Cisco Virtual Switching System (VSS)
Cisco 6500 switches have a feature called Virtual Switching System (VSS) that creates a virtual logical switch from two separate Cisco 6500 switches.
This creates an active control plane and a standby control plane for optimizing availability for the switches.
The VSS is an IOS solution that allows for aggregation and load balancing of Layer 2 uplinks from the access switch to both Cisco 6500 distribution switches.
The aggregation and load balancing of uplinks to the VSS is MultiChassis EtherChannel (MEC).
The access switch uplinks are aggregated as a single uplink to the 6500 virtual switch. All traffic is load balanced across all uplinks. The packets are forwarded to the available uplinks when there is an uplink failure.
There is no network access layer reconvergence required as with traditional switch designs.
For instance consider an access switch uplink failure.
The downstream traffic is routed across the neighbor distribution switch virtual switch link (VSL). The upstream traffic from the access switch uses MEC EtherChannel rehashing to forward traffic across any available uplink.
VSS load balancing is done per flow and not per VLAN.
Packet forwarding across the Cisco 6500 switch fabric is improved.
This is accomplished by aggregating the switch fabric capacity of both 6500 switches. The VSS requires deployment of the Cisco VS-S720-10G-3C, VS-S720-10G-3CXL, VS-S2T-10G or VS-S2T-10G-XL Supervisor Engine models.
Both data planes are active/active for forwarding traffic using both data planes.
There is aggregate throughput of 1440 Gbps for 2 x VS-S720 Supervisor Engines (2 x 720 Mbps full-duplex).
In addition there is an aggregate throughput of 4 Tbps for 2 x VS-S2T Supervisor Engines (2 x 2048 Tbps full-duplex). There is a loop free topology created with a virtual switch and as a result spanning tree protocol (STP) isn't required for Layer 2 convergence.
STP should be deployed however for the features that detect configuration errors.VSS allows for network designs that have VLANs spanning across multiple access switches.
The single virtual switch with the unified control plane eliminates the need for FHRP (HSRP, VRRP, GLBP) for default gateways services. The traditional design uses both distribution switches with dual Supervisor Engines. The VSS design creates a virtual switch with a single Supervisor Engine from each switch configured as either primary or standby mode for control plane failover. There is high availability at the Supervisor Engines with non-stop forwarding and stateful switchover (SSO).
Those features synchronize routing tables and state information between Supervisor Engines. When the primary Supervisor Engine fails on one switch, the Supervisor Engine of the other switch becomes the primary for control plane management.
The switchover is fast and seamless while packet forwarding continues.
There is no routing convergence required for upstream or downstream traffic when MEC is deployed with NSF/SSO. VSS eliminates asymmetric forwarding and unicast flooding. Cisco devices allocate traffic across members of an EtherChannel bundle using a hash distribution mechanism.
The hash distribution algorithm is an adaptive algorithm. Use of the adaptive algorithm eliminates the reset of the port ASIC on each port in the channel when a single physical port is added to or deleted from the EtherChannel.
There is a slight improvement in network convergence time with the use of Layer 4 hashing algorithm to maximize load distribution across MEC formed via PAgP and LACP
VSS Advantages
No requirement for default gateway services (HSRP, GLBP, VRRP).
No requirement for deploying or relying on STP for convergence.
Single control plane
Increased throughput with active/active forwarding of both 6500 switch data planes.
Increased throughput with load balancing of all MEC uplinks from the access switches.
There is no Layer 2 or Layer 3 convergence event required when there is a 6500 distribution switch failure.
The access switches and core switches continue forwarding packets. It is a link failover event using Multichassis EtherChannel (MEC) to load balance traffic across available links.
NIC
Teaming active/active mode is available for load balancing from the server to switch.
Dual-Active Detection
If the VSL fails, the VSS standby chassis cannot determine the state of the VSS active chassis. To ensure that switchover occurs without delay, the VSS standby chassis assumes the VSS active chassis has failed and initiates switchover to take over the VSS active role.
If the original VSS active chassis is still operational, both chassis are now VSS active.
This situation is called a dual-active scenario.
Dual-active scenario can have adverse effects on network stability, because both chassis use the same IP addresses, SSH keys, and STP bridge ID. The VSS must detect a dual-active scenario and take recovery action. The VSS supports these three methods for detecting a dual-active scenario.
You can configure all three of the following detection methods to be VSS active at the same time.
1.
Enhanced PAgP is a feature of PAgP used to communicate messages between the 6500 switches.
The enhanced PAgP messages are sent across the MEC link that connect the access switches and the distribution switches. Enhanced PAgP is faster than bidirectional forwarding detection (BFD) however requires the access switches to support the PAgP enhancements.
2. Bidirectional Forwarding Detection (BFD) uses BFD hello packets sent across a backup Ethernet switch connection. The BFD protocol is configured at both distribution switches and does not require access switch support.
3.
Dual-Active Fast Hello uses hello messages sent across a backup Ethernet switch connection.
The Layer 2 hello messages detect switch VSL failure.
This method is faster than BFD and is available only in Cisco IOS Release 12.
2(33)SXI and later releases.
For link redundancy, dedicate at least two switch ports per switch for dual-active detection.
For module redundancy, configure the ports on different line cards at each chassis, and not on the same module used for the VSL links.
Cisco Nexus Virtual Port Channel (vPC)
This is a feature available with Cisco Nexus switches using a virtual port channel.
That creates a virtual channel between access switches and two separate Nexus switches. The vPC can be configured between distribution and core switches as well.
It is similar to VSS however there are some slight differences. The Nexus switches don't share a single control plane as with Stacking and VSS.
Instead both switches have separate control planes for managing traffic. As a result access switches still requires a default gateway such as HSRP, GLBP or VRRP for Nexus switches deployed as a distribution switch.
The Nexus vPC does allow for data plane forwarding from both active and standby Nexus default gateways.
STP is still recommended as well but not for Layer 2 convergence. It is used for detecting errors resulting from problems with cabling, faulty NIC cards, configuration errors etc.
The default and recommended spanning tree protocol for Nexus switches is RPVST+ with UDLD.
Layer 2 port channels for vPC are recommended only.
vPC Advantages
Load balancing and link redundancy with MEC link aggregation
Spanning Tree Protocol not required
Faster convergence with link and switch node failure
Utilizes all available uplink bandwidth
NIC Teaming active/active mode is available for load balancing from the server to switch
No comments:
Post a Comment