Switch
Diagram
Classes
topology (vxlan)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| switches | List | [switches] | No |
switches (vxlan.topology)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Yes | ||
| serial_number | String | Regex: ^[a-zA-Z0-9_.:-]{1,16}$ | No | |
| role | Choice | spine, leaf, border, border_spine, border_gateway, border_gateway_spine, super_spine, border_super_spine, border_gateway_super_spine, tor, core_router | No | |
| management | Class | [management] | No | |
| poap | Class | [poap] | No | |
| routing_loopback_id | Integer | min: 0, max: 1023 | No | 0 |
| vtep_loopback_id | Integer | min: 0, max: 1023 | No | 1 |
| interface_breakouts | List | [interface_breakouts] | No | |
| interfaces | List | Any[Class[[topology_switch_access_interface]] or Class[[topology_switch_trunk_interface]] or Class[[topology_switch_access_po_interface]] or Class[[topology_switch_trunk_po_interface]] or Class[[topology_switch_routed_interface]] or Class[[topology_switch_routed_sub_interface]] or Class[[topology_switch_routed_po_interface]] or Class[[topology_switch_loopback_interface]] or Class[[topology_switch_dot1q_host_interface]]] | No |
management (vxlan.topology.switches)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| default_gateway_v4 | IP | No | ||
| default_gateway_v6 | IP | No | ||
| management_ipv4_address | IP | No | ||
| management_ipv6_address | IP | No | ||
| subnet_mask_ipv4 | Integer | min: 8, max: 30 | No | |
| subnet_mask_ipv6 | Integer | min: 16, max: 128 | No |
poap (vxlan.topology.switches)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| bootstrap | Boolean | true, false | No | false |
| preprovision | Class | [preprovision] | No |
interface_breakouts (vxlan.topology.switches)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| module | Integer | min: 0, max: 32 | No | 1 |
| from | Integer | min: 0, max: 256 | No | 1 |
| to | Integer | min: 0, max: 256 | No | 1 |
| map | Choice | 10g-4x, 25g-4x, 50g-2x, 50g-4x, 100g-2x, 100g-2x-pam4, 100g-4x, 200g-2x | No | 10g-4x |
| enable_during_bootstrap | Boolean | true, false | No | false |
preprovision (vxlan.topology.switches.poap)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| serial_number | String | Regex: ^[a-zA-Z0-9_.:-]{1,16}$ | No | |
| model | String | Yes | ||
| version | String | Yes | ||
| modulesModel | List | String | Yes |
Example 1
The following describes how to add switches with different roles (spine, leaf, etc.)
vxlan: topology: switches: - name: dc1-spine1 serial_number: 9RPK63KD8TR role: spine management: default_gateway_v4: 192.168.112.254 default_gateway_v6: 2055:55:55:55::55/64 management_ipv4_address: 192.168.112.151 management_ipv6_address: 2055:55:55:55::51/64
- name: dc1-spine2 serial_number: 92UBV39S1YQ role: spine management: default_gateway_v4: 192.168.112.254 default_gateway_v6: 2055:55:55:55::55/64 management_ipv4_address: 192.168.112.152 management_ipv6_address: 2055:55:55:55::52/64
- name: dc1-leaf1 serial_number: 9SJP2G16MPF role: leaf management: default_gateway_v4: 192.168.112.254 default_gateway_v6: 2055:55:55:55::55/64 management_ipv4_address: 192.168.112.1 management_ipv6_address: 2055:55:55:55::41/64
- name: dc1-leaf2 serial_number: 91IRW2OO4TX role: leaf management: default_gateway_v4: 192.168.112.254 default_gateway_v6: 2055:55:55:55::55/64 management_ipv4_address: 192.168.112.2 management_ipv6_address: 2055:55:55:55::42/64
- name: dc1-leaf3 serial_number: 9JOCTUYC1EV role: leaf management: default_gateway_v4: 192.168.112.254 default_gateway_v6: 2055:55:55:55::55/64 management_ipv4_address: 192.168.112.3 management_ipv6_address: 2055:55:55:55::43/64
- name: dc1-leaf4 serial_number: 936D48XQN1P role: leaf management: default_gateway_v4: 192.168.112.254 default_gateway_v6: 2055:55:55:55::55/64 management_ipv4_address: 192.168.112.4 management_ipv6_address: 2055:55:55:55::44/64Discovery methods
In the Cisco NDFC context, there are three methods for switch onboarding and discovery:
- Discovering Existing Switches: This method involves identifying and managing switches that are already deployed and operational within the network.
- Bootstrap with POAP (Power-On Auto Provisioning): This approach uses POAP to automatically provision new switches when they are powered on and connected, enabling zero-touch deployment.
- Pre-provisioning Combined with POAP: This method involves preconfiguring certain settings or profiles in NDFC before the switch is powered on, followed by bootstrap using POAP to complete the provisioning process.
These methods provide flexible options for managing switch lifecycle and deployment in Cisco NDFC environments.
Discovering existing switches
In this method, a switch with known credentials and a pre-provisioned IP address, is added to the fabric. Switch is reachabled from NDFC.
---vxlan: topology: switches: - name: dc-leaf1 serial_number: 9MGBD4LHN0O role: leaf management: default_gateway_v4: 192.168.112.254 management_ipv4_address: 192.168.112.1Discovering new switches with Power On Auto Provisioning (POAP)
When a new Cisco NX-OS device powers on, it usually has no startup configuration or any saved configuration. As a result, after booting and completing initialization, the device enters a POAP loop. During this process, it sends DHCP requests from all active interfaces, including the mgmt0 interface.
To support this, bootstrap must be enabled at the fabric level, and DHCP must be properly configured. You can use either NDFC or an external DHCP server. Additionally, if the subnet on the switch differs from that on NDFC, DHCP Relay must be configured accordingly.
---vxlan: topology: switches: - name: dc-leaf1 serial_number: 9MGBD4LHN0O role: leaf management: default_gateway_v4: 192.168.112.254 management_ipv4_address: 192.168.112.1 poap: bootstrap: trueDiscovering new switches with Pre-provisioning
Cisco NDFC supports provisioning of device configuration in advance. This is specifically applicable for scenarios where devices have been procured, but not yet delivered or received by the Customers. The purchase order typically has information about the device serial number, device model and so on, which in turn can be used to prepare the device configuration in NDFC prior to the device connectivity to the Network.
In this scenario, we have two serial numbers (SN):
- Temporary Serial Number: PRE9MGBD4LHN0O
- Real Serial Number: 9MGBD4LHN0O
During the initial setup, you must use two different serial numbers (SNs). At this stage, the switch will be registered in NDFC as unreachable. Once the switch completes its preparation and the POAP process begins, you can update the vxlan.topology.switches.serial_number to the switch’s actual serial number.
flowchart TB A(Pre-provision switch with two different SNs) A --> B{Switch added to NDFC as unreachable} B --> C(Switch is powered on) C --> D{Switchs start POAP process} D --> E(Update switches.serial_number with real SN) E --> F{Serial number updated in NDFC and discovered}---vxlan: topology: switches: - name: dc-leaf1 # ------------------------------------------- # Temporary Fake Serial Number # (Must Match SN under poap.preprovision) serial_number: PRE9MGBD4LHN0O # ------------------------------------------- # Real device SN that needs to replace the # fake SN above when the device is available. # # serial_number: 9MGBD4LHN0O # ------------------------------------------- role: leaf management: default_gateway_v4: 192.168.112.254 management_ipv4_address: 192.168.112.1 subnet_mask_ipv4: 24 poap: preprovision: model: N9K-C9300v # Matches fake serial number above serial_number: PRE9MGBD4LHN0O version: 15.5(2) modulesModel: [N9K-X9364v, N9K-vSUP]