BRKARC-1600
Smart Licensing
From 0 to 100 inside Cisco DNA
Markus Harbeck – Consulting Systems
Engineer
CCIE #8087
CCDE #20130015
Agenda
•
Warmup “What is Smart Licensing”
•
What is Cisco DNA Center?
•
Smart License in Action
•
With Smart License Collector
•
With Cisco DNA Center
•
Vision, Conclusion & Summary
•
Q&A
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
3
Cisco DNA Center
Policy
Automation
Analytics
Short Hint:
“My English might be bad
but although sexy”
Source: Henning Bornemann -Thank you for Deutsche
Bahn”
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
4
Who is Markus Harbeck ???
Personal:
 Location: Eschborn, Germany (near Frankfurt) but lives in Bavaria
 Other Interests: My family, 2 kids, Horse back riding, motor
cycling
My Background:
 CLI Junkie since 1996 for all Routing and Switching
 Joined CISCO October 2010
 Before; 12 years, operations, engineering, application
engineering at Lufthansa Systems
 Drives Cisco DNA Center, Automation and Analytics in EMEAR
and loops in the development team and Business Unit
 Book Author – Cisco DNA Assurance 2018
 Cisco DNA Center since day1 in 2014
 Analytics, Assurance
 Network Transformation
 Network Automation
 SDA,
My
Kids ITSM
view on Cisco DNA Center and
Network Design
Copyright by Saskia
Copyright by Hanna
Current Projects:
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
For Your
Reference
How to get the PDF and Video ?
PDF and all Demo Videos here:
https://cisco.box.com/v/BRKARC1600
Or PDF:
http://www.ciscolive.com/online
Note: The PDF contains more detailed Slides
& the Demo’s for your reference !!!
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
6
Session expectations
Technical Level
High Level
t
Low Level
Session progress
That is not a TCP Session!  & not a SDA Session!
This session demonstrates how to enable and use Smart Licensing
with Cloud, Smart License Satellite and Cisco DNA Center.
Note: TCP Slow Start is part of the congestion control algorithms put in place by
TCP to help control the amount of data flowing through to a network. Source:
https://www.keycdn.com/support/tcp-slow-start/
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
7
Licensing needs to be smart!
Mobility in the past
Horse drawn
Mobility with cars
today
Autonomous driving
Source: www. pinterest.de
Source: www.zeit.de
Source: www.welt.de
Note: Traditional vs Smart!!! The way we change!
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
8
Cisco DNA
Center
Policy
Automation
Analytics
Warm Up:
What is Smart Licensing?
Some Names and Acronyms to start with
What?
Description
Function
Software Central
software.cisco.com
Customer facing portal for Smart
Software Licensing tools
CSSM
Cisco Smart Software
Manager
Software inventory management
system
SSMs
Smart Software Manager
satellite
On Prem component of CSSM to
manage licenses
SA
Smart Account
Inventory of customer license
VA
Virtual Account
Sub Account in SA
PID
Product ID
UUID
Universally Unique
Identifier
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
10
What is Cisco Smart Licensing?
•
•
•
Your software purchases are visible in pools of available assets for use in your network
Register your products to activate licenses for production – Locally within your network and to CSSM Annually
Sync any SW changes to keep your SW account accurate – Locally within your network and to CSSM annually
Ownership
Commerce
(CCW)
‘Smart’
Account
Usage
Hello, I am Device-East5, I belong to
[big-u.edu] and I am using 1x License
I Have Purchased 5 additional
‘Advanced’ Licenses for [big-u.edu]
Cisco
Product
Hello, Device-East5 from [big-u.edu],
you are ‘In-Compliance’
BigU.edu
I Own:
10
I am Using:
10
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
11
Reporting Usage – What is Sent
The Cisco Product is configured to use Smart Licensing at install/provisioning time.
Key Principles of Software Usage Data Transfer
• Protect the User’s Privacy!
• SSL/TLS used for Transport. No HTTP server or Email used.
• Cisco is always transparent about what information is transferred
• You have the right to inspect the data gathered
• You must receive a benefit from the data gathered
Information Collected
Required?
Trusted Unique Identifier
(SUDI/SUVI/ID)
Yes
Licenses Consumed
Organization Identifier (ID Token)
Hostname
Feature Tags
Yes
Yes
No
No
Other Smart Call Home Information
No
Cisco Smart
Software Manager
HTTPS
-orCisco Checks:
Offline
On Premises
satellite/Proxy
 Licenses
 Device IDs
 Business Rules
Then
Option are configurable
 Authorizes Use
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
12
Smart Product Telemetry & Visibility
• Industry Standard HTTPS (SSLv3*/TLS)
• Protects User’s Privacy!
• HTTP over TLS used for Transport encryption
• Telemetry sent to Cisco is User Configurable
• Smart Call Home Information is optional
• Smart License Information is minimal
01100101
100101011011
101001001010
0101101100100
001010011001
11010110101
1101001
• Auditable Telemetry sent by SSM satellite
• You have the right to inspect the data gathered
• License Information is in Text (YAML formatted)
* Newer products only use TLS
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
13
Reporting periods
5.x
6.x
Every 30 days
Every 365 days
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
14
Recreating Cisco Licensing
Traditional
Smart
Limited View
Complete View
Customers do not know what they
own.
Software, services, devices
in one easy to use portal.
PAK Registration
Easy Registration
Manually register each device.
Unlock with license key.
No PAKs. Easy activation.
Device is ready to use.
Company Specific
Device Specific
Flexible licensing, use across
devices.
Licenses specific to only one device.
Node Locked
Pooled
You cannot use more than you
paid for.
Add users and licenses as
needed.
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
15
What is a Smart Account
 A Cisco.com service to organize
 Only for Cisco ONE
your assets in a central location.
 Only for Smart Licensing
 Leveraged by multiple portals to
 Only for Enterprise License
enable your experience.
Agreements
What Can Use a Smart Account Today?

All New Orders in CCW may elect to be directly delivered to a specified
Smart Account

Smart Accounts can be leveraged to centralize RMAs, License
Transfers, and ELAs for a customer

Customers using Smart Licensing use their Smart Account for new
orders

Adding Licenses to a Smart Account can prepare for a customers
eventual migration to Smart Licensing
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
16
Smart Accounts – Virtual Accounts
You can create virtual accounts that reflect your organization’s departments then
associate licenses and devices with those departments.
Virtual Accounts
Big University
[big-u.edu]
Core Router
1
Smart Account
Physics
Chemistry
Warning and Notifications None
Quantity
Use
Surplus
Lic 1
100
90
+10
Lic 2
300
300
0
3
3
0
Feat 3
Core Router
2
ISR-east-1
Physics VA Licenses
License
Enable 8 Lic 1
Enable 1 Feat 5
ISR-east-2
Medical
BRKARC-1600
ISR-east-3
Enable 50 Lic 1
Enable 100 Lic 2
Enable 1 Feat 3
Enable 20 Lic 1
Enable 100 Lic 2
Enable 1 Feat 3
Enable 20 Lic 1
Enable 100 Lic 2
Enable 1 Feat 3
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
17
Creating a Smart Account
Proactive Creation
Allows for the Partner or Customer to set up a Smart Account Outside of an order, either to receive future orders or to
organize existing licenses
Add New or Existing
Licenses over time
Software.
cisco.com
Begin Smart Account
Creation Process
Customer Approval
of New Account
Licenses Available
for Customer Use
While Placing an Order
Allows for a Partner to Create (or Select) a Smart Account for Use while Placing an Order
SKU 1
SKU 2
SKU 3
Commerce
(CCW)
Create BoM
Search for Smart
Account and Create
New Account if Needed
BRKARC-1600
Customer Approval
of New Account
Licenses Available
for Customer Use
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
18
SA best praxis
1.
Create your Smart Account – it has just a default folder – Default Virtual
Account
2.
Use the Default VA (Virtual Account) as broker space
You can transfer licenses from a VA to the Default VA to another VA
3.
Keep the structure simple and flat
4.
Each VA has an admin
Default VA
VA North
Security
VA North
Enterprise
BRKARC-1600
VA South
Security
VA South
Enterprise
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
19
Methods for Communications with Cisco
Options
1
Direct Cloud Access
3
Cisco.com
Access Through An HTTPS Proxy
• Cisco product sends usage information over the internet via a Proxy
Server. Smart Call Home Transport Gateway (Free VM Download) or
off-the-shelf Proxy (such as Apache).
Your
Cisco
Software
Usage
Transport Gateway or
HTTPs Proxy
Cisco Product
Cisco.com
Access Through An On-Premise Connected License
Management
• Cisco products send usage information to a locally connected satellite,
which acts as a local license authority. Periodically, exchange
information with Cisco to keep databases in sync.
4
Cisco Product
Your
Cisco
Software
Usage
HTTPs Smart Software
Manager satellite
Access Through An On-Premise Disconnected
License Management
• Cisco products send usage information to a locally disconnected
satellite, which acts as a local license authority. Monthly, off line
exchange information with Cisco to keep databases in sync.
BRKARC-1600
Cisco.com
Cisco Product
Available Today
Ease of Deployment
• Cisco product sends usage information directly over the internet. No
additional components are needed
2
Your
Cisco
Software
Usage
HTTPs
File
Transfer
Your
Cisco
Software
Usage
HTTPs Smart Software
Manager satellite
Cisco.com
Cisco Product
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
20
Use of Crypto in Smart Licensing
 Smart Agent generates a pair of public and private keys during registration.
 Smart Agent requests CSSM to sign the public key and return in the ID certificate during registration.
 The following certificates are involved in the process of signing and validating messages:
 Cisco Root CA certificate: the public key of Cisco CA, embedded in Smart Agent.
 Cisco Sub CA certificate: the public key of Sub CA, signed by Cisco Root CA
 Signing certificate: the public key of LCS message singer, signed by Cisco Root CA.
 ID certificate: the public key of product instance, singed by Cisco Sub CA.
Validation
Signing
 After registration, Smart Agent signs all requests with its private key and CSSM validates the requests
with Smart Agent’s ID cert.
 CSSM signs all responses with private key (in LCS) and Smart Agent validates the responses with
Signing cert.
 All requests and response are encrypted over HTTPS connection.
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
21
Cisco Smart Software Manager Satellite
Secure on-premise management of license consumption provided free of charge.
Ideal for Customers whose Products are unable to reach Cisco.com directly
Cisco® Software Manager satellite (SSM satellite)
 Contains a subset of Smart Software Manager (SSM) portal,
and works similar to SSM for management of installed
products.
 Cisco devices and software products are registered with
and report license consumption directly via SSM satellite
 Near real-time license usage information based on
synchronization schedules with Smart Account
 Provided at no additional cost
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Product Operations




When do I need to register?
How can I register?
Are there expiration timeframes?
What happens to my product?
1
2
At product boot, periodic syslog
reminders to register are sent @ 30,
60, 67, 74, 81, 88, 90 days-hourly,
then after the 91st day weekly
3
Your product will remain
operational
BRKARC-1600
Once your local licensing satellite
server is installed, products can
register and be in-compliance
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
23
Specific License Reservation

Staging area required for the reservation of the SLR keys

Manually exchange information (copy and paste) with the CSSM

Two way data exchange via ASCII strings


Product Request (UDI/vUDI, etc.) entered into CSSM (~ 32 characters*)

Requested licenses and quantities chosen in CSSM

CSSM performs a validity check

CSSM returns an authorization locked to UDI/vUDI (not typable – thousands of characters)
Entitlement usage recorded and tracked in the CSSM
CSSM
1
Get UDI/vUDI
Request
2
3
5
Paste Auth String
* Length will vary by product
4
Type or Paste
Request String
Choose Licenses
Copy Auth String
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
24
Factory-Installed SLR License Reservations
CSSM
(Cisco cloud)
1
Download
SLR authkey from
SA
Devices
Manufacturing
Facility
2
Ship to
Customer
Devices work in SLR with locally
stored authorization-key
Devices
Air-gapped
customer network
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
25
Smart Account Value Proposition for Customers
• Central, transparent & secure software license inventory management
• Real-time visibility to license consumption
• Easy & secure delivery of all new purchases to Customer’s Enterprise Digital Wallet (SA)
• Low-touch keyless license registration, consumption and activation for Smart License
• Customer defined controls to deploy/manage products & licenses
• User access control using Smart Account, Virtual Accounts
• Licenses belong to a single account, not individual users
• Pooled licensing enables flexible license allocation
• Proactive coverage - automated notifications of additions and expirations
• Full visibility and insights to inform purchasing and renewal decisions
• Integrations to Enterprise ITAM through ISO 19770 standards*
* ISO 19770-2 (SWID tags, APIs) foundation available – visibility and interoperability in roadmap
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
26
Three Options to Register
Direct
•
Cisco product sends usage
information directly over the
internet. No additional components
are needed
Satellite
•
•
•
Cisco products send usage
information to a locally installed
satellite.
Periodically, exchange information
with Cisco to keep satellite sync.
This synchronization can occur
automatically in connected
environments or manually in
disconnected environments
BRKARC-1600
Offline
•
•
Use copy/paste information
between product and Cisco.com
to manually check in and out
licenses.
Functionally equivalent to current
node locking, but with Smart
License tracking
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
27
Cisco DNA Center
Policy
Automation
Analytics
What is Cisco DNA
Center
The Layers
Increased
IT Agility
Platforms
Systems
Products
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
29
What role has Cisco DNA Center in Smart Licensing?
•
Manage and Visualize all Cisco product licenses
•
Switches—Shows purchased and in-use information for all switches.
•
Routers—Shows purchased and in-use license information all routers.
•
Access Points—Shows purchased and in-use license information for all wireless
controllers and access points.
•
ISE—Shows purchased and in-use license information for devices managed by
Cisco Identity Services Engine (ISE).
•
All Licenses—Shows comprehensive details for all types of licenses for all Cisco
devices.
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
30
Cisco DNA Center License Manager
BRKARC-1600
For Your
Reference
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
31
Cisco DNA Center
Policy
Automation
Analytics
Enable Smart Licensing
Demo Time
CSSM overview
Download Demo Video here:
https://cisco.box.com/v/BRKARC1600
Cisco DNA Center
Policy
Automation
Analytics
Cisco DNA Center
Policy
Automation
Analytics
Direct Cloud Access
Direct Cloud Access
Smart Licensing User Workflow
Have more licenses
than being used
In-Compliance
Device/Product Registration
Device Boots
& SL is
Default
SL State=
Un-identified
Customer gets
a Registration
ID Token from
CSSM
Enter “SL
Register”
command/GUI
with ID Token
Customer Smart
Account identified
Platform uses
feature &
reports usage
to CSSM
SL State=
Registered
Out-of
Compliance
Using more licenses
than entitled to
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
41
Demo Time
Enable Smart Software
Licensing Direct
Connect via CLI
Download Demo Video here:
https://cisco.box.com/v/BRKARC1600
Cisco DNA Center
Policy
Automation
Analytics
Cisco DNA Center
Policy
Automation
Analytics
Using Smart Software
Manager satellite
Demo Time
Smart Software
Manager Satellite
Download Demo Video here:
https://cisco.box.com/v/BRKARC1600
Cisco DNA Center
Policy
Automation
Analytics
Cisco DNA Center
Policy
Automation
Analytics
Cisco DNA Center
License Manager
Demo Time
Cisco DNA Center
License Manager
Download Demo Video here:
https://cisco.box.com/v/BRKARC1600
Cisco DNA Center
Policy
Automation
Analytics
Automated Licensing Management
For Your
Reference
LICENSE
REGISTRATION
LICENSE
CONSUMPTION
LICENSE
REPORTING
Provisioning
Config Management
Telemetry
Day 0 Automation
Day 0 / 1 Configuration
Day N - Reporting
Cisco DNA Center
APIs and data models
Cisco DNA Center
APIs and data models
Cisco DNA Center
Data via APIs and reports
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
56
Cisco DNA Center
Policy
Automation
Analytics
Understanding Product
License State
Smart License Product States
• Un-Configured State
Smart licensing has not been configured
UnRegistered
• Un-Identified State
Failed
Product unregistered or yet to contact CSSM
• Registered state
Register
Product
• Authorized state
Registered
State
Product has been associated with a valid Smart Account
Product is using an entitlement, and the Smart
Account does not have a negative balance
• Out of Compliance state
Product is using an entitlement, but the Smart
Account has a negative balance
• Authorization expired state
Remains in state until
Product communicates
with Cisco
Authorization
Expired
Product has not communicated with Cisco within a
maximum of 90 days
Consume
License
Authorized
State
Remains in state
while Smart
Account is OOC
Out Of
Compliance
State
Note: Platforms may differ with timeouts, check with
specific platform for details
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
58
Smart License Product States
For Your
Reference
Registered
• Initial registration
•
A Registration Message is sent when Product is registered via CLI
with a valid ID Token.
•
Cisco will reply with a Cryptograph ID certificate that, by default, is
valid for one year.
UnRegistered
Failed
Register
Product
•
Depending on the CSSM response the device will then enter
Authorized or Out of Compliance.
•
The Id certificate expires at the end of one year, Renewal starts at
end of 6 months and continues till last day incase of unreachability
and falls back to Un-Identified state
Registered
State
•
If there is a failure sending the message the retry,
interval will be as follows:
Consume
License
• Every 15 minutes for 4 hours.
• Then every hour until successful, or
Smart License is disabled via CLI
Authorization
Expired
BRKARC-1600
Authorized
State
Out Of
Compliance
State
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
59
Smart License Product States
For Your
Reference
Authorized State
• One a product has been successfully registered and in
compliance.
• The Virtual Account on CSSM had the correct type and
number of licenses to authorize the consumption of the
device’s licenses
The Entitlement Response message will
•
•
•
Failed
Register
Product
Registered
State
•
Indicate if the Smart Account is in or out of compliance
•
Provide the length of time the request is valid, and the renewal
interval.
By default the Licenses usage is valid for 90 days,
and renewed every 30 days
UnRegistered
Authorization
Expired
Remember that for a stack scenario, requests happen
immediately upon detection of member insertion/deletion
BRKARC-1600
Consume
License
Authorized
State
Out Of
Compliance
State
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
60
Smart License Product States
For Your
Reference
Out of Compliance(OOC) State
• In this state the customer is out of compliance with their
contract
• They have either used too many licenses/entitlements or
they are not authorized to use a particular license
• When in this state the device will automatically send an
authorization renewal request every day
• To enter in to Compliance, deposit the correct number and
type of licenses into your Smart Account
Authorization
Expired
BRKARC-1600
UnRegistered
Failed
Register
Product
Registered
State
Consume
License
Authorized
State
Out Of
Compliance
State
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
61
Smart License Product States
For Your
Reference
Authorization Expired
• By default the Cryptograph ID certificate
• Valid duration (one Year) and renewal period is sent
in with the Registration Response message .
• CSSM will return all in use licenses for this device back to
the pool
• If there is a communications failure sending the
message, the retry interval will be as follows:
UnRegistered
Failed
Register
Product
Registered
State
• One per hour until success
• Or until Cryptograph ID certificate expires.
• If the agent re-establishes communications with Cisco and
receives to its request for authorization it will process that
reply normally and enter into one of the established states
Consume
License
• You can try to restore authorization via –
license smart renew authorization
Authorized
State
Authorization
Expired
BRKARC-1600
Out Of
Compliance
State
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
62
SL and RMA
Source: prosoft-technology.com
When licenses are reserved on a Product Instance, there are two ways to
remove a PID from a Smart Account and release all of the licenses reserved
for that PID:
1.
If the PID is operational (graceful removal)
2.
If the PID is NOT operational (Failure / RMA or due to destroying the
You can “return” the SLR authorization by creating a Reservation Return Code on the Product
Instance (which removes the authorization code) and then enter the Reservation Code into
SSM
VM/Container):
You have to call TAC, who can remove the Product Instance from your Smart Account
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
63
Cisco DNA Center
Policy
Automation
Analytics
Summary
&
Conclusion
Session close to the end…
Technical Level
High Level
t
Low Level
Session progress
Have a drink on me !
After the long journey
BUT PLS
ONE MORE SLIDE!!!!
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Licensing needs to be smart!
Note: that happens all the time – now you make it happen !!!
Traditional licensing
Smart Licensing
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
66
Cisco Webex Teams
Questions?
Use Cisco Webex Teams (formerly Cisco Spark)
to chat with the speaker after the session
How
1 Find this session in the Cisco Events Mobile App
2 Click “Join the Discussion”
3 Install Webex Teams or go directly to the team space
4 Enter messages/questions in the team space
cs.co/ciscolivebot#BRKARC-1600
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
67
Complete your online
session survey
• Please complete your Online Session
Survey after each session
• Complete 4 Session Surveys & the Overall
Conference Survey (available from
Thursday) to receive your Cisco Live Tshirt
• All surveys can be completed via the Cisco
Events Mobile App or the Communication
Stations
Don’t forget: Cisco Live sessions will be available for viewing
on demand after the event at ciscolive.cisco.com
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
68
Continue Your Education
Demos in
the Cisco
Showcase
Walk-in
self-paced
labs
Meet the
engineer
1:1
meetings
BRKARC-1600
Related
sessions
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
69
Thank you
Cisco DNA Center
Policy
Automation
Analytics
Appendix
Cisco DNA Center
Policy
Automation
Analytics
Understanding SL on
Stacking & Modular
Systems
Smart Licensing with HA Stacking
A
License Consumed:
Network perpetual = 1
Cisco DNA Subscription = 1
S
License Consumed:
Network perpetual = 1
Cisco DNA Subscription = 1
M
License Consumed:
Network perpetual = 1
Cisco DNA Subscription = 1
3 Member Stack = 3 Network Perpetual + 3 Cisco DNA Subscription
Note: Each member of the stack needs a L3 connection to the CSSM
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
74
Smart Licensing with HA Stacking
Switch# show license all
Smart Licensing Status
======================
Smart Licensing is ENABLED
Registration:
Status: REGISTERED
Smart Account: BU Production Test 1
Virtual Account: Nyquist testing
Export-Controlled Functionality: Allowed
Initial Registration: SUCCEEDED on Feb 12 06:37:17 2018 EST
Last Renewal Attempt: None
Next Renewal Attempt: Aug 11 06:37:17 2018 EST
Registration Expires: Feb 12 06:31:48 2019 EST
License Authorization:
Status: AUTHORIZED on Feb 12 06:37:22 2018 EST
Last Communication Attempt: SUCCEEDED on Feb 12 06:37:22
2018 EST
Next Communication Attempt: Feb 12 18:37:22 2018 EST
Communication Deadline: May 13 06:31:56 2018 EST
Utility:
Status: DISABLED
Data Privacy:
Sending Hostname: yes
Callhome hostname privacy: DISABLED
Smart Licensing hostname privacy: ENABLED
Version privacy: ENABLED
Transport:
Type: Callhome
License Usage
==============
C9300 DNA Advantage (c9300_dna_advantage):
Description: C9300-24P DNA Advantage
Count: 3
Version: 1.0
Status: AUTHORIZED
C9300 Network Advantage (advantagek9):
Description: C9300-24P Network Advantage
Count: 3
Version: 1.0
Status: AUTHORIZED
Product Information
===================
UDI: PID:C9300-24U,SN:FCW2125L03U
HA UDI List:
Active:PID:C9300-24U,SN:FCW2125L03U
Standby:PID:C9300-24U,SN:FCW2125L046
Member:PID:C9300-24U,SN:FCW2125G01T
Agent Version
=============
Smart Agent for Licensing: 4.3.4_rel/33
Component Versions: SA:(1_3_dev)1.0.15, SI:(dev22)1.2.1,
CH:(rel5)1.0.3, PK:(dev18)1.0.3
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Smart Licensing with HA Stacking
Verification on CSSM
Cisco Software Central > Smart Software Licensing > Inventory > Product Instances > Name
Note: The Serial Number on the main Product Instance page always refers to the Active Switch
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
76
Smart Licensing with HA Stacking
Active Switch Failure in Stack
License Consumed:
Network perpetual = 1
Cisco DNA Subscription = 1
A
License Consumed:
Network perpetual = 1
Cisco DNA Subscription = 1
S
License Usage
==============
C9300 DNA Advantage (c9300_dna_advantage):
Description: C9300-24P DNA Advantage
Count: 2
Version: 1.0
Status: PENDING
License Usage
==============
C9300 DNA Advantage (c9300_dna_advantage):
Description: C9300-24P DNA Advantage
Count: 2
Version: 1.0
Status: AUTHORIZED
C9300 Network Advantage (advantagek9):
Description: C9300-24P Network Advantage
Count: 2
Version: 1.0
Status: PENDING
C9300 Network Advantage (advantagek9):
Description: C9300-24P Network Advantage
Count: 2
Version: 1.0
Status: AUTHORIZED
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
77
Smart Licensing on Modular Chassis
License Consumed by Chassis
Cisco DNA Subscription = 1
A
S
1.
2.
3.
4.
5.
6.
License Consumed
Network perpetual = 1
License Consumed:
Network perpetual = 1
License Usage
==============
C9400 DNA Advantage (dna_advantage-C9400):
Description: C9400 DNA Advantage
Count: 1
Version: 1.0
Status: AUTHORIZED
C9400 Network Advantage (advantagek9-C9400):
Description: C9400 Network Advantage
Count: 2
Version: 1.0
Status: AUTHORIZED
The Product Instance on CSSM is tied to the serial number of the chassis
Each SUP card inserted consumes one count of the perpetual Network level license configured
There is always only 1 count of the Cisco DNA level license consumed which is for the chassis itself
“License boot level” of the Active SUP dictates which licenses are configured and thus consumed
Register SL again incase SUP inserted into a different Chassis
In event of a supervisor fails, the network license is decremented by one and the device informs CSSM.
When the SUP rejoins the count will increment
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
78
Cisco DNA Center
Policy
Automation
Analytics
Understanding RTU to
SL Conversion
Smart Licensing on Cat3850/3650
Convert traditional licenses currently in use to Smart Software Licenses
Below are the 3 methods to convert traditional licenses to Smart software licenses
•
Convert PAK’s to Smart Software Licenses
•
Convert traditional term licenses which are currently in use to Smart Software Licenses.
•
Device-Led Conversion(DLC)
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
80
Smart Licensing on Cat3850/3650
Device-Led Conversion(DLC)
When devices (product instances) upgrade to a Smart Licensing image and register with Smart Software
Manager for the first time, licenses on the devices can be converted from Classic or RTU licenses to Smart
licenses automatically with little to no interaction needed by the end user through Device-Led Conversion
When you register your device in
SSM, the licenses go through this
manual conversion process.
If the license has already been
added to the Smart Account, it will
only be converted to a Smart
Entitlement. If the license is NOT
already in the Smart Account, it
will be added to the Smart
Account, and then converted to a
Smart Entitlement.
Device-Led conversions can only
happen once
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
81
Smart Licensing on Cat3850/3650
Device-Led Conversion(DLC)
1
2
Click the Conversion History tab, under
the License Conversion tab, to view the
details of all the devices that have
attempted device-led conversion.
When device-led conversion takes
place, one of three statuses can be
assigned.
The Conversion Status column displays
the statuses accordingly:
• Converted: all the licenses were
converted.
• License Converted: some
licenses were converted and some were
not. In this case, an alert is also generated
to update the user around the reason(s)
why conversion was unsuccessful.
• License Not Converted: all
licenses have not been converted. In this
case an alert is also generated.
1
2
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
82
Smart Licensing on Cat3850/3650
Device-Led Conversion(DLC)
1. Cat3K device installed with RTU Licensing
2. With IOS upgrade to 16.9 and begin device registration with CSSM. Without device
registration, below is the error message displayed.
Switch# license smart conversion start
Smart Agent not registered
3. With device successfully registered with CSSM, you will see your licenses most likely in Out of
Compliance State do non existence of these licenses in your Smart Account
License Usage
==============
C3850-DNA-E-24 (C3850-DNA-E-24):
Description: C3850-DNA-E
Count: 3
Version: 1.0
Status: OUT OF COMPLIANCE
C3850_24_Ipbase (C3850_24_Ipbase):
Description: C3850 24 Port Ipbase
Count: 3
Version: 1.0
Status: OUT OF COMPLIANCE
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
83
Smart Licensing on Cat3850/3650
Device-Led Conversion(DLC)
4. With Device registered, execute below DLC CLI to directly deposit existing Perpetual licenses into
Smart Account.
Switch#license smart conversion ?
start Start a manual license conversion
stop Stop a license conversion that pending retry because of a communications failure
5. Show license all displays the below output with response exactly 1 hour after the time at which
you executed the CLI. Active switch handles all communication with CSSM. Hence timestamp
displayed under active switch.
License Conversion:
Automatic Conversion Enabled: False
Active: PID:WS-C3850-24P,SN:FCW1831C1A2
Status: Polling on Jan 01 00:00:00 1970 UTC
Next response check: Apr 28 12:52:39 2018 UTC
Standby: PID:WS-C3850-24P,SN:FOC1831X1AW
Status: Not started
Member: PID:WS-C3850-48P,SN:FOC1817X07Z
Status: Not started
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
84
Smart Licensing on Cat3850/3650
Device-Led Conversion(DLC)
6. Device will send the migration data to the CSSM. The CSSM will then take time to convert the
licenses and deposit them into your account.
License Conversion:
Automatic Conversion Enabled: False
Active: PID:WS-C3850-24P,SN:FCW1831C1A2
Status: Successful on Jan 01 00:00:00 1970 UTC
Standby: PID:WS-C3850-24P,SN:FOC1831X1AW
Status: Successful on Jan 01 00:00:00 1970 UTC
Member: PID:WS-C3850-48P,SN:FOC1817X07Z
Status: Successful on Jan 01 00:00:00 1970 UTC
7. Following Start of DLC process, devices establishes communication with CSSM and process
cannot be interrupted. However incase communication breakdown and to cancel current attempt
use “license smart conversion stop”
8. Going back to ‘Inventory’ -> ‘Licenses’ on CSSM , you should see the count for your perpetual
type license automatically increment by 1 for each device that you converted .
9. With licenses deposited, you can trigger a license renewal on your device to move out of Out of
Compliance state to In Compliance which means your licenses are authorized for use.
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
85
Smart Licensing on Cat3850/3650
Device-Led Conversion(DLC)
DLC Restrictions & Caveats
•
•
•
DLC only works to convert perpetual type licenses. Subscription based addon licenses i.e. Cisco
DNA need to be purchased and deposited.
DLC process happens only once per device. The conversion happens for the current perpetual
license that the device is consuming.
Automatic conversion is not currently supported i.e. the conversion has to be manually triggered
with CLI
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
86
Smart Licensing on Cat3850/3650
Device-Led Conversion(DLC)
BRKARC-1600
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
87