feature > the nsx bet
IN 2012 NETWORKS WERE CISCO’S TURF, AND IT WAS POINTLESS TO PRETEND OTHERWISE. CISCO SET THE AGENDA AND THE REST OF THE WORLD FOLLOWED ALONG.
DIFFERENT APPROACHES
Without duplicating many of the excellent comparative analyses of the various SDN solutions available, there are some broad strokes in the different approaches that are relevant. You can’t understand the gaps in NSX without understanding the competitive landscape.
Cisco’s ACI, as you might imagine, emphasizes the capabilities of hardware switching and ultimately amounts to a sophisticated way to manage Cisco switches at scale. Cisco’s SDN solution has some basic interoperation with non-Cisco switches, but the compatibility is about what you’d expect, and to get the full functionality you’re going to want Cisco’s expensive Nexus line of switches end to end.
In order for Cisco’s SDN solution to integrate tightly with virtual machines (VMs) and containers, it needs a virtual switch. Cisco pro- vides this in the form of the Cisco Application Virtual Switch (AVS). In Cisco’s world, network functions are predominantly hardware-based. Hardware routers, hardware firewalls and so on are coordinated via ACI to keep workloads secure and isolated.
top-of-the-line Cisco gear. The magic is in the virtual switches, the virtualized network management controllers and VMs running network functions (see Figure 1).
With NSX, workload data isn’t expected to traverse the network to a centralized loca- tion to be secured, forwarded or so on; each host is expected to present network func- tions to the fabric using its local virtualiza- tion capacity.
In other words, Cisco’s approach is a bit more north-south and VMware’s is more east-west. The smaller players in the market range from nearly duplicate approaches to hybrid solu- tions putting some intelligence in the switch and some in the virtual host.
Cisco’s 1000v virtual switch has been seen as the black sheep of Cisco’s offerings since its inception. Despite the fact that network con- trol all the way down to the VM level is key for delivering a full-fledged SDN solution, Cisco has publicly maintained that you can do SDN without having to dig that deep. A big part of this is that the 1000v has never been fully supported by VMware. Recently, VMware stirred the SDN pot by announcing that it was withdrawing even the capability for vendors, such as Cisco, to integrate third-party virtual switches at all.
VM
WAN Internet
Edge
Bridge
CMP
L3
L2
VM
VM
Firewall
Physical
Overlays
NSX
VMware’s NSX is also more or less what you
would expect. VMware doesn’t really care if
your network is a bunch of whitebox tin or Figure 1. One possible NSX setup.
8 vmug > compass Q2 2017
Network Fabric