The Cisco Catalyst 8300 Series Edge uCPE(Universal Customer Premises Equipment) is a purpose built x86 platform that is designed for branch network function virtualization deployments in branches, on-premises and colocation data centers. It enables device consolidation across network and security functions, improves operational flexibility and service agility, simplifies network operations and results inreducing deployment times and fewer truck rolls for delivery of add-on services. •Device consolidation - run 3-6 VNFs from Cisco or other partners.
•4-cores for C8000V delivers:
•5 Gbps of SD-WAN IMIX IPsec
•2 Gbps of SD-WAN IMIX IQDF
•20-cores – Intel Xeon Ice Lake 2 Ghz processor.
•Powered by Cisco NFVIS hypervisor operating system for KVM-based virtualization.
•10Gbps WAN/LAN ports.
•Dual-power supply.
•Use as stand-alone device or centrally manage using Cisco vManage as orchestrator with the updated UX2.0 interface.
•Expandable further with NIM and PIM modules.
•5G-ready via PIM.
•< 18” depth form-factor ideal for tight spaces in branches.
•Supports CIMC software for device firmware management.
Highlights of UX2.0 NFV in vManage (Cisco Catalyst SDWAN Manager)
Lifecycle management of uCPE platforms using vManage Quick Connect workflow for onboarding 8300-uCPE Simplified design and provisioning with out-of-the-box validated NFV design -Ability to create NFV configuration group for Day 0 -SDWAN Router, SDWAN Router and Firewall, Custom service chain designs -Modify configuration group parcels for DayN design customization. -Bulk deployment support Software image management for uCPE platform and VNF services -Ability to source NFVIS and VNF images from external repository Monitoring uCPE platform and VNF health Modular and rich set of API for ease of automation using external systems
Documentation
Minimum software release requirements on onboarding ENCS5400, C8200-UCPE platforms
-ENCS 5400 series or 8200-UCPE platform with NFVIS 4.14.1 release.
-Catalyst Manager 20.14.1 release
Minimum software release requirements on onboarding 8300-UCPE platform
Typical virtual branch deployment requires authorized list of devices and image packages for the services to be deployed. Also, VNF service images must be made available in vmanage image repository.
Device List
Create the device list in Smart Account and make it available in Catalyst Manager
When the 8300uCPE devices are ordered with controller mode, Cisco Manufacturing will populate the devices in the smart account. Often, for demos/POC, the following manual approach is required.
1. Access the 8300uCPE through console, change the default password Admin123# to a secure password that meets the password policy requirement. Login to get the device's Serial Number and SUDI Certificate, used in the next step. To do so, follow the example below.
login: admin
Warning: Permanently added 'localhost' (RSA) to the list of known hosts.
admin@localhost's password:
Cisco Network Function Virtualization Infrastructure Software (NFVIS)
NFVIS Version: 4.12.1-EFT2
Copyright (c) 2015-2023 by Cisco Systems, Inc.
Cisco, Cisco Systems, and Cisco Systems logo are registered trademarks of Cisco
Systems, Inc. and/or its affiliates in the U.S. and certain other countries.
The copyrights to certain works contained in this software are owned by other
third parties and used and distributed under third party license agreements.
Certain components of this software are licensed under the GNU GPL 2.0, GPL 3.0,
LGPL 2.1, LGPL 3.0 and AGPL 3.0.
admin connected from ::1 using ssh on nfvis
nfvis# support show chassis
Product Name : C8300-UCPE-1N20
Chassis Serial Num : FGL2722LF0B
Certificate Serial Num : 6650522988207529A1B
nfvis#
3. UnderNetwork Plug and Play, click onManage devices.
4. Click onAdd Device(s).
5. Under theIdentify source, select theEnter Device info manuallyoption. Advance to the next step by clickingNext.
6. Click onIdentify Device.
7. EnterSerial Number, selectBase PID (ENCS) from the drop-down menu and addController Profile (VIPTELA-CLOUD-HOSTED-PROFILE) from the drop-down menu. ClickSaveand advance to the next step by clickingNext.
8. Verify the entered information and click Next. Advance to the next step by clicking Submit.
9. If the device is added correctly, you should see a success message. Click onDoneto add the device.
10. You will be redirected to the initial PnP Connect Devices page. You should be able to see the newly added device listed with the Pending (Redirection)status.
Sync Smart Account via vManage
1. Log in to vManage.
2. Navigate to the Hamburger Menu, go toConfiguration > Devices.
3. Click on Sync Smart Account. When prompted, enter CEC Credentials.
4. Refresh the Smart Account Device Sync Service page to see the status of the sync. The Success message will appear in the Status box.
5. After the device has been successfully added to vManage, you should see the C8300-uCPE in the Devices list.
Note: If you still don't see the C8300-uCPE in the Devices list, try syncing the smart account one more time.
6. The device will reach out to the Plug and Play Connect portal to receive the controller information. Do not interrupt the PnP boot-up process or the redirection to controllers will fail. 7. Select your device from the Available Devices window and move it to the Selected Devices section. Click on Attach.
Link VNF Images in Remote repository
Pre-requisite : Create a ftp, scp or http server and upload the VNF disk images or VNF packages.
vManage uses the remote repository to source the vnf-disk-image, bootstrap files and auto-generate the other environment files required by nfvis.
Alternately, VNF tar package with vnf-disk-image, bootstrap files and environment files can be used.
1.2.2 Modify and repackage for vBranch VNF package (Optional)
CCO golden vBranch VNF packages for SDWAN routers such as C8000v, ISRv and vEdge have day0 configuration with the following network mapping which match to vBranch pre-defined 5 topologies in Network Design.
Below is the pre-defined default network mapping for SDWAN routers.
vnic0 -> int-mgmt-net
vnic1 -> GE0-0-SRIOV-1
vnic2 -> mgmt-net
vnic3 -> lan-net
If want to change day0 configuration in cloudinit bootstrap file, users can follow the steps below to repackage.
Download the golden vBranch VNF package from CCO
Extract the golden vBranch VNF package
Modify day0 configuration in cloudinit bootstrap file including enterprise root CA addition
Modify image_properties.xml file for <name> and add/delete/modify <bootstrap_file> and <custom_property> when needed
Modify package.mf with new checksum for all modified files Repackage
1.2.3 Upload VNF package into vManage
Open vManage UI and goto “Maintenance” -> “Software Repository” -> “Virtual Images” -> “Upload Virtual Image” -> select “vManage”
In the pop-up window, browse and select the VNF package(s) for upload (NOTE: The upload speed depends on the package size and network quality)
After upload, the new entry will be shown in the table in “Virtual Images” page
Quick Connect workflow
The Quick Connect workflow in Cisco Catalyst Manager creates a basic day-0 configuration profile, which is applicable to all Cisco IOS XE SD-WAN devices and NFV devices. This workflow establishes control plane and data plane access in your WAN.
The behavior of the Quick Connect workflow depends on how you upload devices to Cisco vManage. You can upload your devices in one of the following ways, either as part of the Quick Connect workflow or independently.
Using the auto sync option, where your Smart Account is synced with Cisco vManage. This option requires Cisco vManage to be able to connect with the Cisco Plug n Play (PnP) portal
Using the manual upload method, where you download the authorized serial number file of devices from the Cisco PnP portal and upload it to Cisco vManagePrep for basic connectivity to device.
Design
Create a NFV multi-VNF service chain using NFV configuration group.
Configuration group provides a simple, reusable, and structured approach for the configurations inCisco SD-WAN and NFV. You can create a configuration group, that is, a logical grouping of features or configurations that can be applied to one or more devices in the network. You can also create profiles based on features that are required, recommended, or uniquely used, and then combine the profiles to complete a device configuration.
The configuration group workflow inCisco vManageprovides a guided method to create configuration groups and feature profiles.
Define VNF Services : Resources, Bootstrap, WAN Interface connectivity, LAN Interface connectivity
Select the service chain design of interest. For C8000v in SDWAN mode, start with "Router" or "Router-Firewall". For C8000v in Routing mode, start with "Custom" option.
Note: When importing/copy-n-paste of bootstrap files with pre-defined variables, please ensure that the following syntax is used. If the $ or { is incorrectly used, variable/value will not be accepted during deployment time.
Variables are represented within “{{“ “}}”. Example:{{SAMPLE_VARIABLE}}
Passwords are represented within “$${“ and “}”. Example :$${SAMPLE_PASSWORD}
Variables to be ignored are represented within “${“ and “}”. Example:${NICID_0}
Following procedure is also used for adding configuration options not available in the workflow above.
Configuration group by design is platform agnostic. Configurations that are platform-family specific are also supported in a configuration group designed all UCPE platforms. During deployment, appropriate warning is generated to notify the user about unsupported configurations that are removed. For example : When a configuration group(with switch parcel) is used for deploying non-ENCS(ie. C8xxx UCPE).
Copy and paste the required CLI configurations for advanced features which are not supported in Network Design UI
system settings default-gw {{bizInt-gw}} system:system settings name-server {{nameserver-ip}} system:system routes route 10.255.254.0 24 gateway {{mgmt-gw}} ! vpn 0 interface int-mgmt-net-br no shutdown tunnel-interface vmanage-connection-preference 8 color bronze no allow-service bgp allow-service dhcp allow-service dns allow-service icmp no allow-service sshd no allow-service netconf no allow-service ntp no allow-service ospf no allow-service stun allow-service https encapsulation ipsec ! ! single-ip-mode vm-name deployment-ROUTER.deployment-ROUTER !
Note:
For vm_lifecycle VM group name and VM deployment name, please add “deployment-“ prefix. For example: when service VM name is specified as ISRv, in vm_lifecycle, VM group name and VM deployment name will be “deployment-ISRv”.
For SNMP configuration, please add “nfvis-snmp:” prefix in each SNMP command.
Click “Save” -> click “Save”
Below are the validated features for add-on CLI configuration.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: