Since the release in May, Cisco updated its virtual switch for VMware virtual infrastructure, the Nexus 1000V, a couple of times.
The second update arrived last week, introducing a number of key features. Most of them are security-oriented and very welcome.
The most prominent anyway is a JAVA-based GUI installer for the Virtual Supervisor Module (VSM).
The GUI allows to perform several actions like create the VMware port groups, VLANs, enable the SSH service, register the Nexus plug-in inside vCenter Server and restart the VSM.
Cisco published a video to show it in action:
Nexus 1000V 1.2 also includes:
- Layer 3 control
a VSM can be Layer 3 accessible and control hosts that reside in a separate Layer 2 network - Virtual Service Domain (VSD)
Virtual service domains (VSDs) allow you to classify and separate traffic for network services.
Interfaces within a VSD are shielded by a service VM (SVM) that provides a specialized service like a firewall, deep packet inspection (application aware networking), or monitoring. - iSCSI Multipath
The iSCSI multipath feature sets up multiple routes between a server and its storage devices for maintaining a constant connection and balancing the traffic load. - DHCP Snooping
DHCP snooping acts like a firewall between untrusted hosts and trusted DHCP server. - Dynamic ARP Inspection
Dynamic ARP Inspection (DAI) validates ARP requests and response. - MAC Pinning
If one or more upstream switches do not support port channels, you can use MAC pinning to assign each Ethernet port member to a particular port channel subgroup. - Static Pinning
You can use vPC-HM to configure a port channel subgroup so that traffic is forwarded only through its member ports by assigning (or pinning) one of the following to the subgroup: vEthernet interface, the Control VLAN e Packet VLAN.