We use Cisco Nexus Series Switches on Cisco ACI. It helps to make new and easy connections. It will better if we can use Generative Artificial Intelligence with them.. We manage many domains in one place. We manage more than one company’s network, so Cisco ACI is really helpful.
Switching from NX OS to ACI OS made configuration easier after initial migration and getting to know ACI principles. There are no L2 loops and configuration mistakes as often as it used to be. There is only one management console, and policies are easily reused. The “Submit” …
We have made the decision for ACI over NX-OS for the following: - no more self-made configuration of the underlay network - ease of scaling out port capacity
Because it was quilcky to install and needed less people for the first install and automation. If we had the time I think we select the nxos with a vxlan fabric and automation like ansible but it needed to much time.
ACI is more mature compare to other cloud and fabric products. It's proven on the Cisco nxos and the engineers have the flexibility of knowing the system. Compared to the competition, TAC support is better for Cisco and the documentation covers good use cases. Power to extend …
Lower cost than FabricPath, maybe a little bit cheaper than Arista when we looked into it. I wasn't involved in the initial purchasing of ACI, and was kind of against it at first, but the product has evolved a lot over the last few years and I now believe that it can …
We just started deploying Cisco ACI to replace our Cisco Nexus infrastructure. The ACI platform allows us to do more with fewer devices, while expanding on features such as changing the Virtual Device Contexts to a better multi tenant platform. Additionally, we are able to have …
Easier configuration, no need for special stack cables when using multi-chassis ether channel and extremely high speed interfaces (1/10/25/40/50/100/400/800 Gbit/s). Cisco Nexus Series Switches is capable of both being a L2 switch and L3 switch at the same time. Possibility to …
We are using both Arista 7280 and Cisco Nexus 9300 devices. Arista switches have deep buffer features and helps us for handling the big data packets. But these switches are a little bit more expensive than nexus 9300 switches. And also Arista 7050x Series can be competitive …
We are currently in POC with the Remote Leaf connectivity that for smaller sites, no need to invest for Spine and APIC controller, we can just add a pair of Leaf Switches. I think this approach is well suited for an environment that wanted to have Cisco Application Centric Infrastructure with less consideration in the project budget. Also, they have a Back-to-Back Multipod set-up that IPN is an option to be used, you can use the SPINE switch to connect the secondary DC.
Cisco Nexus Series Switches is well suited, for any spine and leaf architecture has it could be done through ACI, EVPN, or use as L2 only it could be used in different environments and thanks to these high scalability it could be evolve easily. Some advanced solutions like AI or centralized management, are less easy to integrate and need other solutions to interact and also not always planned since the installation.
So with the old one, we've had a secure zone, core zone, so we have special hardware specific for those zones, so security zones in our data center. This allows us to basically have the spine leaf and we could put any ports in any zone. So it allows a lot more, I'd say efficient use of equipment, being able to plug in things to whatever, and then program it to how you want it to work on.
Maintenance, upgrades, and software certification can be performed without service interruptions because of the modular nature of NX-OS and features such as In-Service Software Upgrade (ISSU) and the capability for processes to restart dynamically
FabricPath:
Enables each device to build an overall view of the topology; this is similar to other link state routing protocols. Each device in the FabricPath topology is identified by a switch-id. The Layer 2 forwarding tables are built based on reachability to each switch-id, not by the MAC address. Eliminates spanning-tree to maximize network bandwidth and flexibility in topological configurations, as well as simplify operational support and configuration. This enables a tremendous amount of flexibility on the topology because you can now build FabricPath topologies for Layer 2-based networks the same as for Layer 3-based networks
Overlay Transport Virtualization (OTV): Enables the Layer 2 extension between distributed data centers over any transport Layer 3 network
Actually we had some issues in past as well in which this multi ACI, whenever we run it into multi-part architecture mode or design. So we have a lot of multicast issues in between. In which endpoints between the data centers in the single EPG or bds, were unable to connect with each other due to that multicasting loops and other stuff. So this is the problem we faced multiple times in the past.
Implementing jumbo frames on interfaces of its fabric extender series (N2k, etc.) by editing the network QoS does not have to be a global configuration that would affect all its interfaces. It can be improved to become just an interface configuration.
Licensing on the NXOS is a bit complicated and expensive. I understand that the Nexus is made for core data center switching but it does not have to break the bank.
OTV technology is for Nexus only. Based on the advantage of the technology, it should be made vendor-neutral to accommodate other vendor devices.
Cisco ACI is doing exactly what was intended for it to do, that is support our next generation data centre, improve security, and increase resiliency. Migrating to another platform would be a waste of time, resource and energy, which could be better spent migrating more legacy applications into the Cisco ACI fabric.
Because its the best tech out there and all our engineers are very used to working on Cisco switches. It is great for troubleshooting issues on L2 and L3. It provides bandwidth and throughput like no other switch out there. We are a ACI shop so the Nexus blends nicely with that
Cisco ACI has changed the traditional data center model into a new era of automation and agility. The product was considerably easy to deploy met all the expectations. In terms of usability, ACI provides a unified interface for managing the whole infrastructure in one place which is the main benefit for users (admins)
The platform has a good performance. The major issue is all the bugs you can discover across the operations, and it can be a big challenge depending on the number of Cisco Nexus Series Switches you have deployed. In our case, we own more than 200 Cisco Nexus Series Switches 9k, and we face an upgrade process, it could be a long time project to grant a new software deployment in all our switches platform.
I do not give it 10 because the platform evolves more and more every day in the data traffic of the datacenter. But the implementations that they carry out for different clients of the platform are very happy with the result of the same over time. Another point that you notice about the platform, despite its good performance, is the low use of energy used by this 24x7 on, it is a good fact to take into account for our environment.
These switches are very fast. They've been designed to work within the data center. We connect them to Cisco UCS-B Mini servers with the storage being directly attached. They are able to handle the data traffic pretty easily. We can also move servers pretty fast from data center to data center without overloading them. This has allowed our company to stay running during any kind of conditional outage. We have come to really rely on them for business continuity.
Cisco provides users and partners with a multitude of data for you to consume. I think that the stuff in the public domain goes a long way to assisting you find any answers you may need, plus insights and information from areas such as DevNet provide you with access to more than just the traditional release notes and the like
Overall, Cisco has great products and I believe that they believe in the philosophy of a great customer experience. Although there have been a few technical support issues that caused a lot of company anxiety, in most cases, Cisco has gone above and beyond in making a valiant effort to help the customer solve any issues.
The Cisco ACI training provided by Cisco was in depth, covered all of our requirements, and allowed us to implement and maintain the platform without issues.
Being involved in the implmentation gives you more overview on how things are supposed to be working and communicating, you can easily performce troubleshooting and understanding the troubleshooting scenario
I have used competitors fabric products, however they were unmanaged (no APIC) and manually configured. In this deployment model, all tasks are manual and there is no central controller to monitor and maintain the system. It's also prone to configuration errors as each leaf switch is individually managed. APIC solution is much better.
The Cisco 9000 stacks up quite well against the Cisco Catalyst 3850 switches. The additional features available in the Nexus 9000, such as VPN, FCoE, 40 gigabits, give us the ability to support the future needs of the company in our data center. The Nexus 9000 allowed us to condense our core and aggregation environment that comprised of 2 Catalyst 6504 and 2 Catalyst 6509 to a port of Nexus 9000. Although the Catalyst 3850 would be sufficient to handle routing, those features in the Nexus 9000 made it the clear choice for us.
Cisco ACI scales well and is suited in scenarios such as multi-cloud or large data centre implementations. It is not suited to smaller deployments as the efficiencies that it provides are not fully realised. It is well suited in large environments that contain both virtual and bare-metal machines allowing a great deal of flexibility. It is also perfect to support multi-tenancy platforms.
The Nexus 3000 series switches are data center switches, so I would say they have similar security ability to other switches in this segment. I don't have a lot of experience doing more than basic ACL security on switches, but I know these can be integrated into other security solutions like Cisco ISE and 802.1x authentication. It could also be integrated into an ACI solution to add micro segmentation, which would bring in other security functions.
We've definitely spent quite a bit of time relearning how to do things in ACI, but I think the investment has been well worth while considering that we can now deploy tenants and leaves from the ground up in a matter of seconds.
We can if we choose to upgrade an entire datacenters worth of switches in a single night. (We've chosen to break it up for availability requirements, but if you didn't require 99.999% uptime like us you may be able to do it)
