Re: Can DNA tell me (natively) which ports on which switches are statically configured in an IP Pool...

matty-boy · ‎03-01-2021

Hi all,

Is there any way that DNA can tell me which ports are statically configured (via DNA host onboarding) in a specific IP Pool?

The reason for asking is that we have a large SDA deployment (several hundred switches) and we need to remove an IP pool that we believe is no longer used.

Alas, we can't because at least 1 port is statically assigned to that pool so when you try to delete the pool, DNA says you can't. Unfortunately it doesn't tell you where that pool is in use - which switch(es) and which port(s).

I know we can use the native command runner to do something like a "show int status | inc XXX" (the vlan) but I can only query 20 switches at once. Not the end of the world but not ideal.

I also know it could query the command runner API using a Python script to do something similar but I wondered if DNA could tell us this somewhere natively?

Thanks in advance!

balaji.bandi · ‎03-01-2021

Are you looking to find the MAC address of the device where it is connected? using any scripting? or IP that connected to what port?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

matty-boy · ‎03-01-2021

HI BB,

I want to find all fabric edge switch ports that are statically configured in an IP pool (the port is probably not even up/up).

Aninda Chatterjee · ‎03-01-2021

In the DNAC GUI, under Fabric -> Host Onboarding, there is an option to filter ports using voice pools or data pools (or exact interface name) or match-all. Would that not do the trick (if you select the appropriate data/voice pool)?

At the same time, I do see the need to return (in bulk), all statically configured ports and I've had to do this for customers before (for example - you may have started off with simple static bulk assignments for pre-production with open auth and now you want to move back to closed auth as you move into production). I wrote a script for this which can be found here - https://github.com/aninchat/sda_no_auth_ports/blob/main/sda_no_auth_interfaces.py

It is easy enough to modify this to return all statically configured ports as well (excluding the open auth check). Let me know if this is something you need - I can add a VLAN option to the script and you can get all ports statically mapped to a specific VLAN in one shot.

matty-boy · ‎03-02-2021

Hi Aninda,

Thank you for the idea of setting the filter in host onboarding, I didn't realise the filter would persist as you click on each switch so this is definitely a step in the right directly and will do the job in the short term while still requiring a click per switch.

I REALLY like your script!

If you could add the Vlan option, that would be amazing!!

I wonder if it will required any tweaking to copy with more than 100 returned devices? I guess I'll find out

Have you added your work to the DevNet DNA code exchange?

Thank you so much,

Matt.

Aninda Chatterjee · ‎03-02-2021

If you could add the Vlan option, that would be amazing!!

Absolutely - I can ask for user input in the script and just use it in a regex to search for statically configured ports for that VLAN.

I wonder if it will required any tweaking to copy with more than 100 returned devices? I guess I'll find out

I think it would really come down any potential API throttling. We had moved up most of our GET APIs to 100/min in 2.1.2.x and our POST APIs to 50/min. I don't think you should hit any issues but if you do, please feel free to DM me and I can take a look.

Have you added your work to the DevNet DNA code exchange?

Thank you so much,

Matt.

Not yet, but I certainly can. Thank you!

matty-boy · ‎03-02-2021

You're a star Aninda! Thank you!

Can DNA tell me (natively) which ports on which switches are statically configured in an IP Pool?