Download Cisco Systems OL-11568-01 User's Manual
Transcript
Data Center Infrastructure Design Guide 2.1—Readme File OL-11568-01 Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 ALL DESIGNS, SPECIFICATIONS, STATEMENTS, INFORMATION, AND RECOMMENDATIONS (COLLECTIVELY, "DESIGNS") IN THIS MANUAL ARE PRESENTED "AS IS," WITH ALL FAULTS. CISCO AND ITS SUPPLIERS DISCLAIM ALL WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THE DESIGNS, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE DESIGNS ARE SUBJECT TO CHANGE WITHOUT NOTICE. USERS ARE SOLELY RESPONSIBLE FOR THEIR APPLICATION OF THE DESIGNS. THE DESIGNS DO NOT CONSTITUTE THE TECHNICAL OR OTHER PROFESSIONAL ADVICE OF CISCO, ITS SUPPLIERS OR PARTNERS. USERS SHOULD CONSULT THEIR OWN TECHNICAL ADVISORS BEFORE IMPLEMENTING THE DESIGNS. RESULTS MAY VARY DEPENDING ON FACTORS NOT TESTED BY CISCO. CCVP, the Cisco Logo, and the Cisco Square Bridge logo are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn is a service mark of Cisco Systems, Inc.; and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, Follow Me Browsing, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, iPhone, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, iQuick Study, LightStream, Linksys, MeetingPlace, MGX, Networking Academy, Network Registrar, Packet, PIX, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StackWise, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0612R) Data Center Infrastructure Design Guide 2.1—Readme File © 2007 Cisco Systems, Inc. All rights reserved. CONTENTS What is Included in this DG Release? 1 Data Center Infrastructure Design Guide 2.1—Readme File OL-11568-01 iii Contents Data Center Infrastructure Design Guide 2.1—Readme File iv OL-11568-01 Data Center Infrastructure Design Guide 2.1— Readme File What is Included in this DG Release? This design guide (DG) provides guidelines for designing and building the data center switching infrastructure. Table 1 lists the technologies used in the data center infrastructure design documented in version 2 of this design guide. This table provides a quick glance of the topics and lists the timeframe (current or future) of documentation availability for each technology. Table 1 Cisco Data Center Technologies and DG Status Technology/Product Description Other Cisco Catalyst 6500 WS-X6708-10G-3C 8 port 10 GigE line card for the Catalyst 6500 Series switch 6708 notations have been added No to reflect the increased port density. Testing is scheduled for a future DG release. The data sheet is available at: http://www.cisco.com/en/US/pr oducts/hw/switches/ps708/prod ucts_data_sheet09186a00801dc e34.html Cisco Catalyst 6500 next generation This DG is based on lab testing using Native 12.2.18 SXD3 was used in the lab environment. hardware—Sup720 and 6700 Series the Sup720 and 6700 Series line line cards. cards in the Cisco Catalyst 6500 platform in core, aggregation, and access layer switches. Corporate Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA Copyright © 2006 Cisco Systems, Inc. All rights reserved. In this DG? Yes What is Included in this DG Release? Table 1 Cisco Data Center Technologies and DG Status (Continued) The ACE module introduces a next generation load balancer and security services module that permits higher performance and active-active designs. The ACE module is not an available product at the time of this writing. No Firewall Services Module (FWSM) Release 3.1 of the FWSM software Release 3.1 introduces several new capabilities including Private VLAN support and active-standby context groups, which permit load balancing of contexts across an FWSM redundant pair. No Application Control Engine (ACE) Release 3.1 is not available at the time of this writing. See the data center security DG No at the following URL: http://www.cisco.com/en/US/net sol/ns656/networking_solutions _design_guidances_list.html#an chor3 Data center security No This DG is based on the Cisco Native IOS solutions only in the Cisco Catalyst 6500 and 4948-10GE-based products. Cisco CatOS-IOS hybrid Hybrid CatOS-IOS software in the Cisco Catalyst 6500 platform Pervasive 10GE This design guide focuses on the use of 10GE technology as a primary technology used in access layer uplinks, aggregation, and core connections. Yes Server fabric switching— Infiniband Designing for HPC or database clusters using Infiniband technology No Service module integration (for Integration of service modules and example, FWSM, IDS, CSM, NAM, appliances into the data center and SSLSM) infrastructure No Service modules are examined for interoperability and placement guidelines. Detailed design and configuration guides can be found at the following URL: http://www.cisco.com/en/US/net sol/ns656/networking_solutions _design_guidances_list.html#an chor3 1RU access layer design Testing is focused on the Cisco Catalyst 4948-10GE 1RU switch. Using 1RU switches in the access layer design best practices Yes Data Center Infrastructure Design Guide 2.1— Readme File 2 OL-11568-01 What is Included in this DG Release? Table 1 Cisco Data Center Technologies and DG Status (Continued) Environmental Designing for proper cabling, cooling/airflow, and power configurations No Network Management Using the NAM, CVDM, CiscoWorks, Netflow, or other management/configuration tools No Geographically dispersed clustering Designing in support of extending (also known as stretch clusters) Layer 2 domains to support HA clustering across metro or wide area networks No CPU protection from STP loop conditions Design best practices in limiting the impact of failures related to spanning tree loop conditions Yes Spanning tree—Using 802.1w Rapid PVST+ and 802.1s MST Designing scalable spanning tree domains using 802.1w and 802.1s and related features Yes Layer 2 access design Designs using L2 looped and loop-free access layer topologies Yes Layer 3 access design Designs using L3 access layer topologies No Service layer switch design How to move service modules out of the aggregation layer and into a separate service switch chassis for CSM and SSL modules Yes Distributed Forwarding Card placement and benefits Where to use DFC3 daughter cards to Covered in multi-tier and server improve distributed switching cluster architecture chapters performance in the data center Yes Enterprise campus segmentation The need to isolate/segment multiple This is covered outside of this logical network environments on the DG document. same physical network for administration, security, or other purposes. No Use of NSF/SSO for high availability in the data center Where to use redundant supervisors in the data center architecture, and designing to support required failover times Yes Table 2 lists the technologies used in the data center infrastructure design documented in the previous v1.1. Note that version 2.1 builds on the v1.1 and v 2.0 design recommendations and it is not intended to be a replacement. Data Center Infrastructure Design Guide 2.1— Readme File OL-11568-01 3 What is Included in this DG Release? Table 2 Technologies used in the Data Center Infrastructure Design Documented in DG v1.1 Technology/product Description Layer 3 data center design Using OSPF and EIGRP in the data center design Layer 3 security Using dynamic routing protocol authentication Use of VTP in Layer 2 designs Why not to use VTP in the data center Choosing a spanning tree protocol Explains the differences between 802.1w, Rapid PVST+ and MST and when to use each Using LoopGuard and UDLD Using PortFast and TrunkFast Layer 2 security Explains VLAN hopping, MAC flooding, ARP spoofing, and spanning tree vulnerabilities Default gateway design Reviews configurations for HSRP in the data center ARP table tuning Tuning the ARP table size to optimize traffic characteristics NIC teaming design Covers the various NIC teaming methods and connectivity options Mainframe OSA and OSPF design Explains mainframe connectivity options when using the OSA interface and covers IP addressing and OSPF configurations PortFast and BPDU Guard When to use PortFast and BPDU Guard on server ports Port security Covers server port security options Server port configurations Examples of server port switch configurations Network management configuration Configuring user names and passwords, VTY access, SNMP, and logging VLAN configuration Configuring VTP, MAC address reduction, and other VLAN features Spanning tree configuration How to configure Rapid PVST+, MST, and protection from loops with UDLD and LoopGuard Switch-to-switch trunk configuration EtherChannel and trunking configuration between the aggregation layer switches Data Center Infrastructure Design Guide 2.1— Readme File 4 OL-11568-01