Catalyst Center support both Quantitative(Netflow) and Qualitative(AVC) network traffic collection. In an earlier post I have shown how to configure netflow for the Catalyst Center to receive the information. This examples are on how to enable the AVC on a C1111 router that will collect telemetry and application metrics as
MORENetbox as Ansible inventory
If you have been working with ansible to manage you network devices the biggest problem is updating the inventory file for all your devices. Ansible have a plug-in that supports netbox as the inventory, using its API. Killercoda To try out this guide login to killercoda and startup an ubuntu
MOREUnderstanding and Configuring QoS on Cat9k
When Cisco introduced the new UADP Chip in the Catalyst 9K lineup of switches they changed the way you configure QoS from the old MLS way to the MQC way of doing it as we do on routers. But we need to be aware of the hardware limits and configuration
MORETroubleshooting Quantum Flow Processor
Troubleshooting the QFP is a bit different than on Cat9k Switches or older ISR routers. Show Datapath utilization Shows the total amount of packets running through the system and the utilization Show QFP dropped packets Show all dropped packets and the reason why: Use the following commands to find the
MORECleanup Old kernels in Ubuntu 18.04
The process to remove old kernels on Ubuntu 18.04 LTS and newer is as follows: List all Linux Kernels Use the dpkg –list command to list all images and kernels. Verify Space requirements Upgrade to the latest kernel On this server I have just used sudo apt update && sudo
MORECisco Manufacturing Serial Demystified
Cisco Serial Numbers are in the form of LLLYYWWSSSS. Supplier CodeCTH = Celestica – ThailandFOC = Foxconn – Shenzhen, ChinaFCZ = Czech Republic ?FDO = ?JMX = Mexico ?JAE = ?JAB = Jabil – Florida, United StatesJPE = Jabil – MalaysiaJSH = Jabil – Shanghai, ChinaTAU = Solectron – Texas,
MORERunning Iperf3 in IOS Guestshell
Whenever you need to test a connection from a site it is always hard to find something on the site to test with. Newer IOS devices supports iox and guestshell which allows you to install iperf3 and connect to an iperf server in your core/datacenter. I have already documented how
MORETCL – NO SHUT all interfaces
In the Lab I sometimes need to do a no shut on all interfaces if their default values are to be shutdown. This can be done using a few lines of TCL scripting directly from the device. This block of code will find all the interface names on the devices
MOREDNAC – NetFlow config
When using the DNAC to push network config it is configured according to Cisco best practise. Global Configuration The global configuration for the access/edge switch is as follows: I am not quite sure why we are running ipfix here. Interface Configuration For each access interface the following configuration is applied:
MOREEEM scripts and tracking
In this example I will show you how to configure an IP SLA on IOS that will automatically trigger an EEM script when the tracked object goes down. The setup All devices are running OSPF area 0 with a Lo0 interface and interconnects in the form of 10.Rlow.Rhigh.R/24 The WAN
MORELogging on Cisco IOS
When configure network devices one of the most important features are logging. It does not seem important when you implement the network at the beginning but every time you have an issue logging is the most important tool in the toolbox. Console Logging: By default Cisco IOS devices send all
MOREDNAC – Internal code names
Work in progress EFT=Early Field Test GA=General Availability CA/LA=Available Upon Request
MOREDNAC – Jinja2 System Variables
In the DNA Center there is a lot of builtin system variables the DNAC will collect from the devices after onboarding. It is important to note that some variables are not available for Day0/Onboarding templates. System Variables can be found in the upper right corner of the template editor screen:
MORETroubleshooting network with fPing
fping is a linux tool used to do aggressive pings on the network to find bottelnecks and intermitten network outages. When we run a normal ping on a computer the time between packages could be multiple seconds and the timeout the same. But when we want to find micro drops
MOREOSPF Area types Lab
Area types in OSPF
MOREGeneral DNAC Troubleshooting
This list is only meant for quick introduction to the services in question for a particular troubleshooting issue. The list should be seen as a starting point. None of the commands should be done without supervision from TAC! To show all services that are not running on your DNAC: Collecting
MORECollecting Maglev logs using RCA
Built-in to the cluster we have the RCA log collection tool to grab all logs on the DNAC and package it to a compressed file. Whenever you experience an issue and want to take a snapshot of the log for later troubleshooting the RCA tool will save all the log
MOREDNA Center Log Analyzer
Cisco DNAC TAC team has made a log Analyzer for the DNAC logs. The log analyzer will look trough logs and find interesting issues if there are any. In this article I will try to use the Log Analyzer to troubleshoot an inventory issue as shown here: Looking through the
MOREDNAC – Collecting RCA Fast Track
This post is a small collection of commands to collect the RCA files from a 3 node DNA Center Cluster. Deleting old profiles When using the RCA tools it uses contect cookies saved in /home/maglev/.maglevconf. These old cookies will prevent you from logging in using the APIs during collection of
MOREDNAC – Deploying and provision QoS
One of the base features on DNAC is provisioning QoS policies to devices. The configuration on the DNAC is simple and it will generate all the devices specific code for you. More information can be found in the documentation. Application Policies Start by defining the Application policies we want to
MOREDNAC Changes to a switch
When discovering a device in DNAC it does some changes to the configuration with the discovery. I will try to outline the different commands changed on a device when we discover, assign to site and provision a device. DNAC version: 2.2.3.5 Switch: 9300L(IOS-XE 17.3.4) According to the configuration guide these
MOREDNAC – Troubleshooting Network AI UI error
This article will show how to troubleshoot any process in the Cisco DNA Center. In this example we have issues with enabling the Network AI from the GUI. The error given on the GUI can be seen here: When trying to find the right log on the system to troubleshoot
MOREUploading file to TAC
When working with Cisco TAC a lot of the time they need output files from a linux server like the DNA-C. Handling TAC uploads are described by Cisco on this site: https://www.cisco.com/c/en/us/support/web/tac/tac-customer-file-uploads.html But some of the most used commands when I upload a file I will share here. Uploading using
MORECisco DNA Center Upgrade
When upgrading DNA Center from Cisco is seems to a straight forward process to just press the upgrade button on the DNAC GUI. But to make sure the upgrade goes smooth a lot of preparation can be done to avoid costly troubleshooting and restore after the upgrade has failed. I
MORESecure-delete a disk in linux
To securely delete a disk you need to overwrite it with a series of data, it is not enough to just delete the files, as this will only delete the pointers to the file and not the actual data. On Windows you can use the cipher program to overwrite all
MOREDNAC – Validating CA Certs on IOS
On IOS devices when they are discovered by the DNA Center it pushed a trust to the device. The DNA Center has been configured with either a self-signed certificate during installation(as shown in this article) or a public/PKI certificate in the first steps after configuration begins. To make sure the
MOREDNAC – Troubleshooting the PnP GUI
In this troubleshooting senario we are using a DNAC and an 9300L switch with the known PnP discovery process of DHCP Option 43. The PnP onboarding process has already been described in details in other articles on Cisco.com, so this is more a tshoot aproach to the process. DNA Center:
MOREDNAC – Troubleshooting the PnP Process
In this troubleshooting senario we are using a DNAC and an 9300L switch with the known PnP discovery process of DHCP Option 43. The PnP onboarding process has already been described in details in other articles on Cisco.com, so this is more a tshoot aproach to the process. DNA Center:
MORECisco DNAC – Redeploying a package
The cisco DNA Center is heavily workgin with a package strukture where packages is beeing downloaded and deployed from the Cisco repository. In this post I will show you how to validate the repository used, and re-install a package as if it was broken or did not get installed during
MOREThroubleshooting DNA-C Services
Throubleshooting of DNA-C services requires some Kubernetes and DNA-C knowledge so figure out where the issue lies. One of the first steps is to make sure the service we want to use is in the Running state, here we a looking for the apic-em-inventory manager: Both Node 1 and Node
MORE