05-11-2023 12:12 AM
Hi,
I have a customer who has a large estate spread across multiple regions. We've set-up the Network Hierarchy to reflect the geographic locations and buildings.
Most of the switches across the whole network have config that is around 95% the same for consistency, however, there are some small regional differences for things such as L2 VLAN's, Regional Radius Servers, EIGRP config, etc
I was hoping to use DNAC Templates to help with this consistency and automation of onboarding going forward, by applying most of the config via CLI Template at an Organisation Level, with the region specific config applied via another template at the next level down in the hierarchy. However, it would appear that DNAC won't let me attach 2 network profiles to the same container in the hierarchy.
The Hierarchy is currently something like :-
Is there a way I can do this with a hierarchy of simple template scripts, or will it need to be a fairly complex CLI Template script applied at the organisational level??
Hope that makes sense, would welcome guidance...
Solved! Go to Solution.
05-11-2023 11:45 AM
This should get you started with the basics:
https://github.com/kebaldwi/DNAC-TEMPLATES/tree/master/LABS/LAB-D-Composite-Template
To start simple, create a few composite templates (named "Site A", "Site B", Site C")(I think they need to be in the same Template Project) , one "Shared" Regular Template, and 3 site specific Regular Templates ("A-config", "B-config", "C-config". Each composite will reference 2 regular templates, "Shared", and "A-config," for one the first Composite Template, then "Shared, and "B-config" for the second, and so on.
Then when it comes to creating network profiles, create a different network profile for each Site and reference the composite template name that maps to that site.
05-11-2023 10:59 AM
One of these tools should help. For simplicity, I'm assuming all the hardware product families are the same:
1) Use composite templates. Each Region gets it's own Network profile specifying a unique composite template. Each composite template is built of the shared config and the special config. That still lets you manage the shared config in a single place.
2) Use Tags. Tag all the devices at Region A with a unique Tag (this is done in Inventory). Keep the shared template untagged, but tag the "special" template with the same tag from Region A (this is done in the template properties). Then when you go to provision, I believe DNA always apply an untagged template, plus any templates that match the tag of the device..
05-11-2023 11:08 AM
Thanks for the reply. I had considered the use of tags but my only concern is that it requires some discipline on behalf of the person provisioning the device, and if they forget to apply the correct tag the config wont be apply correctly. Unless there’s a way to force a tag on a device using policy (based on the site its provision to)??
Would you mind expanding on the idea of composite templates please. I’m fairly new to DNA centre and Velocity/Jinja scripting.
Thanks again…
05-11-2023 11:45 AM
This should get you started with the basics:
https://github.com/kebaldwi/DNAC-TEMPLATES/tree/master/LABS/LAB-D-Composite-Template
To start simple, create a few composite templates (named "Site A", "Site B", Site C")(I think they need to be in the same Template Project) , one "Shared" Regular Template, and 3 site specific Regular Templates ("A-config", "B-config", "C-config". Each composite will reference 2 regular templates, "Shared", and "A-config," for one the first Composite Template, then "Shared, and "B-config" for the second, and so on.
Then when it comes to creating network profiles, create a different network profile for each Site and reference the composite template name that maps to that site.
05-16-2023 12:44 PM
Thanks for that - really helpful and I think I have a way forward with Composite Templates!
My next challenge is creating a script that can identify the copper ports on a stack of 9300's (which could have up to 6 members, and a mixture of 24 and 48 copper ports on each member) so I can set an access and voice vlan for each of them.
If possible, I'd also like to determine if the Fibre Uplink ports on switches 1 & 2 are 1GBE or 10GBE so I can configure them as Trunks and create a port-channel automatically??
IMy scripting/programming experience is limited, so grateful for any help??
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide