Ads 468x60px

14 January 2019

Cisco Nexus vPC



When we are going to deploy a new Data Center network, we always have to think about the best network performance. If switches don’t have high rate interfaces, such as 100 Gbps interfaces, we should use more than one interface to get better performance. In addition, it’s a good idea to design the Data Center network with more than one uplink interface for redundancy because we’ll get better availability. Therefore, as network engineers, we should always design networks with several uplink interfaces for getting high performance and availability.

The best known technology for combining multiple network connections in parallel in order to increase throughput beyond what a single connection could sustain, and to provide redundancy in case one of the links fail is the Link Aggregation Control Protocol (LACP). However, there are already proprietary aggregation schemes similar to LACP. For example, the virtual Port Channel (vPC) is a Cisco technology which allow us to aggregate several port links between different Cisco Nexus switches to connect to a third party device (server, firewall, load balancer, etc) that supports link aggregation technology (LACP).

vPC Deployment Concept

Link Aggregation, such as vPC, has lots of technical benefits. One of the best technical benefit is the loop-free topology because it eliminates Spanning Tree Protocol (STP) blocked ports. In addition, we can use all available uplink interfaces, thus all available bandwidth is used, because we can send traffic for several interfaces at the same time. Theses technical benefits also simplify the network design. What’s more, Cisco vPC can be configured in different Cisco Nexus switches, accordingly, there are independent control planes.

If we are going to configure Cisco vPC, we’ll previously have to know the vPC architecture components. For instance, each Cisco Nexus switch will be a vPC Peer into the vPC domain. We also have to configure the vPC Peer Link and the vPC Peer Keepalive Link for the synchronization between vPC peer devices, which are synchronized thanks to Cisco Fabric Services (CFS) over the Ethernet protocol. In addition, there will be orphan ports for orphan devices and vPC member ports for aggregated switches.

vPC Architecture Components

I would like to highlight the role of the vPC Peer Link and the vPC Peer Keepalive Link. The vPC Peer Link is the most important component, which gives us the illusion of a single control plane, while the vPC Peer Keepalive Link is a Layer 3 backup test used to verify both Peers are alive. Therefore, if vPC Peer link fails and there is no Layer 3 communication, there will be a split brain scenario and a network outage.

Finally, some of you, maybe, are thinking about the Virtual Switching System (VSS) introduced by Cisco in Catalyst switches, or any other Multi-Chassis Link Aggregation technology built by other manufacturers, but vPC is slightly different with regard to the control plane. Cisco Nexus vPC maintains independent control planes.

Comparing Catalyst VSS with Nexus vPC
 
If you are interested in Cisco Nexus vPC and you need more information, you should check The Complete Cisco Nexus vPC Guide by Firewall.cx.

Do you usually configure LACP in your Data Center?

7 January 2019

It’s time to think. It’s time to have a plan.



It’s time to play with toys but I think it’s also time to think. It’s time to know what we got last year and what we want to get this new year. Maybe, it’s time to give up smoking and go to the gym. I don’t smoke and I already go to the gym. Therefore, I’m going to ask new wishes for this year. The truth, some of them are similar to those I asked last year, such as learning French language and renew the CISA and CISM Certifications. In fact, most of the wishes are about keep learning and studying which, I think, is the best way to improve and learn new skills.

One of my wishes is to renew the CISA and CISM Certifications. Last year, I got more than 100 CPEs (Continuing Professional Education) to renew these certifications because I delivered security training courses and I passed the F5 BIG-IP ASM Certified Technology Specialist exam. In addition, I got the second prize of the CyberSecurity Challenge at ForoCiber and I took lots of webinars. This year, I’m going to deliver ethical hacking courses as well as a computer forensic course, which will be useful for getting more CPEs and renew the ISACA Certifications.

Speaking about certificates, this year, my Cisco CCNP Routing & Switching certificate is going to expire. Therefore, I’m thinking about taking the Implementing Cisco Data Center Infrastructure (DCII) exam because I would like to know how Cisco Nexus switches work. What’s more, this exam is going to help me to reinforce my knowledge about VXLAN, Overlay Technologies, HSRP, VRRP and GLBP, Spanning Tree Protocol, etc.

I’m learning the French language since 2016. I’ve already got the A2 level and I’m studying for the B1 level. Learning a new language is not easy. It requires lots of time and effort. However, I will continue going to classes. I will listen the radio in French language and I will read and write in French language as well. Of course, I know I will also have to speak in French language. It’s interesting. I like!

I’ve never written about internships for students with Ariadnex. I don’t know exactly how many students have already had an internships with Ariadnex but I like thinking tasks and projects for them. For instance, last year, three students (Carlos, Guadalupe and David) have been at Ariadnex offices and they have been doing the Final Degree Project with us. They have been working with Proxy servers, Firewalls, SIEMs, etc. I would like more students come to Ariadnex for this new year.

I’ve read books last year and I would like to read more books this year. While I’m reading, I’m relax, and I’m learning new things at the same time. I like! I have a list with lots of books about technology, psychology, economy, etc. For instance, some of the last books I’ve written down are “Hit Refresh: The Quest to Rediscover Microsoft’s Soul and Imagine a Better Future for Everyoneby Satya Nadella or "The History of Information Security: A Comprehensive Handbook" by Karl Maria Michael de Leeuw and Jan Bergstra.

Do you want to tell us your planning for this year?
Related Posts Plugin for WordPress, Blogger...

Entradas populares