Buy or Renew
Buy or Renew
Cisco DNA Center is now Catalyst Center. New name, same great product. Learn more about Catalyst Center here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5348
Views
15
Helpful
4
Replies

Cisco DNA

Soumitra
Level 1
Level 1

‎08-02-2017 03:07 AM - edited ‎03-08-2019 05:24 PM

give me a brief details of the prerequisitions to set up the DNA in my network of 1000 users?

4 Replies 4

keglass
Level 7
Level 7

‎08-03-2017 01:05 PM

Soumitra,

We are working on an answer to your request and will have that information to you soon.

Thank you for your patience,

Kelli Glass

Moderator for Cisco Customer Communities

0 Helpful

lloftin.comstor
Level 1
Level 1
In response to keglass

‎08-18-2017 03:38 PM

I also have the question on the prereq's for setting up a network with DNA.

Lance

0 Helpful

Gurudatt Pai
Cisco Employee
Cisco Employee
In response to lloftin.comstor

‎08-21-2017 12:59 AM

DNA is not really an individual product but an over-arching End-End architecture that combines Virtualization, Automation and Assurance. I think what you really mean is the DNA-center which is the Automation and Assurance solution. From the network infrastructure point of view, your network switches, AP's/WLC's etc should have either of the DNA essentials or DNA advantage subscription licenses.  DNA-center 1.0 will be a Controlled Availability release this month that runs on an appliance DN1-HW-AP. This is essentially an SDN controller/Policy Orchestration engine and Assurance module within the single platform. In August, you will get Base Automation capabilities such as Network PNP, Inventory, Wireless profiles, Site Hierarchies, Image management etc with the DNA essentials licensing and Advanced Automation capabilities such as Software defined Access (SDA) with DNA Advantage. Assurance and other capabilities will be available in November with DNA-center 1.1.

sivathot
Cisco Employee
Cisco Employee

‎11-27-2018 01:52 AM

Checklist for DNA Center Installation

  • DNA Center Appliance (DN1-HW-APL) installation as a VM or custom UCS server is not supported.
  •  Review environmental requirements in Installation Guide and provision for 2 x PSUs.
  •  Network Patch Requirements for each DNAC Appliance (based on best practice recommendations)
  1. Appliance Management port – CIMC (recommended)
  2. 10Gbit port [enp9s0] - Enterprise Network
  3. 10Gbit port [enp10s0] - Intra Cluster Link
  4. 1Gbit port [enp1s0f0] - Management (optional *)
  5. 1Gbit port [enp1s0f1] - Cloud Update Connectivity (optional *)
  •  Additional Settings for Configuration Wizard
  1. DNS Server IP Address (1 required, 2+ recommended)
  2. NTP Server IP Address (1 required, 2+ recommended)
  3. Proxy Server IP Address (required if direct internet access is not available – http proxy only)
  4. Proxy server port if required
  5. Proxy server username / password if required

Note: * Required only if the Management network and/or the Cloud Update server is not reachable via the Enterprise Network.

  • DNA Center Cluster
  1. Cluster Virtual IP Address – Used to connect to the Enterprise Network
  2. This IP Address should be taken from the Enterprise Network subnet
  3. The Cluster Virtual IP must not be same as any of the node IP address (because it floats around the live nodes)
  4. Cluster subnet and Service subnet address pool - /21 subnet for each
  5. Used for internal cluster communications and should not conflict with any other IP in the Enterprise Network
  •  For each DNA-C Appliance
  1. CIMC – Management of the DNAC Appliance hardware (recommended)
  2. Enterprise Network – Interface that is connected to the Enterprise network
  3. All DNA appliances should be in the same subnet as the Cluster Virtual IP address (see above)
  4. Intra Cluster Link – isolated network used for communication between the DNA Center cluster nodes
  5. All DNA appliances should be in the same VLAN
  6. Management (Required*) – (Management port IP address) used to access the DNA Center GUI
  7. Cloud Update Connectivity (optional *) used to update the DNA Center software

Note: The Intra Cluster Link IP address and the Cluster/Service subnet address pools cannot be changed after installation.

 

Installation Best Practices

  • Always treat DNA-C as a cluster & plan for a “cluster”.
  1. Standalone box is a “single node cluster”.
  • Provision for separate intra-cluster link on day 1
  1. Changing the intra-cluster link from one interface to another is not supported.
  • Provision for Cluster Virtual IP on day 1.
  1. Network Devices will continue to see the same IP when more nodes are added
  • Use a complete private network for intra-cluster link (no other machines should be in this network).
  • Use isolated L2 domain (all clusters must be in the same L2 domain).
  • Ensure < 10ms latency (RTT) across the intra-cluster link.

Cloud Connectivity Requirements

The following URLs need to be accessible from the DNA Center for various operations

 

Use Case

URLs

DNA Center Update package downloads

https://*.ciscoconnectdna.com/*

https://*.cloudfront.net/

https://maglev-catalog-1.s3.amazonaws.com

https://maglev-catalog-staging.s3.amazonaws.com

Smart Account and SWIM Software Downloads

https://*.cisco.com/*

Rendering Geo-Maps on the DNA Center UI

https://*.tiles.mapbox.com/*

Meraki Integration

https://*.meraki.com/

IPAM Integration

URL for the IPAM-server

User feedback

https://dnacenter.uservoice.com/

Cluster Bring Up Best Practices

  • Bring up first node: complete the installation (along-with Virtual IP, intra-cluster link) and let the services come up
  • Bring up the second node: let the installation complete
  • Bring up the third node
    • Remember 2-node DNAC cluster cannot withstand a node failure (One node crash will lead to stall of the other node)
    • 2-node cluster is not a supported deployment model

Pre-Requisites for Assurance

  • What is required to add devices into DNAC?

Ensure the following ports are open in ACLs/Firewalls between DNAC and network devices:

Ping

Ssh

snmp poll

snmp trap

syslog

netflow

https

ICMP echo and reply

TCP/22

UDP/161

UDP/162

UDP/514

UDP/6007

TCP/443

 

    • CLI and SNMP details are required for DNAC to discover devices:
    • SSH/Telnet Login (Privileged / RW)
    • SNMP v2/v3 community (RO)
  • Syslog, SNMP Trap, and Netflow will be configured by DNAC in a later step (Telemetry settings) and do not need to be manually configured before adding the device into DNAC
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents