In the last post i spoke about how to upgrade a switch image through Catalyst Center usgin SWIM (Software Image Management) feature, this time i want to dig into the sd-access lab environment.

Sd-access networks involved many components, physycal and/or virtual, licensing and design aspects so you MUST overthinking about all the parts, the final design you want to achieve, how you can achieve it and what kind of devices, license type, external services you need to achieve it! What a mess :)

So, one step behind and let’s start with the components!

Hardware devices

Networking

  • 2x Cisco Catlayst C9300L-24T-4G
  • 2x Cisco Catlayst C9300L-24P-4X
  • 1x Cico Catalyst C9800-L-C-K9
  • 2x Cisco Catalyst C9120AXI-A
  • 1x Cisco ISR C1111-8PLTEEA (network backbone)
  • 1x Cisco ISR ISR4321/K9 (network backbone)

Licensing

  • Cisco DNA Advantage

Computing

  • Dell PowerEdge R520
  • Cisco UCS C220 M5

Out-of-band management

  • Opengear OM1208-8E-L

Virtual machines

  • Cisco ISE 3.0
  • Windows Server 2012 (domain controller/dns server/dhcp server)
  • Ubuntu (backup repository)
  • Opengear Lighthouse

Topology

The topology i created consider 3 different sites (Site1, Site2 and Branch1) where the users exists and a site for the shared services (like a datacenter) where i can reach all the sd-access components (Catalyst center and ISE) and the external services (config repo, domain controller, dhcp, dns, oobm controller).

SDA network

Lab scenario

In this lab i wanted to test 3 different sd-access approaches, that are the 3 main scenario you can face in the real world:

  • Site1: this site is a classic campus fabric where LL-SW1-SITE1 acts as a control-plane and border node and LL-W2-SITE1 as an edge node.
  • Site2: this site is a brownfield site where LL-SW1-SITE2 is the classic core switch. This site is very helpful to test how to migrate from brownfield network to a brand new campus fabric. Note that the client connected to port Gi1/0/2 on LL-SW2-SITE1 is part of SITE2, so its gateway is LL-SW1-SITE2! This scenario allow me to test L2-handoff feature (you can refer to https://next-hop-self.it/posts/ei-catalyst-center-l2-handoff/ for all the details).
  • Branch1: this site is a FIAB site (Fabric In A Box). LL-SW1-BR1 acts as control-plane, border and edge node….All in one!

Last, but not least, i added an Opengear device (https://opengear.com/) in the lab oobm network to access the switch via console port in case of need. The Opengear device, called Operation Manager, is controlled by its orchestrator called Lighthouse, an amazing solution with a plenty of features i suggest you to discover more.