As server virtualization advances in data centers, fulfilling promises such as dynamic workloads and cloud computing, the importance of virtual networking increases in these environments. Responsible for handling virtual machine (VM) traffic, this young branch of networking materializes the new perimeter of a data center network; therefore, it defines one of the more critical components of this structure.
In recent years, an even brighter spotlight has shone on virtual networking, simply because it can also be seen as another flavor of software-defined networking (SDN). Consequently, in addition to providing a centralized management point for thousands of virtual access ports, virtual switches can grant a programmable interface to multiple applications.
Cisco offered its first virtual networking solution in 2009 with Nexus 1000V, a Layer 2 distributed virtual switch that deploys the same features from physical Nexus platforms, consequently bridging the gap between physical and virtual network administration. Its success has demonstrated how visibility and control spanning two different management domains (server virtualization and networking) can help to solve problems that usually arise when these clusters scale.
As I have detailed in my book Data Center Virtualization Fundamentals: Understanding Techniques and Designs for Highly Efficient Data Centers with Cisco Nexus, UCS, MDS, and Beyond, Cisco's virtual networking portfolio has evolved in subsequent years with features such as the following:
- Virtual Extensible LAN (VXLAN). Bridging domains that overcome VLAN limitations such as number of segments, data center Layer 2 extensions, and MAC address table sizes.
- Virtual Services Data Path (vPath). Technology that transparently inserts virtual network services (such as firewalls, accelerators, and so on) in VM traffic.
- Virtual Security Gateway (VSG). A firewall that deploys security policies between VMs from the same tenant.
- ASA 1000V. A firewall that can provide edge protection for a tenant's VMs.
- CSR 1000V. A fully functional IOS-XE router within a VM that can bring advanced routing services such as MPLS VPN and LISP to server virtualization clusters.
In addition to these features, Cisco has recently unveiled improvements and new solutions that further widen its virtual networking portfolio. This article explores these enhancements.
Nexus 1000V for Microsoft Hyper-V
First deployed with VMware vSphere, Nexus 1000V recently extended its capabilities to Microsoft Hyper-V. After one of the most popular beta programs in Cisco's history, Nexus 1000V can now deploy uniform network policies across heterogeneous hypervisor environments.
In such versions, Nexus 1000V relies on the deployment of Microsoft's System Center Virtual Machine Manager (SCVMM). Syncing its policies with this VM manager software, Nexus 1000V appears as an extensible virtual switch within a Microsoft Windows 2012 virtualization cluster.
Figure 1 depicts the main components from Nexus 1000V for Microsoft Hyper-V.
Figure 1 Nexus 1000V for Microsoft Hyper-V architecture.
Following the structure of its vSphere counterpart, Nexus 1000V for Microsoft Hyper-V consists of two main components: Virtual Supervisor Modules (VSMs), which deploy the virtual switch control plane; and multiple Virtual Ethernet Modules (VEMs), which deploy the control plane in each Windows 2012 physical server with Hyper-V service enabled. Together these modules form a single instance of Nexus 1000V.
The VSM can be deployed as a VM within a cluster, or a "virtual blade" on a Nexus 1110 Cloud Services Platform, whereas a VEM can easily be installed in each physical server by using a Microsoft Installer (MSI) file. Deploying an "installer app" for its installation, Nexus 1000V for Microsoft Hyper-V parallels the ease of installation from the VMware vSphere version.
The following table illustrates the main differences between Nexus 1000V for vSphere and Hyper-V at the time of this writing. Because more features and services will surely be added during product development, always check Cisco online documentation for updated information.
Nexus 1000V Version Comparison
Characteristic |
VMware vSphere |
Microsoft Hyper-V |
VEMs per Nexus 1000V |
128 |
64 |
Network requirements for VSM-VEM traffic |
Layer 2 or Layer 3 |
Layer 3 only |
vPath |
Yes |
Yes |
Available vPath Virtual Network Services |
VSG, ASA 1000V, Cisco Virtual Wide Area Application Services (vWAAS), Citrix NetScaler 1000V, Imperva SecureSphere Web Application Firewall (WAF) |
VSG |
VXLAN |
Yes |
No |