네트워크디자인패러다임변화의주인공! 넥서스스위치 -Case Study - DataCenter Solution S.E 최우형부장 (whchoi@cisco.com)
. 2
Cloud Center - A Cloud Center - B 고객의요구사항 DataCenter te 장애또는이젂의싞속성 안젂한서버이젂작업 트래픽로드의분산 해결방안 효과적인 Active/Standby Migration 서버 Cluster의확장 (te Cluster) 편리한 Vmotion (te Motion). 3
전통적인 L2 기반의 VPN 구성방식 EoMPLS VPLS Dark Fiber. 4
MAC Flooding 이슈 x2 te A te C MAC 1 MAC 1 propagation te B. 5
Pseudo-Wire 로인한관리적이슈. 6
Cisco Nexus 7K 기반의 OTV 기술 Overlay Transport Virtualization MAC in IP Dynamic Encapsulation No Pseudo-Wire State Maintenance Optimal Multicast Replication Multi-point Connectivity Point-to-Cloud Model Protocol Learning Built-in Loop Prevention Preserve Failure Boundary Seamless te Addition/Removal Automated Multi-homing. 7
Cisco Nexus 7K 기반의 OTV 기술적용사례 Cloud Center - A Cloud Center - B OTV 적용을통한지역간 Server Clustering 구현 IP 변경없는데이터센터이젂또는이동가능 Psedo Wire 또는 Flooding 이슈없는관리적효율성적용. 8
Cisco Nexus 7K 기반의 OTV 기술적용사례 OTV Inter-te Traffic MAC 2 1 Layer 2 Lookup OTV MAC TABLE VLAN MAC IF 100 MAC 1 Eth 2 100 MAC 2 Eth 1 100 MAC 3 IP B 100 MAC 4 IP B MAC Table contains MAC addresses reachable through IP addresses 5 Layer 2 Lookup OTV MAC TABLE VLAN MAC IF 100 MAC 1 IP A 100 MAC 2 IP A 100 MAC 3 Eth 3 100 MAC 4 Eth 4 MAC 4 MAC 1 MAC 3 Eth 1 Eth 2 External IP A MAC 1 MAC 3 IP A IP B Core External IP B Eth 4 Eth 3 MAC 1 MAC MAC 1 3 MAC 3IP A IP B L2 L3 L3 L2 2 3 Encap Decap 4 MAC 1 MAC 3 6 MAC 1 West East MAC 3 No Pseudo-Wire state is maintained. The encapsulation is done based on a Layer 2 destination lookup.. 9
. 10
서버의네트워크안정성 / 가용성요구 젂통적인 Server Teaming 구조 1 젂통적인 Server Teaming 구조 2 고객의요구사항 서버의고가용성이슈해결방안 서버의고대역폭요구 서버의빠른응답시간 해결방안 Link Active/Active 구조로구성 STP Block Port의제거 장애시빠른 Convergence Time. 11
서버의네트워크안정성 / 가용성요구 Nexus 5K Active/Active Nexus 5K 기반의 10GE vpc 적용 Nexus 5K 기반의 10GE vpc 논리적 View 서버에서서로다른스위치의연결구조가 LACP 기반의이더채널로구성 STP Block Port의제거모든대역폭을사용함으로써데이터응답시간의향상링크장애시싞속한 Convergence Time. 12
서버의네트워크안정성 / 가용성요구 2 1 3 5 4 해결방안 1. vpc Peer Link 802.1Q Trunk 사용 CFS Messgae 교홖 (CoS 6 setting) STP BPDU, HSRP Hello, IGMP update 2. vpc Peer keep alive link vpc Heart Beat 점검 3. vpc 4. vpc member Port B 금융고객의 vpc 기반 ORACL RAC 플랫폼. 5. CFS Config 검증 / 비교 MAC member Sync vpc, vpc Member Port 상태점검 IGMP Snoop Sync. 13
Port Density on Switches Over-subscription Ratio Complex STP Configuration Data Center Core Aggregation Primary vpc HSRP Active Primary Root N VPC domain - - - - - - - R R R R R R R N Secondary vpc HSRP Standby Secondary Root - R N E B R L Network port Edge port - Normal port type BPDUguard Rootguard Loopguard Layer 3 Layer 2 MAC Table ze Access - - - L E B E B E B E B E B X-Chassis Port-Channel. 14
Campus Network Data Center 대부붂이남 / 북 Traffic 패턴 Over-subscription 이발생할수밖에없는구조 남 / 북, 동 / 서간트래픽이혼합된구조 동 / 서간트래픽이데이터센터 Latency 이슈가될수있음.. 15
Cisco FabricPath Data Plane Innovation Control Plane Innovation FabricPath encapsulation No MAC learning via flooding Routing, not bridging Built-in loop-mitigation Time-to-Live (TTL) RPF Check Plug-n-Play Layer 2 IS-IS Support unicast and multicast Fast, efficient, and scalable Equal Cost Multipathing (ECMP) VLAN and Multicast Pruning Cisco NX-OS Cisco Nexus Platform. 16
Oversubscription 16:1 8:1 2:1 Blocked Links 4 Pods Network Fabric Fully Non-Blocking 64 Access Switches 2, 048 Servers 8 Access Switches 2, 048 Servers Network Fabric Web Servers App Servers New Apps lo 1 lo 2 lo 3 Web Servers App Servers New Apps. 17
. 18
Cloud Center - A Cloud Center - B 고객의요구사항 네트워크자원의효율적사용 네트워크가상화요구 투자보호방안요구 해결방안 네트워크가상화구현 Control Plane/Mgmt Plane/Data Plane 가상화. 19
스토리지 서버영역 분배영역 코어 Catalyst 6500 VSS 10GE Catalyst 6500 VSS 10GE Catalyst 6500 VSS Catalyst 4948 MDS 9500 4GFC. 20
스토리지 서버영역 분배영역 코어 Nexus 7000 VDC-Core 10GE VDC-A VDC-FCoE VDC-B 10GE / vpc Nexus 2000 FCoE. 21
. 22
LAN Switch LAN Switch Storage Storage Storage LAN Mgmt NAS SAN Switch Pri NIC Sec NIC Mgmt NIC SAN A SAN B Pri NIC Sec NIC Mgmt NIC SAN A SAN B. 23
1 3 2 4. 24
DC Switch - Nexus 7K - Service Switch - Cat 6500 - Storage Storage Storage 10GE LAN SAN Switch CNA A CNA B CNA A CNA B. 25
1 3 2 4. 26
. 27
Storage Computing Network 네트워크 - 서비스별별도의네트워크구성할당 서버 랙마운트타입의서버운영방식 스토리지 로컬디스크운영체제 / FC 기반 Data Access 네트워크 - 다량의네트워크장비필요 서버 상면이슈및대량의 IO Card 및 IO Cable 이슈 스토리지 개별 OS Backup 및로컬디스크내구성문제 Service A Service B Service C Service D Service E. 28
Storage Computing Network 네트워크 - 네트워크가상화구현 서버 블레이드서버기반의가상화 / FCoE & H.W Based I.O 가상화 스토리지 SAN OS Booting 을통한이동성및내구성확보 Service A Service B Service C Service D Service E. 29
Storage Computing Network Legacy 구성으로인한 TCO 문제발생 Network/Computing/Storage 의구성복잡성발생 시스템홗용률저조에따른비효율적운영 클라우드컴퓨팅기반의가상화서버통합 x86 서버홗용률극대화 블레이드서버및 FCoE 구성으로 TCO 젃감 Storage Computing Network Service A Service B Service C Service D Service E -20 개이상의서버랙필요 -IO Cable 1400 개이상필요 / IO Card 400 개이상필요 - 로컬디스크 OS 구성으로내구성저하 - 여유서버운영의어려움으로비즈니스민첩성저하 Service A Service B Service C Service D Service E - 5 개미만의서버랙필요 ( 상면 75% 젃감 ) - FCoE 케이블통합 (IO Cable 40 개 / IO Card 200 개 IO 98% 젃감 ) - 가상화서버와 Dedicate 서버의혼합구성으로안정성과확장성동시구현 -가상화기반으로싞속한서버할당 비즈니스민첩성. 30
. 31
Internet OTV 1GE/10GE FCoE 4G/8G FC Nexus7000 C6K VSS ACE Firewall WAAS GSS Nexus5000 MDS Cisco UCS & VM w/ N1K FCoE Storage FC Storage. 32
Thank you.