Page is loading ...
Cisco DCNM LAN Fabric Configuration Guide, Release 11.5(1)
First Published: 2020-12-22
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS,
INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH
THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY,
CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version of
the UNIX operating system. All rights reserved. Copyright ©1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS.
CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT
LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS
HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network
topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional
and coincidental.
All printed copies and duplicate soft copies of this document are considered uncontrolled. See the current online version for the latest version.
Cisco has more than 200 offices worldwide. Addresses and phone numbers are listed on the Cisco website at www.cisco.com/go/offices.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL:
https://www.cisco.com/c/en/us/about/legal/trademarks.html. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a
partnership relationship between Cisco and any other company. (1721R)
©2020–2021 Cisco Systems, Inc. All rights reserved.
CONTENTS
Overview 1
CHAPTER 1
Cisco Data Center Network Manager 1
REST API Tool 2
New and Changed Information 7
CHAPTER 2
New and Changed Information in Cisco DCNM, Release 11.5(1) 7
Dashboard 11
CHAPTER 3
Dashboard 11
Dashlets 12
Topology 17
CHAPTER 4
Topology 17
Status 17
Scope 18
Searching 19
Quick Search 19
Host name (vCenter) 19
VM name (OpenStack) 19
Host IP 19
Host MAC 20
Multicast Group 20
Redirected Flows 20
VXLAN ID (VNI) 22
VLAN 22
VXLAN OAM 23
Cisco DCNM LAN Fabric Configuration Guide, Release 11.5(1)
iii
Show Panel 24
Layouts 25
Zooming, Panning, and Dragging 25
Switch Slide-Out Panel 27
Beacon 27
Tagging 27
More Details 27
Link Slide-Out Panel 29
24-Hour Traffic 29
vCenter Compute Visualization 29
Support for Cisco UCS B-Series Blade Servers 30
Enabling vCenter Compute Visualization 32
Using vCenter Compute Visualization 34
Troubleshooting vCenter Compute Visualization 39
Container Orchestrator 40
Using the UI Controls on Container Orchestrator Visualization 42
OpenStack Workload Visibility 46
OpenStack Topology Scale 46
Notifications and Triggers for OpenStack 47
Using OpenStack Visualizer 47
Viewing VMs in OpenStack Clusters 49
Control 51
CHAPTER 5
Fabrics 51
VXLAN BGP EVPN Fabrics Provisioning 51
Creating a New VXLAN BGP EVPN Fabric 55
Adding Switches to a Fabric 73
Pre-provisioning Support in DCNM 11 86
Precision Time Protocol for Easy Fabric 100
Support for Super Spine Role in DCNM 101
Changing the TCAM Configuration on a Device 107
Preselecting Switches as Route-Reflectors and Rendezvous-Points 108
Adding a vPC L3 Peer Keep-Alive Link 109
Changing the Local Authentication to AAA Authentication for Switches in a Fabric 112
Cisco DCNM LAN Fabric Configuration Guide, Release 11.5(1)
iv
Contents
IPv6 Underlay Support for Easy Fabric 114
Brownfield Deployment-Transitioning VXLAN Fabric Management to DCNM 114
Configuring Fabrics with eBGP Underlay 114
Creating an External Fabric 114
Discovering New Switches 126
Adding non-Nexus Devices to External Fabrics 131
Pre-provisioning a Device 135
Pre-provisioning an Ethernet Interface 140
Creating a vPC Setup 141
Undeploying a vPC Setup 146
Multi-Site Domain for VXLAN BGP EVPN Fabrics 146
Support for CloudSec in Multi-Site Deployment 174
Removing a Fabric From an MSD 178
Moving a Standalone Fabric (With Existing Networks and VRFs) to an MSD Fabric 179
Managing Switches Using LAN Classic Templates 180
Creating a LAN Classic Fabric 180
Adding Switches to LAN Classic Fabric 184
Creating a Fabric Group and Associating Member Fabrics 185
Support for Inter-Fabric Connection in LAN Classic Fabric Template 186
Inband Management in External Fabrics and LAN Classic Fabrics 186
Precision Time Protocol for External Fabrics and LAN Classic Fabrics 187
Sync up Out-of-Band Switch Interface Configurations with DCNM 189
Syncing up Switch Interface Configurations to DCNM 190
MACsec Support in Easy Fabric and eBGP Fabric 193
Enabling MACsec 193
Disabling MACsec 194
Overview of Tenant Routed Multicast 195
Overview of Tenant Routed Multicast with VXLAN EVPN Multi-Site 195
Tenant Routed Multicast with VXLAN EVPN Multi-Site Operations 195
Configuring TRM for Single Site Using Cisco DCNM 196
Configuring TRM for Multi-Site Using Cisco DCNM 199
SSH Key RSA Handling 202
Switch Operations 204
Running EXEC Mode Commands in DCNM 207
Cisco DCNM LAN Fabric Configuration Guide, Release 11.5(1)
v
Contents
Fabric Multi Switch Operations 208
Tabular View - Switches 208
Tabular View - Links 211
Creating Intra-Fabric Links 211
Creating Inter-Fabric Links 216
Exporting Links 220
Importing Links 221
Viewing Details of Fabric Links 221
Viewing the Traffic Details of Fabric Links 222
Symmetric Automatic VRF Lite 223
Layer 3 Port Channels 224
Configuring Layer 3 Port Channel on Interfaces 225
Configuring Layer 3 Port Channel on Interfaces for IOS XE Devices 225
Deploying Policies on Physical Interfaces for non-Nexus Devices 226
Configuring Layer 3 Port Channel on Subinterfaces 227
Configuring Layer 3 Port Channel for Inter-fabric Connectivity 228
Tabular View - Operational View 229
Viewing the Operational Status 230
Viewing Logical Links 231
Viewing Alerts and Event Notifications 231
Support for ToR Switches 231
vPC Fabric Peering 232
Creating a Virtual Peer Link 234
Converting a Physical Peer Link to a Virtual Peer Link 237
Converting a Virtual Peer Link to a Physical Peer Link 238
Advertising PIP on vPC 239
Viewing and Editing Policies 240
Viewing Policies 240
Adding a Policy 242
Deploying Policies 243
Editing a Policy 244
Current Switch Configuration 245
Retrieving the Authentication Key 245
Custom Maintenance Mode Profile Policy 247
Cisco DCNM LAN Fabric Configuration Guide, Release 11.5(1)
vi
Contents
Creating and Deploying a Custom Maintenance Mode Profile Policy 248
Deleting a Custom Maintenance Mode Profile Policy 249
Return Material Authorization (RMA) 251
Prerequisites 251
Guidelines and Limitations 251
POAP RMA Flow 251
Manual RMA Flow 254
RMA for User with Local Authentication 256
Interfaces 256
Adding Interfaces 261
Breakout 262
Editing Interfaces 262
Deleting Interfaces 264
Shutting Down and Bringing Up Interfaces 265
Viewing Interface Configuration 266
Rediscovering Interfaces 266
Viewing Interface History 266
Deploying Interface Configurations 267
Creating External Fabric Interfaces 267
Interface Groups 268
Creating and Deploying Networks and VRFs 273
Viewing Networks and VRFs for a Fabric 274
Creating Networks for the Standalone Fabric 275
Editing Networks for the Standalone Fabric 280
Creating VRFs for the Standalone Fabric 281
Editing VRFs for the Standalone Fabric 285
Deploying Networks for the Standalone and MSD Fabrics 286
Deploying VRFs for the Standalone and MSD Fabrics 295
Undeploying Networks for the Standalone Fabric 301
Undeploying VRFs for the Standalone Fabric 302
Deleting Networks and VRFs 302
Configuring Multiple VLAN IDs to a Single VNI 303
Enhanced Role-based Access Control in Cisco DCNM 304
Device-upg-admin Role 304
Cisco DCNM LAN Fabric Configuration Guide, Release 11.5(1)
vii
Contents
Access-admin Role 304
Network-Operator Role 305
Network-Stager Role 305
Viewing Policy Change History 306
Freezing Fabrics in Cisco DCNM 307
Fabric Backup and Restore 308
Backing Up Fabrics 308
Restoring Fabrics 312
Restoring a Switch 318
Deleting a VXLAN BGP EVPN Fabric 319
Post DCNM 11.5(1) Upgrade for VXLAN BGP EVPN, External, and MSD Fabrics 320
Changing ISIS Configuration from Level 1 to Level 2 321
Configuration Compliance in DCNM 321
Configuration Compliance in External Fabrics 330
Resolving Diffs for Case Insensitive Commands 335
DCNM Tracker 340
Installing the DCNM Tracker 341
Uninstalling the DCNM Tracker 343
Starting the DCNM Tracker 343
Stopping the DCNM Tracker 343
DCNM Tracker Status 344
Troubleshooting - DCNM Tracker 344
Backup - DCNM Tracker 345
Upgrade - DCNM Tracker 345
Discovery Tracker 345
DCNM Tracker Support on Cisco ISE using TACACS+ 346
Enabling Freeform Configurations on Fabric Switches 347
VMM Workload Automation 353
Overview of Network Objects in vCenter 354
How VMM Workload Automation Works 356
Configuration Files for VMM Workload Automation 356
Installing and Starting the VMM Workload Automation Module 360
Additional Functionalities Using REST APIs 361
Events in vCenter 362
Cisco DCNM LAN Fabric Configuration Guide, Release 11.5(1)
viii
Contents
Management 363
Resources 363
Allocating a Resource 364
Releasing a Resource 366
Adding, Editing, Re-Discovering and Removing VMware Servers 366
Adding a Virtual Center Server 366
Deleting a VMware Server 367
Editing a VMware Server 367
Rediscovering a VMware Server 367
Container Orchestrator 368
Adding Container Orchestrator 369
Deleting Container Orchestrator 372
Editing Container Orchestrator 372
Rediscover Kubernetes Cluster 373
OpenStack Visualizer 373
Adding OpenStack Cluster 374
Editing OpenStack Cluster 375
Deleting OpenStack Cluster 376
Rediscovering OpenStack Cluster 376
Template Library 376
Template Structure 378
Template Format 378
Template Variables 385
Variable Meta Property 387
Variable Annotation 393
Templates Content 397
Advanced Features 399
Report Template 401
Adding a Template 414
Modifying a Template 415
Copying a Template 415
Deleting a Template 416
Importing a Template 416
Exporting a Template 417
Cisco DCNM LAN Fabric Configuration Guide, Release 11.5(1)
ix
Contents
Image Management 417
Smart Image Management 418
Image Upload 419
Deleting an Image 421
Install & Upgrade 421
Upgrade History 421
Switch Level History 431
Packages 432
Installing Packages and Patches 432
Uninstalling Packages and Patches 433
Activating Packages and Patches 434
Deactivate 434
Image Management Policies 434
Adding an Image Management Policy 435
Deleting an Image Management policy 437
Endpoint Locator 438
Layer 4-Layer 7 Service 438
Cross Site Scripting (XSS) threat and mitigation 438
Cross Site Scripting (XSS) threat and Handling of special Characters in Policy Fields 438
Monitor 441
CHAPTER 6
Inventory 441
Viewing Inventory Information for Switches 441
Viewing System Information 446
Hosts 446
Capacity 447
Features 447
VXLAN 448
VLAN 448
Switch Modules 449
FEX 449
VDCs 451
Viewing Inventory Information for Modules 458
Viewing Inventory Information for Licenses 459
Cisco DCNM LAN Fabric Configuration Guide, Release 11.5(1)
x
Contents
Monitoring Switch 460
Viewing Switch CPU Information 460
Viewing Switch Memory Information 460
Viewing Switch Traffic and Errors Information 460
Viewing Switch Temperature 461
Enabling Temperature Monitoring 462
Viewing Accounting Information 462
Viewing Events Information 462
Monitoring LAN 463
Monitoring Performance Information for Ethernet 463
Monitoring ISL Traffic and Errors 464
Monitoring a vPC 465
Monitoring vPC Performance 466
Endpoint Locator 467
Alarms 467
Viewing Alarms and Events 468
Monitoring and Adding Alarm Policies 468
Activating Policies 471
Deactivating Policies 472
Importing Policies 472
Exporting Policies 472
Editing Policies 472
Deleting Policies 473
Enabling External Alarms 473
Configuration Compliance Alarms 473
Endpoint Locator Alarms 476
Health Monitor Alarms 479
Administration 483
CHAPTER 7
DCNM Server 483
Starting, Restarting, and Stopping Services 483
Customization 485
Network Preferences 486
Viewing Log Information 487
Cisco DCNM LAN Fabric Configuration Guide, Release 11.5(1)
xi
Contents
Server Properties 488
Modular Device Support 488
Native HA 489
Multi Site Manager 490
Device Connector 493
NX-API Certificate Management for Switches 496
Uploading the certificates on DCNM 498
Installing Certificates on Switches 498
Unlinking and Deleting certificates 499
Troubleshooting NX API Certificate Management 500
Backing up DCNM 500
Creating a Backup 501
Modifying a Backup 502
Deleting a Backup 503
Job Execution Details 503
Manage Licensing 504
Managing Licenses 504
License Assignments 504
Smart License 510
Switch Smart License 513
Server License Files 514
Switch Features—Bulk Install 515
Application Licenses 517
Management Users 519
Remote AAA 519
Local 519
Radius 520
TACACS+ 520
Switch 520
LDAP 521
Managing Local Users 523
Adding Local Users 523
Deleting Local Users 524
Editing a User 524
Cisco DCNM LAN Fabric Configuration Guide, Release 11.5(1)
xii
Contents
User Access 524
Managing Clients 525
Performance Setup 526
Performance Setup LAN Collections 526
Event Setup 527
Viewing Events Registration 527
Notification Forwarding 528
Adding Notification Forwarding 528
Removing Notification Forwarding 529
Event Suppression 530
Add Event Suppression Rules 530
Delete Event Suppression Rule 531
Modify Event Suppression Rule 531
Credentials Management 531
LAN Credentials 532
Credentials Management with Remote Access 534
Applications 541
PART I
Applications Framework 543
CHAPTER 8
Cisco DCNM in Unclustered Mode 543
Cisco DCNM in Clustered Mode 544
Requirements for Cisco DCNM Clustered Mode 545
Installing a Cisco DCNM Compute 546
Networking Policies for OVA Installation 546
Enabling the Compute Cluster 548
Managing Application Network Pools 549
Adding Computes into the Cluster Mode 550
Transitioning Compute Nodes 552
Transitioning Compute nodes from VM to Service Engine 552
Transitioning Compute nodes from Service Engine to VM 553
Preferences 553
Telemetry Network and NTP Requirements 554
Installing and Deploying Applications 555
Cisco DCNM LAN Fabric Configuration Guide, Release 11.5(1)
xiii
Contents
Application Framework User Interface 558
Catalog 559
Compute 559
Preferences 561
Failure Scenario 561
Compute Node Disaster Recovery 562
Endpoint Locator 563
CHAPTER 9
Endpoint Locator 563
Configuring Endpoint Locator 564
Configuring Endpoint Locator in DCNM High Availability Mode 573
Configuring Endpoint Locator in DCNM Cluster Mode 574
Configuring Endpoint Locator for External Fabrics 576
Configuring Endpoint Locator for eBGP EVPN Fabrics 576
EPL Connectivity Options 579
Disabling Endpoint Locator 583
Troubleshooting Endpoint Locator 583
Monitoring Endpoint Locator 587
Endpoint Locator Dashboard 587
Endpoint History 592
Endpoint Search 595
Endpoint Life 596
IPAM Integrator 599
CHAPTER 10
Catalog 599
IPAM Integrator 600
Accessing IPAM Integrator 600
Viewing Network IP Scope 601
Viewing Statistics for the Subnet Utilization 602
Viewing IP Allocation for Hosts 603
Viewing Conflicting Networks 604
Health Monitor 605
CHAPTER 11
Catalog 605
Cisco DCNM LAN Fabric Configuration Guide, Release 11.5(1)
xiv
Contents
Health Monitor 606
Alerts 606
Service Utilization 608
Compute Utilization 611
PTP Monitoring 613
CHAPTER 12
Catalog 613
PTP Monitoring 614
Programmable Reports 617
CHAPTER 13
Catalog 617
Programmable Report 618
Creating a Report Job 620
Viewing a Report Job 622
Downloading Report Information 624
Deleting a Report 625
Comparing Reports 625
Deleting a Report Job 627
Editing a Report Job 627
Rerunning a Report Job 628
Displaying Report Job History 629
Downloading Report Job Information 630
Report Purging 630
ServiceNow Integration 633
CHAPTER 14
DCNM Integration with ServiceNow 633
Guidelines and Limitations of DCNM Integration with ServiceNow 634
Installing and Configuring the Cisco DCNM Application on ServiceNow 635
Viewing the Dashboard 638
Contact Us 642
Troubleshooting DCNM Integration with ServiceNow 642
Easy Provisioning of VXLAN BGP EVPN Fabrics 645
PART II
Cisco DCNM LAN Fabric Configuration Guide, Release 11.5(1)
xv
Contents
Managing a Greenfield VXLAN BGP EVPN Fabric 647
CHAPTER 15
VXLAN BGP EVPN Fabrics Provisioning 647
Creating a New VXLAN BGP EVPN Fabric 650
Adding Switches to a Fabric 669
Discovering New Switches 669
Discovering Existing Switches 677
VXLAN EVPN Deployment with eBGP EVPN 682
Creating a eBGP New VXLAN EVPN with eBGP-based Underlay 682
Deploying Fabric Underlay eBGP Policies 695
Deploying Fabric Overlay eBGP Policies 696
Deploying Spine Switch Overlay Policies 696
Deploying Leaf Switch Overlay Policies 697
Managing a Brownfield VXLAN BGP EVPN Fabric 699
CHAPTER 16
Overview 699
Prerequisites 700
Guidelines and Limitations 700
Fabric Topology Overview 702
DCNM Brownfield Deployment Tasks 703
Verifying the Existing VXLAN BGP EVPN Fabric 703
Creating a VXLAN BGP EVPN Fabric 706
Adding Switches and Transitioning VXLAN Fabric Management to DCNM 720
Verifying the Import of the VXLAN BGP EVPN Fabric 733
Verifying VXLANs and Commands on Switches 733
Verifying Resources 737
Verifying Networks 738
Configuration Profiles Support for Brownfield Migration 741
Migrating a Bottom-Up VXLAN Fabric to DCNM 741
Resolving Config Compliance Error on Switches with Cisco NX-OS Release 7.0(3)I4(8b) and 7.0(4)I4(x)
Images 750
Modifying VLAN Names in a Switch with Cisco NX-OS Release 7.0(3)I4(8b) and 7.0(4)I4(x) Images
754
Changing a Brownfield Imported BIDIR Configuration 756
Cisco DCNM LAN Fabric Configuration Guide, Release 11.5(1)
xvi
Contents
Manually Adding PIM-BIDIR Configuration for Leaf or Spine Post Brownfield Migration 757
Migrating an MSD Fabric with Border Gateway Switches 757
Configuring a VXLANv6 Fabric 761
CHAPTER 17
Overview 761
Creating a VXLAN Fabric with IPv6 Underlay 762
Auto-Provisioning ToR Switches Attached to VXLAN VTEPs 767
CHAPTER 18
Overview 767
Supported Topologies for ToR Switches 767
Configuring ToR Switches 773
Deploying Networks on ToR Switches 779
External/WAN Layer 3 Connectivity for VXLAN BGP EVPN Fabrics 783
PART III
VRF Lite 785
CHAPTER 19
Prerequisites and Guidelines 785
Sample Scenarios 788
VRF Lite Through the DCNM GUI – From a BGW Device to a Nexus 7000 Series Edge Router 789
VRF Lite Through the DCNM GUI – From a BGW Device To a Non-Nexus Device 801
Automatic VRF Lite (IFC) Configuration 808
Deleting VRF Lite IFCs 812
Additional References 814
Appendix 814
N9K-3-BGW Configurations 814
MPLS SR and LDP Handoff 817
CHAPTER 20
Overview of VXLAN EVPN to SR-MPLS and MPLS LDP Interconnection 817
VXLAN MPLS Topology 819
Configuration Tasks for VXLAN MPLS Handoff 821
Editing Fabric Settings for MPLS Handoff 821
Editing Easy Fabric Settings 821
Editing External Fabric Settings 823
Creating an Underlay Inter-Fabric Connection 824
Cisco DCNM LAN Fabric Configuration Guide, Release 11.5(1)
xvii
Contents
Creating an Overlay Inter-Fabric Connection 827
Deploying VRFs 829
Changing the Routing Protocol and MPLS Settings 831
Layer‐2/Layer‐3 DCI with VXLAN EVPN Multi‐Site 833
PART IV
Auto-Provisioning Border Gateways with Multi-Site Domains 835
CHAPTER 21
Border Provisioning Use Case in VXLAN BGP EVPN Fabrics - Multi-Site 835
Prerequisites 836
Limitations 837
Save & Deploy Operation in the MSD Fabric 837
EVPN Multi-Site Configuration 839
Configuring Multi-Site Underlay IFCs - DCNM GUI 840
Configuring Multi-Site Underlay IFCs - Autoconfiguration 841
Configuring Multi-Site Underlay IFCs Towards a Non-Nexus Device - DCNM GUI 842
Configuring Multi-Site Overlay IFCs 844
Configuring Multi-Site Overlay IFCs - Autoconfiguration 846
Configuring Multi-Site Overlay IFCs Towards a Non-Nexus Device - DCNM GUI 847
Overlay and Underlay Peering Configurations on the Route Server N7k1-RS1 849
Viewing, Editing and Deleting Multi-Site Overlays 849
Deleting Multi-Site IFCs 850
Creating and Deploying Networks and VRFs in the MSD Fabric 851
Deploying a Legacy Site BGW (vPC-BGWs) 854
Additional References 858
Appendix 858
Multi-Site Fabric Base Configurations – Box Topology 858
IBGP Configuration for the Box Topology in the Easy7200 Fabric 859
Route Server Configuration 860
Network Provisioning for L4‐Layer7 Services 863
PART V
L4-L7 Service Basic Workflow 865
CHAPTER 22
Layer 4-Layer 7 Service 865
Guidelines and Limitations for Layer 4-Layer 7 Service 868
Cisco DCNM LAN Fabric Configuration Guide, Release 11.5(1)
xviii
Contents
Types of Layer 4–Layer 7 Service Devices 869
Configuring Fabric Settings for Layer 4-Layer 7 Service 869
Configuring Layer 4-Layer 7 Service 872
Create Service Node 873
Create Route Peering 876
Create Service Policy 885
Templates 886
Adding a Route Peering 888
Adding a Service Policy 889
Deleting a Service Node 890
Editing a Service Node 891
Refreshing the Service Policy and Route Peering List 892
Refreshing a Specific Service Policy or Route Peering 892
Attaching a Service Policy or a Route Peering 892
Detaching a Service Policy or a Route Peering 892
Preview a Service Policy or a Route Peering 893
Deploying a Service Policy or a Route Peering 894
Viewing Deployment History 894
Exporting a Service Policy or a Route Peering Table 897
Importing a Service Policy or a Route Peering Table 898
Deleting a Service Policy 898
Deleting a Route Peering 899
Viewing Service Policy Information 899
Viewing Route Peering Information 902
Service Node Backup and Restore 903
Fabric Backup and Restore 904
Brownfield Migration 904
Audit History 904
L4-L7 Service Use Cases 907
CHAPTER 23
Use Case: Intra-tenant Firewall with Policy-based Routing 907
1. Create Service Node 908
2. Create Route Peering 910
3. Create Service Policy 912
Cisco DCNM LAN Fabric Configuration Guide, Release 11.5(1)
xix
Contents
4. Deploy Route Peering 914
5. Deploy Service Policy 916
6. View Stats 919
7. View Traffic Flow in Fabric Builder 919
8. Visualize Redirected Flows to Destination in the Topology window 922
Use Case: Inter-tenant Firewall with eBGP Peering 925
1. Create Service Node 927
2. Create Route Peering 928
3. Deploy Route Peering 930
Use Case: One-arm Load Balancer 932
1. Create Service Node 932
2. Create Route Peering 934
3. Create Service Policy 935
4. Deploy Route Peering 935
5. Deploy Service Policy 935
6. View Stats 936
7. View Traffic Flow in Fabric Builder 936
8. Visualize Redirected Flows to Destination in the Topology window 936
Public Cloud Connectivity 937
PART VI
Connecting Cisco Data Center and a Public Cloud 939
CHAPTER 24
Connecting Cisco Data Center and a Public Cloud 939
Topology Overview 940
Guidelines and Limitations 941
Prerequisites 941
Task Summary 941
Setting the Polling Time 942
Setting Up the On‐premise External Fabric with CSR 1000v 943
Creating an External Fabric 943
Discovering the On-Premises Core Router 943
Setting Up the VXLAN EVPN Fabric 944
Creating a VXLAN EVPN Fabric 944
Assigning the BGW Role 945
Cisco DCNM LAN Fabric Configuration Guide, Release 11.5(1)
xx
Contents
/