Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1311
Views
3
Helpful
1
Replies

DCI 10 gig connection with Encryption

pratheesh.venu
Level 1
Level 1

‎06-21-2012 11:31 AM - edited ‎03-01-2019 07:07 AM

Hi,

We are designing a 10 gig DCI interconnect between two DCs which are 800 miles apart in US. Please share your input on settig up a layer two link with data encryption.

I am trying to address the following questions:

Is there a distance limit for VSL solution and will it support 10 Gig?

Do IP MPLS offer 10 Gig connectivity across DCs (approximately 800 Miles in US) ?

Does Nexus support vPC with MACSec(802.1 AE) across the DC? If yes, how would it handle reassembling of  encrypted frames traversing across two separate links?

I understand MACSec will add approximately 32 bytes per each frame. What would be the approximate throughput degradation on a 10 Gig DCI with encryption?

Industry best practice on setting up encryption for 10 gig DCI links

Thank You

Pratheesh

Labels:
0 Helpful
1 Reply 1

Oleksandr Nesterov
Cisco Employee
Cisco Employee

‎06-22-2012 03:58 AM

Hello Paratheesh

Here is the link that describes TrustSec implementation on N7k platform:

http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/security/configuration/guide/b_Cisco_Nexus_7000_NX-OS_Security_Configuration_Guide__Release_5.x_chapter_01101.html

And Cisco Data Center Interconnect Design and Deployment guide:

http://www.cisco.com/en/US/docs/solutions/Enterprise/Data_Center/DCI/DCI2_External.pdf

Check page 69 for config sample.

HTH,

Alex

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents