-
We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.
Diving into Nexus 7K/5K/2K...interasting
- Thread starter alkemyst
- Start date
ScoobMaster
Platinum Member
We are setting up a few of them here at the school district I work for as part of our VMWare VDI project. I can't comment too much as my co-worker is the one configuring and deploying them. From what I have seen and he has shared with me, I can concur - very different that typical Cisco.
It takes a while to get used to. The syntax is all very similar, but it's the workings under the hood that are very different than 6500s. Make sure you test all your VPC stuff. The under the hood stuff is all there to keep you from making loops. A lot of information is shared across the vpc peer link, everything really. You're used to being able to setup channels with VSS or stack technology but with this you have two active control planes. The vpc peer switches won't make channels unless everything is exactly the same. Be very careful if you ever need to remove a vlan, that can cause many channels to go inactive even if the vlan exists on the other switch.
Last edited:
m1ldslide1
Platinum Member
Super slick stuff. Plus the new 7009's just came out, which are like 1 or 2 RU smaller than the 6509, which makes DC replacement easy. Plus they use the new FAB2 modules, which if fully populated gives you 550Gbps per slot. :O
Anybody played with OTV, LISP, etc?
Anybody played with OTV, LISP, etc?
Gryz
Golden Member
Do any of you have experience with the routing protocols on NX-OS ? BGP, OSPF (and IS-IS) ?
How well do they work, how well do they scale, how much stress do they cause when the network is unstable. How many routes and peers do you have in BGP ? How many (external) routes in OSPF ? How many routers do you have in the network. Or in an area ? Stuff like that. I know that most Nexus-boxes are deployed in datacenters, and not in the middle of the network. All I ever heard from people (from cisco) about the routing protocol implementaitons was that "they work just fine". I'd be interested in anything anyone has to add to that.
Little tidbit. When those protocol implementations were developed (about 10 years ago), they scaled a lot better than cisco's IOS implementation. E.g. where BGP in IOS could take up to 5 minutes to synch all routes with a dozen peers, the NX-OS implementation took only 2 seconds per peer. (120k routes at the time). Unfortunately I never saw it perform in a real network, only in test networks. And I'm so out-of-the-loop nowadays, I never hear anything interesting anymore.
Just curious. 🙂
How well do they work, how well do they scale, how much stress do they cause when the network is unstable. How many routes and peers do you have in BGP ? How many (external) routes in OSPF ? How many routers do you have in the network. Or in an area ? Stuff like that. I know that most Nexus-boxes are deployed in datacenters, and not in the middle of the network. All I ever heard from people (from cisco) about the routing protocol implementaitons was that "they work just fine". I'd be interested in anything anyone has to add to that.
Little tidbit. When those protocol implementations were developed (about 10 years ago), they scaled a lot better than cisco's IOS implementation. E.g. where BGP in IOS could take up to 5 minutes to synch all routes with a dozen peers, the NX-OS implementation took only 2 seconds per peer. (120k routes at the time). Unfortunately I never saw it perform in a real network, only in test networks. And I'm so out-of-the-loop nowadays, I never hear anything interesting anymore.
Just curious. 🙂
alkemyst
No Lifer
Nexus is really a high speed L2 chassis. 20GB speeds and ultra low-latency switching.
It can do L3 with extra licensing. 10 years ago is a lot different than today.
They aren't seen much because most networks are better suited with 3750X (then in stacks), 4500 and 6500 class switches.
The nexus also has fabric extension technology which pretty much makes your top of rack switch in effect like part of the core.
Nexus also supported virtualized 'switches' all on one chassis. It takes the vlan concept (in a way) and makes that it's own total configurable switch. You assigned what ports you want on which switch environment and they are exclusive to that one only.
It can do L3 with extra licensing. 10 years ago is a lot different than today.
They aren't seen much because most networks are better suited with 3750X (then in stacks), 4500 and 6500 class switches.
The nexus also has fabric extension technology which pretty much makes your top of rack switch in effect like part of the core.
Nexus also supported virtualized 'switches' all on one chassis. It takes the vlan concept (in a way) and makes that it's own total configurable switch. You assigned what ports you want on which switch environment and they are exclusive to that one only.
Gryz
Golden Member
So you sare saying that the Nexus boxes do have L3-functionality. But nobody is using it ? You could buy the licensing for L3-functionality, but it's not cost-effective to use the hardware in such a way ?
That's a shame. 🙁
Somebody mentioned LISP. (Locator Identifier Separation Protocol). Now that is pure L3 functionality. The main guy (a cisco fellow) at cisco who is behind LISP was also one of the main software engineers in the team that orginally developed the NX-OS software. (At a startup that was later sold to cisco). He convinced the VP for the Nexus business-unit to take that routing stack and use it for NX-OS. I believe I heard that the LISP functionality was first implemented on NX-OS. A bit weird if no customers use the routing functionality in NX-OS.
That's a shame. 🙁
Somebody mentioned LISP. (Locator Identifier Separation Protocol). Now that is pure L3 functionality. The main guy (a cisco fellow) at cisco who is behind LISP was also one of the main software engineers in the team that orginally developed the NX-OS software. (At a startup that was later sold to cisco). He convinced the VP for the Nexus business-unit to take that routing stack and use it for NX-OS. I believe I heard that the LISP functionality was first implemented on NX-OS. A bit weird if no customers use the routing functionality in NX-OS.
Last edited:
The 7k is a fine L3 switch and I use EQPM a ton on them. 16 way is rather nice. I've put them in medium-ish OSPF installs (but there still was a lot of proper summarization on the IGP), never had a need for BGP as real routers are what I use for that. The nexus line is meant for scalable data center networks and for data center redundancy/bridging. Not really a service provider router (remember, it's still a switch), but it could serve as the l2/l3 transport for said provider.
It's a data center switching platform meant to address most of those challenges. I wouldn't make it my metro switch except for cores and I wouldn't make it my crucial routers. The line is so high performing because everything is a ASIC/switch on a chip for all features and big non-blocking fabric. You can't throw every fancy feature out there, but it does a good job of what you would ask a data center switch to do.
It's a data center switching platform meant to address most of those challenges. I wouldn't make it my metro switch except for cores and I wouldn't make it my crucial routers. The line is so high performing because everything is a ASIC/switch on a chip for all features and big non-blocking fabric. You can't throw every fancy feature out there, but it does a good job of what you would ask a data center switch to do.
Last edited:
EX8200 > Nexus... Just sayin'... 😉
Juniper's virtual switch architecture is way superior to Cisco's.
Actually, switching is about the only thing Cisco is competitive with Juniper on (not pricing, but performance/featureset). Juniper trouces them in both routing and security, though. SRX >>>>> ASA, and MX >>>>> ASR.
(Yes, I'm a Juniper whore, now.)
Juniper's virtual switch architecture is way superior to Cisco's.
Actually, switching is about the only thing Cisco is competitive with Juniper on (not pricing, but performance/featureset). Juniper trouces them in both routing and security, though. SRX >>>>> ASA, and MX >>>>> ASR.
(Yes, I'm a Juniper whore, now.)
Gryz
Golden Member
It might be that the Nexus isn't as good at packet-forwarding as a router. Or cost-effective at packet-forwarding. Or doesn't have the features in packet-forwarding. I don't know, I've never seen a 7k in real life. But the routing protocol implementations themselves should be just as good (or better) than the ones in classic IOS.
I was curious to hear how well the routing protocol implementations work. But if nobody uses the 7k's as real routers, then I'll never know.
Last edited:
You can't honestly tell me that the SRX platform "underdelivers" anything.
If you're going to sit there and tell me that ASAs are superior to SRXs, you've lost whatever shred of credibility you never had.
As I stated, switching is the only place where Cisco is even remotely competitive with Juniper. I already admitted that. But in both routing and, particularly, security, Juniper is far and away better. SRXs make both better firewalls and branch routers than ISRs (even ISR G2s) and the MX is a far better router than the ASR series. I don't see how you can claim otherwise.
alkemyst
No Lifer
It was mostly a joke. Juniper is well-known for things that they promised long ago to paying customers that still haven't come.
Problem with Juniper is it's sort of a red-headed step child. Firewall is really being won by Palo Alto. ASA, I agree is terrible...even TAC for it is a joke. Security in TippingPoint is an easy sell once HP servers are being considered. Juniper is hard to place a lot of the time.
I do agree Juniper has good gear. We are no longer a Cisco-only shop so we provide best solutions regardless of brand.
We have a few N7K's doing DCI & OTV, and a few providing aggregation points.
They do OSPF & BGP just fine, but since routes are heavily summarized within the datacenter, I can't comment on how they'd perform w/ a lot of routes.
We also have an army of N5K's & N2K's providing server access & aggregation out on the floors...our standard is MCEC to redundant FEX's.
We've had an issue w/ ISSU, when we ran an older code a year or two ago, but most of the time they work pretty well.
Regarding Cisco vs Juniper and rest of world...Cisco is a great vendor that provides end to end solutions.
They obviously can't do everything as well as their competitors.
The Juniper/Netscreen firewalls used to kick ASA's butt, but the new ASA 5585's are now pretty bad ass too.
Having multiple vendors on the network may get you the best of each technology, but you'd have to deal w/ different accounts, contracts, support procedures, and it adds complexity for the folks in your ops organization.
If you're in the design/engineering dept, you probably love playing w/ many different toys.
But after you hand off a new design & implementation to ops, they'll hate your guts.
They do OSPF & BGP just fine, but since routes are heavily summarized within the datacenter, I can't comment on how they'd perform w/ a lot of routes.
We also have an army of N5K's & N2K's providing server access & aggregation out on the floors...our standard is MCEC to redundant FEX's.
We've had an issue w/ ISSU, when we ran an older code a year or two ago, but most of the time they work pretty well.
Regarding Cisco vs Juniper and rest of world...Cisco is a great vendor that provides end to end solutions.
They obviously can't do everything as well as their competitors.
The Juniper/Netscreen firewalls used to kick ASA's butt, but the new ASA 5585's are now pretty bad ass too.
Having multiple vendors on the network may get you the best of each technology, but you'd have to deal w/ different accounts, contracts, support procedures, and it adds complexity for the folks in your ops organization.
If you're in the design/engineering dept, you probably love playing w/ many different toys.
But after you hand off a new design & implementation to ops, they'll hate your guts.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 25K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 24K
-
-
