What is VDC?
Virtual Device Contexts (VDC) is a feature which is used to create multiple virtual switches from one physical switch.
How many vdc we can create?
it depends which supervisor engine we are using. Please see as below:
- SUP1: 4VDC*
*** starting from 6.2(2), Sup-1 also support admin VDC. It gives us the option to either create (1 x default VDC and 3 other default VDC) or (1 x admin VDC and 4 x other default VDC)/
- SUP2: 4+1 admin.
- SUP2E: 8+1admin vdc
- Default VDC
- Admin VDC
- non-default VDC
- Storage VDC
- Default VDC: we are allowed to do administrative and control/data plane functionality. Default VDC is a pre-defined VDC and always “1” will be VDC id for default VDC.
- Admin VDC: we are allowed to do only administrative functionality. Once an admin vdc is created, it can’t be deleted and can’t be changed back to default VDC but if we really want to have default VDC then have to erase config and have to perform fresh bootup.
Note: Default and admin VDC cannot coexist at the same time. VDC 1 can either configured as default or Admin.
- Non-default VDC : Non-default VDC is fully functional VDC that can be created from default or Admin VDC. Remember that changes in Non-default VDC affect only that VDC.
- Storage VDC: Only one storage VDC can be configured per Chassis and we need FCoE license to create storage VDC.
VDC User Roles:
- Network-admin: User with network-admin access can configure all the chassis level configuration like reload, creation/deletion of VDC, allocation of interface etc. means Complete read-and-write access to the entire Box.
- Network-Operator: User with network-operator role can only view configuration and will not able to make any changes means read access to the entire Box.
- VDC-Admin: VDC-ADMIN user with VDC-Admin role can do configuration within the VDC means read-and write access limited to a specific VDC.
- VDC-Operator: User with VDC-operator role can only view configuration and will not able to make any changes means read access limited to a specific VDC.
Note: Default VDC user inherit roles read or read/write in Non-default VDC.
- we can assign an interface to only one VDC, except in specific case of shared interfaces that carry both fibre channel and Ethernet traffic. we can allocate a shared an Ethernet VDC and Storage VDC.
- When we move an interface from one VDC to another VDC then interface loses its configuration.
- Once port is assigned to a VDC, All subsequent configuration is done from that specific VDC.
- Ports of the same group may have be assigned to same VDC because few line card architecture is based on port groups, interface allocation must follow line card port-group limitation.
- Fex Ports only exist in VDC where their parent switch interface resides.
How do we know which port group a specific port belongs to and why should we care about it?
when we allocate an interface to a VDC, it will allocate the whole port group automatically therefore we should be careful while doing interface allocation and we can see port-group association using “show interface ethX/Y capabilities” command.
As we already know VDCs share NX-OS kernel and infrastructure resource and resources are classified in below catagary:
1. Global Resource: Resource that can only be allocated , configured globally for all VDC from master VDC are reffered as Global Resource like boot image configuration / CoPP.
2. Dedicated Resource: Resource that are allocated to a particular VDC is referenced as Dedicated resource like L2/L3 Ports, VLAN .
3. Shared Resource : Resource that are shared between VDC is referenced as Shared Resource like OOB management.
Communication Between VDC:
- must use front pannel port for a communication in between VDC.
- Internal cross VDC communication is not allowed.
- when using vPC or vPC+ between VDCs, ensure domain ids are unique.