Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
6
Part of the SDA Foundational Knowledge Series
Hitesh Sood
Solutions Readiness Engineer
hsood@cisco.com
04 & 06 December 2018
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Introduction
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Introduction Agenda
1. Introduction
2. About this Series
3. DNA Center Overview
4. DNA Analytics and Assurance Architecture Overview
5. DNA Controller and Service Components
6. Introduction to DNAC Assurance
7. Wireless Sensor
8. Intelligent Capture
9. Lab Overview
10. Exercise Overview
11. Survey / Evaluation
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
About This Series
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
SDA Foundational Knowledge Series
• Intermediate System to Intermediate System (IS-IS) for Software-Defined Access
• Basic Location/ID Separation Protocol (LISP) for Software-Defined Access
• Intermediate Location/ID Separation Protocol (LISP) for Software-Defined Access
• DNA Center 1.0 for Software-Defined Access
• DNA Center 1.1 Wired Automation for Software-Defined Access
• DNAC 1.2.6 Wireless automation
• DNAC 1.2.6 Assurance
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
DNA Center Overview
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
DNA Solution
Cisco Enterprise Portfolio
DNA Center
Identity Services Engine Network Control Platform Network Data Platform
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Power of Analytics and Automation working in sync
DNA Center
Telemetry, alerts,
violations
Assurance and
Automation Analytics
Network inventory,
topology, and
configuration
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Service Architecture – Part 2
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
DNA Assurance Architecture
Customer Cloud Based
Datacenter ML Engine)
DNA Center Assurance UI
Insights
Feedback
DNA
Automatio DNA Assurance Data
DNA Cloud
n Analytics
Protocols & APIs (WSA, gRPC, SNMP, NetFlow, Syslog, Location, CLI, ...)
CMX
DHC
P
WAN
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
High-Level DNA Platform Architecture
DNA Center User Interface
Kafka
Cassandra
Elastic Services
Mongo DB
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
DNA Center Packages
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Introduction to DNAC Assurance
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Assurance Workflow
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Min SW and HW Requirements for DNA
Assurance
Controllers supported:
DNA Optimized Infrastructure: CT 3504, 5520 and 8540, ME (production beta)
• APs Supported
• DNA Optimized Infrastructure: Wave 2 APs (1810, 1815, 1830, 1850, 2800, 3800, 4800, 1540, 1560)
• Other APs supported: Wave 1 APs (1700, 2700, 3700) and 11n APs (700, 1600, 2600, 3500 and 3600)
• Sensor Support1:
• AP as a Sensor - AP 1800, 2800, 3800, 4800 2
• Dedicated Sensor - AP 1800S
• SDA is only supported on Wave 1 and Wave 2 APs
Health, Issue ● ● ● ●
AP as a Sensor X ● ● ●
IP SLA Responder X ● ● ●
Intelligent Capture (Onboard PCAP) X X ● ●
Intelligent Capture (Spectrum
Analyzer)
X X ● ●
Intelligent Capture (Full PCAP) X X X ●
DNS Widget
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
X ● ● ●
…Based on DNAC 1.2.5. AireOS 8.8MR1 and above
Streaming Telemetry provides x3 time faster result
I/O Type DNAC Legacy NMS Notes
AP & Client RF Stat
Input 90 sec 300 sec (5 min) x3 Faster
Client and Networ Intervals
k Health analysis Update frequency 300 sec (5 min; includes
Output 900 sec (15 min) x3 Faster
on DNAC Health score computation)
Assoc. & Disassoc.
Onboarding Events 240+ Events coming at a
Client Input Events Only x10 Faster
Viewer Intervals rate of 30 sec
Onboarding at 300 sec
analysis Update frequency
Output 300 sec (5 min) 300-900 sec (5-15 min) Up to x3 Faster
on DNAC
AP RF Stat Intervals 30 sec N.A N.A
Client RF Stat
5 sec N.A N.A
Client and Networ Intervals
Input
k Troubleshooting On-Boarding Event
2 sec N.A N.A
using Intelligent Viewer Intervals
Capture* Spectrum Analyzer 5 sec N.A N.A
Update Interval
Output 30 sec N.A N.A
on DNAC *Available with 8.8 and 1.2.5 only
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
WSA Architecture Overview
• WSA is a streaming telemetry
service that runs on new WLC Cisco DNA Center
WLC 8.5 HTTPS POST
with the AireOS 8.5+ Assurance
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Sensor Anywhere Drives Intelligence of DNA
Assurance to the edge
Test Your Network Anywhere at Any time at Real-world Client Level
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Wireless Sensor
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Wireless Provisioning Config
Create Wireless Provisioning SSID for AP1800S
When using the 1800s sensor (without the PoE
module) the sensor would be provisioned over the
WLAN by enabling the provisional SSID on the AP
Create Option 43
Create entry “PNPSERVER”
“5A1N;B2;K4;I10.13.1.100;J80"
10.13.1.100 – DNAC IP Address and assign DNAC IP Address
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Troubleshooting Commands
CLI Commands for troubleshooting. These are to be ran from the sensor AP console (telnet/ssh)
# config dot11 sensor pnp ip [DNAC_IP Address] – Manually provision DNAC IP Address to Sensor
# show dot11 sensor heartbeat status - A heartbeat between DNAC and the sensor occurs every 60 seconds. Run this command to
see the status and last success time of the heartbeat – If fail confirm connectivity to DNAC
# show dot11 sensor test result -This shows the results of the test that the sensor has ran. These results flow directly to the DNAC
and do not go thru the WLC
# show dot11 sensor test config - This shows the configuration that the Sensor has received from the DNAC thru the WLC.
# show dot11 sensor synthetic work list - This shows details for each tests that the sensor will execute
# show dot11 sensor stats - Look for “Total Test Cases Ran”, “Successful Test Cases” and “Failed Test Cases”. This gives in
indication of how many tests the sensor has performed and the overall status of those tests. Note this also includes radio stats and
does show you if DNAC connectivity is enabled
# show dot11 sensor scan list - This shows the AP’s that the sensor can hear and at what signal level. Only AP’s with RSSI of -75 or
higher are tested against
# debug wsa debug - Use ‘term mon’ to view the full debug output from the wsa debug
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Intelligent Capture
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Intelligent Capture Fast Path for Data RSSI, Hyperlocation
Architecture CMX
NMSP for Probe-based Location
Real-Time Location Update
Fast Path
Automation for AP/WLC
HTTPS/JWT
CAPWAP
AP Data (Client & AP Stats) WLC RT stats (client, AP, AAA, etc) DNA Center
Events: onboarding, RRM, etc up to 2 sec.
gNMI (PCAP, Anomaly Events, Real Time AP and Client RF Stats) up to 5 sec.
• Configuration:
• From DNA (automation channel) to WLC
• Require NTP across components
• Streaming Telemetry:
• AP data exported directly to northbound system using gRPC (HTTP 2.0)
• Real time Client RF stats and AP stats (programmable up to 5 sec).
• Anomalies-based PCAP, Anomaly Events, Spectrum Data
• WLC data export types using JWT
• Events
© 2018 Cisco and/or orrights
its affiliates. All Anomalies: onboarding, RRM, AP and AAA failure
reserved. Cisco Confidential
• KPI & Stats for Clients, AP, WLC, Rogue, Application Usages
Intelligent Capture
Three Configuration Step
Prerequisite
Day-1 Config
1. DNAC 1.2.5
1. Add WLC to DNAC
2. WLC w/ AireOS 8.8MR1 (Discovery or Inventory)
3. AP2800/3800/4800 2. Enable Hyperlocation
3. (Optional) Add CMX and
vNAM to DNAC
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Physical Topology
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Exercise Overview
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Lab Exercises
• Exercise 1: Introduction to DNA Center 1.2
• Exercise 2: Using the DNA Center Discovery Tool
• Exercise 3: Using the DNA Center Inventory Tool
• Exercise 4: Integrating DNA Center with the Identity Services Engine (ISE)
• Exercise 5: Using the DNA Center Design Application
• Exercise 6: Onboarding AP1800S
• Exercise 7: Using the DNA Center Provision Application
• Exercise 8: Provisioning Devices to a site
• Exercise 9: Running Sensor tests
• Exercise 10: Overall Health view
• Exercise 11: Client 360 view
• Exercise 12: Network 360 view with Path trace
• Exercise 13: Configuring Application Experience
• Exercise 14: Configuring Intelligent Capture
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Survey / Evaluation
Once you leave the WebEx you’ll be redirected to a Survey.
Survey Scale:
• 1 = Poor and 5 = Excellent
• 1 = Strongly Disagree and 5 = Strongly Agree