Cisco Nexus 1000V Extension For Hyper-V Virtual Switch Goes GA

As I mentioned in a post last week, the Cisco Nexus 1000V Hyper-V virtual switch extension has gone live.  This forwarding filter extends (rather than replaces) the functionality of the Hyper-V virtual switch.  This allows you to accumulate functionality while retaining Microsoft features in the virtual networking device.  Note that you can only have 1 active forwarding filter.

Diagram illustrating the synthetic device data paths with SR-IOV

Packets going in and out of the virtual switch pass through the 3 filter layers, enabling each one to do what that particular layer allows.  The purpose of the forwarding filter is

These extensions have the same capabilities as filtering extensions, but are responsible for performing the core packet forwarding and filtering tasks of extensible switches. These tasks include the following:
• Determining the destination ports for a packet.
• Filtering packets by enforcing standard port policies, such as security, profile, or virtual LAN (VLAN) policies.

The Cisco Nexus 1000V:

• Offers consistent operational experience across physical, virtual, and mixed hypervisor environments
• Reduces operational complexity through dynamic policy provisioning and mobility-aware network policies
• Improves security through integrated virtual services and advanced Cisco NX-OS features

Long story, short:

  • This is the same Cisco Nexus 1000V that replaces the vSphere virtual switch.  This means you can have a unified network admin experience across the physical network and hybrid virtualisation layers
  • It returns network administration to the people who know how to best do networking: networking engineers

Virtual Supervisor Module (VSM)

That’s a big thing; virtualisation has seen network engineering move into the virtualisation space and into the realm of server admins.  Trust me; you do not want me doing network engineering on your site Smile  The network admin continues to use tools that they know and bring the best of their skill set into the virtualisation space.

There are 3 pieces:

  • System Center remains in control via integration
  • A Virtual Ethernet Module (VEM) is deployed to each Hyper-V host in the forwarding filter extension layer.
  • The Virtual Supervisor Module (VSM) is a centralised management component for controlling the VEMs.

In the spirit of fairness, NEC also has a forwarding filter called ProgrammableFlow

Note: In WS2012, Hyper-V Network Viritialization (aka HNV, aka Software Defined Networking, aka SDN) operates below the virtual switch and therefore forwarding filters cannot work in the CA (consumer address, i.e. in the VM Network) space.  This has changed in WS2012 R2.

Please follow and like us:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.