Prepared By – Rajeev Srikant

:

VDC – Virtual Device Context

9/27/2015

2

Agenda

What is VDC ?

Why Use VDCs ?

Creating & Configuring VDCs

9/27/2015

9/27/2015

3

What is VDC ?

Virtual Device Contexts (VDCs):

Cisco ‘s VDC are basically Virtual Ethernet Switches.

VDC feature helps enable the virtualization of a single physical device into one or more logical devices.

It is similar to contexts in ASA

Each of the provisioned logical devices is configured & managed as if it were a separate physical device.

Each logical device in the VDC acts as virtual entity with separate data, control & management planes.

VLAN 100 in VDC 1 is not the same VLAN 100 in VDC 2

OSPF Process ID 1 in VDC 1 is not the same OSPF PID 1 in VDC 2

VDC is supported on the Cisco 7000 Nexus series platform.

9/27/2015

4

Interface 1

Interface 2

Physical Switch

Physical View

Physical Switch

VDC A

VDC B

Interface1

Interface 2

Logical View

VDC - Representation

No internal cross VDC communication. Physical cable must be used to connect VDCs.

5

Multiple logical roles per physical chassis

• Ex – Core & Aggregation/Distribution on same box

Multi – Tenancy

• Ex – VDCs as a managed service to customers

Separate Production & Test environments

VDCs significantly improve resource utilization

Why Use VDCs?

9/27/2015

Physical Switch 1

Core VDC 1

Aggregation VDC 1

Physical Switch 2

Core VDC 2

Aggregation VDC 2

6

If VDC is not required to be deployed in NX-OS switch , it is required to use at least one which is the default VDC which is VDC 1.

This context is automatically created during the switch boot & actually represents the physical switch by default.

VDC 1 always exists & can not be removed.

It is used to create & manage other VDCs

Controls VDC port allocations

All ports are allocated to default VDC at initialization

Controls VDC resource allocations

Number of VLANs, VRFs, Routing table memory, etc.

Default VDC

9/27/2015

Some tasks can be only performed only in the Default VDC.

VDC Creation/Deletion/Suspend

Resource Allocation

NX-OS upgrade across all VDCs

ISSU – In Service Software Upgrade

7

VDCs are defined in global configuration of default VDC.

VDC hostname derived from default VDC hostname + VDC name.

Creating & Configuring VDCs

9/27/2015

Step 1: Log in to the default VDC with a username that has the network-admin role. Step 2 : Enter configuration mode and create the VDC using the default settings. Switch# configure terminal Switch(config)# vdc MyVDC Note: Creating VDC, one moment please ... Switch(config-vdc)#

Step 3 : Allocate interfaces to the VDC. Switch(config-vdc)# allocate interface ethernet 2/1-11

8

Creating & Configuring VDCs Continued…..

9/27/2015

Step 4 : Verify the VDC configuration. Switch(config-vdc)# show vdc MyVDC vdc_id vdc_name state mac -------- ----- ---------- -------- ------- 2 MyVDC active 00:00:00:00:00:00

Step 5 : Switch to the new VDC Switch(config-vdc)# switchto vdc MyVDC Switch-MyVDC#

9

When VDCs are created it is necessary to allocated how individual VDCs share the available physical resources.

It is required to allocate minimum & maximum resources to each VDC.

Switch(config)# vdc MyVDC

Switch(config-vdc)# limit-resource port-channel minimum 32 maximum 64

Switch(config-vdc)# limit-resource u4route-mem minimum 32 maximum equal-to-min

Switch(config-vdc)# limit-resource monitor-session minimum 0 maximum 2

Switch(config-vdc)# limit-resource vlan minimum 32 maximum 64

Switch(config-vdc)# limit-resource vrf minimum 32 maximum equal-to-min

Resource Allocation & Configuration

9/27/2015

9/27/2015

10

Virtual Device Context - Fault Isolation

When multiple VDCs are created in a physical switch, inherently the architecture of the VDC provides a means to prevent failures within that VDC from affecting other VDCs.

For instance, a spanning tree recalculation that might be started in one VDC is not going to affect the spanning tree domains of other VDCs in the same physical chassis.

An OSPF process crash is another example where the fault is isolated locally to that VDC. Process isolation within a VDC thus plays an important role in fault isolation and serves as a major benefit for organizations that embrace the VDC concept.

As shown below, a fault in a process running in VDC 1 does not affect any of the running processes in the other VDCs.

9/27/2015

11

Virtual Device Context – High Availability(HA)

The Cisco NX-OS Software platform incorporates a high-availability feature set that helps ensure minimal or no effect on the data plane should the control plane fail.

HA policy defines what happens when a VDC crashes Bringdown—Puts the VDC in the failed state. To recover from the

failed state, you must reload the physical device. This is the behavior for default VDC. For non-default VDC, there is no need to reload the physical device.

Reset— Initiates a supervisor module switchover for a Cisco NX-OS device with two supervisor modules, or reloads a Cisco NX-OS device with one supervisor module.

Restart—Deletes the VDC and recreates it by using the startup configuration.

Configured as ha-policy under VDC config mode. Switch(config-vdc)# ha-policy single-sup bringdown dual-sup switchover

9/27/2015

12

Virtual Device Context – User Rights

Non default VDC users have 2 possible roles vdc-admin : All Read/Write access to that particular VDC vdc-operator : Read Only access to that particular VDC vdc-admin & vdc-operator cannot switchback to default VDC

Default VDC users inherit Read or Read/Write in non-default VDCs.

network-admin : Assumes all vdc-admin roles network-operator : Assumes all vdc-operator roles