SDxCentral has written some popular stories, pitting VMware’s NSX against Cisco’s Application Centric Infrastructure (ACI). But a large school district in central Texas is using both products together and is pleased with the result.
The Hutto Independent School District near Austin has more than 6,000 students enrolled at eight campuses.
Prior to deploying software-defined networking (SDN) with NSX and ACI, the district’s network was built on Cisco’s Catalyst 4507 switches. These were deployed in its offsite data center and onsite at the high school. It also used VMware’s distributed virtual switches to handle its virtual desktop environment.
“Those 4507 core routers we had were really old,” says Keith Reynolds, a network administrator for the district. “We purchased Cisco ACI to replace them.”
Cisco’s ACI uses a spine and leaf architecture where the leaf switches connect to all devices out in the network, and each leaf is connected to the others via spine switches. The Hutto school district’s network has four leafs and two spines, with locations connected via private fiber.
Hutto chose VMware’s NSX to do the SDN on top of Cisco’s ACI infrastructure. It also deployed VMware’s virtual desktop infrastructure (VDI) for student computers.
The thousands of desktops were “the crux” for choosing NSX, says Reynolds. “When you virtualize your desktops and run in data centers, the data center starts getting incredibly complex – that’s where NSX shows its strength.”
Physical vs. Virtual
In addition to the desktops, Hutto’s network also handles more than 400 security cameras, as well as the heating, ventilation, and air-conditioning controls.
“VMware NSX does not do much for your physical network,” says Travis Brown, Hutto’s director of technology. “It does require an underlying physical network for it to operate. But ACI doesn’t have the same feature set in the virtual environment that NSX provides.”
Brown adds that ACI relies less on proprietary Cisco ASICs and uses more merchant silicon – a move that helps it drive down the price. “We needed to replace our aging Catalyst equipment anyway, and ACI was a good fit for that.”
Cisco’s ACI is based on its Nexus 9000 Series switches.
Both Cisco and VMware pitch their respective products for SDN, but Reynolds says, “It’s more determined on what type of environment you have. If we were heavier in the physical side and less in virtual where we just had virtual servers, we could go with just ACI. Or if we didn’t have a physical layer to worry about, we could just go with NSX.”
But Brown and Reynolds say NSX has more capabilities in virtual environments. “I can deploy a load balancer [with NSX] before Travis can even put in a purchase order to order a physical load balancer,” says Reynolds.
It took about six weeks for the school district to self-install ACI. “Because we were migrating a live environment to it, we had to do a lot more testing,” says Christopher Harding, a network administrator with the school district. “We had NSX up and running in about two weeks after we purchased it.”
Neither ACI nor NSX required the district to cut over everything in a scary all-or-nothing scenario.
“Once you get NSX installed, then you can migrate VMs over as you get comfortable,” says Reynolds. With ACI, the IT team built Layer 2 and Layer 3 relationships with its existing 4507s and slowly moved services over.
“We find that the two [ACI and NSX] are very complementary,” says Harding. “You could use either one by itself. In a heavy virtual environment, NSX might be the right one. In a heavy physical environment with some or no virtual, ACI may be the best choice. If you have both heavy physical and heavy virtual, there’s not a good reason not to get both.”