http://next-hop-self.it/ Recent content on next-hop-self Hugo -- gohugo.io en-us Mon, 11 May 2026 19:00:06 +0100 http://next-hop-self.it/posts/dc-ucs-host-upgrade-utility/ Mon, 11 May 2026 19:00:06 +0100 http://next-hop-self.it/posts/dc-ucs-host-upgrade-utility/ In the last few days, I encountered some physical issues with a Nexus Dashboard cluster node. After replacing the UCS node (C225-M6, also known as ND-NODE-L4), I tried to perform the initial configuration through the node’s CIMC page (hostname, addressing, timezone, NTP, DNS, etc.). During these activities, I noticed that the CIMC version was very old, so I decided to upgrade it. The first step was to determine the target version; I decided to use version 4. http://next-hop-self.it/posts/dc-aci-shared-l3out/ Mon, 23 Feb 2026 09:00:06 +0100 http://next-hop-self.it/posts/dc-aci-shared-l3out/ During last months i was involved into ACI deep learning that gave me the opportunity to achieve the DCACI specialist certification and, of course, the CCNP Data center certification. One of the main step to achieve the ACI certification is practice! Practice gives you the ability to surf the system GUI with agility and enforces your knowledge and the understanding of how the different object joins together. One of the most satisfying lab i made during the training is the shared L3Out. http://next-hop-self.it/posts/ei-catalyst-center-system-settings-update/ Wed, 24 Sep 2025 09:00:06 +0100 http://next-hop-self.it/posts/ei-catalyst-center-system-settings-update/ In these days i’m working on a new Catalyst Center project where i need to replace an active DN2-HW single-node appliance with a DN3-HW three-node cluster. To achieve this goal i decide to create and upgrade the cluster in my company lab and then i will restore the last backup from the single-node appliance when i will install the new cluster to the customer datacenter. Obviously i cannot use the customer network settings in my lab otherwise i will never reach the Cisco public catalog server useful for the system upgrade but i need to find a way to modify those network setting after the initial setup. http://next-hop-self.it/posts/oobm-opengear-cli-usage/ Thu, 24 Jul 2025 10:00:06 +0100 http://next-hop-self.it/posts/oobm-opengear-cli-usage/ As i described in my last 2 posts about Opengear devices, they are offering a very comfortable and intuitive GUI to configure them and access remote devices but old habits are the hardest to die and sometimes we want to access our remote devices console port via CLI. Opengear OM let you to connect remote devices in many ways, the first one is through OM port manager shell. You simply need to ssh to OM and type pmshell command, then you need to choose the port you want to connect to: http://next-hop-self.it/posts/oobm-opengear-lighthouse-orchestrator/ Wed, 04 Jun 2025 10:00:06 +0100 http://next-hop-self.it/posts/oobm-opengear-lighthouse-orchestrator/ Last time i spoke about Opengear Operation Manager, an excellent and intuitive way to manage your oobm network and safely access your devices during a network issue. Operation Manager is a standalone device and you would probably install them in every critical sites of your company, doing so become hard and time-expensive to manage all OM at the same time, Lighthouse orchestrator helps us to group together all the remote OM and manage them in a single way. http://next-hop-self.it/posts/oobm-opengear-operation-manager/ Thu, 24 Apr 2025 10:00:06 +0100 http://next-hop-self.it/posts/oobm-opengear-operation-manager/ During this weeks i’m involved in a datacenter refresh project for a big customer so me and my team want to take advantage of this big opportunity to implement an out-of-band management network since the current implementation doesn’t have it (bad idea!) and use an in-band management. An out-of-band network is a separate and parallel network that manage all the devices that composed the in-band network (where all the main services and traffic flows) without interfere negatively with the in-band traffic flow and add amount of traffic to it. http://next-hop-self.it/posts/ei-catalyst-center-system-upgrade-part-4/ Thu, 20 Mar 2025 10:00:06 +0100 http://next-hop-self.it/posts/ei-catalyst-center-system-upgrade-part-4/ The last part of the guide “How to upgrade your Catalyst Center :)” relate on the upgrade itself and how to restore the whole system in case a disaster happens! Before you start the final step of your upgrade, i suggest you to do 2 simple things: Create a bootable usb drive with the iso file of the starting version Create a proactive Cisco support request In case something went wrong during the upgrade, you will need to re-install the whole application from scatch. http://next-hop-self.it/posts/ei-catalyst-center-system-upgrade-part-3/ Thu, 27 Feb 2025 10:00:06 +0100 http://next-hop-self.it/posts/ei-catalyst-center-system-upgrade-part-3/ The third part of the guide “How to upgrade your Catalyst Center :)” is all about backup. Before you start the system upgrade you need to run a backup depends on what you need to backup. You can run 2 different type of backup: A system and configuration backup called “Cisco DNA Center (without Assurance data)” A system and configuration + Assurance data backup called “Cisco DNA Center (All data)” Important note about backup: a backup file of a specific Catalyst Center version cannot be used to be restored in a different Catalyst Center version. http://next-hop-self.it/posts/ei-catalyst-center-system-upgrade-part-2/ Wed, 29 Jan 2025 10:00:06 +0100 http://next-hop-self.it/posts/ei-catalyst-center-system-upgrade-part-2/ The second part of the guide “How to upgrade your Catalyst Center :)” relate to validation tool. There are 2 different tools, depending on you starting version, GUI validation tool (recent version) or CLI Aura tool (older version). Aura tool Aura tool is a CLI tool that allow you to run many validation task inside your maglev shell and provide you a report in PDF file format. This report show you all the test ran and provide you the result of every check, indicating what kind of error is present: Detailed information about how to use Aura tool is here: https://www. http://next-hop-self.it/posts/ei-catalyst-center-system-upgrade-part-1/ Thu, 16 Jan 2025 10:00:06 +0100 http://next-hop-self.it/posts/ei-catalyst-center-system-upgrade-part-1/ Last November Cisco published the new Catalyst Center golden image, 2.3.7.7 that include some new features and improvements like: Dark Mode AIOps: Event Analytics, Over the air sniffer, AP power savings insights NetOps: Campus Automation, configuration visibility and control, 3rd party device support SecOps: Improved endpoint visibility, LAN automation DevOps: API enhancements including new APIs …and more For all the details you can, as usual, refer to the release notes at https://www. http://next-hop-self.it/posts/ei-catalyst-center-lab-environment/ Tue, 12 Nov 2024 10:00:06 +0100 http://next-hop-self.it/posts/ei-catalyst-center-lab-environment/ In the last post i spoke about how to upgrade a switch image through Catalyst Center usgin SWIM (Software Image Management) feature, this time i want to dig into the sd-access lab environment. Sd-access networks involved many components, physycal and/or virtual, licensing and design aspects so you MUST overthinking about all the parts, the final design you want to achieve, how you can achieve it and what kind of devices, license type, external services you need to achieve it! http://next-hop-self.it/posts/ei-catalyst-center-switch-upgrade-with-swim/ Mon, 28 Oct 2024 10:00:06 +0100 http://next-hop-self.it/posts/ei-catalyst-center-switch-upgrade-with-swim/ In the last days i read about Cisco IOS XE 17.9.x End-of-Sale and End-of-Life announcement by Cisco (https://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ios-xe-17/ios-xe-17-9-x-eol.html) so i decide to take advantage of this bulletin to upgrade the switch in my SD-Access lab using the SWIM (Software Image Management) feature. First of all i need to sync my Catalyst Center (version 2.3.5.5) to Cisco image repository in order to download the latest image catalog: After that i need to choose the Family product i want to upgrade and mark as “Golden” the image version that i want to run in my devices: During this activity you can also download some specific SMU (Software Maintenance Upgrade) for the main image version: Once the image download has finished i can proceed with the switch upgrade. http://next-hop-self.it/posts/dc-vxlan-evpn-dci-host-reachability-and-fault-scenario/ Tue, 10 Sep 2024 08:00:06 +0100 http://next-hop-self.it/posts/dc-vxlan-evpn-dci-host-reachability-and-fault-scenario/ The final step about “VXLAN EVPN DCI” journey regards host reachability and fault scenario. In this post i’ll try to verify the reachability between 2 hosts in different sites and their behavior when the network faces some faults. Host reachability When the overlay configurations is up and running we can try to connect a host or a device (in my lab i will use SiteA-1 and SiteB-1 switches on vlan 10) to our BGW and try to reach the remote side using our VXLAN EVPN DCI. http://next-hop-self.it/posts/dc-vxlan-evpn-dci-overlay-configuration/ Fri, 26 Jul 2024 08:00:06 +0100 http://next-hop-self.it/posts/dc-vxlan-evpn-dci-overlay-configuration/ The third part of the “VXLAN EVPN DCI” project regards overlay configurations in terms of: BGP NVE interface Recalling the underlay L3 diagram, we used OSPF protocol to achieve border gateway L3 adjacency and advertise into the routing domain some Loopback interfaces, Lo0 and Lo1: Now, we can take advantage of the previous configuration to configure BGP on each border gateway and establish full-mesh iBGP sessions sourced by Lo0. http://next-hop-self.it/posts/dc-vxlan-evpn-dci-underlay-configuration/ Mon, 15 Jul 2024 10:00:06 +0100 http://next-hop-self.it/posts/dc-vxlan-evpn-dci-underlay-configuration/ The second part of the “VXLAN EVPN DCI” project regards underlay configurations in terms of: VPC domain Ling-aggregation IGP routing VPC domain is a Cisco feature on the Nexus switches that provides the ability to configure a Port-Channel across multiple switches (i.e. VPC peers). The VPC peers, configured into a VPC domain, act as a single switch from data-plane perspective but operates independetly at control-plane. Recalling the lab topology, i need to configure 2 different VPC domain (i. http://next-hop-self.it/posts/dc-vxlan-evpn-dci-design-consideration/ Mon, 08 Jul 2024 10:00:06 +0100 http://next-hop-self.it/posts/dc-vxlan-evpn-dci-design-consideration/ In the last weeks i have work on a sample project about a VXLAN EVPN DCI since a customer asks for legacy L2 trunk DCI dismission (Hurray!) so i started with requirements collection from the customer, something like: Redundancy Fast failover Simplicity (after all they need to manage the solution provided) and after talked together about some design considerations, i finally decide to create a sample lab in order to test the possible final soluton. http://next-hop-self.it/posts/ei-catalyst-center-l2-handoff/ Fri, 07 Jun 2024 10:00:06 +0100 http://next-hop-self.it/posts/ei-catalyst-center-l2-handoff/ In the last few months i had the opportunity to create from scratch an sd-access network as company’s internal lab (many many thanks to my company for purchasing a Catalyst Center server - formerly DNA Center, some Catalyst 9300 and a 9800 WLC) and one of the most interesting task i accomplished is L2 handoff. L2 handoff allow you to export a fabric L2VNI (fabric vlan) into a classic vlan in your legacy network, in few words is a simple and intuitive method to integrate your classic LAN with a fabric and starts the migration from the older environment to the newer one. http://next-hop-self.it/posts/dc-vxlan-evpn-vpc/ Tue, 16 Apr 2024 10:00:06 +0100 http://next-hop-self.it/posts/dc-vxlan-evpn-vpc/ This time i introduced the concept of Virtual Port-Channel, also known as VPC, in my lab since it’s a very used feature in real datacenter scenario. With VPC you can attach a downstream device (switch, router, server, firewall, …) in “dual-homing” mode to 2 different Nexus switch, the VPC peers or members. In your downstream device you simply need to configure a classic port-channel (lacp) while on Nexus side you need to create a VPC domain in order to synchronize the data-plane maintaining a separate control-plane. http://next-hop-self.it/posts/dc-vxlan-evpn-ingrep/ Tue, 02 Apr 2024 12:45:06 +0100 http://next-hop-self.it/posts/dc-vxlan-evpn-ingrep/ In the previous post i labbed a VXLAN Flood and Learn solution in order to put in communication 2 devices in the same subnet dived by a routed network, today i’ll try to upgrade this scenario introducing a control-plane like BGP EVPN. With a control-plane i don’t need anymore Flood and Learn in order to discover the remote mac-address. When a client is “discovered” by the VTEP, the VTEP itself send the reachability info (e. http://next-hop-self.it/posts/dc-vxlan-fandl/ Fri, 22 Mar 2024 14:06:06 +0100 http://next-hop-self.it/posts/dc-vxlan-fandl/ This year i plan to deep learn datacenter protocols and technologies because many more customers engaged me to support them in datacenter refreshing or enhancement and i want to, at least, become a CCNP Datacenter in order to offer them an always better solution. One of the datacenter trend-topic is VXLAN for sure, so i read “Building Data Centers with VXLAN BGP EVPN” and i’m trying to setup a VXLAN lab starting from the simplest scenario: VXLAN Flood and Learn. http://next-hop-self.it/posts/cisco-live-24/ Mon, 26 Feb 2024 16:20:06 +0100 http://next-hop-self.it/posts/cisco-live-24/ As the majority of networking engineers knows, from 5th to 9th of February took place the Cisco Live ‘24 in Amsterdam and, for the very first time, i was there 😍. Cisco Live is one of the biggest networking events in the world and it takes place in Amsterdam (February), Las Vegas (June) and Melbourne (December). Over there you can expand your knowledge, expand your connections, meet many many technical sponsor and get inspiration from the innovation proposed.