Autonomic Networking Commands

autonomic adjacency-discovery

To enable adjacency discovery (neighbor discovery) on an interface, use the autonomic adjacency-discovery command in interface configuration mode. To disable adjacency discovery, use the no form of this command.

autonomic adjacency-discovery

no autonomic adjacency-discovery

Command Default

Adjacency discovery is not enabled.

Command Modes

Interface configuration (config-if)

Command History

Release Modification

Cisco IOS XE Denali 16.3.1

This command was introduced.

To enable adjacency discovery: 

Device(config)#  interface Tunnel100
Device(config-if)#  autonomic adjacency-discovery

autonomic connect

To connect a non autonomic device to autonomic domain use the autonomic connect command in interface configuration mode. To disconnect a device from the domain, use the no form of this command.

autonomic connect

no autonomic connect

Command Default

Device is not connected to the domain.

Command Modes

Interface configuration (config-if)

Command History

Release Modification

Cisco IOS XE Denali 16.3.1

This command was introduced.

Usage Guidelines

You need to configure no switchport on the interface before configuring the autonomic connect command.

To connect a non autonomic device to autonomic domain : 

Device > enable
Device# configure terminal
Device(config)# int gig 1/0/1
Device(config-if)# no switchport
Device(config-if)# autonomic connect
Device(config-if)# ipv6 address 5000::1/64

clear autonomic

To clear or reset autonomic information, use the clear autonomic command in privileged EXEC configuration mode.

clear autonomic { device| neighbor neighbor's UDI| registrar accepted-device device UDI}

Syntax Description

device

Clears or resets device information.

neighbor udi

Clears or resets neighbor information.

registrar accepted-device udi

Clears public key stored for each enrolled device

Command Default

No default behavior or values.

Command Modes

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Denali 16.3.1

This command was introduced.

Usage Guidelines

The clear autonomic device command clears or resets all device-specific autonomic information, including the information obtained in the bootstrapping process. The clear autonomic neighbor command clears the neighbor-related information learned during the neighbor discovery. If no neighbor is specified, the command clears the entire neighbor database. The clear registrar accepted-device clears the public key stored for each device enrolled by the registrar.

To clear all device-specific autonomic information: 

Device #clear autonomic device

% invoke syslog_an_delete_host: vrf cisco_autonomic
discriminator
Device#
Jul 15 05:55:53.987: %SYS-5-CONFIG_I: Configured from console by console
Jul 15 05:55:53.988: %PKI-4-NOCONFIGAUTOSAVE: Configuration was modified. Issue "write memory" to save new IOS PKI configuration
Jul 15 05:55:53.990: %AN-6-ACP_DIKE_TO_NBR_REMOVED: Removed DIKE on ACP Tunnel100000 from Device (Addr FD08:2EEF:C2EE:0:E865:493B:ACFB:7) to Neighbor (Addr FD08:2EEF:C2EE:0:E865:493B:ACFB:5) connected on interface GigabitEthernet1/0/3
Jul 15 05:55:54.006: %AN-6-ACP_CHANNEL_TO_NBR_REMOVED: Removed ACP Tunnel100000 from Device (Addr FD08:2EEF:C2EE:0:E865:493B:ACFB:7) to Neighbor (Addr FD08:2EEF:C2EE:0:E865:493B:ACFB:5) connected on interface GigabitEthernet1/0/3
Jul 15 05:55:54.015: %SYS-5-CONFIG_I: Configured from console by console
Jul 15 05:55:54.016: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback100000, changed state to down
Jul 15 05:55:54.097: %SYS-5-CONFIG_I: Configured from console by console
Jul 15 05:55:54.104: %AN-5-NBR_LOST: Device with ACP (Addr FD08:2EEF:C2EE:0:E865:493B:ACFB:7) lost connectivity to its Neighbor (Addr FD08:2EEF:C2EE:0:E865:493B:ACFB:5) on interface GigabitEthernet1/0/3
Jul 15 05:55:54.113: %AN-5-CD_STATE_CHANGED: L2 Channel (0) Removed - Our Intf (GigabitEthernet1/0/3), Nbr UDI (PID:WS-C3850-24U SN:FCW1934D05Z), Nbr Intf (GigabitEthernet1/0/3)
Jul 15 05:55:56.004: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel100000, changed state to down
Jul 15 05:55:56.005: %LINK-5-CHANGED: Interface Tunnel100000, changed state to administratively down
Jul 15 05:56:04.128: %AN-6-UDI_AVAILABLE: UDI - PID:WS-C3650-24TD SN:FDO1942E1YK
Jul 15 05:56:36.306: %AN-5-CD_STATE_CHANGED: L2 Channel (0) Created - Our Intf (GigabitEthernet1/0/3), Nbr UDI (PID:WS-C3850-24U SN:FCW1934D05Z), Nbr Intf (GigabitEthernet1/0/3)
Jul 15 05:56:36.310: %LINK-3-UPDOWN: Interface ANI1, changed state to up
Jul 15 05:56:37.294: %LINEPROTO-5-UPDOWN: Line protocol on Interface ANI1, changed state to up
Jul 15 05:56:44.138: %AN-5-NBR_ADDED: Device with UDI (PID:WS-C3850-24U SN:FCW1934D05Z) is added as a Neighbor to Device with (Addr UNKNOWN) on the interface GigabitEthernet1/0/3
Jul 15 05:56:44.146: %SYS-5-CONFIG_I: Configured from console by console
Jul 15 05:56:44.148: %SYS-5-CONFIG_I: Configured from console by console
Jul 15 05:56:44.150: %SYS-5-CONFIG_I: Configured from console by console
Jul 15 05:56:44.247: %SYS-5-CONFIG_I: Configured from console by console
Jul 15 05:56:44.258: %SYS-5-CONFIG_I: Configured from console by console
Jul 15 05:56:44.269: %PKI-4-NOCONFIGAUTOSAVE: Configuration was modified. Issue "write memory" to save new IOS PKI configuration
Jul 15 05:57:04.897: %CRYPTO-6-AUTOGEN: Generated new 3072 bit key pair
Jul 15 05:57:05.359: %SYS-5-CONFIG_I: Configured from console by console
Jul 15 05:57:05.815: %PKI-4-NOCONFIGAUTOSAVE: Configuration was modified. Issue "write memory" to save new IOS PKI configuration
Jul 15 05:57:05.817: %SYS-5-CONFIG_I: Configured from console by console
Jul 15 05:57:05.830: %SYS-5-CONFIG_I: Configured from console by console
Jul 15 05:57:05.840: %PKI-4-NOCONFIGAUTOSAVE: Configuration was modified. Issue "write memory" to save new IOS PKI configuration
Jul 15 05:57:05.841: %SYS-5-CONFIG_I: Configured from console by console
Jul 15 05:57:06.308: %PKI-4-NOCONFIGAUTOSAVE: Configuration was modified. Issue "write memory" to save new IOS PKI configuration
Jul 15 05:57:06.311: %SYS-5-CONFIG_I: Configured from console by console
Jul 15 05:57:06.313: %SYS-5-CONFIG_I: Configured from console by console
Jul 15 05:57:06.314: %SYS-5-CONFIG_I: Configured from console by console
Jul 15 05:57:06.810: %SYS-5-CONFIG_I: Configured from console by console
Jul 15 05:57:06.811: %PKI-4-NOCONFIGAUTOSAVE: Configuration was modified. Issue "write memory" to save new IOS PKI configuration
Jul 15 05:57:06.811: %AN-5-DEVICE_BOOTSTRAPPED_BY_ANR: Device with UDI (PID:WS-C3650-24TD SN:FDO1942E1YK) and (Addr FD08:2EEF:C2EE:0:E865:493B:ACFB:7) has been boot trapped by autonomic registrar, in autonomic domain cisco.com
Jul 15 05:57:06.815: %AN-6-ACP_VRF_GLOBAL_CREATE_SUCCESS: Device UDI (PID:WS-C3650-24TD SN:FDO1942E1YK) Autonomic VRF created globally vrf name cisco_autonomic, vrf id 3
Jul 15 05:57:06.823: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback100000, changed state to up
Jul 15 05:57:06.828: %AN-6-ACP_VRF_INTERFACE_CREATE_SUCCESS: Device UDI (PID:WS-C3650-24TD SN:FDO1942E1YK) Autonomic VRF created successfully on interface Loopback100000, vrf name cisco_autonomic, vrf id 3
Jul 15 05:57:06.837: %SYS-5-CONFIG_I: Configured from console by console
Jul 15 05:57:06.840: %SYS-5-CONFIG_I: Configured from console by console
Jul 15 05:57:06.842: %SYS-5-CONFIG_I: Configured from console by console
Jul 15 05:57:06.842: %PKI-4-NOCONFIGAUTOSAVE: Configuration was modified. Issue "write memory" to save new IOS PKI configuration
Jul 15 05:57:07.905: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel100001, changed state to up
Jul 15 05:57:08.159: %CRYPTO-6-IKMP_NO_ID_CERT_ADDR_MATCH: (NOT ERROR BUT WARNING ONLY)ID of FE80::3A20:56FF:FEF3:7158 (type 5) and certificate addr with
Jul 15 05:57:08.160: %CRYPTO-6-IKMP_NO_ID_CERT_ADDR_MATCH: (NOT ERROR BUT WARNING ONLY)ID of FE80::3A20:56FF:FEF3:7158 (type 5) and certificate addr with
Jul 15 05:57:11.959: %SYS-5-CONFIG_I: Configured from console by console
Jul 15 05:57:11.960: %PKI-4-NOCONFIGAUTOSAVE: Configuration was modified. Issue "write memory" to save new IOS PKI configuration
Jul 15 05:57:11.963: %SYS-5-CONFIG_I: Configured from console by console

debug autonomic

To enable debugging of autonomic information, use the debug autonomic command in privileged EXEC mode. To stop the debugging, use the no form of this command.

debug autonomic { Bootstrap | Channel-Discovery | Infra | Intent | Neighbor-Discovery | Registrar | Services } { aaa | all | database | events | ntp | packets } { info | moderate | severe }

no debug autonomic { Bootstrap | Channel-Discovery | Infra | Intent | Neighbor-Discovery | Registrar | Services } { aaa | all | database | events | ntp | packets } { info | moderate | severe }

Syntax Description

bootstrap

Enables debugging of bootstrapping information.

Channel-Discovery

Enables debugging of channel discovery information

Infra

Enables debugging of infra information.

Intent

Enables debugging of intent information.

Neighbor-Discovery

Enables debugging of neighbor information.

Registrar

Enables debugging of registrar information.

Services

Enables debugging of autonomic services information.

aaa

Enables debugging authentication, authorization, and accounting information.

all

Enables all debugging.

events

Provides information about autonomic events.

ntp

Enables debugging of Network Time Protocol (NTP) information.

packets

Provides information about autonomic packets.

Command Modes

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Denali 16.3.1

This command was introduced.

Usage Guidelines

Use this command to debug the autonomic networking information.

show autonomic control-plane

To display information about the autonomic control plane, use the show autonomic control-plane command in privileged EXEC mode.

show autonomic control-plane [ detail ]

Syntax Description

detail

(Optional) Displays detailed information.

Command Modes

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Denali 16.3.1

This command was introduced.

To display information about the autonomic control plane: 

Device# show autonomic control-plane

VRF Name                       cisco_autonomic
Device Address                 FD08:2EEF:C2EE:0:E865:493B:ACFB:7
RPL                            floating-node, Dag-id = FD08:2EEF:C2EE:0:E865:493B:ACFB:5

Neighbor                          ACP            Channel ACP Security
--------------------------------------------------------------------------------
PID:WS-C3850-24U SN:FCW1934D05Z   Tunnel100002   DIKE

To display information about the autonomic control plane in detail: 

Device# show autonomic control-plane detail

VRF Name                       cisco_autonomic
Device Address                 FD08:2EEF:C2EE:0:E865:493B:ACFB:7
RPL                            grounded-node, Dag-id = FD08:2EEF:C2EE:0:E865:493B:ACFB:1

Neighbor: PID:WS-C3850-24U SN:FCW1934D05Z
Uptime(Created Time): 00:12:16 ( 2016-07-15 05:38:53 UTC)
Supported ACP Channel: IPv6 GRE Tunnel
Negotiated ACP Channel: IPv6 GRE Tunnel
Tunnel Name Tunnel100000
Tunnel Source Interface ANI1
Tunnel Source FE80::5AAC:78FF:FE09:F383
Tunnel Destination FE80::3A20:56FF:FEF3:7158
Supported ACP Security: IPSec, DIKE
Negotiated ACP Security: DIKE

The following table describes the significant fields shown in the display.

Table 1 show autonomic control-plane Field Descriptions

Field

Description

VRF Name

VPN routing and forwarding (VRF) name.

Device Address

IPv6 address.

RPL

RPL node details.

Neighbor

Unique Device Identifier (UDI) of the neighbor.

Tunnel Name

Tunnel name.

Tunnel Source Interface

IP address of the source tunnel interface.

Tunnel Source

IP address of the tunnel source.

Tunnel Destination

IP address of the destination.

show autonomic device

To display the autonomic device information, use the show autonomic device command in privileged EXEC mode.

show autonomic device

Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Denali 16.3.1

This command was introduced.

To display the autonomic device information: 

Device# show autonomic device

        Status                         Enabled
        Type                           Autonomic Node
        UDI                            PID:WS-C3650-24TD SN:FDO1942E1YK
        Device ID                      e865.493b.acfb-7
        Domain ID                      cisco.com
        Domain Certificate             (sub:) ou=cisco.com+serialNumber=PID:WS-C3650-24TD SN:FDO1942E1YK,cn=e865.493b.acfb-7
        Certificate Serial Number      09
        Device Address                 FD08:2EEF:C2EE:0:E865:493B:ACFB:7
        Domain Cert is Valid

show autonomic interfaces

To display information about the autonomic interfaces, use the show autonomic interfaces command in privileged EXEC mode.

show autonomic interfaces

Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Denali 16.3.1

This command was introduced.

To display information about the autonomic interfaces: 

Device# show autonomic interfaces

Interface                 Channel Disc    AD Enabled      Intf Type
--------------------------------------------------------------------------------
GigabitEthernet0/0        None       No              L2 untagged If
GigabitEthernet1/0/1      None       No              L2 untagged If
GigabitEthernet1/0/2      None       No              L2 untagged If
GigabitEthernet1/0/3      Probing    No              L2 untagged If
GigabitEthernet1/0/4      None       No              L2 untagged If
GigabitEthernet1/0/5      None       No              L2 untagged If
GigabitEthernet1/0/6      None       No              L2 untagged If
GigabitEthernet1/0/7      None       No              L2 untagged If
GigabitEthernet1/0/8      None       No              L2 untagged If
GigabitEthernet1/0/9      None       No              L2 untagged If
GigabitEthernet1/0/10     None       No              L2 untagged If
GigabitEthernet1/0/11     None       No              L2 untagged If
GigabitEthernet1/0/12     None       No              L2 untagged If
GigabitEthernet1/0/13     None       No              L2 untagged If
GigabitEthernet1/0/14     None       No              L2 untagged If
GigabitEthernet1/0/15     None       No              L2 untagged If
GigabitEthernet1/0/16     None       No              L2 untagged If
GigabitEthernet1/0/17     None       No              L2 untagged If
GigabitEthernet1/0/18     None       No              L2 untagged If
GigabitEthernet1/0/19     None       No              L2 untagged If
GigabitEthernet1/0/20     None       No              L2 untagged If
GigabitEthernet1/0/21     None       No              L2 untagged If
GigabitEthernet1/0/22     None       No              L2 untagged If
GigabitEthernet1/0/23     None       No              L2 untagged If
GigabitEthernet1/0/24     None       No              L2 untagged If
GigabitEthernet1/1/1      None       No              L2 untagged If
GigabitEthernet1/1/2      None       No              L2 untagged If
TenGigabitEthernet1/1/3   None       No              L2 untagged If
TenGigabitEthernet1/1/4   None       No              L2 untagged If
Vlan1                     None       No              Virtual If
ANI1                      None       Yes             Virtual If
Loopback100000            None       No              Virtual If
Tunnel100002              None       No              Virtual If

The following table describes the significant fields shown in the display.

Table 2 show autonomic interface Field Descriptions

Field

Description

Interface

Interface name.

Channel Disc

Channel discovery.

AD Enabled

show autonomic intent

To verify the configured intent range, use the show autonomic intent command in privileged EXEC mode.

show autonomic intent

Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Denali 16.3.1

This command was introduced.

Usage Guidelines

Intent is automatically sent to all nodes in an autonomic domain. So, every node should show the same intent

To display information about the configured intent range: 

Device# show autonomic intent

Intent File : Available
Version Num : 1443520505 (Parsed)
Version Time: 2015-09-29 09:55:05 UTC
Outer Vlans : 30-35,40,45
Outer Vlans count : 8

show autonomic l2-channels

To display the results of Channel Discovery, use the show autonomic l2-channels command in privileged EXEC mode.

show autonomic l2-channels

Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Denali 16.3.1

This command was introduced.

To display the results of Channel Discovery: 

Device# show autonomic l2-channels

AN L2 Channel Discovery Info :
Nbr UDI                          Encap    Our Intf   State   Retry
--------------------------------------------------------------------------------
PID:WS-C3850-24U SN:FCW1934D05Z  4018    Gi1/0/3      Active  1

To display more detailed information: 

Device# show autonomic l2-channels detail

AN L2 Channel Discovery Info :
--------------------------------------------------------------------------------
Nbr UDI                : PID:WS-C3850-24U SN:FCW1934D05Z
ANI Intf               : ANI1
Encap                  : 0
Nbr Intf               : GigabitEthernet1/0/3
Our Intf               : GigabitEthernet1/0/3
Keepalives Missed      : 0
Channel Status         : Active

show autonomic service

To verify the service announcements distributed over the Autonomic Control Plane (ACP) to all devices, use the show autonomic service command in privileged EXEC mode.

show autonomic service

Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Denali 16.3.1

This command was introduced.

To display information about the services: 

Device# show autonomic service

       Service                  IP-Addr
       Syslog                   5000::100
       AAA                      5000::100
        AAA Accounting Port     1813
        AAA Authorization Port  1812
       Autonomic registrar      FD08:2EEF:C2EE:0:E865:493B:ACFB:1
        ANR type                 IOS CA
       Config Server Address    5000::100
       Auto IP Server           UNKNOWN

show autonomic neighbor

To display information about autonomic neighbors, use the show autonomic neighbor command in privileged EXEC mode.

show autonomic neighbor [ detail ]

Syntax Description

detail

(Optional) Displays detailed information.

Command Modes

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Denali 16.3.1

This command was introduced.

The following is sample output from the show autonomic neighbor command: 

Device# show autonomic neighbor

UDI                                 Device-ID          Domain      Interface
--------------------------------------------------------------------------------
PID:WS-C3850-24U  SN:FCW1934D05Z    e865.493b.acfb-5   cisco.com   ANI1

The following is sample output from the show autonomic neighbor detail command: 

Device# show autonomic neighbor detail

UDI: "PID:WS-C3850-24U SN:FCW1934D05Z" 
     
       Device ID                      e865.493b.acfb-5
       Domain ID                      cisco.com
       Address                        FD08:2EEF:C2EE:0:E865:493B:ACFB:5
       State                          Nbr inside the Domain
       Credential                     Domain Cert
       Credential Validation          Passed
       Last Validated Time            2016-07-15 05:48:37 UTC
       Certificate Expiry Date        2017-07-15 05:30:39 UTC
       Certificate Expire Countdown   31534693 (secs)
       Number of Links connected      1
  
        Link:
            Local Interface:          ANI2
            Remote Interface:         ANI2
            IP Address:               FE80::3A20:56FF:FEF3:7158
            Uptime(Discovered Time):  00:14:21 ( 2016-07-15 05:38:05 UTC)
            Last Refreshed time:      0 seconds ago

The following table describes the significant fields shown in the display.

Table 3 show autonomic neighbor detail Field Descriptions

Field

Description

UDI

Unique device identifier.

Device Identifier

Device name.

Domain Identifier

Domain name.

State

Information about whether the neighbor is inside or outside the domain. If a device is inside an autonomic domain, it must have a valid domain certificate.

Credential

Detection method.

Credential Validation

Detection validation.

Number of Links connected

Number of neighbors detected.

Local Interface

Interface from which the neighbor is connected.

Remote Interface

Interface to which the neighbor is connected.

IP Address

IPv6 address of the neighbor,