the Nexus family of switches: 1000v, 2000, 4000, 5000, 7000.\u00a0 All different products solving different design goals but are components of the Data Center 3.0 portfolio.\u00a0 The separate products that fall under VN-Link are described below:<\/p>\n Nexus 1000v:<\/strong><\/p>\n The Nexus 1000v is a Cisco software switch for VMware environments.\u00a0 It is comprised of two components: a Virtual Supervisor Module (VSM) which acts as the control plane, and a Virtual Ethernet Module (VEM) which acts as a data plane.\u00a0 2 VSM modules operate in an active\/standby fashion for HA and each VMware host gets a VEM.\u00a0 This switch is managed by a Cisco NXOS CLI and looks\/smells\/feels like a physical switch from a management perspective…that’s the whole point:<\/p>\n ‘Network teams, here’s your network back, thanks for letting us borrow it.’\u00a0 – The Server Team<\/p>\n The Nexus 1000v does not rely on any mystical magic such as VN-Tag (discussed shortly) to write frames.\u00a0 Standard Ethernet rules apply and MAC based forwarding stays the same.\u00a0 The software switch itself is proprietary (just like any hardware\/software you buy from anyone) but the protocol used is standards based Ethernet.<\/p>\n Hypervisor Bypass\/Direct path I\/O:<\/strong><\/p>\n Hypervisor bypass is the ability for a VM to access PCIe adapter hardware directly in order to reduce the overhead on a physical VMware’s hosts CPU.\u00a0 This functionality can be done with most any PCIe device using VMware’s Direct-Path I\/O.\u00a0 The advantage here is less host CPU\/memory overhead for I\/O virtualization.\u00a0 The disadvantage is currently no support for vMotion and limits as to the number of Direct-Path I\/O devices per host.\u00a0 This doesn’t require Cisco hardware or software to do, but Cisco does have a device that makes this more appealing in blade servers with limited PCIe devices (the VIC discussed later.)<\/p>\n Pass Through Switching (PTS):<\/strong><\/p>\n PTS is a capability of the Cisco UCS blade system.\u00a0 It relies on management intelligence in the UCS Manager and switching intelligence on each host to pull management of the virtual network into the UCS manager.\u00a0 This allows a single point of management for the entire access layer including the virtual switching environment, hooray less management overhead more doing something that matters!<\/p>\n PTS directly maps a Virtual Machines virtual NIC to an individual physical NIC port across a virtualized pass-through switch.\u00a0 No internal switching is done in the VMware environment, instead switching and policy enforcement are handled by the upstream Fabric Interconnect.\u00a0 What makes this usable is the flexibility on number of interfaces provided by the VIC, discussed next.<\/p>\n Virtual Interface Card (VIC) the card formerly known as Palo:<\/strong><\/p>\n The virtual interface card is an DCB and FCoE capable I\/O card that is able to virtualize the PCIe bus to create multiple interfaces and present them to the operating system.\u00a0 Theoretically the card can create a mix of 128 virtual Ethernet and Fibre Channel interfaces, but the real usable number is 58.\u00a0 Don’t get upset about the numbers your operating system can’t even support 58 PCIe devices today ;-).\u00a0 Each virtual interface is known as a VIF and is presented to the operating system (any OS) as an individual PCIe device.\u00a0 The operating system can then do anything it chooses and is capable of with the interfaces.\u00a0 In the example of VMware the VMware OS (yes there is an actual OS installed there on the bare metal underneath the VMs) can then assign those virtual interfaces (VIF) to vSwitches, VM kernel ports, or Service Console ports, as it could with any other physical NIC.\u00a0 It can also assign them to the 1000v, to be used for Direct-Path I\/O, or to use with Pass-Through Switching.\u00a0 Even more important is the flexibility to use separate VIFs for each of these purposes on the same host (read: none of these is mutually exclusive.)\u00a0\u00a0 The VIC relies on VN-Tag for identification of individual VIFs, this is the only technology discussed in this post that uses VN-tag (although there are others.)<\/p>\n VN-Tag:<\/strong><\/p>\n VN-Tag is a frame tagging method that Cisco has proposed to the IEEE and is used in several Cisco hardware products.\u00a0 VN-Tag serves two major purposes:<\/p>\n 1) It provides individual identification for virtual interfaces (VIF.)<\/p>\n 2) It allows a VN-Tag capable Ethernet switch to switch and forward frames for several VIFs sharing a set of uplinks.\u00a0 For example if VIF 1 and 2 are both using port 1 as an uplink to a VN-Tag capable switch device the VN-Tag allows the switch to forward the frame back down the same link because the destination VIF is different than the source VIF.<\/p>\n VN-Tag has been successfully used in production environments for over a year.\u00a0 If you’re using a Nexus 2000, you’re already using VN-Tag.\u00a0 VN-Tag is used by the: Nexus 2000 Series Switches, the UCS I\/O Module (IOM), and the Cisco Virtual Interface Card (VIC.)\u00a0 The switching for these devices is handled by one of the two VN-Tag capable switches: Nexus 5000 or UCS 6100 Fabric interconnect.\u00a0 Currently all implementations of VN-Tag use hardware to write the tags.<\/p>\n – Joe Onisick (http:\/\/www.definethecloud.net<\/a>)<\/p>\n","protected":false},"excerpt":{"rendered":" The misunderstanding of Cisco’s enhanced network products for VMware environments has hit critical mass.\u00a0 At this point very few people know what does what, how, and when to use it.\u00a0 Hopefully this will demystify some of it. VN-Link: Product name for a family of products, does not specifically refer to any one product so forget … Continue reading Defining VN-Link<\/span><\/a><\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[5,8],"tags":[39,57,58],"class_list":["post-116","post","type-post","status-publish","format-standard","hentry","category-miscellaneous","category-ucs-management","tag-nexus","tag-vn-link","tag-vn-tag"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.unifiedcomputingblog.com\/index.php?rest_route=\/wp\/v2\/posts\/116","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.unifiedcomputingblog.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.unifiedcomputingblog.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.unifiedcomputingblog.com\/index.php?rest_route=\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.unifiedcomputingblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=116"}],"version-history":[{"count":0,"href":"https:\/\/www.unifiedcomputingblog.com\/index.php?rest_route=\/wp\/v2\/posts\/116\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.unifiedcomputingblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=116"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.unifiedcomputingblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=116"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.unifiedcomputingblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=116"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}