03-01-2021 08:30 AM
Hi all,
Is there any way that DNA can tell me which ports are statically configured (via DNA host onboarding) in a specific IP Pool?
The reason for asking is that we have a large SDA deployment (several hundred switches) and we need to remove an IP pool that we believe is no longer used.
Alas, we can't because at least 1 port is statically assigned to that pool so when you try to delete the pool, DNA says you can't. Unfortunately it doesn't tell you where that pool is in use - which switch(es) and which port(s).
I know we can use the native command runner to do something like a "show int status | inc XXX" (the vlan) but I can only query 20 switches at once. Not the end of the world but not ideal.
I also know it could query the command runner API using a Python script to do something similar but I wondered if DNA could tell us this somewhere natively?
Thanks in advance!
03-01-2021 09:01 AM
Are you looking to find the MAC address of the device where it is connected? using any scripting? or IP that connected to what port?
03-01-2021 09:03 AM
HI BB,
I want to find all fabric edge switch ports that are statically configured in an IP pool (the port is probably not even up/up).
03-01-2021 08:17 PM
In the DNAC GUI, under Fabric -> Host Onboarding, there is an option to filter ports using voice pools or data pools (or exact interface name) or match-all. Would that not do the trick (if you select the appropriate data/voice pool)?
At the same time, I do see the need to return (in bulk), all statically configured ports and I've had to do this for customers before (for example - you may have started off with simple static bulk assignments for pre-production with open auth and now you want to move back to closed auth as you move into production). I wrote a script for this which can be found here - https://github.com/aninchat/sda_no_auth_ports/blob/main/sda_no_auth_interfaces.py
It is easy enough to modify this to return all statically configured ports as well (excluding the open auth check). Let me know if this is something you need - I can add a VLAN option to the script and you can get all ports statically mapped to a specific VLAN in one shot.
03-02-2021 12:04 AM
Hi Aninda,
Thank you for the idea of setting the filter in host onboarding, I didn't realise the filter would persist as you click on each switch so this is definitely a step in the right directly and will do the job in the short term while still requiring a click per switch.
I REALLY like your script!
If you could add the Vlan option, that would be amazing!!
I wonder if it will required any tweaking to copy with more than 100 returned devices? I guess I'll find out
Have you added your work to the DevNet DNA code exchange?
Thank you so much,
Matt.
03-02-2021 04:50 AM - edited 03-02-2021 04:51 AM
If you could add the Vlan option, that would be amazing!!
Absolutely - I can ask for user input in the script and just use it in a regex to search for statically configured ports for that VLAN.
I wonder if it will required any tweaking to copy with more than 100 returned devices? I guess I'll find out
I think it would really come down any potential API throttling. We had moved up most of our GET APIs to 100/min in 2.1.2.x and our POST APIs to 50/min. I don't think you should hit any issues but if you do, please feel free to DM me and I can take a look.
Have you added your work to the DevNet DNA code exchange?
Thank you so much,
Matt.
Not yet, but I certainly can. Thank you!
03-02-2021 05:30 AM
You're a star Aninda! Thank you!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide