Feature |
Product |
Release introduced |
---|---|---|
Auto-sense |
5320 Series |
Fabric Engine 8.6 |
5420 Series |
VOSS 8.4 |
|
5520 Series |
VOSS 8.3 |
|
5720 Series |
Fabric Engine 8.7 |
|
Auto-sense ports can apply Fabric Attach (FA)-specific configuration |
5320 Series |
Fabric Engine 8.6 |
5420 Series |
VOSS 8.4.2 |
|
5520 Series |
VOSS 8.4.2 |
|
5720 Series |
Fabric Engine 8.7 |
Auto-sense is a port-based functionality that supports zero touch capabilities on the switch. Auto-sense dynamically configures the port to act as an IS-IS network-to-network interface (NNI), Fabric UNI (Flex-UNI), Fabric Attach (FA), or voice (IP phone) interface, based on the Link Layer Discovery Protocol (LLDP) events. Auto-sense provides global configuration options for IS-IS authentication, FA authentication, and voice configuration for IP phones, on the switch. For more information about IP Phone Support, see IP Phone Support.
When a switch boots in Zero Touch Fabric Configuration mode, all ports on the switch automatically operate in Auto-sense mode, unless you manually change the port configuration. For more information on Zero Touch Fabric Configuration, see Zero Touch Fabric Configuration.
With Auto-sense functionality, ports on a switch can detect whether they connect to a Shortest Path Bridging (SPB) device, an FA client, FA Proxy, Voice IP devices, or an undefined host:
If a port connects to an SPB device or an FA client, then the system establishes Fabric architecture.
If a port connects to any undefined host, then the system moves all untagged traffic on the port to an onboarding service network, also known as the onboarding I-SID.
If a port operates in Auto-sense mode, Extensible Authentication Protocol (EAP) is enabled globally with a RADIUS configuration, and the Auto-sense port does not detect an SPB or Fabric Attach proxy neighbor, then the system automatically activates EAP and Non-EAP (NEAP) authentication on them, for untagged traffic.
When you manually disable Auto-sense on a specific port, the switch removes the dynamic configuration on that port unless you use an optional parameter to convert the dynamic configuration to a manual configuration. If you do not use the optional parameter, the software removes all Auto-sense state configuration and reverts the port to the default configuration.
If you enable Auto-sense on a port with a conflicting feature configuration, the software automatically deletes the conflicting configuration from the port. Conflicting configurations include the following commands or features:
Note
Auto-Sense cannot be enabled when the spbm-config-mode flag is false.If the switch does not boot in Zero Touch Fabric Configuration mode and you want to use Auto-sense functionality with an existing switch configuration, you must:
Enable Auto-sense on the applicable port or ports.
Configure I-SID 15999999 as the Auto-sense onboarding I-SID.
Assign onboarding I-SID 15999999 to private VLAN 4048.
Auto-sense supports global configuration of a data I-SID on the switch, which applies to all Auto-sense enabled ports. You can also configure Auto-sense data I-SID on each port to separate the data traffic into individual port specific data I-SIDs. For example, if device A and device B connect to different Auto-sense enabled ports and you configure an Auto-sense data I-SID on each port, the switch separates the data traffic of device A from the data traffic of device B. A port-level data I-SID and the global data I-SID can use the same value. The system prioritizes the I-SIDs in the following order:
The show running-config output includes the configured Auto-sense data I-SID for the port module only if you enable Auto-sense on the port. If you disable Auto-sense on the port, the configuration remains on the switch even though the command output does not include it. If you disable Auto-sense on the port and use the convert-to-config parameter, the port remains in the I-SID until you manually remove the data I-SID configuration from the port. If you re-enable Auto-sense on the port, you must reconfigure the data I-SID on the port.
If you remove the Auto-sense data I-SID from a port, then the port uses either the global Auto-sense data I-SID, if one exists, or the Auto-sense onboarding I-SID.
Auto-sense supports global configuration of IS-IS authentication key on the switch. All ports operating in Auto-sense mode and transitioned to the NNI state, use the global IS-IS authentication key that you configure using the auto-sense isis hello-auth type command. For more information, see Configure Auto-sense IS-IS Authentication.
Depending on the device that the Auto-sense port detects, the software can apply different FA-specific configurations that you define:
You can configure an I-SID for FA clients such as FA wap-type 1, FA camera, and FA open-virtual-switch (OVS). The software prefers the FA I-SID over the onboarding I-SID.
You can configure a specific I-SID and customer VLAN ID to use as the management I-SID when the port is in the Auto-sense FA PROXY state. If you do not configure a management I-SID, the port uses the onboarding I-SID for untagged traffic.
You can disable EAPoL authentication requirements for specific FA client types (wap-type1, camera, and ovs).
Auto-sense supports FA message authentication on switches. You can enable FA message authentication globally on a switch. All ports operating in Auto-sense mode use the global authentication key. A preconfigured authentication key exists on the switch, by default, which you can change. For more information, see Configure Auto-sense Fabric Attach (FA) Authentication.
Auto-sense voice capabilities are based on the events when the switch detects an IP phone in the network. For more information, see Auto-sense Voice.
Auto-sense ports between two switches that have transitioned to NNI state are not prone to loops. Any connection can be wired and SPB establishes the shortest path connections. On Auto-sense NNI links BVID information, as well as IS-IS area information, is exchanged enabling Zero Touch Fabric functionality.
Auto-sense ports that connect to non-SPB switches operate in UNI mode, or FA Proxy mode in the case of ERS, EXOS, and Switch Engine switches. In UNI mode, Fabric Engine devices send Spanning Tree BPDU packets on auto-sense ports, emulating root bridge behavior ensuring that any potential UNI loop is broken by the attached spanning tree enabled devices. For universal hardware switches that transition from Switch Engine to Fabric Engine, there can be scenarios where certain links are spanning tree blocked.
For more information on the port states, see Auto-sense Port States.
If you view the running configuration, the global Auto-sense configuration displays under the port module. Use the command show running-config module port.