Building Network Automation Solutions
6 week online course starting in September 2017

Cisco Nexus 9000 and ACI: Promising P+V Architecture

Last week’s Nexus 9000 and Application Centric Architecture launch triggered an avalanche of opinions. Some bloggers focused on the fact that there’s a Linux kernel underneath the NX-OS (So what? What else would make sense?), others tried to make sense of ACI from the marketing materials (good luck with that) … and almost nobody mentioned what might be a crucial piece of the architecture: the Application Virtual Switch (AVS).

A network architecture that allows a network services designer (or application developer) to specify a policy based on application endpoints (and not IP subnets, addresses, or port numbers) is definitely badly needed. A central orchestration system is clearly a must (whether you want to call it a controller or something else is a purely marketing decision). Most recently-launched virtual networking solutions include at least parts of both components – the real differentiator will be the dirty details.

I’m still convinced that it doesn’t make sense to implement highly granular (potentially down to the flow level) network policies in hardware (at least it opens too many cans of worms). Such policies should be implemented in software in virtual switches (software switching is way more flexible than hardware implementations and works relatively well at low speeds), with a few hardware gateways handling potential exceptions. The inclusion of AVS in Cisco’s Application Centric Architecture is definitely a positive sign.

So let’s assume eventual ACI implementation will go down the path of having edge functionality in virtual switches and core functionality in hardware (it does look like MPLS, doesn’t it ;). How is that different from what NEC is doing? Obviously there’s not much you can do from the architectural perspective – only a few combinations of hardware+software functionality give you the optimal price/performance.

The true differentiations will be the controller and edge services functionality: the network services supported by the controller, potential seamless chaining of network services, optimal handling of elephants and mice … It’s way too early to judge how well ACI will handle these details – we’ll have to wait a few months for the dirty details to emerge.

In the meantime, enjoy the numerous blog posts written about Nexus 9000 and ACI:

While waiting for the ACI details

In the new few days I’ll update the Data Center Fabric Architectures slide deck to include new switch models from Juniper, Arista and Cisco (as always, everyone who attended the webinar, bought the recording, or a subscription will be notified automatically) … and hope that I’ll have enough details to tell you more about ACI in the May update session.


Post a Comment

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.