Autonomic Networking (AN) makes network devices intelligent by introducing self-management concepts that simplify network management for the network operator. The Autonomic Networking Infrastructure feature simplifies the network bootstrap functionality by removing the need for any kind of prestaging, thereby allowing devices to join a domain securely, after which devices can be configured.
The Cisco ME3600X, ME3800X, and ME3600X-24CX-M switches supports antonomic networking from the Cisco IOS release 15.4(2)S to intercept and process AN control traffic under various deployment modes of operation.
Overview of Autonomic Networking
The aim of autonomic networking is to create self-managing networks to overcome the rapidly growing complexity of the Internet and other networks to enable their further growth. In a self-managing autonomic system, network management takes on a new role: instead of controlling the network elements individually and directly, the administrator defines network-wide policies and rules that guide the self-management process.
Prerequisites for Autonomic Networking Infrastructure
- The Autonomic Networking Infrastructure feature supports Ethernet ports and IPv6 addresses only.
- By default, all the interfaces are ‘up’, to exchange the adjacency discovery (AD) messages if there is no startup configuration in the device.
- All devices must be contiguously autonomic on layer 3. If there is no continuity, manual configuration is required to configure a tunnel through a non-autonomic network. Support for connectivity between autonomic devices across a non-autonomic layer 2 cloud is supported through Autonomic Channel Discovery (CD).
- Autonomic Registrar, commonly known as registrar, is required for the Autonomic Networking Infrastructure feature to work. At least one device in the network should be configured as a registrar.
- Each registrar supports one autonomic domain only. The registrar is needed only when new autonomic devices join the domain.
- All new devices must have a physical connectivity to at least one autonomic device to contact the registrar for authentication and authorization.
- If the autonomic device is already part of an another domain, it is not invited to join a new domain. By default, two devices that are part of different domains cannot communicate with each other.
Benefits of Autonomic Networking Infrastructure
- Autonomic discovery of layer 2 topology and connectivity by discovering how to reach autonomic neighbors.
- Secure and zero touch identity of new devices by using the device name and domain certificate.
- A virtual autonomic control plane that enables communications between autonomic nodes.
- The default setting is same as the factory settings mode, which allows only tagged and untagged packets. This is same for ports aswell.
- The routed ports allow only untagged traffic, and the VLAN-tagged traffic is dropped.
- The service instance can be configured only on the trunk ports. This requires switchport mode trunk and switchport trunk allowed vlan none commands to be configured first. Due to this restriction, it is not possible to allow any other access or trunk VLAN on the same port. But, it is possible to configure multiple EVC BD on the same port.
- Need to configure ip routing and ipv6 unicast-routing commands explicitly.
- On the Cisco ME3600X-24CX switch, the ports ranging from gig0/1-gig0/8 require explicit configuration of media-type rj45 for RJ45-enabled Ethernet connections. The default configuration on bootup is to allow media-type SFP.
- The default spanning tree mode is PVST. There is a restriction of 128 STP instances in this mode. Also, when EVC BD is configured, only the MST mode is supported.
Hence, for the autonomic networking it is recommended to always keep MST as default spanning tree protocol.
- For a loop-free operation, the MST packets need to be L2PT-peered using untagged encapsulation on the EVC BD.
- The VLAN conflicts are likely to happen when you have a VLAN configuration saved on the bootflash that is used for data traffic, and if the node reloads after writing the erased configuration onto the NVRAM, the AN VLAN selected at the port conflicts with the previously configured VLAN.
Autonomic Networking Infrastructure
Autonomic behavior is enabled by default on new devices. To enable autonomic behavior on existing devices, use the autonomic connect command. To disable, use the no form of this command.
The components of autonomic networking are as follows:
Registrar—A domain-specific registration authority in a given enterprise that validates new devices in the domain, provides them with domain-wide credentials, and makes policy decisions. Policy decisions can include whether a new device can join a given domain based on a preloaded whitelist. The registrar also has a database of devices that join a given domain and the device details.
Channel Discovery—Used to discover reachability between autonomic nodes across non-autonomic layer 2 networks.
Adjacency Discovery—Used to discover autonomic neighbors. Adjacency discovery is done on layer 3. It is also possible to discover autonomic neighbors across preestablished layer 3 Generic Routed Encapsulation (GRE) tunnels.
The goal of the Autonomic Networking Infrastructure feature is to make new and unconfigured devices securely reachable by an operator or by a network management system. This is carried out in the following steps:
1. One device is defined and configured as the registrar. The registrar is the first autonomic domain device.
2. The network administrator collects a list of legitimate device identifiers of the devices to be added to the network. This list controls the devices that are added to the autonomic domain. Devices are identified by their Unique Device Identifier (UDI). The list is compiled as a simple text file, one UDI per line. This step is optional because in the absence of a whitelist, all devices are allowed to join the domain. A whitelist is an approved list of entities that is provided a particular privilege, service, mobility, access, or recognition. Whitelisting means to grant access.
3. The whitelist of known devices is uploaded to the registrar as part of its configuration. This step is optional.
4. Any new autonomic device that is directly connected to the registrar, or another already enrolled domain device, will automatically receive a domain certificate from the registrar.
5. The Autonomic Control Plane is automatically established across the autonomic domain to make new devices reachable.
For detailed information about this feature, see the following document:
For information on configuring, see How to configure Autonomic Networking Infrastructure.
The following sections provide references to autonomic networking feature.
The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.
Feature Information for Autonomic Networking
Table 60-1 lists the features in this module and provides links to specific configuration information.
Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Note Table 60-1 lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.
Table 60-1 Feature Information for Autonomic Networking
This feature was introduced on the Cisco ME3600x, ME3800x, and ME3600x-24CX-M switches.