Announcing VMware Aware Networking
This Silverton Consulting (SCI) Storage Intelligence (StorInt™) Dispatch provides a summary of Cisco’s recent announcements introducing Virtual Machine aware networking including a new VMware software switch (1000V).
VM networking redefined using VN-Link
VN-Link provides Ethernet, SAN level QOS and other attributes typically defined at the physical server or port level to now be defined down to the VM level. In the past VLANs were defined at the MAC layer and VSANs were defined at the port layer and provided only server level granularity and functionality. These new VN-Link offerings provide for a much more individualized networking environment that can both be tailored to the VM level and once defined sticks with that VM as its moved throughout the physical servers under VM/HA and VM/DRS control.
Software VN-Link Ethernet networking services – Nexus 1000V
Cisco has introduced the Nexus 1000V as a replacement for VMware’s NIC virtualization (vSwitch) that implements a new capability called a Distributed Virtual Switch. This is essentially a software Nexus switch residing inside the hypervisor using VMware defined APIs implementing a layer 2 switch. Nexus 1000V maintains state information within an ESX server and across ESX servers to other 1000Vs without modifying Ethernet packets. As such, the Nexus 1000V can attach to other non-Cisco hardware switches upstream and continue to provide enhanced VM aware service to other Nexus 1000V switches.
Each 1000V software service running in an ESX server is considered as a software line card with an infinite number of ports called a Virtual Ethernet Module (VEM). A Virtual Supervisor Module (VSM), possibly running as a virtual machine, supplies management, monitoring and configuration of VEMs and is compatible to the hardware version of Nexus Data Center manager. There can be up to 64 VEMs in one distributed virtual switch under VSM control.
The Nexus 1000V runs on the next version of VMware’s ESX server software and will likely be available first half of 2009. Pricing and licensing have yet to be defined, the Nexus 1000V will most certainly become the value added version of the free vSwitch services available with any ESX server.
Hardware VN-Link Ethernet networking services – Nexus 5000
Cisco is also introducing the hardware Nexus 5000 switch that provides 1000V like services but uses a new Ethernet protocol standard. The Nexus 5000 uses VM level tagging on network packet headers as defined by the new 802.1Q protocol. Once packets are tagged with their VM-VLAN associations switches can provide the ability to manage network services at the VM-VLAN level which means that QOS and other networking attributes can be applied to the VM rather than at just the ESX server level. Now, hardware defined network policies can migrate with VMs as they are moved to other ESX servers.
The new Ethernet 802.1Q standard modifies the standard packet header to add VLAN tagging and was just adopted this past September. As it’s a protocol change, compatible hardware is required for NICs and switches to support this functionality. The Nexus 5000 is the first switch to support for this new packet tagging protocol.
Hardware VN-Link storage networking services
In conjunction with the above, Cisco has applied VN-Link to storage networking. With F-Port trunking from the HBA to the switch port, multiple VMs sharing the same physical HBA can now belong to different VSANs. This is based on the current ISL level F-port trunking technology. This new capability is ANSI T11 compliant and requires support at the HBA and the hypervisor level. Similar to the Ethernet capabilities above, VSAN level QOS and other services will now move around with the VMs as they migrate to other ESX servers.
Other Cisco announcements
New 8GFC cards were announced supporting 24-8GFC, 48-8GFC or a host selectable 4-8GFC/44-4GFC port link cards and are compatible with any MDS 9500 series switch. Also announced was support for Cisco TrustSec-FC link encryption that provides data-in-flight encryption services for ISL links. Cisco has rebranded SAN-OS as NX-OS and now both the latest Cisco Ethernet and storage switches run the same O/S.
In addition, Cisco announced their new WAVE product line, providing enhanced VDI acceleration using WAN optimization over new hardware platforms for remote office environments. With the new WAVE products user login, email, MS office and Web services can approach onsite LAN response times at remote offices.
Cisco also announced additional VMware training and certification to insure partner quality and ability to service these new VM capabilities. Finally, Cisco announced new professional service offerings, which provide Cisco and VMware consulting in combination to address end-user needs.
These new offerings provide seamless server virtualization assessment, configuration, and ongoing operations support for VMware environments. Such services can involve Cisco and VMware supplied personnel in any combination, under one contracted service engagement to address customer requirements.
As server virtualization was being rapidly adopted throughout an enterprise, some networking functionality has been left behind. Ethernet and storage networking characteristics had always been defined at the server level but this granularity was lost when these same servers were converted to VMs. VN-Link takes the first steps to move these capabilities back to the VM level allowing QOS, control and management to be returned to where they were prior to virtualization, that is, at the server (or in this case VM) level. More needs to come in this arena and broader support for other virtualization engines needs to be available but Cisco has taken the first big step in the right direction.
A PDF version of this can be found atCisco 2008 September 30 Announcement on VVMware Aware Networking
Silverton Consulting, Inc. is a Storage, Strategy & Systems consulting services company, based in the USA offering products and services to the data storage community.