Buy or Renew
Buy or Renew
Register Here! - Join us 11/13 for the "Navigating DHCP Processes in SD-Access Network" Community Live event
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2342
Views
0
Helpful
8
Replies

RMA Process for Fabric Borders - Looking for most efficient way

Go to solution
ImrichPalascak
Level 1
Level 1

‎10-26-2021 12:48 AM - edited ‎10-26-2021 03:23 AM

Hello SDA Experts,

 

I'm working on PoC for the hospital enviroment in Switzerland and we're in the place where we're trying to test the RMA procedure for Fabric Devices.

 

Base info. :

DNAC : 2.2.2.3

Borders : CAT9500 (will be 9600 in the production)

Edges : Mix of 9300s and 9400s

SW Version : 17.3.3

Topology : included as the attachement

 

Because of nature of the enviroment, there is a requirement to replace the faulty device as soon as possible (4 hours RMA). The biggest headache for us is - how to most effectively replace the Fabric Border. RMA Workflow for the Fabric Border is not there, especially if you use LAN Automation for building the Underlay - thats absolutely clear. What we've tried is copy pasting the configuration, from faulty device to the replacement device. At the end it worked, but it took several hours, considering the fact that we had to do lots of manual configuration, including Multicast, iBGP, building the underlay ETC. After that running LAN automation to configure the downliks towards the IN or FE nodes. 

 

Any chance there is or there will be more effective way to do so? Any help is much appreciated.

1 person had this problem
Labels:
Preview file
26 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Scott Hodgdon
Cisco Employee
Cisco Employee
In response to bofele

‎10-27-2021 06:10 AM

@bofele ,

You are correct. We are working on removing restrictions for the others as well, but the most critical was to get the borders that were part of LAN Automation supported.

Cheers,
Scott Hodgdon

Senior Technical Marketing Engineer

Enterprise Networking and Cloud Group

View solution in original post

0 Helpful
8 Replies 8

Go to solution
jalejand
Cisco Employee
Cisco Employee

‎10-26-2021 08:03 AM

Hi, In newer DNA Center releases, zero touch RMA for lan-automation devices is in the roadmap. What you are doing is called "1-touch RMA", which is the preferred method (that does not require TAC intervention / database manipulation ).

 

The thing is that you don't need to paste the entire configuration of the faulty device, but only the basic underlay and credentials. For example for a Border, create an SVI/L3 interface towards a Fusion or another Border to reach the DNAC with a static route on it, you can re-use the interfaces and routing protocol (isis/bgp/static) to achieve basic connectivity.

Then configure:

 

ip domain name x
crypto key generate rsa modulus xx
username x privilege 15 secret x

snmp-server community x y (or snmpv3 if exists)

line vty 0 15

 login local

 transport input all

 

This should be enough to discover the device and use it as replacement, DNAC will push the old configuration along new certificates and update CTS information in ISE.

0 Helpful

Go to solution
ImrichPalascak
Level 1
Level 1
In response to jalejand

‎10-26-2021 10:43 AM

Alejandro , thanks a lot for reply.

 

When you say “In newer DNA Center releases” which one you mean ? I’ve seen something (2.2.3.x) but I’m not really sure if we’re in the right one so far.

 

We’re close to getting into production phase, and it’s a kind of showstopper for now so if we can participate in EFT just because of this feature in the road map so be it, right ? 

 

Regards,

Imrich

0 Helpful

Go to solution
jalejand
Cisco Employee
Cisco Employee

‎10-26-2021 10:53 AM

Hi Imrich, unfortunately, the only information I can disclose is a tentative release target.

 

  • Zero Touch RMA workflow for Lan Automated devices is targeted for DNAC 2.3.1
0 Helpful

Go to solution
Scott Hodgdon
Cisco Employee
Cisco Employee

‎10-26-2021 11:32 AM

@ImrichPalascak and @jalejand ,

The Release Notes for DNA Center version 2.2.3.3 call out the new capability: https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/2-2-3/release_notes/b_cisco_dna_center_rn_2_2_3.html#Cisco_Reference.dita_566c7bf1-035a-4aa9-b5b5-06f6c0d6e49f

New Device Support for Return Material Authorization

You can replace a failed device with a new device and use the Return Material Authorization (RMA) workflow to replace the image, license, and configuration on the new device.

Cisco DNA Center provides one-touch RMA support for the following switches:

  • Switches that are discovered and configured using LAN automation, including the seed devices (LAN automation primary and peer devices)

  • Devices configured as fabric in a box (standalone only)

This version of DNA Center is planned to become Generally Available by month's end, subject to any last minute issues that could arise.

Cheers,
Scott Hodgdon

Senior Technical Marketing Engineer

Enterprise Networking and Cloud Group

0 Helpful

Go to solution
ImrichPalascak
Level 1
Level 1
In response to Scott Hodgdon

‎10-26-2021 11:26 PM

Thanks Scott a lot for information.

 

Imrich

0 Helpful

Go to solution
bofele
Cisco Employee
Cisco Employee
In response to Scott Hodgdon

‎10-27-2021 12:24 AM

Hi Scott,

 

That covers one gap in RMA, but I feel there are still cracks there:

  • chassis based boxes,
  • stacked devices,
  • stacked FIABs,
  • SVL members,
  • EN/PEN nodes.

 

Is my observation correct? If yes, then how does a customer address that? Hope that there is a better way than deleting failed node and starting from scratch.

 

Kind regards,

Bostjan

0 Helpful

Go to solution
Scott Hodgdon
Cisco Employee
Cisco Employee
In response to bofele

‎10-27-2021 06:10 AM

@bofele ,

You are correct. We are working on removing restrictions for the others as well, but the most critical was to get the borders that were part of LAN Automation supported.

Cheers,
Scott Hodgdon

Senior Technical Marketing Engineer

Enterprise Networking and Cloud Group

0 Helpful

Go to solution
ImrichPalascak
Level 1
Level 1
In response to Scott Hodgdon

‎10-27-2021 06:32 AM

Thanks a lot Scott and Alejandro. 

 

Bostjan - very nice to get in touch again  

 

Imrich 

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card