Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
2105
Views
10
Helpful
0
Comments

Cisco DNA Center Ask the Experts FAQ: Getting Started and Installation Best Practices

Pulkit Nagpal
Cisco Employee
Cisco Employee

on ‎04-27-2021 07:04 PM - edited on ‎09-30-2021 04:46 PM by Community Manager

Contents

 

Here are some commonly asked questions and answers to help with your adoption of Cisco DNA Center. Subscribe to this post to stay up-to-date with the latest Q&A and recommended Ask the Experts (ATXs) sessions to attend.

 

What are the system specifications that I need to be aware of before physically installing DNA Center in my Data Center?

Before you install DNA Center, be sure that you have gone through the power and rack requirements in the installation guide for the device model that you have:

Disclaimer: Although the installation guide is mentioned here for your reference, please note that End-of-Life (EoL) was set for first-generation DNA Center on 15th Feb, 2019. This hardware was last shipped on 14th Sep, 2019. Please contact your Cisco Account team to check on the available migration options.

 

I see that DNA Center has multiple ports available. Do I need to connect all of them? If not, which are the ones I need to focus on initially?

Note that with Second-Generation DNA Center appliance, all ports except the CIMC port are capable of 10 Gbps connectivity. When you are installing the device in your Data Centre, ensure that the uplink devices can support this.
Mandatory ports required from Day 1:

  • 10-Gbps Enterprise port: This port is used to connect back to your enterprise network. This needs to be connected to a switch which has reachability to rest of your infrastructure.
  • 10-Gbps Cluster port: This port must be connected in a multi-node DNA Center installation.

Optional ports which are not needed on Day 1 but need to be considered at some later time:

  • 1/10 Gbps Management port: This port, as the name suggests, is used for managing the DNA Center appliance. This is good to connect if your company policy is to have a separate management Vlan for managing devices on the network.
  • 1/10 Gbps Cloud port: This port is used by the DNA Center appliance to reach out to the internet for software upgrades and other functions like location features. In the absence of this connectivity, please make sure that you can reach the internet via Enterprise port; otherwise you will not be able to get regular updates and some features might not work.
  • 1 Gbps CIMC port: This port provides browser-based access to CIMC, which is the out-of-band GUI appliance management interface. Although not mandated, it is highly recommended to have this in place.

See Figure 1 here for more details.

 

Can you also share the requirements for IP connectivity?

All interfaces mentioned in the previous question need an IP address to function. However, DNA Center requires more than an IP address on its interfaces to perform its operations. This is a requirement very particular to DNA Center and it’s important to plan for it. Apart from the interface IP addresses, DNA Center also requires two /21 subnets for internal communication.   This is a Cisco DNA Center micro service architecture requirement.  The two subnets are called:

Services Subnet: A dedicated IP subnet for the appliance to use in managing and getting IPs for communications among its internal application services: Cisco DNA Assurance, inventory collection, and similar.

Cluster Services Subnet: A dedicated IP subnet for the appliance to use in managing and getting IP addresses for communications among its infrastructure services: database access, the message bus, and similar.

Also note that these two subnets need to comply with IETF RFC 1918 and 6598 specifications for private networks:

  • 10.0.0.0/8
  • 172.16.0.0/12
  • 192.168.0.0/16
  • 100.64.0.0/10

See this Required IP Addresses and Subnets documentation to understand more about the requirement for these IP addresses for internal services and messaging.

Also required during installation are coordinates for DNS & NTP Servers. NTP Server is required because DNA Center is cluster-based implementation, which makes it important that the clocks in different nodes are in sync with each other. Clock Sync is also useful if you are integrating DNA Center with ISE.

 

Why do I need to provide internet access to DNA Center?  If this is really necessary, what is the best way to achieve external connectivity?



By default, the appliance is configured to access the internet to download software updates, licenses, and device software, as well as, provide up-to-date map information, user feedback, and so on. Internet connection for these purposes is mandatory.

Using an HTTPS proxy server is a reliable way to access remote URLs securely. We recommend that you use an HTTPS proxy server to provide the appliance with the access it needs to the URLs listed in Table 2 here.

 

Are there any other pre-requisite before I start adding devices to DNA Center?

Yes.  First, check the device compatibility matrix to ensure that the devices belong to a supported hardware family and have the minimum software installed.

Second, ensure that DNA Center can communicate with the device on the following protocols in Table 3 and 4 here.

 

Need more resources? Go to Cisco DNA Center ATXs Resources for the latest guides, recordings, upcoming sessions (for live Q&A and product demos led by Cisco experts). For more FAQ, see Cisco DNA Center ATXs FAQ.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents