1 / 29

Cisco Data Center Network Architecture

Cisco Data Center Network Architecture. Ivan S Chandra Systems Engineer Manager ivanc@cisco.com. Agenda. Data Center Challenges Cisco Data Center Network Architecture Summary. Data Center Architecture Today— Dedicated Infrastructure. Challenges. USERS.

idola-knowles
Télécharger la présentation

Cisco Data Center Network Architecture

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cisco Data Center Network Architecture Ivan S Chandra Systems Engineer Manager ivanc@cisco.com

  2. Agenda • Data Center Challenges • Cisco Data Center Network Architecture • Summary

  3. Data Center Architecture Today—Dedicated Infrastructure Challenges USERS • Low utilization of compute and storage resources • Multiple points of management • Inconsistent security policies • Too costly to scale APPLICATION 1...N DEDICATED STORAGE DEDICATED COMPUTING DEDICATED NETWORK Reference: Cisco Internet BusinessSolutions Group, 2004

  4. Data Center Architecture Evolving—Dedicated Infrastructure to Service Oriented Infrastructure Benefits USERS • Much better utilization • Lower administration costs • Reduction in assets • Increased service availability • Faster deploymentof new services APPLICATION 1...N POOLED STORAGE POOLED COMPUTING INTELLIGENT INFORMATION NETWORK VIRTUALIZATION Reference: Cisco Internet BusinessSolutions Group, 2004

  5. EnterpriseApplications AUTOMATION Server Fabric Network Data Network Storage Network Dynamic Provisioning and Information Lifecycle Management (ILM) to Enable Business Agility Business Policies On-Demand Service Oriented VIRTUALIZATION LAN WAN MAN HPC Cluster GRID SAN Management of Resources Independent of Underlying Physical Infrastructure to Increase Utilization, Efficiency and Flexibility Intelligent Information Network Compute Network CONSOLIDATION Centralization and Standardization to Lower Costs, Improve Efficiency and Uptime Storage Compute Network Storage Evolution of the Data Center InfrastructurePhased Approach

  6. Agenda • Data Center Challenges and Trends • Cisco Data Center Network Architecture • Summary

  7. WAAS, App Acceleration, Optimization, Security and Server Offload Business Applications Collaboration Applications Instant Messaging PLM Unified Messaging CRM Meeting Place ERP Firewalls, Intrusion Protection, Security Agents IPCC HCM IP Phone Procurement SCM Video Delivery Traditional Architecture / Service Oriented Architecture RDMA, Low Latency Clustering Virtualization, Replication, Virtual Fabrics Network Virtualization Services Places in the Network Campus Branch Data Center Enterprise Edge WAN/MAN Teleworker Server Storage Clients Catalyst Family SFS Family ONS Family MDS Family Cisco Data Center Network Architecture Framework Application Delivery Services Security Services Services Management Advanced Analytics and Decision Support Application Networking Services Services Virtualization Application Networking Services Compute Services Storage Fabric Services Infrastructure Enhancing Services INTERACTIVE SERVICES LAYER Infrastructure Enhancing Services Adaptive Management Services Storage Network Compute Network Network Infrastructure Virtualization Infrastructure Management Storage Switching Data Center Interconnect Server Fabric ServerSwitching NETWORKED INFRASTRUCTURE LAYER Modular Rack Blade DWDM, SONET, SDH, FCIP Director Fabric Infiniband Switching

  8. Blade Servers UNIX/NT Servers Mainframes ServerLoad Balancing Management and ProvisioningFramework Application Control Engine ApplicationMessage Services SSL Off-load High Performance Compute (HPC) Clusters EMBEDDED APPLICATION NETWORK SERVICES DDOS Guard Firewall Services Intrusion Prevention Secure Virtual Fabrics EMBEDDED SECURITY SERVICES Fibre Channel Fabric Hosted Applications StorageVirtualization Infiniband Fabric AssistedApplications Data ReplicationServices GE / 10GE EMBEDDED STORAGE SERVICES FICON Storage & Tape Arrays Data Center ServicesWhere? Catalyst WAAS AVS SFS 7000 InternetMPLS VPNIPSEC/SSL VPN SERVER FABRIC SERVER SWITCHING EMPLOYEE / PARTNER / CUSTOMER ACCESS NETWORK ONS 15000 SONET/SDHxWDMMetro Ethernet FCIP Enterprise Applications MDS 9500 STORAGE SWITCHING DATA CENTER INTERCONNECT

  9. Firewall Services Intrusion Detection Server Virtualization Network Analysis Virtual I/O File Caching Compute Fabric Services VPN Termination Remote DMA Services Server Balancing Clustering Services SSL Offloading Fabric Gateway Services DOS Protection Content Caching Virtual Fabrics (VSANs) Storage Virtualization V Data Replication Svcs Fabric Routing Services Fabric Gateway Services DC Network Topology Layers Core Aggregation Access Server Farms Server Clusters Edge Core Storage/Tape Farms

  10. Firewall Services Intrusion Detection Server Virtualization Network Analysis Virtual I/O File Caching Compute Fabric Services VPN Termination Remote DMA Services Server Balancing Clustering Services SSL Offloading Fabric Gateway Services DOS Protection Content Caching Virtual Fabrics (VSANs) Storage Virtualization V Data Replication Svcs Fabric Routing Services Fabric Gateway Services DC Server Network Layers Core Aggregation Access Server Farms Server Clusters Edge Core Storage/Tape Farms

  11. DC Access LayerLayer 2, Layer 3 Server & Mainframe Connectivity • L2 and L3 requirements • Dual and single attached • High performance, low latency L2 switching • Mix of oversubscription requirements • Many uplink options • STP processing for configured VLANs only • Utilizes services in the Aggregation Layer Enterprise Core DC Core DC Aggregation Mainframe w/OSA Blade Chassis w/integrated switch Blade Chassis w/pass thru L3 Access L2 w/clustering & NIC teaming DC Access

  12. DC Aggregation LayerProviding Critical Point for Control and Application Services • Aggregates traffic to DC core • Large STP Processing load • Aggregates advanced application and security functions • Maintains connection and session state for redundancy • Layer 4-7 services: FW, SLB, SSL, IDS • High flexibility and Economies of Scale Enterprise Core Service Modules Mainframe w/OSA Blade Chassis w/integrated switch Blade Chassis w/pass thru L3 Access L2 w/clustering & NIC teaming DC Access

  13. DC Aggregation LayerServer to Server Communications Path What types of server to server traffic will exist? Multi-tier interaction, Backup,Replication, Cluster Messaging, storage over ip DC Core Aggregation Access • The Aggregation module may provide the primary communication path for server to server traffic • Non traditional traffic emerging • Driving lower oversubscription and 10GE uplinks • Servers now ship with PCI-X NIC’s and GE • Plan bandwidth for future server true capacity

  14. DC Core LayerHigh speed switching fabric for Aggregation Modules • Interconnects AGG Modules • Isolates failure domains • Scales large STP diameters • Improves 10GE scaling • Plan & build DC core up front Enterprise Core DC Core Agg Module1 Agg Module2 Aggregation GE/10GE GE/10GE Access N x 100 Servers N x 100 Servers

  15. Cust 1 Cust 2 Cust N Cust 1 Cust 2 Cust N Cust 1 Cust 2 Cust N Cust 1 Cust 2 … … … Concerns for privacy & security High CapEx & OpEx Service Integration and VirtualizationEvolving towards Virtual Network Services Dedicated Shared Quasi Virtualized Virtualized Virtual Network Service Service context Physical Resource

  16. DC Consolidated InfrastructureIntegration & Virtualization Core Core StatefulFirewalls StatefulFirewalls Content Caching Content Caching HighDensity Multilayer LAN Switch HighDensity Multilayer LAN Switch ServerLoad Balancing ServerLoad Balancing IPS farm

  17. Firewall Services Intrusion Detection Server Virtualization Network Analysis Virtual I/O File Caching Compute Fabric Services VPN Termination Remote DMA Services Server Balancing Clustering Services SSL Offloading Fabric Gateway Services DOS Protection Content Caching Virtual Fabrics (VSANs) Storage Virtualization V Data Replication Svcs Fabric Routing Services Fabric Gateway Services DC Storage Network Layers Core Aggregation Access Server Farms Server Clusters Edge Core Storage/Tape Farms

  18. Direct Attach Storage • Direct Attached Storage (DAS) • Storage is captive ‘behind’ the server, limited mobility • Limited scalability due to limited devices • No storage sharing possible • Costly to scale; complex to manage Clients LAN Application Servers Win2k Win2k Linux Unix Linux Unix SCSI FC FC Tape Direct Attached Storage

  19. LAN Storage Area Network Separation of Storage from the Server Clients • Storage is accessed at a block-level via SCSI protocol • High performance interconnect providing high I/O throughput • Lower TCO relative to direct attached storage, storage can be shared • Limited vendor interoperability • Complex management DatabaseServers Fibre Channel SAN BlockStorageDevices Storage Area Network (SAN)

  20. Virtual SAN (VSAN) • A Virtual SAN (VSAN) provides a method to allocate ports within a physical fabric to create virtual fabrics • Analogous to VLANs in Ethernet • Virtual fabrics created from larger cost-effective redundant physical fabric • Reduces wasted ports of island approach • Fabric events are isolated per VSAN – maintains isolation for HA • Hardware-based isolation - traffic is explicitly tagged across inter-switch links with VSAN membership info • Statistics can be gathered per VSAN Physical SAN islands are virtualized onto common SAN infrastructure Cisco MDS 9000Family with VSAN Service

  21. DC Interconnect GE Campus Core DC Interconnect WAN Data Center Core Metro Ethernet Aggregation Access IBM Servers SONET/SDH Network Access 1/2 Gb FC/FICON Core DWDM Network IBM GDPS Storage

  22. Firewall Services Intrusion Detection Server Virtualization Network Analysis Virtual I/O File Caching Compute Fabric Services VPN Termination Remote DMA Services Server Balancing Clustering Services SSL Offloading Fabric Gateway Services DOS Protection Content Caching Virtual Fabrics (VSANs) Storage Virtualization V Data Replication Svcs Fabric Routing Services Fabric Gateway Services Server Fabric Layers Core Aggregation Access Server Farms Server Clusters Edge Core Storage/Tape Farms

  23. RDMA • High Bandwidth • Low Latency • InfiniBand today; PCI-Express and /or 10GigE when ready High Performance Server-to-Server Interconnect Policy-Based Dynamic Resource Mapping • Shared Resources Across Entire Cluster • Routing, Aggregation, Load Balancing • App/OS to CPU provisioning Virtualization (I/O, Storage, and CPU) Server SwitchesRequirements being addressed Performance and Control

  24. High Performance Computing (HPC) • “Enterprise-Class” HPC • Database Scalability Server Clustering • I/O Consolidation • I/O Aggregation • Server Consolidation I/O Virtualization Applications • Application Provisioning • Server Re-purposing • Server Migration Utility or Grid Computing Server Switch ApplicationsWhy Are Performance and Control Important?

  25. Today’s Enterprise Service ProvisioningA Scale-Out Example NetOps ensures Branch connectivity/ Routable Subnet Assume you just want to add one server to a web-farm… The challenge is one of ‘coordination delays’. This type of simple scale-out of an existing serve often takes enterprises 90-days. New service turn-ups, after the application has been developed, often take 180+ days. VFrame is designed to eliminate these delays and automate the provisioning of services SecOps checks security policy, expands FW Port Range SLB Admin Adds Server to Pool NetOps connects Ethernet cabling, configures VLAN/Port Config SysAdmin racks new server Loads O/S and Applications StorageOps configures LUN, maps to Server StorageOps provisions disk volume and resources

  26. Policy VFrame picks server with right criteria to run application and boots server Application: SAP Image Performance VFrame gives new server right VLAN and LUN info so it can find/be found by right clients and storage Security Availability Accounting Application Service Provisioned! Data Center AutomationVframe Data Center 1.0 Define application services and pass policy to VFrame Data Center Administrator VFrame translates policies to actions and passes to infrastructure VFrame identifies right App / OS Image From storage VFrame™ NAS MDS 9500 Catalyst 6500 SAN VFrame provisions security policies to FWSM CSM Load Balancer FWSM Firewall Servers VFrame provisions CSM to add new server to load balancing pool Campus/ WAN/VPN

  27. Agenda • Data Center Challenges and Trends • Cisco Data Center Network Architecture • Summary

  28. Decide on the end-state data center: What should the data center be infive years? Identify main immediate challengesand initiatives: Consolidation, business continuance, virtualization, on-demand, etc. Develop data center networking strategy: Data center and network stakeholders engage Supports data center short- to long-term goals and initiatives Engage with Cisco and partners: Plan, design, deploy, implement, operateand optimize Data Center Networking Action Plan

More Related