Sometime around the Open Networking Foundation launch, Paul McNab VP/CTO of the Data Center Switching and Services Group, supposedly said “[OpenFlow] would be built into the NX-OS operating system of high end Nexus switches.” A bit later, the story changed to “I prefer not to pre-announce.” As I wrote before, I don’t think Cisco’s first move will be to implement OpenFlow API in NX7K and allow third parties to replace NX-OS and/or mess up the NX7K TCAM. So what could it be?
NX-OS is used in more products than just high-end Data Center switches. It’s also the control plane for Nexus 1000v and the foundation platform for the Virtual Security Gateway (VSG). Just a quick look at the Nexus 1000v architecture tells you it’s perfectly aligned with the OpenFlow concepts. You just have to implement controller-side OpenFlow in NX-OS and the Nexus 1000V VSM can control Open vSwitch (running in Xen and KVM) as well as VMware-resident VEM, giving Cisco a perfect multi-vendor hypervisor control plane solution.
The goodies don’t stop there. MPLS/VPN and LISP are already in the NX-OS code base (this is why at least MPLS/VPN could matter) and OpenFlow 1.1.0 can already be used to implement MPLS/VPN PE-router functionality. Open vSwitch does not support that particular data structure yet, but those guys are evolving pretty quickly.
The support for more generic IP-in-IP, IP-in-something or MAC-in-something encapsulations that could be used to implement LISP, GRE or other IP transports are not yet part of OpenFlow protocol’s data structures, but I don’t doubt someone will shove them into the next release (after all, they are trivial to implement on software-based platforms as soon as you have L2 or L3 lookup capabilities).
Based on all these facts, what do you think Cisco’s first OpenFlow product will be?