- Title
- Preface
- Overview
- Using the Command-Line Interface
- Assigning the Switch IP Address and Default Gateway
- Configuring Cisco IOS Configuration Engine
- Administering the Switch
- Configuring Synchronous Ethernet
- Configuring the Switch External Alarms
- Configuring SDM Templates
- Configuring Switch-Based Authentication
- Configuring Interfaces
- Configuring VLANs
- Configuring Ethernet Virtual Connections (EVCs)
- Configuring Command Macros
- Configuring STP
- Configuring MSTP
- Configuring Optional Spanning-Tree Features
- Configuring Resilient Ethernet Protocol
- Configuring DHCP Features
- Configuring Dynamic ARP Inspection
- Configuring IGMP Snooping
- Configuring PIM Snooping
- Configuring IEEE 802.1x Port-Based Authentication
- Configuring IEEE 802.1ad
- Configuring Traffic Control
- Configuring CDP
- Configuring LLDP and LLDP-MED
- Configuring UDLD
- Configuring System Message Logging
- Configuring RMON
- Using the SD Flash Memory Module
- Configuring SNMP
- Configuring Embedded Event Manager
- Configuring Network Security with ACLs
- Configuring IPv6 ACLs
- Configuring Quality of Service (QoS)
- Hierarchical Color-Aware Policing
- Configuring Multi-level Priority Queues
- Configuring Policy-Based Routing (PBR)
- Configuring Control Plane Policing (CoPP)
- Configuring EtherChannels
- Configuring IP Unicast Routing
- Configuring IPv6 Unicast Routing
- Configuring IPv6 VPN over MPLS
- Configuring Virtual Router Redundancy Protocol
- Configuring HSRP
- Configuring Cisco IOS IP SLAs Operations
- Configuring Enhanced Object Tracking
- Configuring Ethernet OAM, CFM, and E-LMI
- Configuring Y.1731 Performance Monitoring
- Configuring Ethernet Data Plane Loopback
- L2VPN Protocol-Based CLIs
- Configuring IP Multicast Routing
- Configuring Multicast VPN
- Configuring MPLS, MPLS VPN, MPLS OAM, and EoMPLS
- Multiprotocol Label Switching Load Balancing
- MPLS Traffic Engineering Bundled Interface Support
- Configuring OSPF TTL Security Check
- Configuring Switched Port Analyzer (SPAN)
- Configuring Ethernet Ring Protection
- Autonomic Networking
- Auto-IP
- Troubleshooting
- Configuring Online Diagnostics
- Supported MIBs
- Working with the Cisco IOS File System, Configuration Files, and Software Images
- Configuring MPLS Transport Profile
- Unsupported Commands
- Index
Cisco ME 3800x and ME 3600x Switches Software Configuration Guide, Cisco IOS Release 15.4(2)S
- Updated:
- February 9, 2018
Chapter: Autonomic Networking
Autonomic Networking
Autonomic Networking (AN) makes network devices intelligent by introducing self-management concepts that simplify network management for the network operator. The Autonomic Networking Infrastructure feature simplifies the network bootstrap functionality by removing the need for any kind of prestaging, thereby allowing devices to join a domain securely, after which devices can be configured.
The Cisco ME3600X, ME3800X, and ME3600X-24CX-M switches supports antonomic networking from the Cisco IOS release 15.4(2)S to intercept and process AN control traffic under various deployment modes of operation.
Overview of Autonomic Networking
The aim of autonomic networking is to create self-managing networks to overcome the rapidly growing complexity of the Internet and other networks to enable their further growth. In a self-managing autonomic system, network management takes on a new role: instead of controlling the network elements individually and directly, the administrator defines network-wide policies and rules that guide the self-management process.
Prerequisites for Autonomic Networking Infrastructure
- The Autonomic Networking Infrastructure feature supports Ethernet ports and IPv6 addresses only.
- By default, all the interfaces are ‘up’, to exchange the adjacency discovery (AD) messages if there is no startup configuration in the device.
- All devices must be contiguously autonomic on layer 3. If there is no continuity, manual configuration is required to configure a tunnel through a non-autonomic network. Support for connectivity between autonomic devices across a non-autonomic layer 2 cloud is supported through Autonomic Channel Discovery (CD).
- Autonomic Registrar, commonly known as registrar, is required for the Autonomic Networking Infrastructure feature to work. At least one device in the network should be configured as a registrar.
- Each registrar supports one autonomic domain only. The registrar is needed only when new autonomic devices join the domain.
- All new devices must have a physical connectivity to at least one autonomic device to contact the registrar for authentication and authorization.
- If the autonomic device is already part of an another domain, it is not invited to join a new domain. By default, two devices that are part of different domains cannot communicate with each other.
Benefits of Autonomic Networking Infrastructure
Restrictions
- The default setting is same as the factory settings mode, which allows only tagged and untagged packets. This is same for ports aswell.
- The routed ports allow only untagged traffic, and the VLAN-tagged traffic is dropped.
- The service instance can be configured only on the trunk ports. This requires switchport mode trunk and switchport trunk allowed vlan none commands to be configured first. Due to this restriction, it is not possible to allow any other access or trunk VLAN on the same port. But, it is possible to configure multiple EVC BD on the same port.
- Need to configure ip routing and ipv6 unicast-routing commands explicitly.
- On the Cisco ME3600X-24CX switch, the ports ranging from gig0/1-gig0/8 require explicit configuration of media-type rj45 for RJ45-enabled Ethernet connections. The default configuration on bootup is to allow media-type SFP.
- The default spanning tree mode is PVST. There is a restriction of 128 STP instances in this mode. Also, when EVC BD is configured, only the MST mode is supported.
Hence, for the autonomic networking it is recommended to always keep MST as default spanning tree protocol. - For a loop-free operation, the MST packets need to be L2PT-peered using untagged encapsulation on the EVC BD.
- The VLAN conflicts are likely to happen when you have a VLAN configuration saved on the bootflash that is used for data traffic, and if the node reloads after writing the erased configuration onto the NVRAM, the AN VLAN selected at the port conflicts with the previously configured VLAN.
Autonomic Networking Infrastructure
Autonomic behavior is enabled by default on new devices. To enable autonomic behavior on existing devices, use the autonomic connect command. To disable, use the no form of this command.
The Components
The components of autonomic networking are as follows:
Registrar—A domain-specific registration authority in a given enterprise that validates new devices in the domain, provides them with domain-wide credentials, and makes policy decisions. Policy decisions can include whether a new device can join a given domain based on a preloaded whitelist. The registrar also has a database of devices that join a given domain and the device details.
Channel Discovery—Used to discover reachability between autonomic nodes across non-autonomic layer 2 networks.
Adjacency Discovery—Used to discover autonomic neighbors. Adjacency discovery is done on layer 3. It is also possible to discover autonomic neighbors across preestablished layer 3 Generic Routed Encapsulation (GRE) tunnels.
The Goal
The goal of the Autonomic Networking Infrastructure feature is to make new and unconfigured devices securely reachable by an operator or by a network management system. This is carried out in the following steps:
1. One device is defined and configured as the registrar. The registrar is the first autonomic domain device.
2. The network administrator collects a list of legitimate device identifiers of the devices to be added to the network. This list controls the devices that are added to the autonomic domain. Devices are identified by their Unique Device Identifier (UDI). The list is compiled as a simple text file, one UDI per line. This step is optional because in the absence of a whitelist, all devices are allowed to join the domain. A whitelist is an approved list of entities that is provided a particular privilege, service, mobility, access, or recognition. Whitelisting means to grant access.
3. The whitelist of known devices is uploaded to the registrar as part of its configuration. This step is optional.
4. Any new autonomic device that is directly connected to the registrar, or another already enrolled domain device, will automatically receive a domain certificate from the registrar.
5. The Autonomic Control Plane is automatically established across the autonomic domain to make new devices reachable.
For detailed information about this feature, see the following document:
http://www.cisco.com/en/US/partner/docs/ios-xml/ios/auto_net/configuration/15-s/an-auto-net-15-s-book.html
For information on configuring, see How to configure Autonomic Networking Infrastructure.
Additional References
The following sections provide references to autonomic networking feature.
Related Documents
|
|
|
|---|---|
Technical Assistance
Feature Information for Autonomic Networking
Table 60-1 lists the features in this module and provides links to specific configuration information.
Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Note
Table 60-1 lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.
|
|
|
|
|---|---|---|
This feature was introduced on the Cisco ME3600x, ME3800x, and ME3600x-24CX-M switches. |
Feedback