hi there.. I'd like to know

ciscomoderator · ‎02-02-2015

Based from the Deep-Dive series webcast, Cisco Expert Vishal Mehta will be available for an Ask the Expert discussion focused on the advantages of Nexus 1000v Solution across spectrum of technologies and how it can be leveraged to enhance your Data Center Virtual Infrastructure to meet the next-generation goals.

Ask your Questions from February 12 through March 4, 2015

Vishal Mehta is a Technical Marketing Engineer with Cisco's Data Center Competitive Insights Team based in San Jose, California. Previously he was working as the customer support engineer for Cisco’s Data Center Server Virtualization Technical Assistance Center (TAC) team for the past 3 years with a primary focus on data center technologies such as Cisco Nexus® 5000, Cisco UCS, Cisco Nexus 1000V, and virtualization. He presented at Cisco Live in Orlando 2013, Milan 2014, and San Francisco 2014 (BRKCOM-3003, BRKDCT-3444, and LABDCT-2333). He holds a master’s degree from Rutgers University in Electrical and Computer Engineering and has CCIE® certification (# 37139) in Routing/Switching, Service Provider & Data Center

Part 1: Conquered Territory: Multi-Hypervisor – February 12, 2015
This session will discuss and compare about Nexus 1000v deployments on VMware, Hyper-V and Openstack-KVM hypervisors.

Part 2: Meet the 1000v Family: The Secret of Unity – February 17, 2015
This session will discuss vPath: The Secret behind uniting Virtual Network Services provided by ASA 1000v, VSG, vWAAS, Nexus 1000v, vNAM.

Part 3: Game Changer: Silver Lining in the Cloud – February 24, 2015
The core of this session will go through Nexus 1000v capabilities in ACI and ICF.

Find other https://supportforums.cisco.com/expert-corner/knowledge-sharing.

**Ratings Encourage Participation! **
Please be sure to rate the Answers to Questions

Gustavo Hernandez · ‎02-18-2015

Hello,

How is ASAv different that Physical ASA?

Vishal Mehta · ‎02-19-2015

Hello Lisa,

Both Physical ASA and Virtual ASA are Layer 3 edge firewall providing traditional filtering capabilities between different subnets.

However ASAv does not have all the capabilities that exists in Physical ASA.

for example:

ASAv does not have DMZ interfaces and cannot have sub-interfaces.
Also the protected VMs needs to in same subnet as inside interface and cannot be L3 hop away in comparison with Physical ASA

ASAv is targeted for virtual workloads on tenant-basis (smaller-scale) so that traffic does not need to traverse all the way in core to reach Physical ASA for getting firewall services

Thanks

Vishal

Jessica Deaken · ‎02-18-2015

hi there.. I'd like to know that since VSG and ASAv are both firewalls, how is traffic protected by both?

thanks

Vishal Mehta · ‎02-19-2015

Hello Jessica,

Both ASAv and VSG are used in conjunction to provide over firewall security.

VSG provides intra-vlan (i.e. east-west traffic) security at L2

ASAv provides inter-vlan (i.e. north-south traffic) security at edge (L3).

So using vPath service-chaining we can leverage both firewalls.

Thanks

Vishal

Jackson Braddock · ‎02-18-2015

Does PNSC integrate with other Prime Modules (ie Infrastructure)?

Vishal Mehta · ‎02-19-2015

Hi Jackson,

PNSC can integrate with all Virtual Service Nodes (VSNs) such as VSG, ASAv, VSM, vNAM, vWAAS, CSRv, Netscaler.

PNSC integrates with Virtual Machine Managers like vCenter and SCVMM

It can also integrate with VACS, UCS-Director, ICF-Director for cloud provisions

It exposes North-bound API to integrate with 3rd party and orchestration tools

Thanks,

Vishal

Marcelo Vieira · ‎02-19-2015

Hey Vishal..

What type of communication happens on PNSC with other components?

Vishal Mehta · ‎02-20-2015

Hello Marcelo,

PNSC is in control plane with all virtual components.

Using policy-agent (communication application running across these components), PNSC can push new/modified configurations, policies to the components; also retrieve state information from the components; get VM attributes from Virtual-Manager and so on...

With aid of policy-agent, PNSC acts as communication channel across all components to make sure the policies remain in-tact.

Thanks,

Vishal

Emanuel Diaz · ‎02-22-2015

How do I migrate VSM from using VM to VSB on Nexus 1110?

Vishal Mehta · ‎02-23-2015

Hello Emanuel,

Detailed guidelines with configuration steps to migrate VSM as VM to as VSB is specified at below guide:

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus1000/cloud_services_platform/521_SP1_71/sw/cg/guide/b_Cisco_Nexus_CSP_SW_CG_Guide_Rel_521_SP1_7_1/b_Cisco_Nexus_CSP_SW_CG_Guide_Rel_521_SP1_7_1_chapter_0110.html

If you have any doubts on above migration steps, please let me know.

Thanks,

Vishal

Emanuel Diaz · ‎02-22-2015

Also, is there a good video demo available which explains/shows the deployment/configuration steps of nexus 1000v on the nexus 1110 appliance ?

Vishal Mehta · ‎02-23-2015

Hello Emanuel,

Below are good videos on VSB deployment/configuration on Nexus 1110:

http://www.cisco.com/c/en/us/support/switches/nexus-1100-series-cloud-services-platforms/products-installation-and-configuration-guides-list.html

http://www.cisco.com/c/en/us/support/switches/nexus-1100-series-cloud-services-platforms/products-installation-guides-list.html

https://www.youtube.com/watch?v=xCI1SgecHIs

Thanks,

Vishal

Christopher Duarte · ‎02-24-2015

Does HA functionality has preempt feature in VSG/ASAv ?

Vishal Mehta · ‎02-25-2015

Hi Christopher,

VSG or ASAv HA functionality does not have preempt feature (like that of HSRP).

Thanks, Vishal

Ask the Expert: DeepDive Cisco Nexus 1000V Series Switches