Auto-sense

Table 1. Auto-sense product support

Feature

Product

Release introduced

Auto-sense

5320 Series

Fabric Engine 8.6

5420 Series

VOSS 8.4

5520 Series

VOSS 8.3

5720 Series

Fabric Engine 8.7

Auto-sense ports can apply Fabric Attach (FA)-specific configuration

5320 Series

Fabric Engine 8.6

5420 Series

VOSS 8.4.2

5520 Series

VOSS 8.4.2

5720 Series

Fabric Engine 8.7

Auto-sense is a port-based functionality that supports zero touch capabilities on the switch. Auto-sense dynamically configures the port to act as an IS-IS network-to-network interface (NNI), Fabric UNI (Flex-UNI), Fabric Attach (FA), or voice (IP phone) interface, based on the Link Layer Discovery Protocol (LLDP) events. Auto-sense provides global configuration options for IS-IS authentication, FA authentication, and voice configuration for IP phones, on the switch. For more information about IP Phone Support, see IP Phone Support.

When a switch boots in Zero Touch Fabric Configuration mode, all ports on the switch automatically operate in Auto-sense mode, unless you manually change the port configuration. For more information on Zero Touch Fabric Configuration, see Zero Touch Fabric Configuration.

With Auto-sense functionality, ports on a switch can detect whether they connect to a Shortest Path Bridging (SPB) device, an FA client, FA Proxy, Voice IP devices, or an undefined host:

When you manually disable Auto-sense on a specific port, the switch removes the dynamic configuration on that port unless you use an optional parameter to convert the dynamic configuration to a manual configuration. If you do not use the optional parameter, the software removes all Auto-sense state configuration and reverts the port to the default configuration.

If you enable Auto-sense on a port with a conflicting feature configuration, the software automatically deletes the conflicting configuration from the port. Conflicting configurations include the following commands or features:

Note

Note

Auto-Sense cannot be enabled when the spbm-config-mode flag is false.

Implementation on Upgraded Switches with Existing Configuration

If the switch does not boot in Zero Touch Fabric Configuration mode and you want to use Auto-sense functionality with an existing switch configuration, you must:

Auto-Sense Data I-SID

Auto-sense supports global configuration of a data I-SID on the switch, which applies to all Auto-sense enabled ports. You can also configure Auto-sense data I-SID on each port to separate the data traffic into individual port specific data I-SIDs. For example, if device A and device B connect to different Auto-sense enabled ports and you configure an Auto-sense data I-SID on each port, the switch separates the data traffic of device A from the data traffic of device B. A port-level data I-SID and the global data I-SID can use the same value. The system prioritizes the I-SIDs in the following order:

  1. Untagged I-SID assigned per client by EAP/NEAP MHMV
  2. Untagged voice I-SID
  3. Port data I-SID
  4. Global data I-SID
  5. Onboarding I-SID

The show running-config output includes the configured Auto-sense data I-SID for the port module only if you enable Auto-sense on the port. If you disable Auto-sense on the port, the configuration remains on the switch even though the command output does not include it. If you disable Auto-sense on the port and use the convert-to-config parameter, the port remains in the I-SID until you manually remove the data I-SID configuration from the port. If you re-enable Auto-sense on the port, you must reconfigure the data I-SID on the port.

If you remove the Auto-sense data I-SID from a port, then the port uses either the global Auto-sense data I-SID, if one exists, or the Auto-sense onboarding I-SID.

IS-IS Authentication

Auto-sense supports global configuration of IS-IS authentication key on the switch. All ports operating in Auto-sense mode and transitioned to the NNI state, use the global IS-IS authentication key that you configure using the auto-sense isis hello-auth type command. For more information, see Configure Auto-sense IS-IS Authentication.

FA Configuration

Depending on the device that the Auto-sense port detects, the software can apply different FA-specific configurations that you define:

FA Authentication

Auto-sense supports FA message authentication on switches. You can enable FA message authentication globally on a switch. All ports operating in Auto-sense mode use the global authentication key. A preconfigured authentication key exists on the switch, by default, which you can change. For more information, see Configure Auto-sense Fabric Attach (FA) Authentication.

Auto-sense Voice Capabilities

Auto-sense voice capabilities are based on the events when the switch detects an IP phone in the network. For more information, see Auto-sense Voice.

Loop Prevention

Auto-sense ports between two switches that have transitioned to NNI state are not prone to loops. Any connection can be wired and SPB establishes the shortest path connections. On Auto-sense NNI links BVID information, as well as IS-IS area information, is exchanged enabling Zero Touch Fabric functionality.

Auto-sense ports that connect to non-SPB switches operate in UNI mode, or FA Proxy mode in the case of ERS, EXOS, and Switch Engine switches. In UNI mode, Fabric Engine devices send Spanning Tree BPDU packets on auto-sense ports, emulating root bridge behavior ensuring that any potential UNI loop is broken by the attached spanning tree enabled devices. For universal hardware switches that transition from Switch Engine to Fabric Engine, there can be scenarios where certain links are spanning tree blocked.

For more information on the port states, see Auto-sense Port States.

Running Configuration

If you view the running configuration, the global Auto-sense configuration displays under the port module. Use the command show running-config module port.