Why is DNAC provisioning global macro auto back onto switches??

jstryk · ‎08-04-2023

We recently upgraded our infrastructure to dnac 2.3.3.7 and our switches to 17.9.3 to be in line with current suggested code. However when we updated we started running into an issue when provisioning devices through host onboarding. DNAC keeps re-applying global macro auto processing and device classifier back onto the switches and interfaces, can anyone explain to me who,what,when,where and why it would be enabling a config that is triggering macros that are changing its own intended configuration for the ports?? Global Macro causes major problems for us and I don't see where it is configured in DNAC or why its being pushed to the switches and how to prevent it. We had a template to remove the macro auto but fabric/host onboarding is putting it right back on.

014695: *Aug 4 14:31:50.945: %HA_EM-6-LOG: catchall: enable
014696: *Aug 4 14:31:50.962: %HA_EM-6-LOG: catchall: terminal length 0
014697: *Aug 4 14:31:50.977: %HA_EM-6-LOG: catchall: terminal width 0
014698: *Aug 4 14:31:50.996: %HA_EM-6-LOG: catchall: show running-config
014699: *Aug 4 14:31:52.880: %HA_EM-6-LOG: catchall: configure terminal
014700: *Aug 4 14:31:52.917: %HA_EM-6-LOG: catchall: no macro auto trigger CISCO_CUSTOM_EVENT
014701: *Aug 4 14:31:52.949: %HA_EM-6-LOG: catchall: no macro auto trigger CISCO_DMP_EVENT
014702: *Aug 4 14:31:52.987: %HA_EM-6-LOG: catchall: no macro auto trigger CISCO_IPVSC_EVENT
014703: *Aug 4 14:31:53.022: %HA_EM-6-LOG: catchall: no macro auto trigger CISCO_LAST_RESORT_EVENT
014704: *Aug 4 14:31:53.045: %HA_EM-6-LOG: catchall: no macro auto trigger CISCO_LIGHT_EVENT
014705: *Aug 4 14:31:53.084: %HA_EM-6-LOG: catchall: no macro auto trigger CISCO_MS_VCF_EVENT 014708: *Aug 4 14:31:53.905: %HA_EM-6-LOG: catchall: no macro auto trigger CISCO_PHONE_EVENT
014709: *Aug 4 14:31:54.384: %HA_EM-6-LOG: catchall: no macro auto trigger CISCO_ROUTER_EVENT
014710: *Aug 4 14:31:54.409: %HA_EM-6-LOG: catchall: no macro auto trigger CISCO_WIRELESS_AP_EVENT
014711: *Aug 4 14:31:54.433: %HA_EM-6-LOG: catchall: macro auto global processing

014711: *Aug 4 14:31:54.455: %HA_EM-6-LOG: catchall: device classifier

jalejand · ‎08-04-2023

Global marco processing is part of the "no authentication" template, used to "automatically" onboard devices based on what the switch can detect and profile.

When configuring a port in host onboarding, it comes with the "no macro auto processing" CLI under the interface, which prevents macros from triggering. While for non configured ports, where it is expected for the switch to detect the device type, a macro will be triggered.

jstryk · ‎08-04-2023

Is there any way to prevent this? We use closed authentication for everything and only do no authentication for specific ports, however from what it sounds like just provisioning a single no authentication port would trigger the macro's again on any interface without no macro auto on it. For example, this switch it turned it on for every vlan and tunnel / access interface because we did not explicitly disable it. This is especially problematic because it is doing last resort macros on wireless clients:
015067: *Aug 4 2023 15:03:56.420 UTC: %FED_CCK_ERRMSG-4-INCONSISTENCY_FOUND: Switch 1 F0/0: fed: Consistency Checker(CCK) detected inconsistency for l3m_entry. Check 'show consistency run-id 127 detail'.
015068: *Aug 4 2023 15:08:20.805 UTC: %FMFP-3-OBJ_DWNLD_TO_DP_FAILED: Switch 3 F0/0: fman_fp_image: WRClient 0x1d4ed671 download to DP failed
015069: *Aug 4 2023 15:08:20.815 UTC: %FMFP-3-OBJ_DWNLD_TO_DP_FAILED: Switch 2 F0/0: fman_fp_image: WRClient 0x1d4ed671 download to DP failed
015070: *Aug 4 2023 15:08:20.789 UTC: %FMFP-3-OBJ_DWNLD_TO_DP_FAILED: Switch 4 F0/0: fman_fp_image: WRClient 0x1d4ed671 download to DP failed
015071: *Aug 4 2023 15:08:20.816 UTC: %FMFP-3-OBJ_DWNLD_TO_DP_FAILED: Switch 1 F0/0: fman_fp_image: WRClient 0x1d4ed671 download to DP failed
015072: *Aug 4 2023 15:08:55.093 UTC: %AUTOSMARTPORT-5-INSERT: Device Un-Classified Device detected on interface AccessTunnel0, executed CISCO_LAST_RESORT_EVENT
015073: *Aug 4 2023 15:09:20.858 UTC: %FMFP-3-OBJ_DWNLD_TO_DP_FAILED: Switch 2 F0/0: fman_fp_image: WRClient 0x1c787cf7 download to DP failed
015074: *Aug 4 2023 15:09:20.831 UTC: %FMFP-3-OBJ_DWNLD_TO_DP_FAILED: Switch 4 F0/0: fman_fp_image: WRClient 0x1c787cf7 download to DP failed
015075: *Aug 4 2023 15:09:20.859 UTC: %FMFP-3-OBJ_DWNLD_TO_DP_FAILED: Switch 1 F0/0: fman_fp_image: WRClient 0x1c787cf7 download to DP failed
015076: *Aug 4 2023 15:09:20.846 UTC: %FMFP-3-OBJ_DWNLD_TO_DP_FAILED: Switch 3 F0/0: fman_fp_image: WRClient 0x1c787cf7 download to DP failed
015077: *Aug 4 2023 15:10:21.604 UTC: %AUTOSMARTPORT-5-INSERT: Device Un-Classified Device detected on interface AccessTunnel20, executed CISCO_LAST_RESORT_EVENT
015078: *Aug 4 2023 15:10:27.577 UTC: %AUTOSMARTPORT-5-INSERT: Device Un-Classified Device detected on interface AccessTunnel7, executed CISCO_LAST_RESORT_EVENT
015079: *Aug 4 2023 15:11:20.909 UTC: %AUTOSMARTPORT-5-INSERT: Device Un-Classified Device detected on interface AccessTunnel17, executed CISCO_LAST_RESORT_EVENT
015080: *Aug 4 2023 15:11:25.561 UTC: %AUTOSMARTPORT-5-INSERT: Device Un-Classified Device detected on interface AccessTunnel5, executed CISCO_LAST_RESORT_EVENT

show macro auto interface
Global Auto Smart Port Status
Auto Smart Ports Enabled
Fallback : CDP Disabled
Interface Auto Smart Port Fallback Macro Description(s)
--------------------------------------------------------------
Vl1 TRUE None No Macro Applied
Vl1021 TRUE None No Macro Applied
Vl1022 TRUE None No Macro Applied
Vl1023 TRUE None No Macro Applied
Vl1024 TRUE None No Macro Applied
Vl2045 TRUE None No Macro Applied
Vl2046 TRUE None No Macro Applied
Vl2047 TRUE None No Macro Applied
Gi0/0 TRUE None No Macro Applied