Network Hierarchy Management

Feature history for network hierarchy management

Table 1. Feature History

Feature Name

Release Information

Description

Network Hierarchy

Cisco IOS XE Catalyst SD-WAN Release 17.9.1a

Cisco vManage Release 20.9.1

This feature enables you to create a network hierarchy in Cisco SD-WAN Manager to represent the geographical locations of your network. The network hierarchy and the associated resource IDs, including region IDs and site IDs, help you apply configuration settings to a device. In addition, the introduction of the resource manager in Cisco SD-WAN Manager automatically manages these resource IDs, thereby simplifying the overall user experience of Cisco Catalyst SD-WAN.

Note that you can create a region only if you enable the Multi-Region Fabric option in Cisco SD-WAN Manager.

You can create a network hierarchy in Cisco SD-WAN Manager to represent the geographical locations of your network. You can create a region, an area, and a site in a network hierarchy. In addition, you can assign a site ID and a region ID to a device.

Network Hierarchy Enhancement

Cisco IOS XE Catalyst SD-WAN Release 17.10.1a

Cisco vManage Release 20.10.1

The following enhancements are introduced in the Network Hierarchy and Resource Management feature.

  • Creation of a system IP pool on the Configuration > Network Hierarchy page

  • Automatic assignment of site ID, system IP, and hostname to a device in the Quick Connect workflow

  • Display of detailed information on the Configuration > Network Hierarchy page, including site ID pool, region ID pool, and the list of devices associated with a site

You can create a system IP pool on the Configuration > Network Hierarchy page.

Support for Software Defined Remote Access Pools

Cisco IOS XE Catalyst SD-WAN Release 17.11.1a

Cisco vManage Release 20.11.1

Remote access refers to enabling secure access to an organization's network from devices at remote locations. The resource pool manager manages the IPv4 and IPv6 private IP address pools for Cisco Catalyst SD-WAN remote access devices.

You can create a software defined remote access pool using the Configuration > Network Hierarchy page.

Support for Traffic Flow Collectors

Cisco IOS XE Catalyst SD-WAN Release 17.13.1a

Cisco Catalyst SD-WAN Manager Release 20.13.1

This feature enables you to configure traffic flow collectors such as the Cflowd server and security logging server. Cflowd monitors service side traffic flowing through devices in the overlay network and exports flow information to the collector. Enable security logging and configure servers for high-speed logging (HSL) and collecting external syslogs.

You can configure the traffic flow collectors by navigating to Configuration > Network Hierarchy > Collectors.

End of Support for Secondary Regions and Subregions

Cisco IOS XE Catalyst SD-WAN Release 17.15.1a

Cisco Catalyst SD-WAN Manager Release 20.15.1

This release ends support for secondary regions and subregions.

Network hierarchy management

A network hierarchy is a logical framework in Cisco SD-WAN Manager that

  • organizes network nodes into geographical or logical groupings,

  • assigns resource IDs to each node to assist with configuration management, and

  • establishes a predetermined multi-level structure supporting regions, areas, and sites.

By default, there is one node called global in the network hierarchy. The network hierarchy has a predetermined hierarchy with three types of nodes.

  • A region is a top-level node in a multiregion fabric-based Cisco Catalyst SD-WAN deployment. Regions segment the SD-WAN overlay into distinct networks and require the Multi-Region Fabric feature to be enabled.

    You can create a region only if you enable the Multi-Region Fabric option in Cisco SD-WAN Manager. For complete information about the Multi-Region Fabric feature, see the Cisco Catalyst SD-WAN Multi-Region Fabric (also Hierarchical SD-WAN) Configuration Guide.

  • Group (Area): An area, also called a group, is a logical grouping of nodes such as sites, regions, or other areas. Areas allow flexible organization of network locations within the hierarchy.

  • Site: A site is the lowest-level node in the hierarchy. Sites represent specific network locations and can be associated with network devices. Child nodes cannot be created under a site.

  • By default, the hierarchy includes a single global node.

  • Resource IDs assigned to nodes help determine where to apply configuration settings in Cisco SD-WAN Manager.

  • To create or manage nodes in a network hierarchy, see "Manage a Network Hierarchy" in the product documentation.

Benefits of network hierarchy

These are the benefits of network hierarchy.

  • Automates the management of regions and sites.

  • Saves the manual effort in an upgrade scenario when Cisco SD-WAN Manager discovers all your existing sites and displays them in the network hierarchy.

  • Simplifies the onboarding and configuration of devices.

  • Monitors and collects information about traffic flow.

Supported devices for network hierarchy

This feature is supported on Cisco IOS XE Catalyst SD-WAN devices.

Restrictions for network hierarchy

These are the restrictions for network hierarchy.

  • You can delete a node only if it does not have any child node. For example, you can delete a site only if no devices are associated with it.

  • A site is the lowest level of a node or the leaf node in a network hierarchy. You cannot create a child node under a site.

  • You cannot create more than one region node between the global node and a site node.

  • You cannot create a region in a multitenant deployment.

  • The maximum combined number of regions and secondary regions is 63 (region ID numbers 1 through 63).

Manage a network hierarchy

Create a region in a network hierarchy

Use these steps to create a Region for Cisco Catalyst SD-WAN Manager Release 20.12.1 and earlier.

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Network Hierarchy.

  2. Click adjacent to a node (global or area) in the left pane and choose Add MRF Region.


    Note

    You can also use the Add Node option to add a region.

  3. In the Name field, enter a name for the region. The name must be unique and can contain only letters, the digits 0 through 9, hyphens (-), underscores (_), and periods (.).

  4. In the Description field, enter a description of the region.

  5. From the Parent drop-down list, choose a parent node.

  6. Click Add.

(For Cisco Catalyst SD-WAN Manager Release 20.12.1 or earlier) Ensure that the Multi-Region Fabric option in Cisco SD-WAN Manager is enabled. See Enable Multi-Region Fabric in the Cisco Catalyst SD-WAN Multi-Region Fabric Configuration Guide.

From Cisco Catalyst SD-WAN Manager Release 20.13.1, configuring regions is enabled by default. It does not require enabling Multi-Region Fabric. Use these steps to create a Region for Cisco Catalyst SD-WAN Manager Release 20.13.1 and later.

Procedure

Step 1

From the Cisco SD-WAN Manager menu, choose Configuration > Network Hierarchy.

Step 2

Click adjacent to Global in the left pane and choose Add Node.

Step 3

Do one of the following:

  • If Multi-Region Fabric is not enabled:

    In the Add Node pop-up window, check the Behave as SDWAN Region checkbox.

    If you do not check this checkbox, this procedure creates a new group within the network hierarchy instead of a region.

  • If Multi-Region Fabric is enabled:

    In the Add Node pop-up window, choose Region.

Step 4

Configure the following:

Field

Description

Name

Name for the region. The name must be unique and can contain only letters, the digits 0 through 9, hyphens (-), underscores (_), and periods (.).

Description

Description of the region.

Parent drop-down list

Choose a parent node.

Step 5

Click Add.

The new region appears in the left pane.

Step 6

(Optional) You can click a region name or a secondary region name in the left pane to display the automatically assigned region ID number. The region ID number appears above the table in the right pane. The maximum combined number of regions and secondary regions is 63 (region ID numbers 1 through 63).

Create a subregion in a network hierarchy

From Cisco IOS XE Catalyst SD-WAN Release 17.15.1a and Cisco Catalyst SD-WAN Control Components Release 20.15.1, configuration of this feature is supported only through API.

Before you begin

Minimum supported release: Cisco Catalyst SD-WAN Manager Release 20.13.1

  • From Cisco Catalyst SD-WAN Manager Release 20.13.1, configuring subregions is enabled by default. It does not require enabling Multi-Region Fabric.

  • Create a region before creating a subregion. See Create a Region in a Network Hierarchy section.

  • For the maximum combined number of regions and secondary regions, see Restrictions for Network Hierarchy and Resource Management.

Procedure

Step 1

From the Cisco SD-WAN Manager menu, choose Configuration > Network Hierarchy.

Step 2

Click adjacent to a region in the left pane and choose Add MRF Sub Region.

Step 3

In the Add Sub-Region pop-up window, configure the following:

Field

Description

Name

Name for the region. The name must be unique and can contain only letters, the digits 0 through 9, hyphens (-), underscores (_), and periods (.).

Description

Description of the region.

Parent

This field is automatically populated with the region to which you are adding the subregion, and is not configurable.

Step 4

Click Add. The new subregion appears in the left pane..

Create a secondary region in a network hierarchy


Note

From Cisco IOS XE Catalyst SD-WAN Release 17.15.1a and Cisco Catalyst SD-WAN Control Components Release 20.15.1 and , configuration of this feature is supported only through API.

Before you begin

  • Create a region before creating a subregion.

  • For the maximum combined number of regions and secondary regions.

Procedure

Step 1

From the Cisco SD-WAN Manager menu, choose Configuration > Network Hierarchy.

Step 2

Click adjacent to Global in the left pane and choose Add Node.

Step 3

In the Add Node pop-up window, click Secondary Region.

Step 4

Configure the following:

Field

Description

Name

Name for the region. The name must be unique and can contain only letters, the digits 0 through 9, hyphens (-), underscores (_), and periods (.).

Description

Description of the region.

Parent

This field shows Secondary Regions, and is not configurable.

Step 5

Click Add.

The new secondary region appears in the left pane, in the Secondary Regions section.

Step 6

(Optional) You can click a region name or a secondary region name in the left pane to display the automatically assigned region ID number. The region ID number appears above the table in the right pane. The maximum combined number of regions and secondary regions is 63 (region ID numbers 1 through 63).

Create a group in a network hierarchy

Procedure

Step 1

From the Cisco SD-WAN Manager menu, choose Configuration > Network Hierarchy.

Step 2

Click adjacent to a node (global, region, or group) in the left pane and choose Add Node.

Step 3

In the Add Node pop-up window, in the Type field, choose Group.

Step 4

In the Name field, enter a name for the group. The name must be unique and can contain only letters, the digits 0 through 9, hyphens (-), underscores (_), and periods (.).

Step 5

In the Description field, enter a description of the group.

Step 6

From the Parent drop-down list, choose a parent node.

Step 7

Click Add.

Create a site in a network hierarchy

Procedure

Step 1

From the Cisco SD-WAN Manager menu, choose Configuration > Network Hierarchy.

Step 2

Click adjacent to a node (global, region, or area) in the left pane and choose Add Site.

Step 3

In the Name field, enter a name for the site. The name must be unique and can contain only letters, the digits 0 through 9, hyphens (-), underscores (_), and periods (.).

Step 4

In the Description field, enter a description of the site.

Step 5

From the Parent drop-down list, choose a parent node.

Step 6

In the Site ID field, enter a site ID.

If you do not enter the site ID, Cisco SD-WAN Manager generates a site ID for the site.

Step 7

In the Address field, enter the address.

When you enter an address, latitude and longitude fields are auto populated.

Step 8

n the Latitude and Longitude fields, enter the latitude longitude values of the site.

Step 9

Click Add.

Use the following table to enter the fields.

Field

Description

Name

Enter a name for the site. The name must be unique and can contain only letters, the digits 0 through 9, hyphens (-), underscores (_), and periods (.).

Description

Enter a description of the site.

Parent

From the drop-down list, choose a parent node.

Site ID

Enter a site ID.

If you do not enter the site ID, Cisco SD-WAN Manager generates a site ID for the site.

Address

Enter the address.

When you enter an address, latitude and longitude fields are auto populated.

Latitude

Specifies latitude of the site.

When you enter the latitude of the site, the address field is auto populated if the location of the site is found.

Longitude

Specifies longitude of the site.

When you enter the longitude of the site, the address field is auto populated if the location of the site is found.

Note

 

The Address , Latitude, and Longitude fields are included starting from Cisco IOS XE Catalyst SD-WAN Release 17.18.1a. When you type in the address, the latitude and longitude fields are auto-populated.

Conversely, you can also enter your own latitude and longitude. If a corresponding location is found, then the address field will be auto-populated. If you do not want to provide address data for your site, then you can check the Undisclosed Address check box.

Edit a WAN region

Procedure

Step 1

From the Cisco SD-WAN Manager menu, choose Configuration > Network Hierarchy.

Step 2

Click adjacent to the region name and choose Edit WAN Region.

Step 3

Edit the options as needed. You can edit the name, description, and parent of the region.

Step 4

Click Save.

Delete a WAN region

Procedure

Step 1

From the Cisco SD-WAN Manager menu, choose Configuration > Network Hierarchy.

Step 2

Click adjacent to the region name and choose Delete WAN Region.

Step 3

In the confirmation dialog box, click Yes.

Edit a group

Procedure

Step 1

From the Cisco SD-WAN Manager menu, choose Configuration > Network Hierarchy.

Step 2

Click adjacent to the group name and choose Edit Group.

Step 3

Edit the options as needed. You can edit the name, description, and parent of the group.

Step 4

Click Save.

Delete a group

Procedure

Step 1

From the Cisco SD-WAN Manager menu, choose Configuration > Network Hierarchy.

Step 2

Click adjacent to the group name and choose Delete Group.

Step 3

In the confirmation dialog box, click Yes.

Edit a site

Procedure

Step 1

From the Cisco SD-WAN Manager menu, choose Configuration > Network Hierarchy.

Step 2

Click adjacent to the site name and choose Edit Site.

Step 3

Edit the options as needed. You can edit only the name, description, and parent of the site.

Step 4

Click Save.

What to do next


Note

After reassigning a site to a different region in the Network Hierarchy Manager, follow the procedures in Assign a site ID to a device and Assign a region ID to a device sections in the Resource Management section to ensure configuration updates are properly applied to the affected device.

Delete a site

Procedure

Step 1

From the Cisco SD-WAN Manager menu, choose Configuration > Network Hierarchy.

Step 2

Click adjacent to the site name and choose Delete Site.

Step 3

In the confirmation dialog box, click Yes.

Create a system IP pool

Procedure

Step 1

From the Cisco SD-WAN Manager menu, choose Configuration > Network Hierarchy.

The page displays the site pool and region pool for the Global node.

Step 2

Click Pools.

Step 3

Click Add Pool.

Step 4

In the Pool Name field, enter a name for the pool.

Step 5

In the Pool Description field, enter a description of the pool.

Step 6

From the Pool Type drop-down list, choose System IP.

Step 7

In the IP Subnet* field, enter an IP address.

Step 8

In the Prefix Length* field, enter the prefix length of the system IP pool.

Step 9

Click Add.

Note

 

You can create only one system IP pool. If you want to make any changes to the pool, you must edit the existing pool.

Edit a system IP pool

Procedure

Step 1

From the Cisco SD-WAN Manager menu, choose Configuration > Network Hierarchy.

The page displays the site pool and region pool for the Global node. The system IP pool is also displayed if you have already created it.

Step 2

Click adjacent to the system IP name and choose Edit.

Step 3

Edit the options as needed.

Note

 

You can only expand the pool range and cannot enter a lower IP address than the already specified IP address.

Step 4

Click Save.

Create a remote access pool

The resource pool manager supports creation of IPv4 and IPv6 private IP pools for Cisco Catalyst SD-WAN remote access devices. In the remote access configuration you can select the remote access private IP Pool by defining the number of IP addresses.

For more information on Software Defined Remote Access, see Cisco Catalyst SD-WAN Remote Access.

Procedure

Step 1

From the Cisco SD-WAN Manager menu, choose Configuration > Network Hierarchy.

The page displays the site pool and region pool for the Global node.

Step 2

Click Add Pool.

Step 3

In the Pool Name field, enter a name for the pool.

Step 4

In the Pool Description field, enter a description of the pool.

Step 5

From the Pool Type drop-down list, choose Remote Access.

Step 6

Choose the IP Type by clicking the radio button next to IPv4 or IPv6.

Step 7

In the IP Subnet field, enter an IP subnet.

Step 8

In the Prefix Length field, enter the prefix length of the remote access pool.

Step 9

Click Add.

Edit a remote access pool

Procedure

Step 1

From the Cisco SD-WAN Manager menu, choose Configuration > Network Hierarchy

The page displays the site pool and region pool for the Global node. The remote access pool is also displayed if you have already created it.

Step 2

Click adjacent to the remote access pool name and choose Edit.

Step 3

Edit the options as needed.

Note

 

When you edit a remote access pool, the new pool range cannot be less than the existing pool range

Step 4

Click Save.

Create an IP pool for ThousandEyes

Procedure

Step 1

From the menu, choose Configuration > Network Hierarchy. The page displays the site pool and region pool for the Global node.

Step 2

Examine the audit logs to determine if the ThousandEyes test has been posted or failed.

Step 3

Click Pools and click Add Pool.

Step 4

In the Pool Name field, enter a name for the pool.

Step 5

In the Pool Description field, enter a description of the pool.

Step 6

From the Pool Type drop-down list, choose ThousadEyes.

Step 7

In the IP Subnet* field, enter an IP address.

Step 8

In the Prefix Length* field, enter the prefix length of the system IP pool.

Step 9

Click Add.

Delete a pool

Procedure

Step 1

From the Cisco SD-WAN Manager menu, choose Configuration > Network Hierarchy.

Step 2

In the Global page, click adjacent to the pool name and choose Delete.

Step 3

In the confirmation dialog box, click Yes.

Note

 

You can delete a pool only when the pool resources are not in use.