Solved: How can i match vsmart with each Tenant

moonsg1124 · ‎06-03-2023

Hello team

Last day i upgraded all controller in to 20.3.5 -> 20.6.5 version

as you know in 20.3.5 which use multitenant mode , the vsmart are bind in each tenant.

but when i upgarde it 20.6.5 version. the vsmart are come out side.

I want to use those vsmart with different policy for each tenant.

Does anyone know anything about this issue?

Kanan Huseynli · ‎06-04-2023

Login as admin and change view to provider-as-tenant. Then you can create centralized policy for your specific tenant. Activate policy for tenant vSmarts and vSmart will have tenant-specific centralized policy. Below is an example from my lab:

vSmart01# show running-config tenant [sp-organization-name]-[organization-name for customer01] policy
tenant [sp-organization-name]-[organization-name for customer01]
policy
lists
site-list HQ
site-id 1
!
prefix-list _AnyIpv4PrefixList
ip-prefix 0.0.0.0/0 le 32
!
!
control-policy Central-Routing
sequence 1
match route
prefix-list _AnyIpv4PrefixList
!
action accept
!
!
default-action accept
!
!

vSmart01# show running-config tenant [sp-organization-name]-[organization-name for customer02] policy
% No entries found.

As you see, policy will be evaluated only for specified tenant.

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

View solution in original post

Kanan Huseynli · ‎06-04-2023

Hi,

how many vSmart do you have in overlay? Did you enable multitenancy? Multitenancy is not enabled by default, so even after upgrade, you still have single tenant option.

And Cisco says don't enable multi-tenancy on live environment, but deploy new vmanage.

https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/system-interface/vedge-20-x/systems-interfaces-book/sdwan-multitenancy.html

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

moonsg1124 · ‎06-04-2023

hello

each overlay have 2 vsmart also multitenant active now.

Kanan Huseynli · ‎06-04-2023

Login as admin and change view to provider-as-tenant. Then you can create centralized policy for your specific tenant. Activate policy for tenant vSmarts and vSmart will have tenant-specific centralized policy. Below is an example from my lab:

vSmart01# show running-config tenant [sp-organization-name]-[organization-name for customer01] policy
tenant [sp-organization-name]-[organization-name for customer01]
policy
lists
site-list HQ
site-id 1
!
prefix-list _AnyIpv4PrefixList
ip-prefix 0.0.0.0/0 le 32
!
!
control-policy Central-Routing
sequence 1
match route
prefix-list _AnyIpv4PrefixList
!
action accept
!
!
default-action accept
!
!

vSmart01# show running-config tenant [sp-organization-name]-[organization-name for customer02] policy
% No entries found.

As you see, policy will be evaluated only for specified tenant.

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

moonsg1124 · ‎06-13-2023

thanks for kind guide! my team make it

Kanan Huseynli · ‎06-14-2023

I'm glad I was able to help. Good luck!

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

pgasparovic · ‎04-25-2024

Hello, thanks for this.

Quick question while I'm about to read the doc... when vSmart is registered with vManage in multitenant mode, is it always in pool for all tenants to use, or it can be exclusively added to tenant only? I mean that I early see an 20.9 update note, allowing for free pick of vSmart cluster, suggesting 50:50 if this is exclusive assignment or not... Thanks.