Cisco DNAC Assurance TT PDF

DNAC Assurance 1.2.
6
Part of the SDA Foundational Knowledge Series
Hitesh Sood
Solutions Readiness Engineer
hsood@cisco.com
04 & 06 December 2018
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Introduction
Introduction Agenda
1. Introduction
2. About this Series
3. DNA Center Overview
4. DNA Analytics and Assurance Architecture Overview
5. DNA Controller and Service Components
6. Introduction to DNAC Assurance
7. Wireless Sensor
8. Intelligent Capture
9. Lab Overview
10. Exercise Overview
11. Survey / Evaluation
About This Series
SDA Foundational Knowledge Series
• Intermediate System to Intermediate System (IS-IS) for Software-Defined Access
• Basic Location/ID Separation Protocol (LISP) for Software-Defined Access
• Intermediate Location/ID Separation Protocol (LISP) for Software-Defined Access
• DNA Center 1.0 for Software-Defined Access
• DNA Center 1.1 Wired Automation for Software-Defined Access
• DNAC 1.2.6 Wireless automation
• DNAC 1.2.6 Assurance
DNA Center Overview
DNA Solution
Cisco Enterprise Portfolio
DESIG PROVISIO POLIC ASSURANCE

N N Y
DNA Center
Identity Services Engine Network Control Platform Network Data Platform
Routers Switches Wireless Controllers Wireless APs

DNA Analytics and Assurance
Architecture Overview
Power of Analytics and Automation working in sync
DNA Center
Telemetry, alerts,
violations
Assurance and
Automation Analytics
Network inventory,
topology, and
configuration
Network and telemetry Streaming telemetry

configuration & network data
Service Architecture – Part 1
Service Architecture – Part 2
DNA Assurance Architecture
Customer Cloud Based
Datacenter ML Engine)
DNA Center Assurance UI
Insights
Feedback
DNA
Automatio DNA Assurance Data
DNA Cloud
n Analytics
Network Network Data Platform

Control
Platform
ssh
Protocols & APIs (WSA, gRPC, SNMP, NetFlow, Syslog, Location, CLI, ...)
CMX
DHC
P
WAN
Network Control Points

Office Site Network Services DC Metrics, Events, Config, ...
Customer Control, Notifications, ...
Network
DNA Controller and Service Components
High-Level DNA Platform Architecture
DNA Center User Interface
DNA Applications Analytics Applications
DNA Controller Platform Services DNA Analytics – Network Data Platform
Elastic Controller(Maglev) Infrastructure

Kubernetes
Kafka
Cassandra
Elastic Services
Mongo DB
DNA Center Packages
Introduction to DNAC Assurance
Assurance Workflow
Min SW and HW Requirements for DNA
Assurance
 Controllers supported:
 DNA Optimized Infrastructure: CT 3504, 5520 and 8540, ME (production beta)
• APs Supported
• DNA Optimized Infrastructure: Wave 2 APs (1810, 1815, 1830, 1850, 2800, 3800, 4800, 1540, 1560)
• Other APs supported: Wave 1 APs (1700, 2700, 3700) and 11n APs (700, 1600, 2600, 3500 and 3600)
• Sensor Support1:
• AP as a Sensor - AP 1800, 2800, 3800, 4800 2
• Dedicated Sensor - AP 1800S
• SDA is only supported on Wave 1 and Wave 2 APs
• Recommended Software Releases:

• WLC, ME: 8.5.135 (8.5MR3.5), 8.8.100
• 1800S: 8.7.258
1XOR Radio as a Sensor for AP 2800 and 3800 are deprecated

2AP as Sensor support for Aironet 2800, 3800 and 4800 APs with 8.8.100 and upcoming 8.5MR4
DNA Assurance AP Feature Matrix per AP type
802.11n AP1800 AP2800/ AP4800
Wave-1 AP 3800
Health, Issue ● ● ● ●
AP as a Sensor X ● ● ●
IP SLA Responder X ● ● ●
Intelligent Capture (Onboard PCAP) X X ● ●
Intelligent Capture (Spectrum
Analyzer)
X X ● ●
Intelligent Capture (Full PCAP) X X X ●
DNS Widget
X ● ● ●
…Based on DNAC 1.2.5. AireOS 8.8MR1 and above
Streaming Telemetry provides x3 time faster result
I/O Type DNAC Legacy NMS Notes
AP & Client RF Stat
Input 90 sec 300 sec (5 min) x3 Faster
Client and Networ Intervals
k Health analysis Update frequency 300 sec (5 min; includes
Output 900 sec (15 min) x3 Faster
on DNAC Health score computation)
Assoc. & Disassoc.
Onboarding Events 240+ Events coming at a
Client Input Events Only x10 Faster
Viewer Intervals rate of 30 sec
Onboarding at 300 sec
analysis Update frequency
Output 300 sec (5 min) 300-900 sec (5-15 min) Up to x3 Faster
on DNAC
AP RF Stat Intervals 30 sec N.A N.A
Client RF Stat
5 sec N.A N.A
Client and Networ Intervals
Input
k Troubleshooting On-Boarding Event
2 sec N.A N.A
using Intelligent Viewer Intervals
Capture* Spectrum Analyzer 5 sec N.A N.A
Update Interval
Output 30 sec N.A N.A
on DNAC *Available with 8.8 and 1.2.5 only
WSA Architecture Overview
• WSA is a streaming telemetry
service that runs on new WLC Cisco DNA Center
WLC 8.5 HTTPS POST
with the AireOS 8.5+ Assurance
• WSA posts model-driven

telemetry data over HTTPS to Wireless Service Assurance
DNA Center
Yang Certificate
• The server receives the data
Models Store
for further processing,
analytics, or visualization Subscription Topics
within Assurance
30+ Models
Data remains within
the CAPWAP tunnel
CAPWAP TUNNEL
from the AP to the
WLC
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Sensor Anywhere Drives Intelligence of DNA
Assurance to the edge
Test Your Network Anywhere at Any time at Real-world Client Level
Aironet 1800S Active Sensor AP as a Sensor *

(1800/2800/3800/4800)
Purpose-built Hardware for Analytics

Can be configured as dedicate Sensor
when it’s configured AP as a Sensor
Automatically converted to Sensor or AP
• 2x2 with 2 spatial streams by DNAC
• Multiple powering options
- PoE Power
- USB Type “C” power
- Direct AC Power Plug
• Integrated BLE
• Ultra compact form factor
Onboarding & Configure Tests Global Issue Dynamic Sensor

SLA Dashboard
Services Tests Remotely Creation Test Trigger
*AP2800/3800/4800 w/ 8.5MR4 or 8.8MR1

Sensor Feature Matrix
Test AP1800s AP1800 AP2800/380 Wave-1 &

Series 0/4800 11n AP
Wireless Provisioning Yes n/a n/a n/a
Network & Application Test Yes n/a n/a Infra AP only
IP SLA sender Sensor and Sensor and Not

responder responder supported
Speed test Yes Yes Yes Infra AP only
Wireless Sensor
Wireless Provisioning Config
Create Wireless Provisioning SSID for AP1800S
When using the 1800s sensor (without the PoE
module) the sensor would be provisioned over the
WLAN by enabling the provisional SSID on the AP
This will allow the sensor to

connect AP wirelessly, and find
the DNAC IP over Wireless
using
© 2018 Cisco and/or DHCP
its affiliates. Option
All rights reserved. Cisco43 or DNS.
Confidential
1. Connect
How to point DNAC IP Address to Sensor using
DHCP/DNS Server
From DHCP Server From DNS Server
Notes:
• If Option 43 field is already
used for other purpose, Use
conditional Option 43 using
VCI string. AP1800S’s VCI
string is “Cisco AP C1800”
OR
Create Option 43
Create entry “PNPSERVER”
“5A1N;B2;K4;I10.13.1.100;J80"
10.13.1.100 – DNAC IP Address and assign DNAC IP Address
Troubleshooting Commands
CLI Commands for troubleshooting. These are to be ran from the sensor AP console (telnet/ssh)
# config dot11 sensor pnp ip [DNAC_IP Address] – Manually provision DNAC IP Address to Sensor
# clear dot11 sensor – Reset Sensor config to default
# show dot11 sensor heartbeat status - A heartbeat between DNAC and the sensor occurs every 60 seconds. Run this command to
see the status and last success time of the heartbeat – If fail confirm connectivity to DNAC
# show dot11 sensor test result -This shows the results of the test that the sensor has ran. These results flow directly to the DNAC
and do not go thru the WLC
# show dot11 sensor test config - This shows the configuration that the Sensor has received from the DNAC thru the WLC.
# show dot11 sensor synthetic work list - This shows details for each tests that the sensor will execute
# show dot11 sensor stats - Look for “Total Test Cases Ran”, “Successful Test Cases” and “Failed Test Cases”. This gives in
indication of how many tests the sensor has performed and the overall status of those tests. Note this also includes radio stats and
does show you if DNAC connectivity is enabled
# show dot11 sensor scan list - This shows the AP’s that the sensor can hear and at what signal level. Only AP’s with RSSI of -75 or
higher are tested against
# debug wsa debug - Use ‘term mon’ to view the full debug output from the wsa debug
Intelligent Capture
Intelligent Capture Fast Path for Data RSSI, Hyperlocation
Architecture CMX
NMSP for Probe-based Location
Real-Time Location Update
Fast Path
Automation for AP/WLC
CAPWAP TLV Automation
HTTPS/JWT
CAPWAP
AP Data (Client & AP Stats) WLC RT stats (client, AP, AAA, etc) DNA Center
Events: onboarding, RRM, etc up to 2 sec.
gNMI (PCAP, Anomaly Events, Real Time AP and Client RF Stats) up to 5 sec.
• Configuration:
• From DNA (automation channel) to WLC
• Require NTP across components
• Streaming Telemetry:
• AP data exported directly to northbound system using gRPC (HTTP 2.0)
• Real time Client RF stats and AP stats (programmable up to 5 sec).
• Anomalies-based PCAP, Anomaly Events, Spectrum Data
• WLC data export types using JWT
• Events
© 2018 Cisco and/or orrights
its affiliates. All Anomalies: onboarding, RRM, AP and AAA failure
reserved. Cisco Confidential
• KPI & Stats for Clients, AP, WLC, Rogue, Application Usages
Intelligent Capture
Three Configuration Step
Prerequisite
Day-1 Config
1. DNAC 1.2.5
1. Add WLC to DNAC
2. WLC w/ AireOS 8.8MR1 (Discovery or Inventory)
3. AP2800/3800/4800 2. Enable Hyperlocation
3. (Optional) Add CMX and
vNAM to DNAC
DNAC automate all of necessary configs in WLC and

AP
DNAC Assurance Wireless Device Support Matrix
Telemetry Source Type Sensor support iCap Feature
WLC WSA (DNAC) and Webhook Yes Filtered Channel

3504/5520/8540 (3rd Party) up to 16 clients
ME WLC Parity Yes Parity with WLC
eWLC TDL Yes All (16.10.1)
AP4800 gRPC AP as a Sensor All
AP2800/3800 gRPC AP as a Sensor All except Full PCAP
AP1815/30/50 Sensor WSA AP-as-a-Sensor n/a
Active Sensor Sensor WSA Dedicate Sensor n/a

AP1800S
AP1540,/1560 WSA (from WLC) n/a n/a
Intelligent Capture Download
Onboard Packet (*.PCA)
Auto Packet Analyzer using Browser
Green color packet RED color packet

- 802.11 Auth. - Deauthentication
- Assoc. - Disassociation
- EAP (802.1x)
- DHCP
- Data (ARP,DNS,ICMP) Line chart
logarithmic For RSSI per Packet
Time scale
First packet Origination of Packets Bar Chart Display Last packet

Timestamp Inter-packet delay up to 80 packets Timestamp
Lab Overview
Physical Topology
Exercise Overview
Lab Exercises
• Exercise 1: Introduction to DNA Center 1.2
• Exercise 2: Using the DNA Center Discovery Tool
• Exercise 3: Using the DNA Center Inventory Tool
• Exercise 4: Integrating DNA Center with the Identity Services Engine (ISE)
• Exercise 5: Using the DNA Center Design Application
• Exercise 6: Onboarding AP1800S
• Exercise 7: Using the DNA Center Provision Application
• Exercise 8: Provisioning Devices to a site
• Exercise 9: Running Sensor tests
• Exercise 10: Overall Health view
• Exercise 11: Client 360 view
• Exercise 12: Network 360 view with Path trace
• Exercise 13: Configuring Application Experience
• Exercise 14: Configuring Intelligent Capture
Survey / Evaluation
Once you leave the WebEx you’ll be redirected to a Survey.
Survey Scale:
• 1 = Poor and 5 = Excellent
• 1 = Strongly Disagree and 5 = Strongly Agree
Your feedback is very valuable to us!

Thank You!

Cisco DNAC Assurance TT PDF

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Cisco DNAC Assurance TT PDF

Caricato da

Copyright:

Formati disponibili

DNAC Assurance 1.2.

DESIG PROVISIO POLIC ASSURANCE

Routers Switches Wireless Controllers Wireless APs

Network and telemetry Streaming telemetry

Network Network Data Platform

Network Control Points

DNA Applications Analytics Applications

DNA Controller Platform Services DNA Analytics – Network Data Platform

Elastic Controller(Maglev) Infrastructure

• Recommended Software Releases:

1XOR Radio as a Sensor for AP 2800 and 3800 are deprecated

• WSA posts model-driven

Aironet 1800S Active Sensor AP as a Sensor *

Purpose-built Hardware for Analytics

Onboarding & Configure Tests Global Issue Dynamic Sensor

*AP2800/3800/4800 w/ 8.5MR4 or 8.8MR1

Test AP1800s AP1800 AP2800/380 Wave-1 &

Network & Application Test Yes n/a n/a Infra AP only

IP SLA sender Sensor and Sensor and Not

This will allow the sensor to

# clear dot11 sensor – Reset Sensor config to default

CAPWAP TLV Automation

DNAC automate all of necessary configs in WLC and

WLC WSA (DNAC) and Webhook Yes Filtered Channel

eWLC TDL Yes All (16.10.1)

AP4800 gRPC AP as a Sensor All

AP2800/3800 gRPC AP as a Sensor All except Full PCAP

AP1815/30/50 Sensor WSA AP-as-a-Sensor n/a

Active Sensor Sensor WSA Dedicate Sensor n/a

Green color packet RED color packet

First packet Origination of Packets Bar Chart Display Last packet

Your feedback is very valuable to us!

Potrebbero piacerti anche