The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This section lists guidelines and limitations that are related to Cisco DCNM 10.4(2)11.0(1).
When configuring LDAP for remote AAA, the role assignments are case-sensitive.
For deployments that require PIM border leaf and multi-site, use Cisco DCNM 10.4(2) or later. vPC and PIM Border leaf cannot coexist in the same fabric. If IP for Media (IPFM) vPC is required, use Cisco DCNM 10.3(2).
Though deletion of the IP for Media (IPFM) hosts is possible in the DCNM for Media Controller solution, it is recommended that you should use this option with extreme caution, understanding that manual effort is needed to bring the solution back in sync.
The Cisco non-blocking multicast (NBM) crashes on Cisco Nexus 9000 Series switch that runs NX-OS Release 7.0(3)F3(1). This is a known issue with Cisco Nexus 9000 Series switch that runs NX-OS Release 7.0(3)F3(1). The cleanFlow API might be used for cleaning the stale flows in Cisco DCNM, and that may trigger the issue with Nexus 9000 Series switch that runs NX-OS Release 7.0(3)F3(1).
The icons or fonts on Cisco DCNM GUI may not appear correctly on Microsoft Windows 10 browsers. This problem can occur if your Windows 10 is set to block untrusted fonts or some security or mitigation options. Microsoft's Internet Explorer Browser Support team has provided with the following steps to address this issue.
You need to configure the Allow Font Downloads Internet Explorer Setting on the Internet Zone and Restricted Sites Zone (enabled by default). Perform the following steps:
Search for Group Policy Editor in Control Panel.
Choose Computer Configuration > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page > Internet Zone > Allow Font Downloads.
Double click and choose the Enabled radio button.
Click OK.
Choose Computer Configuration > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page > Restricted Sites Zone > Allow Font Downloads.
Double click and choose the Enabled radio button.
Click OK.
Restart the computer so that the new setting takes effect.
The Cisco DCNM Virtual Machine Manager integration does not display in topology when the PKCS12 certificate is used. The REST API call to the Elasticsearch fails, and hence the Compute visualization feature does not work. This is because Elasticsearch uses the same SSL, and when you create a new self-signed SSL, you have to maintain the same version with Elasticsearch as well. Therefore the issue is with creating a self-signed SSL and then having the old one at /usr/elasticsearch/fmserver.jks. To address this issue, use JKS keystore format and do not use pkcs12 certificate. Make sure that the same JKS file is copied to both JBoss and Elasticsearch locations.
POAP Dynamic Breakout—Beginning with Cisco NX-OS Release 7.0(3)I4(1), POAP dynamically breaks out ports in an effort to detect a DHCP server behind one of the broken-out ports. Previously, the DHCP server used for POAP had to be directly connected to a normal cable because breakout cables were not supported. POAP determines which breakout map (for example, 10gx4, 50gx2, 25gx4, or 10gx2) brings up the link that is connected to the DHCP server. If breakout is not supported on any of the ports, POAP skips the dynamic breakout process. After the breakout loop completes, POAP proceeds with the DHCP discovery phase as normal.
Cisco DCNM leverages dynamic breakout to simplify fabric setup by retaining successful breakout configuration. Since dynamic breakout requires the other side of the link to be active, there are circumstances where you need to manually breakout interfaces, or may notice breakout in places which are not desired. In those situations, the user should adjust the ports on the Interfaces page before performing Save and Deploy in the Fabric Builder.
If you want to perform an In-Service Software Upgrade (ISSU), you need to configure both IPv4 and IPv6 addresses on the switch.
To support IPv6 addressing in Nexus 9000 Leaf template, the custom template needs to be configured with the IPv6 address field and the IPv6 gateway without IPv4 fields. The BUM Multicast Replication fields need to be added to specify correct RP Group and anycast IP address.
Depending on how a switch handles the cdp enable CLI command (enabled or disabled by default), sometimes Cisco DCNM shows this as config difference, although the Save and Deploy operation is performed to correct it. This depends on the default behavior of the switch image (that is, whether the "show running-config" shows the CLI or not). To address this issue, the respective policy_template applied on the interfaces can be updated so that this CLI is ignored during the compliance check.
When you edit a template in Cisco DCNM 10.4(2) while it is in use, the template changes are saved on the DCNM Web UI but not on the disk. If this setup is upgraded to Cisco DCNM 11.0(1), the template changes made in 10.4(2) are not retained since backup reads content from disk. To address this issue, ensure that the content on DCNM Web UI matches with the content on disk. If it does not match, you must manually edit these templates in 10.4(2) on disk before taking the backup of the content.
During the installation if EPL eth2 adapter is used when eth0 and eth1 adapters are configured, the virtual machine needs to come up first. If the virtual machine does not come up before eth2 adapter is configured, the eth1 adapter will not come up, because of the incorrect mac-address assignment by installer.
You should create a free-form configuration on all the white box switches that are managed by Cisco DCNM as shown below, and deploy them on all the switches before the final Save and Deploy operation.
line console
speed 115200
stopbits 2
This is only applicable to the Cisco DCNM LAN Fabric mode.
On Microsoft Windows 2016 Standard server, you need to run the Cisco DCNM installation EXE file as as administrator. Cisco DCNM installation will not start on Microsoft Windows 2016 Standard server unless you set the EXE file as an administrator. To start the installation EXE file, you can right-click on the EXE file, and choose "Run as administrator."
When the NX-OS Virtual Switches are cloned, they might use the same serial number. Since Cisco DCNM will discover them using the same serial number, the device discovery operation will fail.
You must undeploy everything before border provisioning. However, Cisco DCNM allows you to change the roles from Leaf to BorderLeaf and Leaf to BorderGateway, or vice versa. Cisco DCNM also allows you to enable VRF-Lite and Multisite Domains with active deployments. You must ensure that the Border provisioning is enabled on the switch before deployment.
Cisco DCNM allows you to view and purge the various events between the Host and Flow. The Events are recorded on Media Controller > Events. When you click Purge to remove the old or unwanted events, the DCNM server restarts, by default a maximum of 5000 event entries are retained for 6 hours..
Though deletion of PMN hosts is possible in the Cisco DCNM for Media Controller solution, it is recommended that you should use this option with extreme caution, understanding that manual effort is needed to bring the solution back in sync.
On the border leaf switch, ethernet interfaces are configured as sender and receiver WAN interfaces to transport multicast traffic between the switch and remote hosts. PIM policies are enabled on the sender and receiver WAN interfaces.