Feeds

Cisco's virtual switching comes to Hyper-V 3.0 next year

Not just for VMware any more

Internet Security Threat Report 2014

It looks like Microsoft's Hyper-V server virtualization hypervisor is maturing enough at the jump to Windows 8 Server next year that Cisco Systems needs to make it a full peer to VMware's ESXi hypervisor, which has been the preferred virtualization layer on the "California" Unified Computing System servers from Cisco for the past two years.

Right out of the chute when they were announced in March 2009, the Cisco blade servers embraced VMware's ESXi hypervisor while merely running Hyper-V, KVM, and Xen hypervisors. VMware's hypervisor was integrated tightly with the extended fabric at the heart of the UCS system, called the Virtual Machine Fabric Extender, or VM-FEX for short. And VMware and Cisco, which are partners with EMC in peddling vBlock preconfigured cloudy infrastructure, worked so Cisco's Nexus 1000V virtual switch could replace VMware's own integrated distributed virtual switch embedded in the ESXi hypervisor.

The Nexus 1000V runs Cisco's NX-OS networking operating system (which is distinct from its IOS operating system for data center switches).

Up until now, partly because VMware was the dominant supplier of server virtualization in the corporate data centers that Cisco is targeting with the UCS iron, partly because VMware is its designated virtualization partner, and partly because Microsoft's Hyper-V was not on par in terms of features, Cisco didn't have to support anything but the ESXi hypervisor with the Nexus100V virtual switch or the VM-FEX switching, which are alternative ways of coping with virtual machines on UCS machinery.

But with Microsoft coming on strong with Hyper-V 3.0 next year and VMware charging a premium for its vSphere virtualization stack, Cisco can't afford to let ESXi have premier status among hypervisors.

Cisco Nexus 1000V and VM-FEX

Cisco's two approaches to switching for virtual machines

With the Nexus 1000V distributed virtual switch, Cisco is running a virtual switch inside of the hypervisor that, as far as the virtual machines are concerned, looks exactly like any other IOS-based switch from Cisco. What this means is that Cisco network administrators can use the same Data Center Network Manager tool to manage the Nexus 1000V as they would use to manage any other Cisco switch. This virtual switch runs inside of a VMware virtual machine itself and can provide virtual switching to multiple physical servers inside of a UCS chassis.

All of Cisco's other virtual networking services – Virtual Security Gateway, Adaptive Security Appliance, Wide Area Acceleration Service, and Network Analysis Module – can plug into the Nexus 1000V. You get all the benefits of a Cisco switch without actually having to buy Cisco switching gear – and you can keep the network administrators managing both physical and virtual networks and get the server and hypervisor administrators back on the other side of the switch where they belong.

"Separation of duties is very important for compliance and other reasons," explains Prashant Gandhi, senior director of product marketing at Cisco's Server Access and Virtualization Technology Group.

By the way, the Nexus 1000V switch is not limited to running on Cisco's own blade and rack servers and can run on any x64-based machine that has ESXi as its hypervisor. And next year, it will run on any machine supporting Hyper-V 3.0 from Microsoft. Gandhi tells El Reg that the company has over 4,000 customers using the Nexus 1000V, and while the lack of support for Hyper-V has probably not held back the installation of the Nexus 1000V virtual switch, it probably will soon.

And that is why Cisco is working with Microsoft to allow for the integrated virtual switch at the heart of Hyper-V to be swapped out for Nexus 1000V with the 3.0 release of the Microsoft hypervisor. At the moment, only VMware's ESXi 4.0, ESX Server 4.0, and ESXi 4.1 hypervisors can talk to the Nexus 1000V distributed virtual switch.

Let's get physical with virtual

For UCS customers, there is another way to virtualize their links between virtual machines and switching capacity, and that is to have the hypervisor get a virtual Ethernet port on the extended switching fabric embodied in the UCS blade servers. In this case, using the VM-FEX, a virtual interface card can be allocated to a VM that has full, line-rate 10 Gigabit Ethernet performance (or less than that if you want to chop a VIC up into multiple bits for multiple VMs).

The network is external to the VMs and is managed by the same UCS Manager software that is used to control the servers and the chassis switch at the center of the UCS design. At the moment, only the ESXi hypervisor can reach out and talk to the VM-FEX extended fabric and its virtual interfaces, but Gandhi says that due to customer demand it will soon support the KVM hypervisor being championed by commercial Linux distributor Red Hat. Gandhi refused to comment on the possibility of the KVM hypervisor getting support for the Nexus 1000V virtual switch. Cisco didn't want to talk about Xen, either.

While Cisco is working with Microsoft to support the Nexus 1000V and VM-FEX technologies with the future Hyper-V 3.0 hypervisor for Windows 8 Server, Gandhi tells El Reg not to expect Cisco to port these virtual networking methods back to the current Hyper-V 20008 R2. Gandhi says that the upcoming Hyper-V hypervisor has a much-improved "extensibility framework" that allows Cisco to hook into the hypervisor – something that made hooking Nexus 1000V and VM-FEX into Hyper-V easier. While the older Hyper-V could be retrofitted to support these networking mechanisms, it would be difficult, says Gandhi.

Cisco is beta testing Nexus 1000V and VM-FEX with Microsoft's Hyper-V 3.0 now. No word on when it will come to market, but Gandhi says Cisco will be ready to ship whenever Microsoft is. ®

Internet Security Threat Report 2014

More from The Register

next story
Docker's app containers are coming to Windows Server, says Microsoft
MS chases app deployment speeds already enjoyed by Linux devs
IBM storage revenues sink: 'We are disappointed,' says CEO
Time to put the storage biz up for sale?
'Hmm, why CAN'T I run a water pipe through that rack of media servers?'
Leaving Las Vegas for Armenia kludging and Dubai dune bashing
'Urika': Cray unveils new 1,500-core big data crunching monster
6TB of DRAM, 38TB of SSD flash and 120TB of disk storage
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
SDI wars: WTF is software defined infrastructure?
This time we play for ALL the marbles
Windows 10: Forget Cloudobile, put Security and Privacy First
But - dammit - It would be insane to say 'don't collect, because NSA'
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.