Many of you might be wondering what is Cisco VDC? Some of you might be aware about what it is. But still its good to understand the concept of VDC. I will try here to explain you few things about the VDC.
Cisco VDC is nothing but the Virtual Device Context. With this you can create a separate device running on your very same physical box. It's just like creating a virtual machine on your PC with VMware.
To understand it better, just imagine your Windows PC. You want to create a new virtual machine on that PC. Now what will you do? So, you will install your VMware player, run it and create a new virtual PC. You will assign some of your CPU, DRAM Memory and Hard-disk space for new machine and install a OS in it. That's it.
In the same way, you have a Cisco Nexus Switch. It has a NX-OS which is aware of VMware environment. Or you can say, VMware is by default available in NX-OS. So now, you just have to create a new Switch. The beautiful thing here is, you dont have to assign any resources like CPU, Memory etc. The only thing you need to assign is, your network interfaces on the Nexus box. That's it!!! A new VDC is created.
By default, NX-OS shares it kernel for all the virtual boxes. On the top of Kernel, you got various processes running inside a VDC. Since these processes are running inside the VDC, they are totally different from each other. For example, the OSPF running in one VDC is totally different than OSPF running in other VDC. The moment you create a VDC, it creates a new instance of processes. This is also called as Control Plane separation.
So dont compare your VDC with VLAN. When you create a VLAN in a switch, its like just a logical separation of broadcast domain. Within a switch you can have multiple VLANs. It is group of ports created by a single process. And you have single process in a single switch. When you create VDC, you have that same VLAN process running in each VDC. To make it more simple, you can think of a MS-Excel running in one machince is totally different than MS-Excel in other machine. Hope you got it.
From the security perspective, its like, you can hack into one VLAN from another VLAN, by using VLAN hopping attack. But you cann't do the same from one VDC to another VDC, since there control planes are separate. Thats the same thing you get when you add separate switch.
So your NX-OS is capable of virtualization, with the help of which you can create VDC. VDC create partition of a single physical device into multiple logical devices that provide fault isolation, management isolation, address allocation isolation, service differentiation domains, and adaptive resource management. Each VDC maintains its own unique set of running software processes, has its own configuration, and can be managed by a separate administrator.
The physical device always has one VDC, the default VDC (VDC 1). When you first log in to a new Cisco NX-OS device, you begin in the default VDC.
You must be in the default VDC to create, change attributes for, or delete a nondefault VDC. The Cisco NX-OS software can support up to four VDCs, including the default VDC, which means that you can create up to three VDCs.
If you want to communicate between VDC's, then you must make a physical connection from a port allocated to one VDC to a port allocated to the other VDC.
Cisco VDC is nothing but the Virtual Device Context. With this you can create a separate device running on your very same physical box. It's just like creating a virtual machine on your PC with VMware.
To understand it better, just imagine your Windows PC. You want to create a new virtual machine on that PC. Now what will you do? So, you will install your VMware player, run it and create a new virtual PC. You will assign some of your CPU, DRAM Memory and Hard-disk space for new machine and install a OS in it. That's it.
In the same way, you have a Cisco Nexus Switch. It has a NX-OS which is aware of VMware environment. Or you can say, VMware is by default available in NX-OS. So now, you just have to create a new Switch. The beautiful thing here is, you dont have to assign any resources like CPU, Memory etc. The only thing you need to assign is, your network interfaces on the Nexus box. That's it!!! A new VDC is created.
By default, NX-OS shares it kernel for all the virtual boxes. On the top of Kernel, you got various processes running inside a VDC. Since these processes are running inside the VDC, they are totally different from each other. For example, the OSPF running in one VDC is totally different than OSPF running in other VDC. The moment you create a VDC, it creates a new instance of processes. This is also called as Control Plane separation.
So dont compare your VDC with VLAN. When you create a VLAN in a switch, its like just a logical separation of broadcast domain. Within a switch you can have multiple VLANs. It is group of ports created by a single process. And you have single process in a single switch. When you create VDC, you have that same VLAN process running in each VDC. To make it more simple, you can think of a MS-Excel running in one machince is totally different than MS-Excel in other machine. Hope you got it.
From the security perspective, its like, you can hack into one VLAN from another VLAN, by using VLAN hopping attack. But you cann't do the same from one VDC to another VDC, since there control planes are separate. Thats the same thing you get when you add separate switch.
So your NX-OS is capable of virtualization, with the help of which you can create VDC. VDC create partition of a single physical device into multiple logical devices that provide fault isolation, management isolation, address allocation isolation, service differentiation domains, and adaptive resource management. Each VDC maintains its own unique set of running software processes, has its own configuration, and can be managed by a separate administrator.
The physical device always has one VDC, the default VDC (VDC 1). When you first log in to a new Cisco NX-OS device, you begin in the default VDC.
You must be in the default VDC to create, change attributes for, or delete a nondefault VDC. The Cisco NX-OS software can support up to four VDCs, including the default VDC, which means that you can create up to three VDCs.
If you want to communicate between VDC's, then you must make a physical connection from a port allocated to one VDC to a port allocated to the other VDC.