cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1812
Views
5
Helpful
7
Replies

SDA switchport configuration via DNAC

ianjgrant
Level 1
Level 1

I've been setting up a wired and wireless SDA network, and am getting quite used to the DNAC system, but I'm also finding all the little quirks too.  Here is the current one...

 

I have some switchports configured for Access Points, and some of the APs are connected.  I'm not getting any telemetry data from wireless devices.  On investigation I found that the switchports have not been configured for netflow, nor CBAR.  All the unused switchports on the switch have that configuration, including the switchports assigned to APs but with no AP connected yet.

 

Has anyone else encountered this?

 

I have tried various combinations of removing / adding the config, but the switchports with the APs connected continue to be a problem.  My next step is going to be to physically disconnect those switchports and try again.

7 Replies 7

Mike.Cifelli
VIP Alumni
VIP Alumni

What version of DNAC are you running? I have not seen this in later versions of code 2.2.x.x.  

My next step is going to be to physically disconnect those switchports and try again.

-Please share findings for the rest of the community.

Hi Mike

 

DNAC version 2.2.2.6 at the moment.  I have gone through several upgrades during the life of the network, and switches have been added over time, and therefore provisioned from different versions of DNAC.

rasmus.elmholt
Level 7
Level 7

I think this a common issue, that Netflow is not configured on AP ports, when enabling telemetry on a switch.

We enabled telemetry on a version 2.2.2.4 but still no telemetry on the AP ports.

I think you could add the configuration manually, but not sure it makes sense.

ip flow monitor dnacmonitor input
ip flow monitor dnacmonitor output

The telemetry from wireless should be enabled on the WLC and the AVC information should come from it.

Manual configuration of an SDA fabric switch that has been configured via LAN Automation is a bad idea. 

 

My understanding is that with Fabric Wireless, the telemetry comes from the switchport where the AP is connected, so netflow & nbar config is needed on those ports.

LAN automation is only done when onboarding the Switch and not afterwards.

There should not be any issues when changing stuff on a Fabric enabled switch as long as you don't change anything the DNAC wants to do. I will then overwrite the config. And in the latest version of DNAC it will say the switch is out of compliance.

But for some things changing the configuration manually is the only option to get what you want.

 

The issue here is that there is no telemetry coming from the switchport as ip flow monitor is not enabled by DNAC on ports connected to an AP. The information should come from the WLC using AVC.

ianjgrant
Level 1
Level 1

***UPDATE***

 

I have now tried serveral different things including disconnecting APs, returning switchports to default state, removing nbar & netflow from the whole switch, then adding back in.  Nothing I've done aids the situation.

 

Time to open a TAC case...

If you disconnect the APs, and then configure telemetry using the DNAC all ports should be configured with ip flow monitor input|output. And then you can reattach the APs.

But you will be fighting the DNAC with this configuration.

Review Cisco Networking for a $25 gift card