cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Choose one of the topics below for Cisco DNA Center Resources to help you on your journey with Cisco DNA Center

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC!
We will not comment or assist with your TAC case in these forums.

269
Views
10
Helpful
2
Replies
Cisco Employee

PnP with day 0 template

Hello,

 

Is PnP with day 0 template same as LAN automation or is this different? I am familiar with LAN automation using seed device. But how do you configure a new layer-2 access switch(not part of SDA fabric) using PnP with day 0 template?

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Cisco Employee

Re: PnP with day 0 template

PNP & LAN automation are similar but they are completely different in terms of what they accomplish in DNA center. LAN automation is the feature that automates Fabric underlay configuration via ISIS so that the network device is staged to be added an existing fabric. PNP is the feature that simply allows us to essentially do zero-touch provisioning in order to discover, manage, and configure brand new network devices with settings specified in DNA network settings and with configurations specified in Day-0 onboarding templates.

 

One of the differences between LAN automation & PNP is that we do not use a seed device when performing PNP. In PNP, there are several available discovery methods:

Discovering the Controller

The first thing that needs to happen is for the device to get in contact with the controller. There are four mechanisms you can use to make this work:

  • DHCP server, using option 43 which is set to the IP Address of the controller.
  • DHCP server, using a DNS domain name. The device will do a dns lookup of pnpserver.<your domain>
  • Cloud redirection, which is currently in controlled availability.
  • USB key. This can be used for routers and remote devices, where some initial configuration of the WAN connection is required (e.g. MPLS configuration).

If using the option 43 discovery method which is commonly seen, the syntax for the option 43 value would be as followed:

 

-- The option 43 string has the following components, delimited by semicolons

  • 5A1N;—Specifies the DHCP suboption for Plug and Play, active operation, version 1, no debug information. It is not necessary to change this part of the string.

  • B2;—IP address type:

    • B1 = hostname

    • B2 = IPv4 (default)

  • Ixxx.xxx.xxx.xxx;—IP address or hostname of the APIC-EM controller (following a capital letter i). In this example, the IP address is 172.19.45.222.

  • Jxxxx—Port number to use to connect to the APIC-EM controller. In this example, the port number is 80. The default is port 80 for HTTP and port 443 for HTTPS.

  • K4;—Transport protocol to be used between the Cisco Plug and Play IOS Agent and the server:

    • K4 = HTTP (default)

    • K5 = HTTPS

  • TtrustpoolBundleURL;—Optional parameter that specifies the external URL of the trustpool bundle if it is to be retrieved from a different location than the default, which is the APIC-EM controller, which gets the bundle from the Cisco InfoSec cloud (http://www.cisco.com/security/pki/). For example, to download the bundle from a TFTP server at 10.30.30.10, you would specify the parameter like this: Ttftp://10.30.30.10/ios.p7b

    If you are using trustpool security and you do not specify the T parameter, the device retrieves the trustpool bundle from the APIC-EM controller.

  • Zxxx.xxx.xxx.xxx;—IP address of the NTP server. This parameter is mandatory when using trustpool security to ensure that all devices are synchronized.

** For Example: 

5A1N;B2;K4;I172.19.45.222;J80

 

The following is a great document which goes over PNP on DNA center:

-- https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Plug-and-Play/solution/guidexml/b_pnp-solution-guide.html

View solution in original post

2 REPLIES 2
Highlighted
Cisco Employee

Re: PnP with day 0 template

PNP & LAN automation are similar but they are completely different in terms of what they accomplish in DNA center. LAN automation is the feature that automates Fabric underlay configuration via ISIS so that the network device is staged to be added an existing fabric. PNP is the feature that simply allows us to essentially do zero-touch provisioning in order to discover, manage, and configure brand new network devices with settings specified in DNA network settings and with configurations specified in Day-0 onboarding templates.

 

One of the differences between LAN automation & PNP is that we do not use a seed device when performing PNP. In PNP, there are several available discovery methods:

Discovering the Controller

The first thing that needs to happen is for the device to get in contact with the controller. There are four mechanisms you can use to make this work:

  • DHCP server, using option 43 which is set to the IP Address of the controller.
  • DHCP server, using a DNS domain name. The device will do a dns lookup of pnpserver.<your domain>
  • Cloud redirection, which is currently in controlled availability.
  • USB key. This can be used for routers and remote devices, where some initial configuration of the WAN connection is required (e.g. MPLS configuration).

If using the option 43 discovery method which is commonly seen, the syntax for the option 43 value would be as followed:

 

-- The option 43 string has the following components, delimited by semicolons

  • 5A1N;—Specifies the DHCP suboption for Plug and Play, active operation, version 1, no debug information. It is not necessary to change this part of the string.

  • B2;—IP address type:

    • B1 = hostname

    • B2 = IPv4 (default)

  • Ixxx.xxx.xxx.xxx;—IP address or hostname of the APIC-EM controller (following a capital letter i). In this example, the IP address is 172.19.45.222.

  • Jxxxx—Port number to use to connect to the APIC-EM controller. In this example, the port number is 80. The default is port 80 for HTTP and port 443 for HTTPS.

  • K4;—Transport protocol to be used between the Cisco Plug and Play IOS Agent and the server:

    • K4 = HTTP (default)

    • K5 = HTTPS

  • TtrustpoolBundleURL;—Optional parameter that specifies the external URL of the trustpool bundle if it is to be retrieved from a different location than the default, which is the APIC-EM controller, which gets the bundle from the Cisco InfoSec cloud (http://www.cisco.com/security/pki/). For example, to download the bundle from a TFTP server at 10.30.30.10, you would specify the parameter like this: Ttftp://10.30.30.10/ios.p7b

    If you are using trustpool security and you do not specify the T parameter, the device retrieves the trustpool bundle from the APIC-EM controller.

  • Zxxx.xxx.xxx.xxx;—IP address of the NTP server. This parameter is mandatory when using trustpool security to ensure that all devices are synchronized.

** For Example: 

5A1N;B2;K4;I172.19.45.222;J80

 

The following is a great document which goes over PNP on DNA center:

-- https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Plug-and-Play/solution/guidexml/b_pnp-solution-guide.html

View solution in original post

Highlighted
Cisco Employee

Re: PnP with day 0 template

Thank you for the detailed explanation. Appreciate it!

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards


This widget could not be displayed.