Buy or Renew
Buy or Renew
Cisco DNA Center is now Catalyst Center. New name, same great product. Learn more about Catalyst Center here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
241
Views
1
Helpful
3
Replies

DNAC IP addresses to be used for our network device SNMP Template

ChrisMott30064
Level 1
Level 1

‎07-16-2024 03:33 PM

I was handed a deployed DNA-Center 3-node Cluster. It is NOT configured to apply any Template information, for now it's only being used for Assurance purposes. Therefore, we add all "snmp-server hosts X.X.X.X" manually on our network devices.

I know from our switch configs there are seven IP addresses defined as DNAC hosts, and the VIP configured for the Cluster is NOT in that list.

What I'm looking for is to discover the DNAC IP addresses that are listening for SNMP Traps so my device-level SNMP configuration had ONLY the hosts that it needs.

Do I use the CIMC/Management interface IPs, a Service IP, or ...?

I've been scouring the GUI and CLI with limited success. Can someone point me the right way?

Labels:
0 Helpful
3 Replies 3

Torbjørn
Spotlight
Spotlight

‎07-16-2024 03:53 PM - edited ‎07-16-2024 03:55 PM

You would typically not configure that manually. If you select a device in inventory, you can select "Action", "Telemetry, "Enable application telemetry" or "Update telemetry". If you click through this the DNAC will apply the required telemetry( including SNMP) configuration to the device. This will also automatically select the appropriate destination address(I believe it will alsways use the enterprise interface VIP regardless of other addresses/interfaces configured)

You can also have DNAC provision the SNMP trap configuration for your other SNMP servers by adding them under "Network Settings", "Telemetry", "Add an external SNMP Trap receiver"

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev
0 Helpful

ammahend
VIP
VIP

‎07-16-2024 04:55 PM

You will use enterprise IP of DNAC (which in your case seems like is also used for DNAC management) 

in the design just check use dnac as snmp server and reprovision your switch, it will push dnac ip as snmp host, thats all you need to do. 

ammahend_0-1721174099282.jpeg

 

-hope this helps-
0 Helpful

maflesch
Cisco Employee
Cisco Employee

‎07-19-2024 01:02 PM

While both answers previous do contain factual information, they assume some information or are wrong in this case.

For Ammahend's response, the customer states they are not managing the devices for automation, only for assurance. In cases like this, we won't provision the devices. Also, the statement that you will use the Enterprise IP is the intended design but not the necessary design. You will use the VIP (if configured) for which ever interface the communication goes through to reach said network devices. To find out this information you can issue the following command in the Catalyst Center CLI:

ip route get <network device IP>

This will display which interface the communication for that IP goes out of. Then you can determine if you have a VIP by running this command on each node in the cluster:

ip a | grep <interface from above command output>

If you have a VIP defined, which in a three-node cluster you must have one defined, this will be listed under the physical IP address of that interace and have a /32 subnet suffix. For instance:

$ ip route get 192.168.50.1
192.168.50.1 via 192.168.40.40 dev enterprise src 192.168.40.234 uid 1234
cache

$ ip a | grep enterprise
2: enp94s0f0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master enterprise state UP group default qlen 1000
8: enterprise: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
inet 192.168.40.234/24 brd 192.168.40.255 scope global enterprise
inet 192.168.40.244/32 scope global enterprise

Notice that my 192.168.40.234 is my physical IP, while my 192.168.40.244 is my VIP. The VIP is the one you want to use for your SNMP host commands.

In regards to what Torbjorn stated, when the device is assigned to a site, telemetry should push then, which includes the SNMP statements. If you are not assigning your devices to a site, then no telemetry will push. The option stated about forcing a telemetry push would work, if the device is assigned to a site. Also, when doing a telemetry push for regular telemetry, such as snmp/Assurance, and not for netflow/Application Visibility/Experience, then we do not use the Enable Application telemetry. This option is only for enabling telemetry for application information, such as visibility/experience. Instead, only use the Update Telemetry option with the Force Push box checked.

Customers Also Viewed These Support Documents