Cisco IWAN Application on APIC-EM User Guide, Release 1.4.0 February 20, 2017 Cisco Systems, Inc. www.cisco.com Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco website at www.cisco.com/go/offices. THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED ORIMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Ciscotrademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental. © 2017 Cisco Systems, Inc. All rights reserved. C O N T E N T S Preface vii About vii Audience vii Organization viii Conventions viii Related Documentation x Obtaining Documentation and Submitting a Service Request x CHAPTER 1 New and Changed Information 1-1 New Features and Changed Information 1-1 CHAPTER 2 Overview 2-1 About the Cisco IWAN Application 2-1 Workflow for Accessing the Cisco IWAN Application 2-2 Accessing the Cisco IWAN Application 2-2 Cisco IWAN Application Home Page 2-3 CHAPTER 3 Deployment 3-1 Cisco IWAN Application on APIC-EM 3-1 Deploying Cisco APIC-EM 3-2 Installing or Upgrading the Cisco IWAN Application 3-2 CHAPTER 4 Managing Hub Sites 4-1 Basic Workflow for Configuring and Setting Up the Hub Site 4-1 Wizard Step 1—Configuring System Settings 4-2 Wizard Step 2—Uploading Certified Cisco IOS Software Images for Branch Devices 4-5 Wizard Step 3—Configuring IP Address Pools 4-7 Wizard Step 4—Configuring Service Providers 4-10 Wizard Step 5—Configuring the IWAN Aggregation Site 4-12 Modifying the Configuration for the Hub Sites 4-19 Understanding the Coexistence of IWAN Sites and Non-IWAN Sites 4-19 Example of a Heterogeneous WAN Site 4-20 Software Configuration Guide for Cisco IWAN on APIC-EM iii Contents Understanding IP Address Pools 4-21 Updating the WAN Bandwidth of a Provisioned Hub Site 4-22 Modifying the QoS Bandwidth Percentages for a Hub Site 4-23 CHAPTER 5 Managing Branch Sites 5-1 Overview 5-1 IWAN App Operation with NAT 5-2 Workflow for Managing Branch Sites 5-3 Bootstrapping Greenfield Devices 5-4 Adding and Provisioning Greenfield Devices to the Branch Site 5-4 Adding and Provisioning Brownfield Devices to the Branch Site 5-10 Viewing Site Status Information 5-21 Support for 4G/Cellular Technology for WAN Link 5-22 Example Scenario 5-22 Notes and Limitations 5-24 Updating the WAN Bandwidth of a Provisioned Branch Site 5-24 Updating the WAN IP Parameters of a Provisioned Branch Site 5-25 Modifying the QoS Bandwidth Percentages for a Branch Site 5-27 CHAPTER 6 Managing Devices 6-1 Overview 6-1 Custom Configuration of Devices 6-1 Enabling Custom Configuration 6-2 Creating and Executing a Custom Configuration 6-2 Viewing Status of Custom Configuration Execution 6-3 Handling Failed Custom Configuration Executions 6-3 Limitations of Custom Configuration 6-3 CHAPTER 7 Administering Application Policies 7-1 Understanding the Categorize Applications Tab 7-1 Viewing Applications 7-2 Moving Applications to a Different Category 7-2 Editing Application Information 7-3 Adding a New Application 7-3 Deleting NBAR2 Custom Applications 7-4 Understanding the Define Application Policies Tab 7-5 Moving an Application Category to a Different Business Group 7-6 Software Configuration Guide for Cisco IWAN on APIC-EM iv Contents Modifying the Application Performance 7-6 Understanding the Application Bandwidth Tab 7-7 Viewing the Application Bandwidth 7-7 CHAPTER 8 Monitoring and Troubleshooting Sites 8-1 Viewing the Complete Cisco IWAN Network 8-1 Monitoring Page, Symbols, and Controls 8-2 Viewing Site Details 8-4 Compliance Reporting: Out-of-Band Configuration Changes 8-6 Compliance Reporting Setup 8-7 Compliance Monitoring 8-7 Service Assurance: Network Connectivity Alarms 8-8 Network Alarm Reporting Setup 8-8 Viewing Network Alarms 8-11 CHAPTER 9 Backup and Restore, Recovery, and Delete 9-1 Backup and Restore 9-1 Backup and Restore Recommendations 9-1 Backup and Restore Scenarios 9-2 Recovery 9-4 Recovering a Cisco IWAN Site 9-4 Post Provisioning Recovery for Hub and Branch Sites 9-4 Delete 9-5 Deleting a Hub Site 9-5 Deleting a Transit Hub 9-5 Deleting Branch Sites 9-6 Manually Cleaning Up Devices 9-6 Adding or Deleting Site Prefixes 9-8 APPENDIX A Brownfield Validation Messages A-1 Adding Greenfield and Brownfield Devices to Cisco IWAN A-1 Errors A-2 Warnings A-3 Software Configuration Guide for Cisco IWAN on APIC-EM v Contents Software Configuration Guide for Cisco IWAN on APIC-EM vi Preface This preface includes the following sections: • About, pagevii (cid:129) Audience, pagevii (cid:129) Organization, pageviii (cid:129) Conventions, pageviii (cid:129) Related Documentation, pagex (cid:129) Obtaining Documentation and Submitting a Service Request, pagex About The Cisco IWAN application (IWAN app) operates within Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM). Before the 1.3.2 release, the IWAN app was bundled with APIC-EM. Beginning with 1.3.2, it is released separately from APIC-EM and installed manually in APIC-EM. The IWAN app remains an integral part of APIC-EM as in the past. Audience This guide is intended primarily for data center administrators with responsibilities and expertise in one or more of the following: (cid:129) Server administration (cid:129) Storage administration (cid:129) Network administration (cid:129) Network security Software Configuration Guide for Cisco IWAN on APIC-EM vii REVIEW DRAFT—CISCO CONFIDENTIAL Organization This document includes the following chapters: Chapter Title Description 1 New and Changed Information Summarizes release-specific new and changed features for the Cisco IWAN application that are covered in this document. 2 Overview Introduces Cisco IWAN and describes how to access the Cisco IWAN application. 3 Deployment Provides information about Cisco IWAN application deployment within Cisco APIC-EM. 4 Managing Hub Sites Provides the wizard steps that allow you to configure and setup the hub site. 5 Managing Branch Sites Provides procedures for adding and provisioning branch sites and viewing site status information. 6 Managing Devices Each site may have one or more associated devices. The IWAN app provides methods for managing the devices individually, including the Custom Configuration feature, which enables executing batch CLI commands on devices in the network. 7 Administering Application Policies Provides procedures for categorizing and defining application policies based on the application bandwidth. 8 Monitoring and Troubleshooting Provides procedures for monitoring and Sites troubleshooting sites. 9 Backup and Restore, Recovery, and Provides information about how to backup and Delete restore, recover Cisco IWAN configuration, and delete hub, transit hub, and branch sites. A Brownfield Validation Messages Provides a list of error and warning messages Description encountered during brownfield device validation. Conventions This document uses the following conventions: Convention Indication bold font Commands and keywords and user-entered text appear in bold font. italic font Document titles, new or emphasized terms, and arguments for which you supply values are in italic font. [ ] Elements in square brackets are optional. {x | y | z } Required alternative keywords are grouped in braces and separated by vertical bars. [ x | y | z ] Optional alternative keywords are grouped in brackets and separated by vertical bars. Software Configuration Guide for Cisco IWAN on APIC-EM viii string A nonquoted set of characters. Do not use quotation marks around the string or the string will include the quotation marks. courier font Terminal sessions and information the system displays appear in courier font. < > Nonprinting characters such as passwords are in angle brackets. [ ] Default responses to system prompts are in square brackets. !, # An exclamation point (!) or a pound sign (#) at the beginning of a line of code indicates a comment line. Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the manual. Tip Means the following information will help you solve a problem. The tips information might not be troubleshooting or even an action, but could be useful information, similar to a Timesaver. Caution Means reader be careful. In this situation, you might perform an action that could result in equipment damage or loss of data. Timesaver Means the described action saves time. You can save time by performing the action described in theparagraph. Warning IMPORTANT SAFETY INSTRUCTIONS This warning symbol means danger. You are in a situation that could cause bodily injury. Before you work on any equipment, be aware of the hazards involved with electrical circuitry and be familiar with standard practices for preventing accidents. Use the statement number provided at the end of each warning to locate its translation in the translated safety warnings that accompanied this device. SAVE THESE INSTRUCTIONS Warning Statements using this symbol are provided for additional information and to comply with regulatory and customer requirements. Software Configuration Guide for Cisco IWAN on APIC-EM ix REVIEW DRAFT—CISCO CONFIDENTIAL Related Documentation Documentation Description Cisco IWAN Application on APIC-EM User Guide, This document. Release 1.4.0 Provides information about how to deploy, configure, and use the Cisco IWAN application. Cisco IWAN Application on APIC-EM Release Provides a list of all release notes for the Cisco Notes APIC-EM product, including Cisco IWAN. Cisco IWAN Technology Design Guides Design guides that describe Cisco validated designs for Cisco IWAN. Cisco APIC-EM Documentation Roadmap Provides a list of all Cisco APIC-EM product documentation. This document is designed to help you get the most out of the controller and its applications. You can find links to all of the documentation, including Cisco IWAN at: http://www.cisco.com/c/en/us/support/cloud-sy stems-management/one-enterprise-network-co ntroller/tsd-products-support-series-home.html Cisco Prime Infrastructure Release Notes Provides a list of all release notes for the Cisco Prime Infrastructure product. Cisco Prime Infrastructure 3.1 Documentation Links to deployment guides and other Cisco Prime Infrastructure documentation. LiveAction Provides LiveAction IWAN training and documentation. Obtaining Documentation and Submitting a Service Request For information on obtaining documentation, using the Cisco Bug Search Tool (BST), submitting a service request, and gathering additional information, see What’sNew in CiscoProduct Documentation at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html. Subscribe to What’s New in Cisco Product Documentation, which lists all new and revised Cisco technical documentation, as an RSS feed and deliver content directly to your desktop using a reader application. The RSS feeds are a free service. Software Configuration Guide for Cisco IWAN on APIC-EM x
Description: