Manage Learn to apply best practices and optimize your operations.

Cisco Nexus 1000v virtual network switch: Virtual network management

The Cisco Nexus 1000v distributed virtual switch gives network administrators more control in virtual network management. Previously, virtualization networking was controlled by server teams, which left network admins unable to view and manage network traffic.

In part 1 of this series on virtual network management, we examined the role of virtual network switches in virtualization networking. In part 2, we explore the use of the Cisco Nexus 1000v distributed virtual switch and how it gives network administrators a larger role in virtual network management.

While virtualization networking management tools are helpful for monitoring, securing and managing virtual networks, they don't give control of the virtual network back to network administrators. One solution to this problem lies in implementing the Cisco Nexus 1000v distributed virtual switch (vSwitch).

Learn the basics of virtual nework switches

The Cisco Nexus 1000v distributed virtual switch shifts virtual network management inside a virtual host back to network administrators and helps to make peace between server and network teams. In addition to solving the political problem of administration, it also adds many advanced features and better security to virtualization networking inside a host. The Nexus 1000v provides features not found in the VMware-provided vSwitches, including QoS, support for Switch Port Analyzer (SPAN), Encapsulated Remote SPAN (ERSPAN), NetFlow, RADIUS and TACACS, access control lists, packet capture/analysis, DHCP/IGMPv3 snooping and much more.

How the Nexus 1000v distributed virtual switch works

The Cisco Nexus 1000v distributed virtual switch consists of two components: a Virtual Supervisor Module (VSM) and a Virtual Ethernet Module (VEM). The VSM manages one or more VEMs as one logical switch and supports up to 64 VEMs. All the configuration of the VEMs is done using the VSM with the NX-OS command line interface, which is pushed to all the VEMs.

Virtual network management: How virtualization affects the network
Server virtualization impact on network configuration

Managing virtual network relationships

Network performance in virtualization environments

Virtual network management: Virtualization impact on latency

The VSM uses port profiles that are configured for each VEM and then appear as port groups in the vCenter Server. The VSM is integrated with the vCenter Server so all network configuration involving the VEMs is synchronized between them. The VSM is packaged as a virtual appliance and is deployed on an ESX or ESXi host using the vSphere Client. Once deployed and powered on, the VSM is managed using a command line interface. The VEM is installed on each ESX and ESXi host, and only one VEM can exist on a single host. The VEM executes as part of the VMKernel and uses an API to interface with the vCenter Server and virtual machines. The VEM gets all of its configuration information from the VSMs, and if it loses connectivity to the VSM, it will continue to switch traffic based on the last known configuration.

The Cisco Nexus 1000v distributed virtual switch can be used with any physical switch, regardless of the manufacturer. This allows anyone who uses non-Cisco physical network gear to take advantage of the 1000v to handle virtual network management.

Cisco virtual network switches go physical for virtual network management

Cisco recently announced a new VSM called the Nexus 1010v, which is a physical version of the VSM virtual appliance. The 1010v is a more powerful version of the 1000v VSM and can contain four VSMs to manage up to 256 VEMs. The 1010v is an alternative for those who are not comfortable having their VSMs running as virtual appliances on ESX and ESXi hosts. In addition, it helps offload the resource requirements of the VSM from the host to a physical device.

Preparing the network team for virtual network management

The Cisco Nexus 1000v distributed virtual switch hands virtual network management back to network administrators so they once again have total control of the entire network environment. It ends the feud between server administrators and network administrators that often occurs when deploying virtualization. However, just giving control of the virtual network back to network administrators is often not enough. Many network administrators are accustomed to dealing only with the physical world, and virtualization may be new to them. They are commonly leery of virtualization and put up resistance.

Educating everyone involved in the virtualization project is the best way to combat this problem. Educational steps for network administrators include:

  • Explaining the concept of virtual switches and virtual NICs and how they interact with physical switches and physical NICs.
  • Demonstrating setup and configuration of a virtual switch, how to install a virtual NIC in a VM, and how to connect the virtual NIC to a virtual switch.
  • Explaining how ESX uses trunked network ports and how 802.1Q VLAN tagging works in a virtual networking environment.
  • Explaining virtual network security principles and how virtual switches are isolated from one another so traffic can't leak between them.
  • Demonstrating NIC teaming and failover in a virtual switch.

This was last published in May 2010

Dig Deeper on Network virtualization technology

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.