IoT Services Management

IoT services management

An IoT service is a network-enabled function that

  • automates the integration and management of IoT devices within enterprise environments

  • provides connectivity and control for a wide range of sensor and actuator devices, and

  • supports real-time data collection and analytics for operational optimization.

Cisco Catalyst 9800 devices running the Cisco IOS XE image version 17.3.2 support Cisco Spaces: IoT Services along with the Network Assurance on Cisco Catalyst Center. IoT Services and Intelligent Capture (iCAP) port configuration are mutually exclusive.

If the iCAP feature is enabled on a device, IoT Services cannot be deployed. Conversely, if IoT Services is enabled, the iCAP feature cannot be deployed. Beginning with Cisco IOS XE Cupertino 17.7.1, IoT Services and Intelligent Capture (iCAP) port configuration can coexist. When both features are enabled on the controller, two gRPC connections are established from the AP.

Feature history

This table provides release and related information about the feature explained in this section.

This feature is also available in all the releases subsequent to the one in which they are introduced in, unless noted otherwise.

Table 1. Feature history for IoT services management

Feature Name

Release Information

Feature Description

BLE management on Cisco Catalyst 9136 Series APs

Cisco IOS XE 17.8.1

This feature allows Bluetooth Low Energy (BLE) management support in Cisco Catalyst 9136 Series APs.

Coexistence of intelligent capture (iCAP) or IoT Services - Dual gRPC channel

Cisco IOS XE 17.7.1

From Cisco IOS XE Cupertino 17.7.1, IoT services and iCAP port configurations may co-exist, creating two gRPC connections from the AP: one to Cisco Catalyst Center for iCAP, and one to Cisco Spaces Connector for IoT.

Assurance and IoT services coexistence without iCAP

Cisco IOS XE 17.3.2

 From this release onwards, the controller supports deployment of both Cisco Catalyst Spaces IoT Services and network assurance on Cisco Catalyst Center. However, IoT Services and intelligent capture (iCAP) port configuration remain mutually exclusive.

gRPC connection configuration details

The table lists configuration pairs that may or may not coexist on IOS-XE image versions 17.3.2 and 17.7.

Cisco DNA-C Configuration

Cisco Spaces Configuration

Coexistence on IOS-XE Image Version 17.3.2

network-assurance enable

ap cisco-dna token token

yes

network-assurance icap server port port

ap cisco-dna token token

no

Cisco Spaces: IoT Services is an end-to-end solution. You do not need to manually enable IoT services or Dot15 radio on the controller because Cisco Spaces automatically manages Dot15 radio. You can verify whether Dot15 radio is enabled from the controller interface.

Additionally, Cisco Spaces enables gRPC in the default AP profile configuration. Manual activation is not needed, but you can verify the settings on the controller.

Cisco Spaces also enables the apphost configuration, required for the default AP profile configuration. If Cisco Spaces does not enable apphost, you must enable it manually to host IOx applications on an AP.

Enable the 802.15 radio (CLI)

When you enable the BLE radio configuration globally, APs joined to the controller enable their BLE radio if they have the BLE radio chip in their hardware. This configuration applies to all APs that join the controller after you enable it.

Procedure

Step 1

Enter the global configuration mode.

Example:

Device# configure terminal

Step 2

Enable the dot15 radios for APs, globally.

Example:

Device(config)# no ap dot15 shutdown

Step 3

Disable the dot15 radio for all APs, globally.

Example:

Device(config)# ap dot15 shutdown

Configure the gRPC token (CLI)

Configure the gRPC token so Cisco Spaces can push configuration and certificates to the controller using commands.


Note

  • The configuration is pushed automatically from Cisco Spaces. You do not need to manually enable gRPC on the default ap profile configuration. You can verify the same on the controller

  • The NETCONF (NETCONF or YANG configuration) must be enabled on the device to allow Cisco Spaces to push the required configuration to the controller. Enable Secure Copy (ip scp server enable ) on the controller to allow Cisco Spaces to push the gRPC certificate to the controller.

  • The iCAP server port configuration should not be present in the configuration. If the iCAP server port configuration exists, run the iCAP server port zero command.

Procedure

Step 1

Enter the global configuration mode.

Example:

Device# configure terminal

Step 2

Configure the Cisco Spaces gRPC token.

Example:

Device(config)# ap cisco-dna token {0 | 8} cisco-token-number

0 : Specifies the string as an UNENCRYPTED password.

8 : Indicates the placeholder for backward compatibility.

Enable gRPC in an AP profile (CLI)

Currently, the Manage Streams feature of Cisco Spaces pushes the gRPC configuration only to the default AP profile. If you are using a different AP profile, you must manually configure gRPC.

This procedure explains how to enable gRPC on an AP profile that is not the default-ap-profile. Cisco Spaces may not push gRPC to all AP profiles. Use these commands to enable gRPC for individual AP profiles.

Procedure

Step 1

Enter the global configuration mode.

Example:

Device# configure terminal

Step 2

Configure the AP profile and enter the AP profile configuration mode.

Example:

Device(config)# ap profile ap-profile-name

Step 3

Enable the gRPC channel on the APs, in the AP profile.

Example:

Device(config-ap-profile)# cisco-dna grpc

Verify BLE state and mode

To verify the BLE state and mode, run the command:

Device# show ap ble summary 
AP Name         BLE AP State         BLE mode
--------------------------------------------------------------------------
Axel-1           Up                  Advanced (IOx)
Axel-2           Up                  Advanced (IOx)
9117-1           Up                  Advanced (IOx)
3800-1           Up                  Base (Native)
1815             Up                  Base (Native)
9120-3           Up                  Advanced (IOx)
9120-1           Up                  Base (Native)
9115-ax          Up                  Base (Native)
9120-2           Up                  Base (Native)

Verify BLE details

To verify BLE details, run the command:

Device# show ap name APXXXX.BDXX.29XX ble detail 
Mode report time          : 07/28/2020 09:40:57
Mode                      : Base (Native)
Radio mode                : BLE
Admin state report time   : 07/28/2020 09:40:57
Admin state               : Up
Interface report time     : 07/28/2020 09:40:57
Interface                 : MSM1
Interface state           : Open
Type                      : Integrated
Capability report time    : 07/14/2020 17:10:49
Capability                : BLE, Zigbee, USB, 
Host data report time     : 07/28/2020 09:52:04
Host data
  Device name                 : APXXXXBDX
  Dot15 Radio MAC             : 18:04:ed:c5:0e:c8
  API version                 : 1
  FW version                  : 2.7.16
  Broadcast count             : 4389
  Uptime                      : 596050 deciseconds
  Active profile              : viBeacon
Scan Statistics report time    : 07/28/2020 09:40:57
Scan statistics
  Total scan records          : 0
Scan role report time  : 07/28/2020 09:43:19
Scan role
  Scan state                  : Disable
  Scan interval               : 0 seconds
  Scan window                 : 800 milliseconds
  Scan max value              : 8
  Scan filter                 : Enable
Broadcaster role
  Current profile type: iBeacon
  Last report time            : N/A
    UUID                      : Unknown
    Major                     : Unknown
    Minor                     : Unknown
    Transmit power            : Unknown
    Frequency                 : Unknown
    Advertised transmit power : Unknown
  Current profile type: Eddystone URL
  Last report time            : 07/28/2020 09:47:17
    URL                       : https://www.cisco.com
  Current profile type: Eddystone UID
  Last report time            : 07/28/2020 09:43:25
    Namespace                 : 04d77XXXXXXXXXXXXXXX
    Instance id               : 5df5XXXXXXXX
  Current profile type: viBeacon
  Last report time            : 07/28/2020 09:52:04
    Interval                  : 450 milliseconds
    Beacon ID                 : 0
      UUID                       : 30XXXXXX-3XXX-4XXX-9XXX-d3XXXXXXXXXX
      Major                      : 36341
      Minor                      : 33196
      Transmit power             : 3 dBm
      Advertised transmit power  : 60 dBm
      Enable                     : Enable
    Beacon ID                 : 1
      UUID                       : 57XXXXXX-cXXX-4XXX-aXXX-85XXXXXXXXXX
      Major                      : 3875
      Minor                      : 567
      Transmit power             : 2 dBm
      Advertised transmit power  : 69 dBm
      Enable                     : Enable
    .
    .
    .

Verify gRPC summary, status, and statistics

To verify the gRPC summary, run the command:
Device# show ap grpc summary
AP Name              AP Mac             gRPC Status 
----------------------------------------------------------------------------------- 
APXXXX.BDXX.F2XX     0cXX.bdXX.66XX     Up

To verify the packet statistics on the gRPC channel that also shows the transmit and receive failures, run the command:

Device# show ap name APXXXX.BDXX.F2XX grpc detail 
gRPC channel status : Up 
Packets transmit attempts : 62 
Packets transmit failures : 0 
Packets receive count : 62 
Packets receive failures : 0