Re: Migrate from Nexus 7000 to Nexus 9300

JChen522 · ‎03-19-2021

Thinking of migrating Nexus 7000 to Nexus 9300 series. Can someone point me in the right direction the differences and what is supported and not supported? I heard that storage protocols are not supported. What else is not supported and what are the workarounds and topology change required? Thank you!

Sergiu.Daniluk · ‎03-19-2021

Hi @JChen522

First, N7K is a modular chassis, while Nexus 9300 is a fixed 1RU or 2RU switch. So a 1-to-1 replacement will be quite challenging if not impossible. I would suggest you have a look at Nexus 9500. Might be a better solution. Anyway, you find all N9300/N9500 models here: https://www.cisco.com/c/en/us/products/switches/nexus-9000-series-switches/models-comparison.html

Of course it all depends on how you have the network design in your DC.

Regarding the features supported, there are a lot of differences, way to many to enumerate them. Trust me there are a lot.

My suggestion would be to check what features are configured currently on N7K and verify it it is available on Nexus 9000, by looking into the config guide: https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-installation-and-configuration-guides-list.html

Hope it helps,

Sergiu

JChen522 · ‎03-19-2021

Thank you for the quick reply, Sergiu!

What about topology and features changes? Assuming all features are supported, will I be able to take config from the 7000 series and make interfaces mapping adjustment and expect it to work on the 9000 series?

Sergiu.Daniluk · ‎03-20-2021

Hello @JChen522

If we make this assumption that all features are supported (meaning no VDCs, no OTV, no N7K NLB specific commands and so on), then yes, you can make the port mapping, copy paste the config and replace the devices. However, you should be careful if you have vPC configured on N7K (which I believe it is). For this you will need to make some adjustments to the peer keepalive, and to the domain ID - if you plan to run both 7k and 9k at the same time in the network during the migration.

About the topology, that it all depends on what you have. There are some N9K which are positioned as EoR switches, but most of them are ToR switches. There is this old document about N9K and how is this one positioned: https://www.cisco.com/c/en/us/products/collateral/switches/nexus-9000-series-switches/guide-c07-730115.html

Of course, if you are doing a hardware lifecycle in your DC, I would suggest you go for a more modern design (CLOS topology with VXLAN). But this also implies a much bigger migration and a definitely more detailed analysis and planning.

Cheers,

Sergiu

JChen522 · ‎03-20-2021

Yes, we plan to run both 7K and 9k at the same time. Yes, there is vPC configured. Really appreciated if you can point me in the right direction or examples what settings need to adjusted.

What about the ACI images? I heard there are two images, one NX-OS and one ACI mode. If we switch to the ACI image, will all these features still be supported and just not use the ACI portion?

Sergiu.Daniluk · ‎03-21-2021

Hello,

The most important thing about running multiple vPC domains in a broadcast domain is that the vPC domain ID should be unique.

Regarding ACI, if you want to run your N9K switches in ACI, you need to have the APICs - the controllers which will be used to configure and manage the ACI fabric. You cannot run ACI on your N9K otherwise.

Stay safe,

Sergiu

JChen522 · ‎03-24-2021

Got it! Thank you for that tip!

ss1 · ‎03-21-2021

Excuse me for pointing out something stupid however Nexus 7000 are modular chassis as explained above, while Nexus 9300 are 1U or 2U devices with uplinks.

In the Nexus 7000 case, the interconnection between all line cards is done through fabric, however in the Nexus 9300 case the interconnection is done by means of physical cabling between all those switches. So in this case you need to ensure extra cabling and modules for an extra backbone between all of the 9300s. All that topology needs to be thoroughly planed as it will take over part of your switching volumes currently done between different line cards in-fabric. If you don't plan the traffic volumes precisely enough you risk ending up with congested backbone between switch A and switch B, and I would like to point once again, that backbone doesn't exist right now due to in-fabric switching between different line cards and modules.

In that case the migration from 7000 to 9300 may involve extra equipment including cabling and optical modules and I'm not sure if you already done proper design how to handle that in technical and administrative aspects with your datacenters. For example some datacenters deny MPO optic which higher the price between one 9300 and the other 9300 by 400% if not more.

In 2017 I started to deploy N3K-C3164Q in our core so that I can replace existing 3064s which were used for that purpose. The challenge was that I was lacking experience of all those different kinds of optics and cabling and I was learning about it on field. I still think I didn't make any errors in my cabling selection for the backbone in 90% of the cases however I could have bought 10 more 3164 switches with the price spent on optics and cables from that time on.

Nexus 7000 is what we are deploying now in order to serve end consumer access layer in our datacenter. I don't think anybody who was never engaged in this would ever understand how expensive delivery and management of backbone QSFPs and optics can be. I'm urging you to build proper plan including your new topology on paper and all costs set on the table so that you can consider all aspects of this migration. I suspect you are trying to lower down electricity costs by removing high-power 7000s and replacing them with low power 9000s; if so I can only recommend you not to forget my hundreds of thousands Euros spent on cablings and QSFPs for 4 years. None of this does exist now in your case due to 7000s being high density machines which perform your switching in-fabric.

Last but not least, this is a very extensive migration and you never mentioned your exact reasons till now. I mean, you need to explain what's currently not done properly with 7000s and what do you want to achieve with 9300s. Are you missing a feature or what? How big is your network? Why not do some diagram with rough estimations for your racks, how distant are they from one another, how many ports are you using, what's the failover concept currently used (bonding+LACP+VPC or STP etc). I think you can get more precise recommendations regarding your migration only if your exact use case is made aware of to the community out there.

Looking forward to your answer. Thank you.

JChen522 · ‎03-24-2021

Thank you for sharing your valuable experience! Product is going out of support and we are currently looking for options. Cablings and QSFPs definitely can get very expensive with modern architecture design. We will definitely do diagram to make sure we got all our basis covered! Thank you!