Friday, September 16, 2022
HomeCloud ComputingCisco DNA Middle and Machine configuration administration

Cisco DNA Middle and Machine configuration administration

In my conversations with prospects and companions, there are two matters which might be completely different however considerably associated: compliance and machine configuration administration.  In my newest weblog, “Compliant or not? Cisco DNA Middle will enable you determine this out”, we mentioned compliance capabilities in Cisco DNA Middle 2.3.3.  On this weblog, I’ll deal with machine configuration administration.

Let me begin by saying that DNA Middle all the time has the newest machine configuration in its inside databases. This has all the time been the case. The configuration of a tool is first collected and saved when the machine is added to the stock, it’s then up to date by periodic triggers in addition to event-based triggers. Occasion-based triggers occur when there’s a change within the configuration. DNA Middle makes use of these up-to-date configurations for all its capabilities together with, however not restricted to, assurance, machine substitute, and compliance. Community directors may also leverage these configurations so, on this weblog, we are going to discover other ways to entry them.

Visualize Configuration in Stock

For sure machine sorts, like switches, DNA Middle has the choice to indicate and export the complete machine configuration. This enables the community administrator to have fast visibility into the configuration. For safety causes, delicate knowledge is masked which signifies that we will’t immediately use this machine config to revive a tool.

Configuration Visualization in Inventory
Determine 1: Configuration Visualization in Stock: delicate knowledge is masked

Export the machine configuration

Configuration archive is the DNA Middle function that permits community directors to export uncooked configurations to an exterior server. Uncooked configurations are helpful to revive a tool for instance.

Configuration Archive
Determine 2: Configuration Archive: exporting uncooked configurations to an exterior server

Machine configuration backup might be scheduled with the specified recurrence and the configurations are despatched to an exterior server. For every configuration backup, DNA Middle creates a password-protected zip file. This zip file accommodates one listing per machine and every listing accommodates three recordsdata: running-config, startup-config, and VLAN database.

Password-protected zip file
Determine 3: Password-protected zip file


Running, Startup configs and VLAN DB
Determine 4: One listing per machine containing operating config, startup configs and VLAN DB

APIs to retrieve machine configuration

One other strategy to entry the clear textual content machine configurations is by way of APIs. The API accessible in Cisco DNA Middle permits to retrieve uncooked startup, operating configs, and VLAN DB within the type of a zipper file in the same approach because the configuration archive functionality.

API particulars:

POST /network-device-archive/cleartext

Visualize Configuration Drifts

Arguably, I’m leaving essentially the most fascinating functionality for final!

Initially of the weblog, we talked about that DNA Middle shops the machine configuration and updates the configurations periodically and upon adjustments. Each time there’s a change within the configuration, DNA Middle will retailer and timestamp this new configuration for a most of fifty. We name these configurations config drifts. Furthermore, DNA Middle can present variations between these saved configurations to assist the community administrator establish any adjustments. For out-of-band adjustments, Config Drift instrument may also present the username of the individual that made the change.

Within the instance under, we’re evaluating two configurations taken on September 2nd, 2022, one at 1:56pm and the opposite at 2:57pm. We will see within the latter, {that a} “description” command was faraway from “interface GigabitEthernet 1/0/10”. As soon as we establish these adjustments within the operating configuration, the community administrator can take particular actions to remediate the difficulty. For instance, the machine might be re-provisioned.

Config Drift
Determine 5: Config Drift

We will additionally establish and label a particular configuration that we deem “commonplace”. That approach, will probably be simpler to check the present operating configuration with the chosen labeled configuration.

Within the instance under, we are going to first choose the popular configuration and title it with the label of our selection, on this case, “TBRANCH-Std-Config“:

Label Config
Determine 6: Label Config

As soon as we label our commonplace configuration, we will then examine it to the present configuration. On this instance, the present operating configuration is recognized as “September 2nd at 3:10pm”. On this case, each operating configuration and commonplace configurations match.

Comparing running-config to labeled config
Determine 7: Evaluating running-config to labeled config

Have you ever tried these capabilities?

Are there another matters you’d prefer to see in these blogs?

Let me know within the feedback under.





Please enter your comment!
Please enter your name here

Most Popular

Recent Comments