About Cisco Nexus Data Broker
Visibility into application traffic has traditionally been important for infrastructure operations to maintain security, troubleshooting, and compliance and perform resource planning. With the technological advances and growth in cloud-based applications, it has become imperative to gain increased visibility into the network traffic. Traditional approaches to gain visibility into network traffic are expensive and rigid, making it difficult for managers of large-scale deployments.
Cisco Nexus Data Broker (NDB) with Cisco Nexus Switches provides a software-defined, programmable solution to aggregate copies of network traffic using Switched Port Analyzer (SPAN) or network Test Access Point (TAP) for monitoring and visibility. As opposed to traditional network taps and monitoring solutions, this packet-brokering approach offers a simple, scalable and cost-effective solution that is well-suited for customers who need to monitor higher-volume and business-critical traffic for efficient use of security, compliance, and application performance monitoring tools.
With the flexibility to use a variety of Cisco Nexus Switches and the ability to interconnect them to form a scalable topology provides the ability to aggregate traffic from multiple input TAP or SPAN ports, and replicate and forward traffic to multiple monitoring tools which may be connected across different switches. Using the Cisco NX-API agent to communicate to the switches, Cisco Nexus Data Broker provides advance features for traffic management.
Cisco NDB provides management support for multiple disjointed Cisco NDB networks. You can manage multiple Cisco NDB topologies that may be disjointed using the same application instance. For example, if you have 5 data centers and want to deploy an independent solution for each data center, you can manage all 5 independent deployments using a single application instance by creating a logical partition (network slice) for each monitoring network.
Basic Salient features of the the Cisco Nexus Data Broker:
-
Scalable topology for TAP and SPAN port aggregation.
-
Robust Representational State Transfer (REST) API and a web-based GUI for performing all functions.
-
Ability to replicate and forward traffic to multiple monitoring tools.
-
Rules for matching monitoring traffic based on Layer 1 through Layer 4 information.
-
Time-stamping using PTP.
-
Packet Truncation beyond a specified number of bytes to discard the payload.
-
Custom filtering of packets using User Defined Fields.
-
Ability to adapt to changes in TAP/SPAN aggregate network states.
-
End-to-end visibility.
-
High Availability.
-
Load Balancing.
-
Manage multiple disjointed networks.
-
Integration with ACI devices/ APIC and NX-OS devices.
-
Real-time statistics for easy troubleshooting.
-
Application management via IPv6.
-
Security features, such as role-based access control (RBAC), and integration with an external Active Directory using RADIUS, TACACS, or LDAP for authentication, authorization, and accounting (AAA) functions.
Platform-wise support of the additional features of the Cisco Nexus Data Broker:
Feature Name |
Cisco Nexus 9200 C92304QC, C92160YC |
Cisco Nexus 9300(First Gen) C93128TX, C9396TX |
Cisco Nexus 9300(EX, FX, FX2) C93180LC-EX, C93180YC-EX, C93108TC-EX, C93108TC-FX, C93180YC-FX, C9336C-FX2, C93240YC-FX2, C93360YC-FX2 |
---|---|---|---|
Port Channel Load Balancing |
Y |
Y |
Y |
MPLS Stripping |
Y |
Y |
Y |
MPLS Stripping- Label |
N |
Y |
N |
MPLS Filtering |
N |
N |
N |
sFlow |
Y |
Y |
Y |
PTP/ Timestamping |
Y |
N |
Y |
Jumbo MTU |
Y |
Y |
Y |
NetFlow |
N |
N |
Y |
Q-in-Q Tagging (for TAP and SPAN input ports) |
N |
Y |
Y |
Span Destination |
Y |
Y |
Y |
Timestamping |
Y |
N |
Y |
Packet Truncation |
N |
N |
Y |
Timestamping Strip |
Y |
N |
Y |
Input Port - TAP/ SPAN |
Y |
Y |
Y |
Local Monitoring Tool |
Y |
Y |
Y |
Remote Monitoring Tool with ERSPAN support |
Y |
Y |
Y |
Remote Source |
Y |
N |
Y |
UDF |
Y |
Y |
Y |
UDF v6 |
N |
Y |
Y |
UDE |
N |
N |
N |
Drop ICMPv6 |
Y |
N |
Y |
Feature Name |
Cisco Nexus 9500(EX, FX) C9504, C9508, C9516 |
Cisco Nexus 9364C, 9332C |
Cisco Nexus 9300-GX 93600CD-GX 9364C-GX 9316D-GX |
---|---|---|---|
Port Channel Load Balancing |
Y |
Y |
Y |
MPLS Stripping |
N |
N |
Y |
MPLS Stripping- Label |
N |
N |
N |
MPLS Filtering |
N |
N |
N |
sFlow |
Y |
Y |
Y |
PTP/ Timestamping |
Y |
Y |
Y |
Jumbo MTU |
Y |
Y |
Y |
NetFlow |
Y |
N |
Y |
Q-in-Q Tagging (for TAP and SPAN input ports) |
Y |
Y |
Y |
Span Destination |
Y |
Y |
Y |
Timestamping |
Y |
Y |
Y |
Packet Truncation |
Y |
Y |
Y |
Timestamping Strip |
Y |
Y |
Y |
Input Port - TAP/ SPAN |
Y |
Y |
Y |
Local Monitoring Tool |
Y |
Y |
Y |
Remote Monitoring Tool with ERSPAN support |
Y |
Y |
Y |
Remote Source |
Y |
N |
Y |
UDF |
Y |
Y |
Y |
UDF v6 |
Y |
Y |
Y |
UDE |
Y |
N |
N |
Drop ICMPv6 |
Y |
Y |
Y |
Note |
The Cisco Nexus Series switches indicated in the above tables are recommended. For the supported NX-OS versions on the Nexus switches, see the Interoperability Matrix table in the Cisco Nexus Data Broker Release Notes, Release 3.10. The following Cisco Nexus Series switches are also supported:
|
Limitations of Cisco Nexus Series switches:
Cisco Nexus Series Switch |
Limitations |
---|---|
9364C-GX, 93600CD-GX,9316D-GX |
|