Contents
First Published:
Last Updated:
Text Part Number:
Release Notes for Cisco Digital Network Architecture Center, Release 1.1
This document describes the features, limitations, and bugs for this DNA Center release.
Introduction
Cisco® Digital Network Architecture (Cisco DNA) is an open, extensible, software-driven architecture that accelerates and simplifies your enterprise network operations. Only Cisco provides a single network fabric that is powered by deep intelligence and integrated security to deliver automation and analytics across your entire organization at scale. Cisco DNA gives IT time back from time-consuming, repetitive network configuration tasks so you can focus on the innovation your business needs. Cisco DNA automation is built on a Software-Defined Network (SDN) controller, rich contextual analytics, network virtualization and the limitless scalability of the cloud.
Cisco DNA Center can manage your end to-end network from the campus, branch, and WAN to the cloud. Using intuitive work flows, DNA Center makes it easy to design, provision, and apply policy across your network. It also delivers end-to end visibility and uses network insights to optimize network performance and deliver the best user and application experience.
Note
The following are beta features for this release:
Assurance
Global search
New wireless guest
Application policy
DNA Center Scale
DNA Center supports the following scale area numbers.
Table 1 DNA Center Area Scale Area
Supported Scale
Total Devices including Routers, Switches and WLC's (This is individual physical switches deployed in the network).
1,000
Wireless Devices (APs)
4,000
Total number of Clients(Wired/Wireless) per DNAC instance
15,000
Total number of IP Pools - per DNAC instance
500
Number of sites
200
Number of Fabric Domains
10
Profiles
25
Parallel Device Upgrades/Threads (SWIM)
25
Concurrent UI users
10
DNA Center supports the following fabric domain scale numbers.
Table 2 DNA Center Fabric Domain Scale Fabric Domain
Supported Scale
Total number of clients
15,000
Total number of IP pools
500
Fabric nodes1
350
Control plane nodes
2
Border nodes
4
1 Each fabric node is a stack of 8 switches.DNA Center supports the following policy scale numbers.
Table 3 DNA Center Policy Scale Policy
Supported Scale
Policies
1,000
Contracts
500
Scalable Groups
1,000
Virtual Networks
64
Traffic Copy Policies
10
SGACLs - IP Based (Device)
Refer to device spec in switching.cisco.com
SGACL - Group Based (Device)
Refer to device spec in switching.cisco.com
SGT Group/Fabric Domain
1,000
Caveats
Open Caveats
The following table lists the open caveats for DNA Center for this release.
Table 4 Open Caveats Caveat ID Number
Headline
After integrating DNA Center with Cisco ISE (and Cisco ISE is scaled to 400 policies), it takes more than 120 seconds to create a new policy in DNA Center.
Workaround:
There is no workaround at this time.
After integrating DNA Center with Cisco ISE, policies are displayed in DNA Center as UNKNOWN for approximately 45 minutes.
Workaround:
There is no workaround at this time.
If a BGP instance is configured on network borders before being added into the fabric, then perform a resync and add into fabric.DNA Center is not able to remove it successfully, by generating error "Unable to push configs" to device.
Workaround:
There is no workaround at this time.
When removing one of the two MS/MR nodes from the fabric, the corresponding map server configurations are not removed from Cisco Nexus 7000 borders by DNA Center.
Workaround:
There is no workaround at this time.
Cisco Catalyst 6000 switch goes into a Partial Collection Failure state for unknown reasons.
Workaround:
There is no workaround at this time.
Cisco Catalyst 9300 switch goes into partial collection failure UNKNOWN after reboot.
Workaround:
There is no workaround at this time.
Unable to check DHCP reach-ability issue on wired clients.
Workaround:
There is no workaround at this time.
Network health by Device Role and/or Type displays incorrect data or no data.
Workaround:
There is no workaround at this time.
Policy deletion on DNA Center is not reflected on Cisco ISE after performing a back up and restore.
Workaround:
There is no workaround at this time.
After DNA Center appliance reload using the CLI commands, a specific deployment failed.
Workaround:
There is no workaround at this time.
After adding wireless LAN controllers and FE into the fabric, the LISP configuration takes more than two hours to be pushed to the network devices.
Workaround:
There is no workaround at this time.
Adding new devices to an already scaled fabric takes more than two hours.
Workaround:
There is no workaround at this time.
Adding a client IP address pool segment to SSID in Host on-boarding takes approximately 1 hour.
Workaround:
There is no workaround at this time.
After on-boarding an interface on devices, the status bar keeps rotating for hours.
Workaround:
There is no workaround at this time.
Backup scheduler is not working as scheduled.
Workaround:
There is no workaround at this time.
Unable to upgrade maglev on 73292 from 578 to 585.
Workaround:
There is no workaround at this time.
After importing a floormap from Prime, you are unable to edit the building address.
Workaround:
There is no workaround at this time.
Cisco ISE fully qualified domain name is not resolvable from DNA Center.
Workaround:
There is no workaround at this time.
When you choose System Settings > App Management > System Updates and click Refresh, it might take 1-2 minutes for the screen to refresh.
Workaround:
There is no workaround at this time.
In a 3-node setup, right after the addition of node-2 and node-3, if you perform a "maglev node remove" on the first node, the 3- node cluster becomes usable.
Workaround:
There is no workaround at this time.
After initiating a restore on a cluster, while trying to monitor progress of the restore directly on the cluster, you might be logged out and/or see a "You are not authorized to perform this operation" message.
Workaround:
There is no workaround at this time.
You cannot specify a proxy.pac file location in the Https_proxy field of the interface wizard.
Workaround:
There is no workaround at this time.
In a 3-node setup, if an admin wishes to perform some form of maintanance (non-RMA) on one of the 3 boxes, we do not have an explicit cordoning mechanism available.
Workaround:
There is no workaround at this time.
Virtual IP support is needed for all interfaces that users configure on the DNA Center appliance.
Workaround:
There is no workaround at this time.
While performing a backup, if one of the entities being backed up fails, we do not fail the entire backup. This can lead to a "bad" backup being made available to perform a restore with, which can lead to other complications on the cluster where the restore is being performed.
Workaround:
There is no workaround at this time.
If you do not key in a proxy server's IP or hostname while configuring the box, the install time might be slower.
Workaround:
There is no workaround at this time.
While adding a remote server, an admin might notice an error message appear about not being able to setup the remote server.
Workaround:
There is no workaround at this time.
While creating a backup, the Create button is not enabled after entering a Backup name.
Workaround:
There is no workaround at this time.
User sessions are not downloaded from the Cisco ISE server, and the ISE collector logs show errors indicating host reachability.
Workaround:
There is no workaround at this time.
Search query fails, and the Assurance GUI does not show data.
Workaround:
There is no workaround at this time.
When you choose Provision > Discover and provision switches to defined sites in Network Telemetry, a windows appears with title "Application Package Not Available."
Workaround: Access the Network Telemetry page by choosing Tools > Telemetry.
Intermittently, no devices or scores are displayed on the Assurance Overall Health, Network 360, and Client 360 pages.
Workaround:
Restart the cassandra pod and queryengine pod.
On reboot, WLC is going into partial collection failure.
Workaround:
Resync WLC from the inventory.
On reboot, no data displays in the Assurance Overall Health, Network Health, or the Client Health pages.
Workaround:
Restart the pipelineadmin pod.
Path Trace does not work between wireless clients that are registered in local AP mode.
Workaround:
Use static IP address pool.
After Assurance software upgrade, the Overall Health page and the Network Health page takes 15 - 20 minutes to display data.
Workaround:
There is no workaround at this time.
After reload, data is not displaying for any devices in Assurance.
Workaround:
Reboot the pipeline timeseries taskmanager pod in maglev.
No data is displayed on Assurance Client Health and Client 360 pages.
Workaround:
Either restart the pipeline taskmanagers or wait for some time for the problem to fix.
After a fresh install of the Assurance software, no data displays in the Overall Health, Network Health, or the Client Health pages.
Workaround:
Start taskmanagers.
The data displayed on the Network Health page has a 10 minute lag because of an issue with the time filter.
Workaround:
There is no workaround at this time.
For dual-band client issues, the connection history event chart in Assurance is taking time to load.
Workaround:
There is no workaround at this time.
After deleting Cisco WLC from the DNA Center, some fabric configurations remain in Cisco WLC.
Workaround:
There is no workaround at this time.
DNA Center scale: AP provisioning fails and the RF profile is not created in Cisco WLC.
Workaround:
When you are provisioning more APs, make sure that the current FlexConnect group does not contain 100 APs.
Provisioning of Cisco WLC fails if the SSID is created with open authentication and 11r enabled.
Workaround:
There is no workaround at this time.
If you are creating and SSID for the first time, the SSID is created as a Fabric SSID.
Workaround:
There is no workaround at this time.
Provisioning of RF profile with one radio fails when the radio is enabled on the device.
Workaround:
There is no workaround at this time.
Create or edit policy option on any of the Policy pages should be disabled for a user who logs into DNA Center with Observer role credentials.
Workaround:
There is no workaround at this time.
While deploying IP ACL policy, only the default rule gets deployed. The created IP ACL policy does not show up on the DNA Center Policy History dashboard.
Workaround:
There is no workaround at this time.
After provisioning a UCSC device, discovery is successful for vWAAS but it is not assigned to a site.
Workaround:
There is no workaround at this time.
DNA Center should not allow different shared secret for client and network authentication when the site has associated the same ISE with Radius protocol enabled.
Workaround:
There is no workaround at this time.
If you forgot to save device credentials, there is no validation message while provisioning.
Workaround:
There is no workaround at this time.
Provision status shows success when actual deployment failed.
Workaround:
There is no workaround at this time.
If provisioning of ENCS -NFVIS fails due to a lack of diskspace, no error is displayed under Provision status (Provision > Devices > Inventory).
Workaround:
There is no workaround at this time.
The hardware recommendation is incorrect for UCS-E devices.
Workaround:
There is no workaround at this time.
A user-friendly error messages should be shown during SMU activation.
Workaround:
There is no workaround at this time.
Pre-verification check sometime gives a false positive even though there is no actual issue on the device or in the topology.
Workaround:
There is no workaround at this time.
An error appears while adding a CP to an external fabric domain.
Workaround:
There is no workaround at this time.
CSCvg92898 When removing a Cisco ISR400/ASR1001-X border device from a fabric, the BGP IP address pool is not released back to the IP Address Pool.
Workaround:
There is no workaround at this time.
Using the Bug Search Tool
Procedure
Step 1 Go to http://tools.cisco.com/bugsearch. Step 2 At the Log In screen, enter your registered Cisco.com username and password; then, click Log In. The Bug Search page opens.
Note If you do not have a Cisco.com username and password, you can register for them at http://tools.cisco.com/RPF/register/register.do.
Step 3 To search for a specific bug, enter the bug ID in the Search For field and press Return. Step 4 To search for bugs in the current release:
Limitations and Restrictions
DNA Center limitations and restrictions are described in the following sections:
Back Up and Restore Limitations
After performing a restore operation, proceed to update integration between Cisco ISE with DNA Center. There is a chance that after a restore operation, Cisco ISE and DNA Center may not be in sync. To update your Cisco ISE integration with DNA Center, access Settings in the GUI, then open the Authentication and Policy Servers window, then choose Edit for the server. Enter your Cisco ISE password to update.
After performing a restore operation, the network configuration may not be in sync with the restored database. For this reason, you may need to manually revert the CLI commands pushed for AAA (Authentication Authorization and Accounting) and configuration on the network devices. Refer to the individual network device documentation for information about the CLI commands to enter.
Re-enter the device credentials on the restored database. If you updated the site level credentials before the database restore and the database does not have the credential change information, then all devices will go to partial-collection post restore. You then need to manually update the device credentials on the devices for synchronization to DNA Center or perform a rediscovery of those devices to learn the device credentials.
AAA provisioning needs to be performed only after adjusting diff changes to the restored database. Otherwise, there is a chance of device lockouts.
DNA Center Assurance data is not supported for back up and restore.
Service and Support
Related Documentation
The following publications are available for the DNA Center.
For this type of information...
See this document...
Release information, including new features, system requirements, and open and resolved caveats.
Installation and configuration of DNA Center, including post-installation tasks.
Cisco Digital Network Architecture Center Appliance Installation Guide
Introduction to the DNA Center GUI and its applications.
Configuration of user accounts, RBAC scope, security certificates, authentication and password policies, and global discovery settings.
Monitoring and managing DNA Center services.
Backup and restore.
Cisco Digital Network Architecture Center Administrator Guide
Supported devices, such as routers, switches, wireless access points, NFVIS platforms, and software releases.
Supported Devices Used in Cisco Digital Network Architecture Center
Licenses and notices for open source software used in DNA Center Assurance
Open Source Used In Cisco DNA Center Assurance, Release 1.1.x
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, using the Cisco Bug Search Tool (BST), submitting a service request, and gathering additional information, see What’s New in Cisco Product Documentation at:
http://www.cisco.com/c/en/us/td/docs/general/whatsnew/whatsnew.html
Subscribe to What’s New in Cisco Product Documentation, which lists all new and revised Cisco technical documentation as an RSS feed and delivers content directly to your desktop using a reader application. The RSS feeds are a free service.
Copyright © 2017, Cisco Systems, Inc. All rights reserved.