Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1312
Views
3
Helpful
1
Replies

DCI 10 gig connection with Encryption

pratheesh.venu
Level 1
Level 1

‎06-21-2012 11:31 AM - edited ‎03-01-2019 07:07 AM

Hi,

We are designing a 10 gig DCI interconnect between two DCs which are 800 miles apart in US. Please share your input on settig up a layer two link with data encryption.

I am trying to address the following questions:

Is there a distance limit for VSL solution and will it support 10 Gig?

Do IP MPLS offer 10 Gig connectivity across DCs (approximately 800 Miles in US) ?

Does Nexus support vPC with MACSec(802.1 AE) across the DC? If yes, how would it handle reassembling of  encrypted frames traversing across two separate links?

I understand MACSec will add approximately 32 bytes per each frame. What would be the approximate throughput degradation on a 10 Gig DCI with encryption?

Industry best practice on setting up encryption for 10 gig DCI links

Thank You

Pratheesh

Labels:
0 Helpful
1 Reply 1

Oleksandr Nesterov
Cisco Employee
Cisco Employee

‎06-22-2012 03:58 AM

Hello Paratheesh

Here is the link that describes TrustSec implementation on N7k platform:

http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/security/configuration/guide/b_Cisco_Nexus_7000_NX-OS_Security_Configuration_Guide__Release_5.x_chapter_01101.html

And Cisco Data Center Interconnect Design and Deployment guide:

http://www.cisco.com/en/US/docs/solutions/Enterprise/Data_Center/DCI/DCI2_External.pdf

Check page 69 for config sample.

HTH,

Alex

Customers Also Viewed These Support Documents