cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Cisco DNAC deployment from Zero

1774
Views
30
Helpful
7
Comments

Cisco Digital Network Architecture (Cisco DNA) deployment

• This article has been created to provide you technical implementation steps for Cisco Digital Network Architecture (Cisco DNA).

• The continuity of IT operations is the basis of today’s business environment. Almost every single decision made by business is either based on an IT data or done using the IT platform. And so, the security, availability, and performance of the IT infrastructure are the key foundation of a solid business and service environment.

• Single-point-of-failure and resource utilization are of the most important challenges the Operation environment is looking to overcome with this. Enhancement of the security and design is essential to provide the required resiliency and protection to the environment.

• Today we are going to write about DNA which is a key role in the Cisco Software Define Access solution which is become a brilliant stardom with the digital transformation that we are now experiencing.

With this article, You will learn how to deploy Cisco DNA from Zero (Cisco Box) :

o The Elements should be available to have successful deployment:
1- Console Cable to Access the UCS.
2- KVM cable to the KVM connector on the Cisco UCS.
3- Keyboard & monitor and VGA port to Screen.

Note: We are using Cisco UCS C220 M5 chassis

 

Deployment Steps:
1-Power on Cisco UCS.

2-Press F8 enter CIMC Configuration Enter Password of CIMC and Start configure, NIC mode, IPv4, CIMC IP, Mask, Gateway, DNS, NIC Redundancy, Host name, Speed of Port, Duplex, Etc….

3-Press F10 for saving your work, and enter to CIMC through the Web page, choose Launch KVM and then select either Java-based KVM or HTML based KVM as you need.

4-Select your USB drive and then press Enter .

5-Choose Manufacture Cisco DNA appliance and then press Enter.

6-Choose Power > Power Cycle System

7-Press the F6 to select the USB drive and then press Enter.

8-The boot loader will automatically boot the Maglev Installer

  • After this, you will see a welcoming screen and here should you decided if the Node will join an existing cluster or will create a new cluster.

Note: Cisco recommends 3x nodes for Haigh availability.

  • We will create a DNAC cluster so we will choose to start a DNA-C Cluster from options, and as per cisco recommend we will create 3x nodes and all of them will be in the same broadcast domain.
  • Note: We will configure the Switch port as access port with normal configurations.

 

 

Edge Configuration:
Edge-Sw-DC# interface TenGigabitEthernet1/0/1
Edge-Sw-DC# description CLUSTER-DNA-1
Edge-Sw-DC# switch port mode access
Edge-Sw-DC# switch port access VLAN 10

Edge-Sw-DC# interface TenGigabitEthernet1/0/1
Edge-Sw-DC# description CLUSTER-DNA-2
Edge-Sw-DC# switch port mode access
Edge-Sw-DC# switch port access VLAN 10

Edge-Sw-DC# interface TenGigabitEthernet1/0/1
Edge-Sw-DC# description CLUSTER-DNA-3
Edge-Sw-DC# switch port mode access
Edge-Sw-DC# switch port access VLAN 10

Once we have done all these previous steps we will start Configure DNA center Master node:

 

Enter Host Ip address: 192.168.10.11
Enter Netmask: 255.255.255.0
Enter Default Gateway Ip address: 192.168.10.250
Enter Dns Server: 192.168.10.133
Checkbox For Cluster Link – It is very important to choose this option this port will be the link to a Cisco DNA Center cluster.
You will configure the same for other adapters after this press Proceed…
Cluster Virtual IP address: 192.168.10.10
Now we will enter the Level for User account setting and Services IP:
1-Linux Password: CiscoDevnetUSer
2-Administrator passphrase: CiscoDevnetUSer
3-Services Subnets: 192.168.10.0
NTP Configuration:
Enter the ip address of the NTP server which is the Controller will use it.
NTP Server IP: 192.168.10.152
Now press Proceed and Waiting to get {the Configuration Wizard has completed successfully} once get this message you can access as GUI
Start Configure DNA center node No (2):

 


Note: with Node No .2 we will choose option [Join to DNA-C Cluster]

 

1-Enter Host Ip address: 192.168.10.12
2-Enter Netmask: 255.255.255.0
3-Enter Default Gateway Ip address: 192.168.10.250
4-Enter DNS Server: 192.168.10.133
5-Check box For Cluster Link – It is very important to choose this option this port will be the link to a Cisco DNA Center cluster.
You will configure the same for other adapters after this press Proceed…
Cluster Details:
Maglev Master Node: 192.168.10.10
Username: CiscoDevnetUSer
Password: CiscoDevnetUSer
Now we will enter to the Level for User account setting and Services IP:
1-Linux Password: CiscoDevnetUSer
2-Administrator passphrase: CiscoDevnetUSer
3-Services Subnets: 192.168.10.0
NTP Configuration:
Enter the IP address of the NTP server which is the Controller will use it.
NTP Server IP: 192.168.10.152
Now press Proceed and Waiting to get {the Configuration Wizard has completed successfully}

Start Configure DNA center node No (3):


Note: with Node No .2 we will choose option [Join to DNA-C Cluster]
1-Enter Host Ip address: 192.168.10.13
2-Enter Netmask: 255.255.255.0
3-Enter Default Gateway Ip address: 192.168.10.250
4-Enter Dns Server: 192.168.10.133
5-Check box For Cluster Link – It is very important to choose this option this port will be the link to a Cisco DNA Center cluster.
You will configure the same for other adapters after this press Proceed…
Cluster Details:
Maglev Master Node: 192.168.10.10
Username: CiscoDevnetUSer
Password: CiscoDevnetUSer
Now we will enter the Level for User account setting and Services IP:
1-Linux Password: CiscoDevnetUSer
2-Administrator passphrase: CiscoDevnetUSer
3-Services Subnets: 192.168.10.0
NTP Configuration:
Enter the IP address of the NTP server which is the Controller will use it.
NTP Server IP: 192.168.10.152
Now press Proceed and Waiting to get {the Configuration Wizard has completed successfully} once you get this message you can access as GUI.

 

Now we will access To Dna-C Virtual Ip through GUI:
Access To: 192.168.10.10
Enter Username: CiscoDevnetUSer
Enter Password: CiscoDevnetUSer
-Enter software Update from Cloud icon at the top of the page.
Choose System 360 from here you see all the DNAC hosts which you created and you will enable High availability feature also from here.

Stay tuned for Part II about Cisco DNAC high availability
*** I hope that has been informative for you and thank you ***
Mohamed Alhenawy
CCIE#60453

Comments
Beginner

Hi  Mohamed, 

 

Firstly I wanna thank you for the big job you are doing for the Cisco community. 

 

I’m renewing a customer’s infrastructure, so i will change all the devices and make a new Fibre infrastructure with Cisco Devices (with DNA licenses) as follow : 

 

• install manually the first chassis 9407R

• Install 1 DNA appliance 

• Automate the configurations of other sites ( about 40 sites = 80 Switch  )

 

I will not using SDA, it’s a classical architecture with, the only difference is the  automation of the configuration and have a visibility on the whole network from a single point ( DNAC). 

My questions are : 

 

1- It’s will be possible to integrate the first switch configured manually?

 

2- I have 5 sites that are connected to my Head quarter with VPN-MPLS . It will  be possible to automated the configuration and push it to those Sites ? If not, will be possible to use USB and take the configuration from DNAC and to push it to the devices on the site? 

3- I plan to use /30 subnets to interconnect between my sites ( physical interface and Vlans will only be used locally), Are there any special configuration on the uplink of the managed  device or the branch one ? 

 

4- I learned that we use PNP to automate SDA network, so i’m Not using SDA. ( only DNAC for automation) ) , are there any other options to use to discover devices and automate them? 

From the Cisco community i learned that’s we use can  SNMP or CLI ! What they meant by CLI? 

 

Thank you you in advance. 

I’m new with DNA and This is my first projet .

 

Hello @Tala_Ali

Greetings...

As per your comment, I would like to inform you the Enterprise solution from cisco is called SD-Access solution and DNAC is key role of the solution so when you are saying you will use DNAC that is mean you are implementing SD-access solution with wired and wireless fabric functionality. so should be you have Cisco ISE and devices support to solution such as catalyst 9K,6Kand ISR 4K, Etc..

 

1- I recommend you to read Cisco Validation Design If all requirements are met and the Switch is supported by DNAC yes you can.

2- your question here is good and I wanna say,  yes you can do this and If you faced any issue you can export the configuration templet form Cisco DNAC with an easy process.

Note: If you wanna export the running configuration from existing devices follow this steps DNAC Tools --> Inventory ---> checkbox on the device ---> Action ---> Launch Command Runner ---> add command Show running -- > run command ---> Export Cli Command to note file ---> now you have templet.

3- Please give me more details and clarify this Question.

4-As I mentioned above the Solution is called SD-Access And DNAC is a key role in the solution and for the Discovery Device yes you can do this by following these steps :

DNAC Tools---> Discovery ---> Write Device name ---> discovery type by CDP or LLDP or rang ---> management IP address of the devices --->  credential  include CLI, SNMP, Https Netconf if the device require and port number is 830 ---> in advance you will add the protocol on order by SSH or Telnet.

Note for the credentials should we create for the design module by following that steps Design ---> Network Setting ---> Device credentials.

I hope this informative for you and thank you @Tala_Ali tala, Please don't hesitate for asking.

Beginner

Thanks Mohammed For your explanation. 

Now it’s clear to  me. 

 

Beginner

Hello  Mohamed, 

Thank you for detailed post, But If I dont want to push Image from USB in that case I will have to skip below 2 steps and will have to directly perform power cycle correct?

 

4-Select your USB drive and then press Enter .

5-Choose Manufacture Cisco DNA appliance and then press Enter.

Hello @Pranav Mhatre 

 

Yes, you are right for sure And would like to draw your kind attention, for one thing, most of them are Manufacture Cisco DNA appliance.

Beginner

Hello Mohamed,

 

Indeed but is there any way to know which version is running on particular box by default?

Hello @Pranav Mhatre 

 My previous deployment was version 1.3 , what you do is start with an ISO. This is the link where you can actually go in and download the ISO from cisco software download. So when you're downloading and burning the tool, you need to keep in mind that you have to use the tool. The only supported tool we have is the Etcher and start to re-image, or you can do one thing during the installation try to connect internet to cloud interface and once installation down download new version from DNA cloud and install direct.