cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7115
Views
5
Helpful
5
Replies

DNA: Installation - gateway | static route configuration

brendanquinn
Level 1
Level 1

I've been trying to get the initial installation completed for Cisco DNA. 
I have been finding an inconsistency in documentation official and unofficial. 

Currently I'm in the process of running through the Maglev Configuration Wizard and am having issues with connectivity. 

 

Management port (1Gb) has been connected to a switch as an access port. 

Enterprise port (10Gb) has been connected as a trunk.  

I'm using a static route for the enterprise port which give me connectivity to the applied IP address. 

For the management port, I only have connectivity (layer 3) when I apply a static route but this drops connectivity to the IP address on the enterprise port; seems like this takes precedence over the static route applied to the Enterprise port. 

 

-Do anyone know the correct gateway and static route configuration?

-Is it possible to have the Management and Enterprise IP addresses on the same VLAN?

-Is anyone using only the enterprise port (Production traffic along with GUI access, updates etc)?

 

Regards,

 

Brendan 

1 Accepted Solution

Accepted Solutions

sivathot
Cisco Employee
Cisco Employee

Kindly find the below url doc for configuring gateway and static route.
https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/1-1/install/b_dnac_install_1_1_0P2/b_dnac_install_1_1_0P2_chapter_01.pdf

 

2--. Yes it is possible to have both in same VLAN but for best practices we prefer to have them in separate mgmt vlan apart from normal vlan for enterprise network.

 

3--Usually if you need cluster we use Cluster port, and we use it if we are planning to expand in future. Mgmt and Cloud ports are optional. Hence yes there are customers who use Enterprise port only. But it is not recommended by cisco.

View solution in original post

5 Replies 5

Mike.Cifelli
VIP Alumni
VIP Alumni
I am currently running a DNAC cluster on version 1.2.6. Cisco recommends that you use specific ports for specific things. However, you can use the ports as you please. I currently have the three copper ports in three different vlans. One for CMIC, one for gui access, and one for backend access to my SDA fabric. You can have one of the NICs be configured with a default gateway and then configure static routes on your other interfaces. If you are running a cluster note that you will need to configure VIPs on the interfaces. That is something that you will see as you progress through the wizard. Also, note that as of version 1.2.5, even if you are not running a cluster, you will need a VIP. Plan accordingly because if this needs changed later I am pretty sure it requires a rebuild. I hope this information helps you in your journey.

Johannes_Grimm
Level 1
Level 1

Hi Brendan,

 

for me the following installation worked (M4 Chassis):

 

Interface allocation:

 

1, enp1s0f0, Network Adapter #21Gbps Cisco DNA Center GUI Port
2, enp1s0f1, Network Adapter #31Gbps Cloud Port
Port 1, enp9s0, Network Adapter #410Gbps Enterprise Port
Port 2, enp10s0, Network Adapter #110Gbps Cluster Port

 

The default gateway was configured only for the enp9s0 (Enterprise Port) interface. To reach the GUI from the admin network, a static route has been set up for the GUI interface enp1s0f0. After that you can not access the enterprise port from the admins network (asynchronous routing).

 

Every Interface is in a dedicated VLAN. 

 

Configuration:

 

Cluster-Interface: Trunk

Management-Interface: Access

Enterprise-Interface: Trunk

CIMC: Access

 

I think you do not necessarily have to use the dedicated management port. You can also access the GUI/Shell via the Enterprise Port.

However, if there are problems in the enterprise network you can not access the GUI/Shell anymore. You could prevent this by accessing a dedicated management interface in his own out-of-band network.

 

I found the following installation guides to be very helpful:

https://www.cisco.com/c/en/us/support/cloud-systems-management/dna-center/products-installation-guides-list.html

 

Best regards,

Johannes

Hello Johannes, thank you for the detailed insights. 

Do you know why we have to configure the switch port as Trunk where the the Enterprise interface is connected?

Piyush

sivathot
Cisco Employee
Cisco Employee

Kindly find the below url doc for configuring gateway and static route.
https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/1-1/install/b_dnac_install_1_1_0P2/b_dnac_install_1_1_0P2_chapter_01.pdf

 

2--. Yes it is possible to have both in same VLAN but for best practices we prefer to have them in separate mgmt vlan apart from normal vlan for enterprise network.

 

3--Usually if you need cluster we use Cluster port, and we use it if we are planning to expand in future. Mgmt and Cloud ports are optional. Hence yes there are customers who use Enterprise port only. But it is not recommended by cisco.

anantsiv
Cisco Employee
Cisco Employee
2--. Yes it is possible to have both in same VLAN but for best practices we prefer to have them in separate mgmt vlan apart from normal vlan for enterprise network. 3--Usually if you need cluster we use Cluster port, and we use it if we are planning to expand in future. Mgmt and Cloud ports are optional. Hence yes there are customers who use Enterprise port only. But it is not recommended by cisco.
 
 

 

3--Usually if you need cluster we use Cluster port, and we use it if we are planning to expand in future. Mgmt and Cloud ports are optional. Hence yes there are customers who use Enterprise port only. But it is not recommended by cisco.

 

 

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco