Cisco Cisco Prime Virtual Network Analysis Module (vNAM) 6.3 白皮書
3-13
Cisco Virtualized Multiservice Data Center (VMDC) Virtual Services Architecture (VSA) 1.0
Design Guide
Chapter 3 VMDC VSA 1.0 Design Details
Container Models
•
Silver—The silver container expands services, featuring three logical segments and adding SLB. As
in any container model, VSG can be added to provide additional zoning. As in the Bronze container,
CSR provides the L3 boundary and default gateway.
in any container model, VSG can be added to provide additional zoning. As in the Bronze container,
CSR provides the L3 boundary and default gateway.
Figure 3-9
Silver Container
•
Expanded Gold—This container type is the most complex, providing more expansion of protected
front-end and back-end zones while furthering the notion of separating public (Internet or
demilitarized zone (DMZ)) or shared (campus/inter-organizational) access from private access. The
expanded gold container type can include secured remote IPsec access. Note: the CSR does not
support SSL remote access (RA) VPN termination as of this writing. In this case, the term "private"
can mean that the virtual data center is routed over the private enterprise WAN or through the public
cloud provider's IP/NGN via a private MPLS VPN. In the public cloud scenario, this type of virtual
data center linked to the tenant Enterprise via an L2 or L3 MPLS VPN, is commonly termed a virtual
private data center (VPDC). Public cloud providers often use MPLS VPNs as transport for hybrid
managed cloud services. Such services include IP addressing, security (firewalling, managed DMZ,
zoning, and secure remote VPN access), and server resiliency solutions.
front-end and back-end zones while furthering the notion of separating public (Internet or
demilitarized zone (DMZ)) or shared (campus/inter-organizational) access from private access. The
expanded gold container type can include secured remote IPsec access. Note: the CSR does not
support SSL remote access (RA) VPN termination as of this writing. In this case, the term "private"
can mean that the virtual data center is routed over the private enterprise WAN or through the public
cloud provider's IP/NGN via a private MPLS VPN. In the public cloud scenario, this type of virtual
data center linked to the tenant Enterprise via an L2 or L3 MPLS VPN, is commonly termed a virtual
private data center (VPDC). Public cloud providers often use MPLS VPNs as transport for hybrid
managed cloud services. Such services include IP addressing, security (firewalling, managed DMZ,
zoning, and secure remote VPN access), and server resiliency solutions.