Latest

DNAC Device PNP Onboarding Process for IOS-XE

Today we are going to talk about the DNAC device PNP onboarding process for IOS-XE/IOS devices. Before we are going to discuss about this process, you should aware of DHCP option 43.

In our lab environment we are using a Cisco Router, Infoblox for DHCP scope and a new branded cisco switch for onboarding process.

Step 1: Login to DNA Center


Step 2: Set up Global Credentials for PNP Process
Make sure the global credentials are defined for SSH, SNMP RO and RW. Building will also inherit the defined credentials

Cisco DNA C --> Design --> Network Settings


Once you clicked on the network settings, Setup by adding the credentials on CLI, SNMPv2 Read/Write or SNMP v3. 

As we globally configured the Device Credentials values which DNAC will configured on the factory default device with as device with Day #0 template. As for onboarding process, CLI, SNMP Read and SNMP Write credentials will be pushed to the device.

Step 3: Define DHCP #43 option on DHCP Server
Define the relevant PnP DHCP scope on DHCP server. Make sure option#43 will be configured to use the DNAC enterprise interface IP address. 

ip dhcp pool dnacpnp_device_pool  ( Name of DHCP pool on IPAM)
network 10.X.X.X 255.X.X.X   ( Range of IP addresses assigned to clients )
default-router 10.X.X.X          ( Gateway address)
option 43 ascii "5A1N;B2;K4;I10.10.10.10;J80"    (Option 43 string, 10.10.10.10 is a DNA Center IP)

Define the relevant day#0 template and golden image if applicable for device PnP. Make sure the upstream router will have DHCP relay and IP helper address to reach DHCP server configured on untagged VLAN (aka, VLAN1).

Step 4: Upstream Router and Switch Connectivity
Make sure the switch is connected to the upstream router  on the trunk. As an example we are taking the following example on the router as Cisco router. We need to define the below values on the router in order to get switch the IP address and redirected to DHCP server on IPAM.

interface GigabitEthernet0/2.1  (Defined Sub-interface  is connected to the Switch on trunk)
encapsulation dot1Q 1 native
ip address 10.x.x.x 255.x.x.x
ip helper-address x.x.x.x y.y.y.y 
(ip helper address for reachability to the DHCP Server)
end

Step 5: Network Profile for Day 0 Template using for Claiming Process
As we need to define the Day 0 Template on the template editor and add it to the Network profile for claiming process

First we need to define the Day 0 Template which is called as onboarding template where we can define the basic configuration. In our example we are putting very basic configurations like domain name, Loopback 0 interface IP address and can be defined more.

Navigate to Cisco DNA Center à Tools à Template Editor


 Once you clicked on the Template Editor you will see the below screen


As we defined the Day 0 Template that will be used for PNP claiming process, now we need to use the same tag to define on Network Profile for all new devices which will be discovered via PNP Process.


As we created the Day 0 Template and defined Network Profiles for Day 0 Template, Now are good to proceed with the PNP Claiming process.

Step 6: Device PNP Claiming Process
Now after we setup DHCP option #43 and connect the new switch to the upstream router or to the network, DNA Center runs its script and you will see the device with the IP address getting from DHCP server shown under PNP tab in DNA Center

Navigate to Provision -> Network Devices -> Plug and Play

You will see, the device pop up there with the IP address taking from DHCP server. Now select the device and  Action ->ClaimOnce you start claiming process, you will see the below screen. Assign the site to the switch and do next.

As a process of Claiming, we are pushing out the Day #0 template which may include the basic configuration like DNS name, Host name, Loopback IP address. Once claiming process completed, you will see the device is provisioned in DNA Center and will automatically come up in the inventory.

Once you claim the device on the DNAC, you can see by login to the switch that VLAN 1 is assigned with the IP address from the DHCP pool. This is just an example and verified in the Lab environment.

A Cisco network device with no start-up configuration triggers the Cisco Plug and Play IOS Agent to initiate a DHCP discovery process, which can acquire the DNA Center controller IP address from the DHCP server.

This auto-discovery process requires that the DHCP server be configured with the vendor specific option 43 that contains additional information about the DNA Center controller.

When the DHCP server receives a DHCP discover message with option 60 that contains the string “dnacpnp_device_pool ”, it responds to the device by returning a response that contains the option 43 information.

The Cisco Plug and Play IOS Agent extracts the DNA Center controller IP address from the response and uses this address to communicate with the controller.

The only prerequisites for the DHCP auto-discovery method are as follows:

  • New devices can reach the DHCP server
  • The DHCP server is configured with option 43 for Cisco Network Plug and Play