Provision a LAN Underlay

LAN Automation

Cisco DNA Center provides LAN automation as an alternative for manual deployment of new networks. It allows you to simplify network operations and create a standard error-free network. LAN automation uses the IS-IS routing protocol to deploy a Layer 3 routed access design.

The LAN Automation window provides the capabilities to do the following:

  • Provision your network through LAN automation.

  • View the history of LAN automation sessions.

  • View the summary for LAN automated devices.

Click the menu icon () and choose Provision > LAN Automation to view this window.

  • Start LAN Automation: Use this option to initiate LAN automation sessions on your network.

  • Overview: Expand this section to view the prerequisites and more information about provisioning your network through LAN automation.

  • Sessions: This section consists of the History and LAN Automated Devices tabs.

Day 0 Operation

On day 0, click Start LAN Automation to start provisioning your network through LAN automation. For more information, see Provision a Network Through LAN Automation.

For day 0, Cisco DNA Center doesn't display any data in the Sessions section.

Day n Operation

On day n, you can click Start LAN Automation to initiate more LAN automation sessions. You can run up to five LAN automation sessions simultaneously across sites. For more information, see Provision a Network Through LAN Automation.

When a LAN automation session is in progress, Cisco DNA Center displays a tile for the session in the LAN Automation window. To view the details of the session, click See Session Details in the tile. To stop LAN automation for the session, click Stop LAN Automation in the tile.

The History tab displays the history of LAN automation sessions in your network. You can use the search field to search for specific text in history. Click the hyperlinked date to view the session details. To view the logs for a session, in the session details window, click View Session Logs.

The LAN Automated Devices tab displays the details of the LAN automated devices. You can use the search field to filter the data based on specific text. Click one of the following toggle buttons to filter the data:

  • Seed Devices: Displays the data for seed devices

  • Discovered: Displays the data for discovered devices

  • Provisioned: Displays the data for provisioned devices

  • Error: Displays the data for devices with errors

In the LAN Automated Devices tab, you can also do the following:

  • Click the device name hyperlink to view the device details.

  • Provision interfaces between two devices using the Add Link option. For more information, see Create a Link Between Interfaces.

  • Delete the interface between two devices using the Delete Link option. For more information, see Delete a Link Between Interfaces.

Prerequisites for Provisioning a Network Through LAN Automation

Before provisioning a network through LAN automation, ensure the following:

  • Configure your network hierarchy. (See Add a Device to a Site.)

  • Make sure you have defined the following global network settings:

  • Make sure that you have at least one device in your inventory. If not, discover devices using the Discovery feature.


    Note

    LAN automation is blocked if the discovered site is configured with CLI credentials that has a username "cisco".

  • If you have a Cisco Catalyst 9400 Switch configured in the network, ensure that the following operations are done on the switch for LAN automation to automatically enable the 40G port:

    • Day-0 Configuration is performed on the switch.

    • A 40G Quad Small Form-Factor Pluggable (QSFP) transceiver is inserted in either port 9 or port 10 of the Supervisor, and the ports numbered 1 to 8 on the Supervisor do not have a 10G or 1G Small Form-Factor Pluggable (SFP) transceiver inserted in them. If there are dual supervisor engines, ensure that the 40G QSFP is inserted in port 9.

      For more information on the Catalyst 9400 Series Supervisor, see Cisco Catalyst 9400 Series Supervisor Installation Note.

Provision a Network Through LAN Automation

Before you begin

Make sure that the prerequisites have been met. For more information, see Prerequisites for Provisioning a Network Through LAN Automation.

Procedure

Step 1

Reserve an IP address pool for the site that you are provisioning.

Note

 

The size of the LAN automation IP address pool must be at least 25 bits of netmask or larger.

  1. Click the menu icon () and choose Design > Network Settings > IP Address Pools.

  2. In the Network Hierarchy pane, choose a site.

  3. Click Reserve and provide information in the following fields in the Reserve IP Pool window to reserve all or part of an available global IP address pool, for the specific site:

    • IP Address Pool Name: Unique name for the reserved IP address pool.

    • Type: Type of IP address pool. For LAN automation, choose LAN.

    • IP Address Space: Check either the IPv4 or the IPv6 check box to create an address pool. To create a dual-stack pool, check both the IPv4 and IPv6 check boxes.

    • Global IP Pool: IPv4 address pool from which you want to reserve all or some of the IP addresses.

      Note

       

      LAN automation uses only the IPv4 subnet.

    • Prefix length / Number of IP Addresses: IP subnet and mask address that is used to reserve all or part of the global IP address pool or the number of IP addresses that you want to reserve.

    • Gateway: Gateway IP address.

    • DHCP Server(s): DHCP server IP address.

    • DNS Server(s): DNS Server IP address.

  4. Click Reserve.

Step 2

Initiate the discovery and provisioning of the devices:

  1. Click the menu icon () and choose Provision > LAN Automation.

  2. In the LAN Automation window, click Start LAN Automation.

    The LAN Automation workflow guides you through the configuration process.

Step 3

In the Seed Devices window, do the following:

  • Select the Primary Seed Device and its interface.

  • (Optional) Select the Secondary Seed Device and its interface.

Step 4

In the Sessions Attributes window, do the following:

  • Select the site to which all the newly discovered devices are assigned. This site can be different from the primary and peer sites.

  • Select the IP Address Pool from the Principal IP Address Pool drop-down.

  • (Optional) Click the Advance Attributes toggle button to set the IS-IS Password and also to enable multicast.

  • In the HOSTNAME MAPPING section, define a prefix name for the devices in the Discovered Devices Hostname Prefix field.

    You can either select a hostname map file from the Choose a File drop-down, or upload the .csv file from storage.

  • Click Review.

Step 5

In the Review window, look through all the LAN Automation session settings. To make any changes, click Edit.

Click Start.

The following table describes each field that you see in the LAN Automation workflow window:

Primary Seed Device

Select the primary device that Cisco DNA Center uses as the starting point to discover and provision new devices.

Secondary Seed Device

Select the secondary seed device.

Discovered Device Site

All the newly discovered devices are assigned to this site. This site can be different from the primary and peer sites.

Principal IP Pool

IP address pool that was reserved for LAN automation.

Link Overlapping IP Pool

IP address pool that is shared with other sites and is used to configure the /31 IP addresses on point-to-point links in the underlay.

  • A link that overlaps IP pool can be a subpool that is inherited from a parent site or a subpool that is defined in any other site.

  • A link that overlaps IP pool allows you to overlap /31 IP addresses in a multisite deployment. Hosts in different sites will be able to reuse the IP addresses on the /31 links.

  • If you choose to define a link that overlaps IP pool, the addresses that are defined in the Principal IP Pool field are used for management IPs such as loopback address, VLAN address, and so on.

IS-IS Domain Password

A user-provided IS-IS password when LAN automation starts. If the password exists on the seed device, it is reused and is not overwritten. If no user-provided password is entered and there is no existing IS-IS password on the device, the default domain password is used. If both the primary and the secondary seeds have domain passwords, ensure that they match.

Advertise LAN Automation summary route into BGP

Check this check box if you want LAN automation to advertise the Principal IP pool into BGP on the primary and peer seed device. LAN automation advertises the summary route on the seed devices only if BGP is configured on them.

This check box is disabled by default. It is enabled only if the primary or the peer seed device has an autonomous system (AS) number configured.

Enable Multicast

Check this check box to enable underlay native multicast. LAN automation creates a multicast tree with seed devices as RPs and discovered devices as subscribers.

Choose a File

Click Browse to choose a hostname map file. User-provided names are configured for discovered devices using the chosen CSV file that contains a mapping between serial numbers and hostnames. If the discovered device is a stack, all the serial numbers of the stack are provided in the CSV file.

A sample CSV file is as follows:

standalone-switch,FCW2212L0NF
stack-switch,"FCW2212E00Y,FCW2212L0GV"

Device Name Prefix

Name prefix for the devices being provisioned. When Cisco DNA Center provisions each device, it prefixes the device with the text that you provide and adds a unique number at the end. For example, if you input "Access" as the name prefix, each consecutive device that is provisioned is named Access-1, Access-2, Access-3, and so on.

Cisco DNA Center begins to discover and provision the new devices.

LAN automation configures an IP address on the seed device of VLAN 1. If this VLAN 1 IP address of the seed device is not reachable from Cisco DNA Center, an error message is displayed on the LAN Automation Status window. Hover your cursor over the See Details link on this window to see the error details and possible remedial actions.

Step 6

Monitor and review the progress of the devices being provisioned.

  1. In the LAN Automation window, click See Session Details on the status pane.

    You can filter the status display and see the details of the discovered devices, or the provisioned devices, or error messages.

    Note

     

    The provisioning of new devices may take several minutes.

  2. After all the devices have been discovered and added to the inventory, click Stop LAN Automation in the LAN Automation Status window.

    The LAN automation process is complete, and the new devices are added to the inventory.

Step 7

(Optional) You can have multiple LAN Automation sessions (up to five sessions) running in parallel. The details of each session are displayed on the respective tiles in the LAN Automation window.

Consider the following aspects before you start simultaneous LAN Automation sessions:

  • You can't use the same seed device for more than one session.

  • You can't use the same site for parallel sessions.

  • You can't use the same IP Pool for parallel sessions.

Peer Device in LAN Automation Use Case

Provision a Dual-Homed Switch

You must always select a peer device to provision the dual-homed switch.

Cisco DNA Center configures the DHCP server on the primary device. Because Cisco DNA Center understands that the discovered device is connected to both the primary and peer devices, it configures two Layer 3 point-to-point connections when the LAN automation task is stopped. One connection is established between the discovered device and the primary device; the other connection is established between the discovered device and the peer device.


Note

If the link between the primary and the peer device is not configured before the LAN automation job is executed, you must select the interface of the primary device that connects to the peer device as part of the LAN automation configuration in Cisco DNA Center.

LAN Automation's Two-Hop Limitation

For the preceding topology, Cisco DNA Center configures the following links:

  • A point-to-point Layer 3 routed connection from Discovered device 1 to Primary device

  • A point-to-point Layer 3 routed connection from Discovered device 1 to Peer device

  • A point-to-point Layer 3 routed connection from Discovered device 1 to Discovered device 2

Consider the scenario where a device—named Discovered device 3—is directly connected below Discovered device 2. The connection between Discovered device 2 and Discovered device 3 is not configured as part of the LAN automation job, because it is more than two hops away from Primary device.

Check the LAN Automation Status

You can view the status of in-progress LAN automation jobs.

Before you begin

You must have created and started a LAN automation job.

Procedure

Step 1

Click the menu icon () and choose Provision > LAN Automation.

A status pane displays the current status of LAN automation.

Step 2

In the status pane, click See Session Details.

You can view the overall status of LAN Automation (In Progress or Completed), and also filter the view based on the discovered, or provisioned devices.

Step 3

In the LAN Automation window, click LAN Automated Devices tab to see the configuration logs and session logs.

Create a Link Between Interfaces

To add a link between the interfaces through LAN Automation, follow these steps:

Procedure

Step 1

Click the menu icon () and choose Provision > LAN Automation.

Step 2

In the LAN Automation Devices tab of the LAN Automation window, click Add Link.

Step 3

Follow these steps in the Add Link workflow:

  1. Select the two devices to establish the link.

  2. Select an IP address pool within the LAN. Ensure that the IP address pool is reachable from Cisco DNA Center.

  3. Select the interfaces on both the devices between which you want to establish a connection.

  4. Click Now or Later to indicate when you want to provision the link. Enter a name for the task in the field provided.

  5. In the Summary window, review the configuration settings. To make any changes, click Edit.

  6. Click Start Add Link.

    The Link Configuration Started Successfully window appears.

Step 4

To see the status of the configuration, click View Status in Activities.

Delete a Link Between Interfaces

To delete the interface links that were created during LAN Automation or by performing an Add Link operation, follow these steps:

Procedure

Step 1

Click the menu icon () and choose Provision > LAN Automation.

Step 2

In the LAN Automation Devices tab of the LAN Automation window, click Delete Link.

Step 3

Follow the steps in the Delete Link workflow:

  1. Select the two devices to delete the interface link.

  2. Select the interfaces on both these devices between which you want to delete the link.

  3. Click Now or Later to indicate when you want to start the delete process. Enter a name for the task in the field provided.

  4. In the Summary window, review the configuration settings. To make any changes, click Edit.

  5. Click Start Delete Link.

    The LAN Automation configuration has been removed from the selected interfaces window appears.

Step 4

To see the status of the delete link task, click View Status in Activities.