VDC is said to be virtual device context, supported by Cisco NX-OS Software series. VDC helps in partition a single physical device to multiple logical devices which acts as unique and independent switch and has its own configuration and can be managed by separate administrator.
With VDC, We can manage multiple logical switch with in physical device, each VDC has its own unique set of L2 and L3 process, which runs on each of logical switches. We can treat these logical switches or these logical switch behaves same like physical switch which has its own set of L2 and L3 process and configuration running because each logical switch contains its own configuration file stored in NVRAM via VDC name and each logical devices has its own L2 and L3 control plane as we have like in each physical switch.
Following are benefits of VDC:
- Provides Fault isolation, if any fault occurs in any L2 or L3 process, it does not affect any other processes running on another logical switches.
- Provides management Isolation, each logical switches can be treated as individual switch and can be managed separately. It can be accessed by unique individual IP.
- Hardware Isolation, if any hardware resource is allocated to any VDC , it will be part of that VDC till the time , admin can reallocated it to any another VDC.
- Provides separation of data traffic at VDC level
- Provide enhance Security at VDC level.
VDC also virtualize the control plane like L2 tables (MAC tables), L2 Protocols, RIB and Routing protocols.
When any VDC is created, Control plane processes are replicated to all other VDC by NX-OS software. This replication enables VDC administrators use VLAN and VRF independently to those used in other VDCs. In Ethernet VDC, same VLANs numbers can be used across different VDC.
VDC is created on same physical Nexus Switch by using the same Kernel and Infrastructure layer as base.
We will discuss the purpose of using Kernel and infrastructure layer in creation of VDC.
- Cisco NX-OS uses Linux Kernel 2.6 for VDC creation.
- This Linux 2.6 kernel is the base layer over which NX-OS resides and operates
- With the help of this Kernel , Nexus support Multithreading and multitasking
This Infrastructure Layer is nothing but NX-OS software that runs on Kernel.
This layer is the interface between L2/L3 layer process and hardware resources of the physical device. This Layer provides the fault, and management and hardware isolation with in VDC.
This Layer also provides the creation, deletion, moving resources across VDC, Monitoring of the VDC.
With this layer all Layer 2 and Layer 3 protocols service runs with in a VDC and are independent of each other. And these services are only virtualized when VDC is created and each VDC has its own instance of L2/L3 services
When first time Nexus box is powered up and when we login it in to it , we lands on to Default VDC which as its own Mac address. When another VDC is created , MAC address to those VDC are automatically assigned once Boot up process gets completed.
Number of VDC are dependent on Supervisor Engine model and number of License used. Below is the list that describes the number of VDC which can be created on Nexus 7000.
With NX-OS 6.1 and later we can define the CPU priority to our VDC based on VDC importance . Based on VDC priority CPU cycles are are also allocated to different VDC. These allocation of CPU cycles is controlled by kernel and is only available to SUP2/2E.
To allocate CPU Cycle, following formula is used: CPU Share = (VDC priority * 1000)
These Priority can also be controlled by administrator.
During periods of contention we can control CPU time, use the cpu-share command.
There are three types of VDC Resources that can be allocated to VDC by Network-admin user. If one resource is assigned to a particular VDC it can be managed from that VDC only. Users within a VDC cannot view or modify resources in other VDCs.
- Global Resources
- Dedicated Resource
- Shared Resources
Global Resources: Those resources which are allocated, Configured globally for all VDC from default VDC are called as Global Resources. Example: Boot Image Configuration, CoPP etc.
Dedicated Resources: Those resources that are allocated to particular VDC are called as Dedicated Resources. Example: L2/L3 Ports, VLANs, Subnets etc.
We can also classify the Resources allocated to VDC as Physical Resources, and are dedicated to VDC. The only Physical Resources is Ethernet ports that can be allocated to particular VDC. This Ethernet port can be part of one Ethernet VDC at a time except storage port which are shared resources.
Initially all physical interface belong to default VDC (VDC1), and as soon as Non-default VDC is created, we have to assign the ethernet port to that Non-Default VDC. When you allocate an interface to a VDC, all configuration for that interface is erased.
From Cisco NX-OS 5.2(1) Nexus 7000 series devices, all members of port group are automatically allocated to VDC when you allocate one port of that member group from that specific Line card
There are two types of Line card available one type of module is which that don’t have port-group architecture and any port can be individually assigned to a VDC. Another type of Line card whose architecture uses port groups in which all members of port group are automatically allocated to VDC when you allocate one port of that member group from that specific Line card.
Example: For Ethernet module N7K-F132XP-15, it has 16 port groups of 2 port each. Interfaces that belong to same port group will be member of a particular VDC .
Ethernet modules N7K-F248XP-25[E] and N7K-F248XT-25[E] modules these have 12 port groups that consist of 4 ports each and Interfaces that belong to same port group will be member of a particular VDC .
Shared Resources: Those Resources that are shared between VDCs are called as Shared Resources. Example: OOB Mgmt. Port.
VDC Module Compatibility:
Each module in VDC may or may not be compatible to other module, so while allocating ports to VDC from different module we must have to see the compatibility matrix.