Beruflich Dokumente
Kultur Dokumente
Michael Ciesla
CCIE R&S #38421
Customer Support Engineer
Thong?
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
What is this Session About?
Networking Virtualisation Concepts
Hypervisor Overview
– VMware vSphere ESXi 5.5
– Microsoft Windows Server 2012 R2 (Hyper-V 3.0)
– Citrix XenServer 6.2
Topology Overview
Nexus 1000v
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
Networking Virtualisation Concepts
Hypervisor Networking Virtualisation
VM-to-VM and VM-to physical-host, traffic handled via software switch that
lives in the hypervisor
VM-to-VM:
memory transfer
VM-to-physical:
physical adapter
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
Hypervisor Networking Virtualisation
VMware vSphere ESXi example
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
Gratuitous ARP
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
Gratuitous ARP
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
Spanning-Tree?
Disable Spanning-tree
– NX-OS: spanning-tree port type edge [ trunk ]
– IOS: spanning-tree portfast
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
Link Aggregation Demystified
Port-channel, Etherchannel, LACP, 802.3ad, 802.1ax, LAG, Teaming, Bonding
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
Switch Independent / Dependent
Independent - no specific switch protocol / configuration is required
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
Switch Independent Configuration Options (NX-OS)
Access Trunk
interface Ethernet101/1/31 interface Ethernet101/1/31
switchport mode access switchport mode trunk
switchport access vlan 511 switchport trunk allowed vlan 511
spanning-tree port type edge trunk spanning-tree port type edge trunk
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
Switch Dependent Configuration Options (NX-OS)
Static LACP
interface Ethernet101/1/31-32 interface Ethernet101/1/31-32
switchport mode trunk switchport mode trunk
switchport trunk allowed vlan 511 switchport trunk allowed vlan 511
spanning-tree port type edge trunk spanning-tree port type edge trunk
channel-group 300 channel-group 300 mode active
interface Port-Channel300
switchport mode trunk
switchport trunk allowed vlan 511
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
Hypervisor Overview
VMware vSphere ESXi
15
vSphere Standard Switch (vSS)
Portgroup != VLAN
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
vSphere Distributed Switch (vDS)
Spans multiple servers
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
VMware vSphere ESXi
Route based on originating virtual port
Route based on source MAC hash
Switch Independent
Use explicit failover order
Route based on physical NIC load (vDS)
Route based on IP hash
Switch Dependent
Route based on IP hash + LACP (vDS)
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
Uplink Options
vSphere Standard Switch vSphere Distributed Switch (vDS)
vDS (extra):
• Route based on physical NIC load
• Route based on IP hash + LACP
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
Load Balancing
Per portgroup:
Route based on originating virtual port
Route based on IP hash
Route based on source MAC hash
Route based on physical NIC load (vDS)
Use explicit failover order
Per DVUplink:
Route based on IP hash + LACP (vDS)
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
Load Balancing: VMware Standard Switch
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
Load Balancing: VMware Distributed Switch
Not configurable on the
DVUplinks
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
Active / Standby / Unused
vmnic0
Ethernet101/1/31 is up
vminc1
Ethernet101/1/31 is up
vmnic2
Ethernet101/1/32 is up
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
vSS +
Route Based on Originating Virtual Port vDS
Default configuration
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
Route Based on Originating Virtual Port
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
vSS +
Route Based on Source MAC Hash vDS
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
Route Based on Source MAC Hash
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
vSS +
Use Explicit Failover Order vDS
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
Use Explicit Failover Order
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
vDS
Route Based on Physical NIC Load (vDS)
Initial vNIC placement uses “Route
based on originating virtual port”
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
vDS
Route Based on Physical NIC Load (vDS)
Initial vNIC placement uses “Route
based on originating virtual port”
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
Route Based on Physical NIC Load (vDS)
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
VMware Switch Independent
Switch Configuration
For Your
interface Ethernet101/1/31-32 Reference
Used for:
Route based on originating virtual port
Route based on source MAC hash
Use explicit failover order
Route based on physical NIC load (vDS)
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
vSS +
Route Based on IP Hash vDS
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
Route Based on IP Hash
Misconfiguration Example
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
VMware Switch Dependent
Route Based on IP Hash – Switch Configuration
interface Ethernet101/1/31-32
switchport mode trunk SV-5K-1(config-if)# channel-group 300 mode ?
switchport trunk allowed vlan 511 active Set channeling mode to ACTIVE
spanning-tree port type edge trunk on Set channeling mode to ON
channel-group 300 passive Set channeling mode to PASSIVE
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
Route Based on IP Hash
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
vDS
Route Based on IP Hash + LACP (vDS)
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
Route Based on IP Hash + LACP (vDS)
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 39
Route Based on IP Hash + LACP (vDS)
Extra LACP_MgmtPort
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 40
VMware Switch Dependent
Route based on IP hash + LACP (vDS) – Switch Configuration
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
VMware Conclusion
vSphere Standard Switch (vSS)
– Switch independent
Route based on originating virtual port
– Switch dependent
Route based on IP hash
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 42
Hypervisor Overview
Microsoft Hyper-V 3.0
Windows 2012 R2
43
Uplink Options
Single physical NIC or Teaming
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 44
Enabling NIC Teaming
Pre-Windows 2012 -Teaming provided by vendor device drivers
Windows 2012 - Native teaming support
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
Microsoft Network Adapter Multiplexor Driver
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
Microsoft Network Adapter Multiplexor Driver
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
Standby Adapter
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
Single Physical NIC
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 49
Switch Independent – Address Hash
MAC/IP/Port hash for outbound traffic
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 50
Switch Independent – Address Hash
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 51
Switch Independent – Address Hash
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 52
Switch Independent - Hyper-V Port
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 53
Switch Independent - Hyper-V Port
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
Switch Independent - Dynamic
Outbound flows redistributed to optimise
pNIC bandwidth utilisation
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 55
Switch Independent - Dynamic
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 56
Switch Independent - Dynamic
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 57
Microsoft Switch Independent
Switch Configuration
For Your
interface Ethernet101/1/31-32 Reference
Used for:
Teaming mode: Switch Independent
Load balancing modes:
– Address Hash
– Hyper-V Port
– Dynamic
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
Switch Dependent – Address Hash
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 59
Switch Dependent - Hyper-V Port
vNICs are pinned to single team
member
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 60
Switch Dependent - Dynamic
Outbound flows redistributed to
optimise pNIC bandwidth utilisation
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 61
Switch Dependent
Load Balancing Mode: Address Hash, Hyper-V Port and Dynamic
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 62
Switch Dependent
Load Balancing Mode: Address Hash, Hyper-V Port and Dynamic
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 63
Microsoft Switch Dependent
Teaming Mode: Static Teaming – Switch Configuration
interface Ethernet101/1/31-32
switchport mode trunk SV-5K-1(config-if)# channel-group 300 mode ?
switchport trunk allowed vlan 511 active Set channeling mode to ACTIVE
spanning-tree port type edge trunk on Set channeling mode to ON
channel-group 300 passive Set channeling mode to PASSIVE
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 64
Microsoft Switch Dependent
Teaming Mode: LACP – Switch Configuration
interface Ethernet101/1/31-32
switchport mode trunk SV-5K-1(config-if)# channel-group 300 mode ?
switchport trunk allowed vlan 511 active Set channeling mode to ACTIVE
spanning-tree port type edge trunk on Set channeling mode to ON
channel-group 300 mode active passive Set channeling mode to PASSIVE
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 65
Hyper-V Conclusion
Switch independent
– Switch Independent – Dynamic
Switch dependent
– Switch Dependent - Dynamic
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 66
Hypervisor Overview
Citrix XenServer 6.2
67
Uplink Options
Single physical NIC or Bonding
LACP as of XenServer 6.1
Switch Independent
Switch Dependent
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 68
Single Physical NIC
Normal server connection
Access or trunk
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 69
Active-Active
Balance-SLB - Server Load
Balancing
MAC moves
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 70
Active-Active
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 71
Active-Passive
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 72
Active-Passive
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 73
Citrix Switch Independent
Active/Active & Active/Passive – Switch Configuration
For Your
Reference
interface Ethernet101/1/31-32
switchport mode trunk
switchport trunk allowed vlan 511
spanning-tree port type edge trunk
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 74
LACP w/ Load Balancing Based on IP & Port of SRC & DST
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 75
LACP w/ Load Balancing Based on IP & Port of SRC & DST
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 76
LACP w/ Load Balancing Based on SRC MAC Address
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 77
LACP w/ Load Balancing Based on SRC MAC Address
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 78
Citrix Switch Dependent
LACP Bonds – Switch Configuration
interface Ethernet101/1/31-32
switchport mode trunk SV-5K-1(config-if)# channel-group 300 mode ?
switchport trunk allowed vlan 511 active Set channeling mode to ACTIVE
spanning-tree port type edge trunk on Set channeling mode to ON
channel-group 300 mode active passive Set channeling mode to PASSIVE
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 79
XenServer Conclusion
Switch independent
– Active-Active
Switch dependent
– LACP with load balancing based on source MAC address
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 80
Topology Overview
81
Switch Independent
VMware
– Route based on originating virtual port
– Route based on source MAC hash
– Route based on physical NIC load (vDS)
– Use explicit failover order
Hyper-V
– Switch Independent - Address hash
– Switch Independent - Hyper-V Port mode
– Switch Independent - Dynamic
XenServer
– Active-active
– Active-passive
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 82
Switch Dependent
VMware
– Route based on IP hash
– Route based on IP hash + LACP (vDS)
Hyper-V
– Switch Dependent - All Address hash modes
– Switch Dependent - Hyper-V Port mode
– Switch Dependent - Dynamic
XenServer
– LACP with load balancing based on IP and port of
source and destination
– LACP with load balancing based on source MAC
address
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 83
Cisco UCS-B – Switch Independent
Each Fabric Interconnect has a port-channel
towards the Nexus 5000 vPC pair
Fabric Interconnects are connected for control-
plane clustering only - no data-plane traffic is
exchanged
The hypervisor running on a blade has 2
independent connections - no switch dependent
protocols can be used
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 84
Nexus 1000V
85
Nexus 1000V
Virtual Ethernet
Module(VEM)
Replaces Vmware’s
virtual switch
Virtual Supervisor
Module(VSM) Enables advanced
switching capability on
CLI interface into the the hypervisor
Nexus 1000V
Provides each VM with
Leverages NX-OS dedicated “switch ports”
Controls multiple VEMs
as a single network
device
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 86
Load Balance Options
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 87
Nexus 1000V
Multi hypervisor switch (VMware, Hyper-V* and KVM*)
Layer 2 switching: VLANs, private VLANs, VXLAN, loop prevention, multicast,
virtual PortChannels, LACP, ACLs
Network management: SPAN, ERSPAN, Netflow 9, vTracker, vCenter Server
Plug-in
Enhanced QOS features
Cisco vPath
Security: DHCP Snooping, IP Source Guard, Dynamic ARP inspection, Cisco
TrustSec SGA support
Cisco Virtual Security Gateway
Other virtual services (Cisco ASA 1000V, Cisco vWAAS, etc..)
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 88
Nexus 1000V
Sessions
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 89
Key Take-Aways
Understand the hypervisor’s load-balancing mechanisms
Align the configuration on hypervisor and upstream switch
All adapters are always up
MAC moves are possible depending on the load balancing algorithm
Use the correct port-channel configuration (on/active/passive)
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 90
Q&A
Complete Your Online Session Evaluation
Give us your feedback and receive a
Cisco Live 2014 Polo Shirt!
Complete your Overall Event Survey and 5 Session
Evaluations.
Directly from your mobile device on the Cisco Live
Mobile App
By visiting the Cisco Live Mobile Site
www.ciscoliveaustralia.com/mobile
Visit any Cisco Live Internet Station located
throughout the venue
Learn online with Cisco Live!
Polo Shirts can be collected in the World of Solutions
on Friday 21 March 12:00pm - 2:00pm
Visit us online after the conference for full access
to session videos and presentations.
www.CiscoLiveAPAC.com
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 92
Appendix
Switch Independent Configuration Options (IOS)
Access
interface range GigabitEthernet1/0/31 - 32
switchport mode access
switchport access vlan 511
spanning-tree portfast
Trunk
interface range GigabitEthernet1/0/31 - 32
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan 511
spanning-tree portfast trunk
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 95
Switch Dependent Configuration Options (IOS)
Static LACP
interface range GigabitEthernet1/0/31 - 32 interface range GigabitEthernet1/0/31 - 32
switchport trunk encapsulation dot1q switchport trunk encapsulation dot1q
switchport mode trunk switchport mode trunk
switchport trunk allowed vlan 511 switchport trunk allowed vlan 511
spanning-tree portfast trunk spanning-tree portfast trunk
channel-group 300 mode on channel-group 300 mode active
interface Port-Channel300
switchport mode trunk
switchport trunk allowed vlan 511
spanning-tree portfast trunk
BRKVIR-2019 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 96