Buy or Renew
Buy or Renew
Cisco DNA Center is now Catalyst Center. New name, same great product. Learn more about Catalyst Center here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1629
Views
0
Helpful
3
Replies

What license is needed for DNA Center netflow collection?

Go to solution
gabori
Level 1
Level 1

‎07-07-2023 12:15 PM

Our customer would like to use DNAC as simple netflow collector, similarly as it would work with Prime Collector license.

My understanding:

  • DNAC cannot work as simple netflow collector, only as Application Telemetry collector
  • Application telemetry requires DNA-Advantage license

So, does that mean that Prime Collector like behaviour is not achievable with DNAC, only Application Telemetry, but for that Advantage license is needed?

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
gabori
Level 1
Level 1
In response to Flavio Miranda

‎07-08-2023 01:40 AM - edited ‎07-08-2023 01:42 AM

Hi Flavio,

thank you for your response!

In my understanding Enable Application Telemetry works only with DNA-Advantage, as that is not a simple FNF but uses AVC(and AVC needs DNA-Advantage).

I just tested this on a 9300 with DNA Essential with the following result:

  • I have the switch provisioned with "Use Cisco DNA Center as NetFlow collector server" enabled in Network settings. All that does is configuring a netflow exporter on the switch
  • I have selected "Enable Application Telemetry" in DNAC. DNAC warned me that this is only available with DNA-A
  • Nevertheless I clicked on Enable. DNAC deployed another flow exporter configuration on the switch(with DNAC as the destination), but nothing else
  • I have configured a flow record, a flow monitor and applied the flow monitor on an interfacethe in switch CLI
  • "sh flow exporter dnacexporter statistics" command on the switch shows now that netflow data is being sent to DNAC
  • in DNAC under Application Experience in Network Device View360 all I can see is the below:
    gabori_0-1688805086382.png

     

From this I assume that DNAC is only capable to process and visualize netflow records configured with the DNAC AVC netflow template, including AVC information(which is not supported by DNA-E license).

Or is there any other place in DNAC where I can see/analyse the basic netflow data received from the switch?

kind regards,

Gabor

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Flavio Miranda
VIP
VIP

‎07-07-2023 01:02 PM

Hello @gabori 

 Actually DNAC can act as netflow collector:

Step 4

In the NetFlow area, do one of the following:

  • Click the Use Cisco DNA Center as NetFlow collector server radio button. The NetFlow configuration on the device interfaces is completed only when you enable application telemetry on the device. Select the NetFlow collector at the site level to configure the NetFlow destination server to the device.

 https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/2-3-3/user_guide/b_cisco_dna_center_ug_2_3_3/b_cisco_dna_center_ug_2_3_3_chapter_01010.html#id_133258

And Netflow is available in both license level:

FlavioMiranda_0-1688760096477.png

 

0 Helpful

Go to solution
gabori
Level 1
Level 1
In response to Flavio Miranda

‎07-08-2023 01:40 AM - edited ‎07-08-2023 01:42 AM

Hi Flavio,

thank you for your response!

In my understanding Enable Application Telemetry works only with DNA-Advantage, as that is not a simple FNF but uses AVC(and AVC needs DNA-Advantage).

I just tested this on a 9300 with DNA Essential with the following result:

  • I have the switch provisioned with "Use Cisco DNA Center as NetFlow collector server" enabled in Network settings. All that does is configuring a netflow exporter on the switch
  • I have selected "Enable Application Telemetry" in DNAC. DNAC warned me that this is only available with DNA-A
  • Nevertheless I clicked on Enable. DNAC deployed another flow exporter configuration on the switch(with DNAC as the destination), but nothing else
  • I have configured a flow record, a flow monitor and applied the flow monitor on an interfacethe in switch CLI
  • "sh flow exporter dnacexporter statistics" command on the switch shows now that netflow data is being sent to DNAC
  • in DNAC under Application Experience in Network Device View360 all I can see is the below:
    gabori_0-1688805086382.png

     

From this I assume that DNAC is only capable to process and visualize netflow records configured with the DNAC AVC netflow template, including AVC information(which is not supported by DNA-E license).

Or is there any other place in DNAC where I can see/analyse the basic netflow data received from the switch?

kind regards,

Gabor

0 Helpful

Go to solution
alberx
Level 1
Level 1

‎05-21-2024 03:49 AM

Maybe too late for my answer, but i will anyway. I`m interested.

The licence matrix says with Essential DNA license full flexible netflow is supported (https://www.cisco.com/c/m/en_us/products/software/dna-subscription-switching/en-sw-sub-matrix-switching.html). But AVC is only supported with Advanced.

So I guess netflow collected by DNAC with essential license would be for basic monitoring of the applications like AAA, DNS and DHCP. And for full application visibility AVC must be active on switches, so Advanced licencing is required and DNAC will have the Application Experience visibility.

DNAC is not a full netflow collector to avoid using it with legacy or third party devices (https://community.cisco.com/t5/networking-knowledge-base/faq-catalyst-center-third-party-device-visibility/ta-p/4910315#toc-hId--2117898411)

Question: Do we support Application Experience with Third-Party devices?

Answer: No, NetFlow needs to be collected from the device for this operation, which is not currently designed for Third-Party devices.

 

 

0 Helpful
Customers Also Viewed These Support Documents