Smart Licensing Using Policy for Cisco MDS 9000 Switches

This article provides information about the deployment of Smart Licensing Using Policy (SLP) on Cisco MDS 9000 Switches. Before reading this document, ensure that you have read the Cisco Smart Licensing Using Policy on MDS 9000 Switches article from the Learn category on the Cisco NX-OS Licensing collection page on Cisco.com.

Introduction to Smart Licensing Using Policy

Smart Licensing using Policy (SLP) is an enhanced version of Smart Licensing, the objective of which is to provide a cloud-based licensing solution that does not interrupt the operations of your network, rather enables a compliance relationship to account for the hardware and software licenses purchased and used.

SLP is supported starting with Cisco MDS NX-OS Release 9.2(2) and is the only licensing mechanism available.

The primary benefits of this enhanced licensing model are:

  • Seamless day-0 operations

    After a license is ordered, no preliminary steps, such as registration or generation of keys, are required unless an enforced license is used.

  • Visibility and manageability of licenses

    View and manage all your switch licenses at one place.

  • Flexible, time series reporting of licenses to remain compliant

    Easy reporting options are available, whether you are directly or indirectly connected to Cisco Smart Software Manager (CSSM) or are using an air-gapped approach.

This document provides conceptual, configuration, and troubleshooting information for SLP on Cisco MDS switches. For a more detailed overview on Cisco Licensing, go to cisco.com/go/licensingguide.

The conceptual information includes an overview of SLP, supported products, supported topologies, and explains how SLP interacts with other features. SLP is a software license management solution that provides a seamless experience for customers:

  • Purchase: Purchase licenses through the existing channels and use the Cisco Smart Software Manager (CSSM) portal to view switches and licenses.

    To simplify the implementation of SLP, we recommend that you provide your Smart Account and Virtual Account information when placing an order for new hardware or software. This allows Cisco to install applicable licenses on switches and deposit entitlements to SA/VA at the time of manufacturing. Also, purchase information will be populated under the show license authorizations command.

  • License Types: Licenses on Cisco MDS switches are of two categories β€” enforced and unenforced.

    Enforced licensing prevents a feature from being used without first obtaining a license.

    Unenforced licensing does not need to complete any licensing-specific operations before using the feature. License usage is recorded on your switch with timestamps and the required workflows to report usage to Cisco can be completed later.

  • Report: License usage should be reported to CSSM. Multiple options are available for license usage reporting. You can use the Cisco Smart Licensing Utility (CSLU) or SSM On-Prem , or report usage information directly to CSSM. For air-gapped networks, a provision for offline reporting where usage information can be downloaded from switches and uploaded to CSSM is also available. The usage report is in plain text XML format.

 Note

If you are purchasing licenses via third-party vendors or partners, check with your vendors or partners for instructions on implementing SLP.

Understand Key Concepts of SLP Before Deployment

This section explains the key components that you need to understand before deploying SLP on Cisco MDS 9000 Switches.

Policy Selection

To know which policy is applied (the policy in-use) and its reporting requirements, enter the show license all command.

Policies can be customized. To customize policies, contact the Cisco Global Licensing Operations team. Go to Support Case Manager. Click OPEN NEW CASE > Select Software Licensing. The licensing team will contact you to start the process or for any additional information. Customized policies are also made available through your Smart account in CSSM.

RUM Report and Report Acknowledgment

A Resource Utilization Measurement report (RUM report) is a license usage report, which the product instance generates, to fulfill reporting requirements as specified by the policy. RUM reports are data files with information about license usage and device identity. These reports are securely stored in the device and are cert-signed by the hardware.

 Note

When a switch does not consume a license, it does not generate any RUM report. To verify license consumption, use the show license usage command.

An acknowledgment (ACK) is a response from CSSM and provides information about the status of a RUM report.

The policy that is applied to a product instance determines the following reporting requirements:

  • Whether a RUM report is sent to CSSM, and the maximum number of days that are provided to meet this requirement.

  • Whether the RUM report requires an acknowledgment (ACK) from CSSM.

  • The maximum number of days provided to report a change in license consumption.

A RUM report sent to CSSM from device or CSLU can be accompanied by other requests.

 Note

System logs are generated at X and X-30 days if reporting is not done. X is the reporting interval per the policy.

RUM States

The RUM reports change state throughout the communication between product instance and CSSM.

State

Description

SmartAgentRumStateOpen

New report that is created by Smart Agent on the device

SmartAgentRumStateClosed

RUM report that is sent to CSSM (reloads will also push the open reports to closed state)

Sample RUM Report

<?xml version="1.0" encoding="UTF-8"?>
<smartLicense>
<RUMReport>
<![CDATA[
{
"payload":{ "asset_identification":{
"asset":{

"name":"regid.2017-11.com.cisco.MDS_9700,1.0_ac6ddieu7-89ju-4dne7-8699-4eeeklljnk"
},
"instance":{
"sudi":{
"udi_pid":"DS-C9124V-8EK9",
"udi_serial_number":"FDjhjudyw8778"
},
"product_instance_identifier":"f804e59b-7296-4c6d-a4f4-e61207ddf150"
},
"signature":{ "signing_type":"CISC123", "key":"00000000",
"value":"A0EPZ4grbhDeNG2q1wJxeRAkEIFabnHp8UCB+qoFMFRA3oMkZ3G572mm FDFZXVSaA2yfVRym0GMgKDo2glzz7er1RVIyB8XnrqgdgFBMkvJiuHb5B9Bdvs 8qABGErQZP7m5HTUQcHNwczYYAoflIMo2ltaaUzhbmjppoh1b6cIvjUqTVTyg37cj/

Z0r7hIviUxrzvHBVFFVA50Ik8wXPFWS24aLC4ubXvEDNzDv1UWQwfJy0XmkegJ07PBVAfcRPhfZ4/5J9YtsQ1xRb5ot+ IdogZmhX7ISVOAh3WFjvAMVhQrH4xeSKD1wgIZtLAC+TnixvU6HAc4p168UK6aZV4A=="
}
},
"meta":{
"entitlement_tag":"regid.2019-06.com.cisco.LAN_MDS9000_9124V,1.0_ ac6ddieu7-89ju-4dne7-8699-4eeeklljnk",
"report_id":16283555555, "software_version":"10.2(1)FI9(1)", "ha_udi":[
{
"role":"Active", "sudi":{
"udi_pid":"DS-C9124V-8EK9",
"udi_serial_number":" FDjhjudyw8778"
}
}
]
},
"measurements":[
{
"log_time":1628323253, "metric_name":"ENTITLEMENT", "start_time":1628323253, "end_time":1628323254, "sample_interval":1, "num_samples":1,
"meta":{
"termination_reason":"CurrentUsageRequested"
},
"value":{
"type":"COUNT",
"value":"1"
}
}
]
},
"header":{
"type":"rum"
},
"signature":{
"sudi":{
"udi_pid":"DS-C9124V-8EK9",
"udi_serial_number":"FDOkjahwdiuw78"
},
"signing_type":"CISC123", "key":"782198723987",
"value":"BIoW16suShhDdAJZgRGtxdk/b4yhdvtDJQzE4eujgG+w/ UKICJ40oEsh2HfIy0kcbfSn3gaAPwhlwHxFUVjLh+kYHxuwSvsI0RwwyIgBIlYbc9JojQ40dZGLRVmJt05djYIRkRHI5dYMO0Fn/

a/F+VnaEQ2hVbbTWMW0pDLnJksPyQ9Mn91RmI4ZCfkS5gGNeS9U0CyeBpSYfh/r+N4bn/gmf+XDmK30x6yukTflvUC6IV/


lNMxJYOpZ87mV/4XX6Bw88Ab1K3KX6VHVpeMr45UeUNGd0efaigReB9ERISJnERxAEs4SuU/ZhnFMONAwW/4WCpDXD/p8bcw76mmSkw=="

}
}
]]>
</RUMReport>
</smartLicense>

Sample RUM ACK

<?xml version="1.0" encoding="UTF-8"?>
<smartLicense>
<smartLicenseRumAck>
<data>
<![CDATA[[
{
"status_code":"OK",
"status_message":"Rum Report is accepted.", "localized_message":"Rum Report is accepted.",
"product_instance_identifier":"f80003456-1234-3g5h-b6b6-e1234hrtu5678", "sudi":{
"udi_pid":"DS-C9124V-8EK9",
"udi_serial_number":"FDO3456yuth"
 

}
]]]>
 
},
"report_id":162123456, "correlation_id":"610e4fcecebababeyro678990-bf94ajdu47878787hdj", "subscription_id":null
 
  </data>
  <signature>MEQCIBtBcrLc384LDGgD9axXIMFiV4usLWOeOvJiP4nL9PKhAiA16   yiPufFIFwfEPIGbqMbfTKB+gGxB52m5tPVWZ/MP6Q==</signature>
  </smartLicenseRumAck>
  <smartLicenseAccountInfo>
  <customerInfo>
  <timestamp>1628327760658</timestamp>
  <smartAccount>InternalTestDemoAccount10.cisco.com</smartAccount>
  <virtualAccount>nxofirst</virtualAccount>
  <smartAccountId>2312345</smartAccountId>
  <virtualAccountId>509876</virtualAccountId>
  <smartAccountDomain>internaltestdemoaccount10.cisco.com</smartAccountDomain>
  </customerInfo>
  <signature>MEQCIBelsrxUBMzZSi406NeeHOJRlboJedEThjgyutwiqwge2iuey2   uehdufydwinGOsmgLaef1HAG+naWneLqZ139ARFiTsmA==</signature>
  </smartLicenseAccountInfo>
  <correlationID>ngnx-d3chwyt37hgdytf1924b4a57c190bc6</correlationID>
  </smartLicense>

Smart Licensing Using Policy Workflow

Smart Licensing Using Policy solution makes it easier for you to procure, deploy, and manage your license. Cisco Smart Software Manager (CSSM) is your primary licensing server and portal where you can create your smart accounts and manage licenses.

Smart Software Manager On-Prem and Cisco Smart Licensing Utility are your locally installed on-premises user portals that work with CSSM.

After purchasing licenses, activate your licenses on your devices in your deployments. As the devices establish trust and report license usage, you can manage your licenses through continuous reporting.

Workflow to Deploy Smart Licensing Using Policy

Smart Licensing Using Policy Workflow In a Nutshell

These are the stages for deploying Smart Licensing Using Policy:

  1. Order licenses

    1. Order your license from Cisco Commerce Workspace (CCW).

    2. Access CSSM and create the smart account and virtual accounts to organize your licenses.

  2. Activate licenses.

    1. Select the deployment methods.

      • Online Deployments

      • Offline or Air-gapped Deployments

    2. Configure the smart license transport mode and establish trust with CSSM.

  3. Manage licenses.

    1. Generate your Resource Utilization Measurement (RUM) report from the device. Synchronize the report with CSSM either automatically or manually.

    2. Monitor the license usage and compliance status through the CSSM portal.

Supported Deployment Models and Topologies

This section describes the various ways in which you can implement a smart licensing policy. For each topology, refer to the accompanying overview to know how the setup is designed to work, and refer to the considerations and recommendations, if any.

Choosing a Topology

The following table allows you to choose a topology depending on your network deployment.

Deployment Model

Topology

Recommendations

Online Deployment > Direct (Smart transport/call home)

Topology 2: Connected Directly to CSSM

Use this topology when you have switches that are already registered to CSSM and need to continue in the same mode. If you need to continue using this topology after upgrading to SLP, then Smart Transport is the preferred transport method. See Topology 2: Connected Directly to CSSM.

Online Deployment > On-Prem > Smart Software Manager (SSM) On-Prem (Recommended)

Topology 4: Connected to CSSM through SSM On-Prem

Use this topology when you want to collect licensing information from each switch in the network and when there is no connectivity to CSSM. See Connected Mode in Topology 4: CSLU Disconnected from CSSM.

Online Deployment > On-Prem > CSLU

Topology 1: Connected to CSSM through CSLU

Use this topology when you do not want the switches to be directly connected to CSSM. This topology supports only one SA/VA combination. See Online Mode in Topology 1: Connected to CSSM Through CSLU.

Offline Deployment > from the switch

Topology 6: No Connectivity to CSSM and No CSLU (Offline mode)

Use this topology when you want to collect licensing information from a single source and when there is no connectivity to CSSM. You cannot view license consumption locally. Also, only a single VA can be used. See Topology 6: SSM On-Prem Disconnected from CSSM.

Offline Deployment > SSM On-Prem Disconnected

Topology 5: SSM On-Prem Disconnected from CSSM

Use this topology when you want to manage or view licenses from a single source. You can view license consumption locally. You can also use multiple SA/VA combinations. See SSM On-Prem in Disconnected Mode in Topology 5: No Connectivity to CSSM and No CSLU.

Offline Deployment > CSLU Offline

Topology 3: CSLU Disconnected from CSSM

Use this topology when you need to manage or view license consumption locally. You can also use multiple VA. See CSLU in Offline Mode in Topology 3: Connected to CSSM Through SSM On-Prem.

Guidelines and Limitations

The following categories contain the guidelines you need to remember before deploying SLP.

General

  • Cisco MDS 9000 Release 9.2(2) supports only the SLP licensing mode.

  • For SL registered switches with CSSM, when upgrading from pre-SLP releases to Cisco NX-OS MDS Release 9.2(2), duplicate entry may occur for the same switch on CSSM or SSM On-Prem. The duplicate entry will be deleted automatically within a day from CSSM, but needs to be deleted manually by users from SSM On-Prem.

  • Ports enabled in SL mode in pre-SLP releases will not be enabled if boot variables are used for migration instead of boot variables reload.

  • Syslogs will be printed on a weekly basis for port licenses that are not authorized. This scenario is specific to SL based migration.

  • SLP MIB is not supported.

  • Authorization code cannot be returned to the SA/VA pool for enforced port licenses.

Upgrade

  • When upgrading to Cisco MDS NX-OS Release 9.2(2) for SL registered switches, the transport mode may go to CSLU instead of Call Home. We recommend configuring the transport mode to Call Home manually and establish the trust with CSSM.

  • During upgrade from earlier release with traditional licensing (PAK) to Cisco MDS NX-OS Release 9.2(2), reflection of RUM sync in the show command may take up to 24 hours after migration.

Transport

  • While using the transport mode as CSLU, if licenses do not get released from the SA/VA after write-erase and reload of a switch, it is recommended to delete the switch from SA/VA.

CSLU

  • Only CSLU mode of transport is supported with SSM On-Prem.

  • For CSLU, single SA/VA is supported, but multitenant is not supported.

  • For autodiscovery (when only one IP is configured in CSLU local), only one CSLU can be used in the network.

  • CSLU-initiated pull mode is not supported in Cisco MDS NX-OS Release 9.2(2).

Commands

  • It is recommended to do a license smart factory reset only.

  • The following commands do not support XMLized output:

    • show-techsupport license

    • show license eventlog

    • show license history message

    • show license data conversion

  • The output of the show license status command may show discrepancy in timer values but has no functional impact. The timer gets updated automatically and the RUM Reporting will be retried after 24 hours.

Online Deployments

Online Deployments are classified as Direct and On-premises deployments. The direct deployment is done using either Smart or Call Home Transport mode. Both the transport modes have the option to use proxy servers. The On-premises deployment is done using either SSM On-prem or CSLU. SSM On-prem and CSLU also have the option to use proxy servers.

Direct Deployments

Direct deployment involves connecting devices to https://smartreceiver.cisco.com/licservice/license through the internet or an HTTP proxy server to report usage information using the Smart transport mode. Direct deployment works out of the box with no additional configuration.

Direct deployment is most suitable for small networks, especially in the enterprise world. It's when a user doesn't want to manage an on-premises server and communicates with Cisco directly or through a proxy.

Transport Modes

The two modes of transport available for Direct deployment are Smart and Call home.

Smart - The Smart Transport mode is a transport method where a Smart Licensing (JSON) message is contained within an HTTP message and exchanged between a product instance and CSSM to communicate.

Call Home - The Call Home Transport mode provides e-mail-based and web-based notifications of critical system events. This method of connecting to CSSM is available in the Smart Licensing environment and remains available with SLP.

Direct Deployment Methods

Direct deployment is also termed as Topology 2: Connected Directly to CSSM. The transport mode is Smart transport or call home. Direct deployment offers these methods:

  • Direct Cloud Access: In this method, the product instance or device sends usage information directly over the internet to CSSM. The transport mode can be either Smart or Call Home.

  • Direct Cloud access through a proxy server: In this method, the product instance or device sends usage information over the internet through a proxy server using either Smart or Call Home transport mode to CSSM.

Report License Usage

In direct deployments, the device automatically generates reports once it establishes a trusted connection with the CSSM. The device initiates communication and automatically sends out the license usage report as per the default policy. CSSM automatically sends the ACK reports in the first 5 minutes. You can set up a subsequent reporting frequency as per the policy.

Steps to Deploy SLP using Direct Deployment Mode

After you order the licenses and set up your smart accounts in CSSM, activate and manage licenses for your chosen mode of direct deployment.

  1. Based on your choice of transport mode, choose any one of these procedure to activate licenses.

  2. Irrespective of the mode of transport used, the procedure to manage the licenses in the direct deployment mode is the same - Manage Licenses on Direct Deployment with Smart or Call Home Transport Mode

Activate Licenses on Direct Deployment with Smart Transport Mode
Procedure

Step 1

Enable smart transport mode on your device using the license smart transport smart command.

Example:
switch# configure
switch(config)# license smart transport smart

Step 2

Configure the transport URL with the license smart url smart transport-url command.

The switch automatically configures the Smart URL (https://smartreceiver.cisco.com/licservice/license).

Example:
switch(config)# license smart url smart https://smartreceiver.cisco.com/licservice/license

Step 3

If you are deploying Direct Cloud access through an HTTPS proxy method, configure a proxy for the smart transport mode using the license smart proxy hostname port port-number command. Skip this step for Direct Cloud Access deployment.

When you configure a proxy server, licensing messages are sent to the proxy along with the final destination URL (CSSM). The proxy sends the message to CSSM.

Example:
switch(config)# license smart proxy hostname proxy.esl.cisco.com port 80
switch(config)# commit
switch(config)# exit

Step 4

Establish trust by generating a token from the smart account and virtual account in CSSM and copy the token on the devices using the license smart trust idtoken command.

Example:
switch# license smart trust idtoken MjczNDMwZWYtNDAzMS00NjNmLWJmMTQtMzM1YmRhZDAxZWNmLTE3MjA1OTE3%0ANzM4MTh8eit1NENmLzNYaHg3WVk3VzFYeDVxc0xSaEZqNjhtNERGMnc5UHZK%0AU1RMYz0%3D%0A all force

Step 5

View the trust establishment on the device using the license smart save trust-request filepath_filename command.

Example:
switch# license smart save trust-request file1

Step 6

Verify license status using the show license status command. Verify the latest date at Trust Code Installed.

Example:
switch# show license status

Utility:
    Status: DISABLED

Smart Licensing using Policy:
    Status: ENABLED

Data Privacy:
    Sending Hostname: yes
    Callhome Hostname Privacy: DISABLED
        Smart Licensing Hostname Privacy: DISABLED
    Version Privacy: DISABLED

Transport:
    Type: Smart  >>>>>>Mode
    URL: https://smartreceiver.cisco.com/licservice/license
    Proxy:
        Not configured

Policy:
    Policy in use: Merged from multiple sources
    Reporting ACK required: Yes
    Unenforced/Non-Export:
        First report requirement (days): 90 (CISCO default)
        Ongoing reporting frequency (days): 365 (CISCO default)
        On change reporting (days): 90 (CISCO default)
    Enforced (Perpetual/Subscription):
        First report requirement (days): 0 (CISCO default)
        Ongoing reporting frequency (days): 0 (CISCO default)
        On change reporting (days): 0 (CISCO default)
    Export (Perpetual/Subscription):
        First report requirement (days): 0 (CISCO default)
        Ongoing reporting frequency (days): 0 (CISCO default)
        On change reporting (days): 0 (CISCO default)

Miscellaneous:
    Custom Id: <empty>

Usage reporting:
    Last ACK received: <none>
    Next ACK deadline: Sep  8 09:16:32 2023  EST
    Reporting push interval: 30 days
    Next ACK push check: Jun 14 11:55:56 2023  EST
    Next report push: Jul 14 11:50:59 2023  EST
    Last report push: Jun 14 11:50:59 2023  EST
    Last report file write: <none>

Trust Code installed : Jun 14 11:49:17 2023  EST >>>>Trust code for PID
    Active: PID: DS-C9706, SN: FXS2250Q299
        Jun 14 11:49:17 2023  EST
    Standby: PID: DS-C9706, SN: FXS2250Q299
        Jun 14 11:49:17 2023  EST
Activate Licenses on Direct Deployment with Call Home Transport Mode
Procedure

Step 1

Enable call home transport mode on your device using the license smart transport callhome command.

Example:
switch# configure
switch(config)# license smart transport callhome

Step 2

Configure the basic call home configurations.

  1. callhome

  2. email-contact <email_id>

  3. phone-contact <contact_number>

  4. streetaddress <address>

  5. destination-profile CiscoTAC-1 transport-method http

  6. destination-profile CiscoTAC-1 index 1 http https://tools.cisco.com/its/service/oddce/services/DDCEService

  7. transport http use-vrf <vrf>

  8. enable

Example:
switch(config)# callhome
switch(config-callhome)# email-contact sch-smart-licensing@cisco.com
switch(config-callhome)# phone-contact +1-408-800-900
switch(config-callhome)# streetaddress 270 E Tasman Dr
switch(config-callhome)# destination-profile CiscoTAC-1 transport-method http
switch(config-callhome)# destination-profile CiscoTAC-1 index 1 http https://tools.cisco.com/its/service/oddce/services/DDCEService
switch(config-callhome)# transport http use-vrf management
switch(config-callhome)# enable
switch(config-callhome)# exit
switch(config)#

Step 3

If you are deploying Direct Cloud access through a proxy method, configure a proxy for the call home transport mode using the transport http proxy hostname port port-number command. Skip this step for Direct Cloud Access deployment.

When you configure a proxy server, licensing messages are sent to the proxy along with the final destination URL (CSSM). The proxy sends the message to CSSM.

Example:
switch(config)# callhome
switch(config-callhome)# transport http proxy server 192.168.0.1 port 3128
switch(config-callhome)# exit

Step 4

Establish trust by generating a token from the smart account and virtual account in CSSM and copy the token on the devices using the license smart trust idtoken command.

Example:
switch# license smart trust idtoken MjczNDMwZWYtNDAzMS00NjNmLWJmMTQtMzM1YmRhZDAxZWNmLTE3MjA1OTE3%0ANzM4MTh8eit1NENmLzNYaHg3WVk3VzFYeDVxc0xSaEZqNjhtNERGMnc5UHZK%0AU1RMYz0%3D%0A all force

Step 5

View the trust establishment on the device using the license smart save trust-request filepath_filename command.

Example:
switch# license smart save trust-request file1

Step 6

Verify license status using the show license status command. Verify the latest date at Trust Code Installed.

Example:
switch(config-callhome)# show license status 
Utility: 
Status: DISABLED

Smart Licensing using Policy:
Status: ENABLED

Data Privacy: 
Sending Hostname: yes 
Callhome Hostname Privacy: DISABLED 
Smart Licensing Hostname Privacy: DISABLED 
Version Privacy: DISABLED 

Transport: 
Type: Callhome

Policy: 
Policy in use: Merged from multiple sources 
Reporting ACK required: Yes
Unenforced/Non-Export: 
First report requirement (days): 1 (Installed)
Ongoing reporting frequency (days): 1 (Installed)
On change reporting (days): 1 (Installed)
Enforced (Perpetual/Subscription): 
First report requirement (days): 1 (Installed)
Ongoing reporting frequency (days): 1 (Installed)
On change reporting (days): 1 (Installed)
Export (Perpetual/Subscription): 
First report requirement (days): 1 (Installed)
Ongoing reporting frequency (days): 1 (Installed)
On change reporting (days): 1 (Installed)

Miscellaneous:
Custom Id: <empty>

Usage reporting:
Last ACK received: <none>
Next ACK deadline: Oct 1 08:10:04 2024 UTC
Reporting push interval: 1 days
Next ACK push check: <none>
Next report push: Sep 30 08:10:34 2024 UTC
Last report push: <none>
Last report file write: <none>

Trust Code installed: Sep 30 08:10:03 2024 UTC
Active: PID: N9K-C93600CD-GX, SN: FDO24510644 
Sep 30 08:10:03 2024 UTC 


switch(config-callhome)#
Manage Licenses on Direct Deployment with Smart or Call Home Transport Mode
Procedure

Step 1

Navigate to Smart Software Licensing > Reports on the CSSM UI.

Step 2

Download the acknowledgment sent and upload to your device.

Step 3

Manage the license consumption on your devices. View the license status and summary using the show license summary show license usage command.

Example:
switch# show license usage
License Authorization:
  Status: Not Applicable

(PORT_ACTIV_9396T_PKG):
  Description: MDS 9396T 32G 16 port-activation
  Count: 48
  Version: 1.0
  Status: IN USE
  Enforcement Type: ENFORCED
  License Type: Enforced

Step 4

(Optional) Set the time interval to automatically synchronize RUM reports using the license smart usage interval command.

Example:
switch# license smart usage interval

On-Premises Deployments

On-Premises deployment is a deployment option for organizations that prefer not to have their products communicate directly with CSSM over the internet. This type of deployment involves the use of either a license server, such as Smart Software Manager (SSM), or a Windows application, such as Cisco Smart License Utility (CSLU), on the premises to manage devices and licenses. These tools use a synchronization process to exchange license information with CSSM, which can be done automatically over the network or manually offline.

The two ways to set up On-Premises deployments are:

  • SSM On-Prem

  • CSLU

Smart Software Manager On-Prem

Smart Software Manager (SSM) is an On-Premise version of CSSM and provides a similar set of features. When you connect a device to SSM On-Prem, SSM On-Prem becomes the single point of interface with CSSM. Once the SSM On-Prem is operational, devices register to SSM On-Prem and report license consumption.

SSM On-Prem Modes

SSM On-Prem connects with Cisco Smart Software Manager in the cloud to synchronize license consumption and usage at the desired frequency such as daily, weekly, or monthly. You can also deploy SSM On-Prem in a totally disconnected mode.

  • Connected - Manage your devices on premises with a license server connected to CSSM. Devices register to SSM On-Prem and report license consumption and usage to CSSM at the desired frequency. Based on topologies, this online deployment is classified as On-Premises Deployment using SSM On-Prem and also termed as Topology 4: Connected to CSSM through SSM On-Prem. See Steps to Deploy SSM On-Prem in Connected Mode to deploy SSM-On Prem in Connected Mode.

  • Disconnected - Manage your devices on premises without connecting to CSSM. SSM On-Prem synchronizes to CSSM through a manual file transfer process for reporting license consumption and usage. Based on topologies, this Offline Deployment mode is classified as SSM On-Prem in Disconnected Mode and also termed as Topology 5: SSM On-Prem disconnected from CSSM. See the deployment of SSM On-Prem in Disconnected Mode in the Remote Deployments section.

Report License Usage

To report license usage, synchronize local accounts on SSM On-Prem with CSSM by using the Synchronization widget in the SSM On-Prem UI.

Execute the license smart sync all command to synchronize device information with SSM On-Prem. You can synchronize license usage with CSSM using the following:

  • Set up on-demand synchronization with CSSM

  • Schedule synchronization with CSSM at a specified time

  • Synchronize the license usage with CSSM, either by connecting to CSSM immediately or by downloading and uploading files for SSM On-Prem disconnected mode.

Steps to Deploy SSM On-Prem in Connected Mode

After you order the license and set up your smart accounts in CSSM:

  1. Activate Licenses on SSM On-Prem in Connected Mode

  2. Manage Licenses on SSM On-Prem in Connected Mode

 Note

Use the same procedures to deploy SSM On-prem proxy method.

Activate Licenses on SSM On-Prem in Connected Mode
 Note

If the device is registered to SSM On-Prem with pre-SLP release using callhome transport, then the transport mode changes to CSLU after the migration. Also, the url is populated on the product instance from OnPrem CSLU tenant ID. Ensure that you save the configuration using the copy running-config startup-config command.

Procedure

Step 1

Go to the Software Download. page, click Smart Software Manager On-Prem, and download and install Smart Software Manager On-Prem. See Cisco Smart License Utility Quick Start Setup Guide.

Step 2

Configure SSM On-Prem and create a local account. See SSM On-Prem User Guide

Step 3

Navigate to the License workspace > Inventory > General > Product Usage Registration Tokens, select CSLU Transport URL at the SSM On-Prem UI.

 Note

If you are deploying SSM On-Prem proxy method, to configure a proxy see Cisco Smart Software Manager On-Prem User Guide.

Step 4

Configure the transport mode and SSM On-Prem URL on your device using the license smart transport cslu command.

The SSM On-Prem URL is http://<ip>/cslu/v1/pi/<tenant ID>. Enter the hostname or the IP address of the server where you have installed SSM On-Prem. The tenantID is the default local virtual account ID.

Example:
switch# configure
switch(config)# license smart transport cslu
switch(config)# license smart url cslu http://192.0.2.1:8182/cslu/v1/pi/SATELLITE9-1 
switch(config)# exit

Step 5

Establish trust by generating the token from the SSM On-Prem UI and copy the token to the switch using the license smart trust idtoken idtoken all force command.

Example:
switch# license smart trust idtoken MjczNDMwZWYtNDAzMS00NjNmLWJmMTQtMzM1YmRhZDAxZWNmLTE3MjA1OTE3%0ANzM4MTh8eit1NENmLzNYaHg3WVk3VzFYeDVxc0xSaEZqNjhtNERGMnc5UHZK%0AU1RMYz0%3D%0A
all force

Step 6

Verify the license status using the show license status command. View the trust establishment on the device and verify the latest date at Trust Code Installed.

Example:
switch# show license status
Utility:
    Status: DISABLED

Smart Licensing using Policy:
    Status: ENABLED

Data Privacy:
    Sending Hostname: yes
    Callhome Hostname Privacy: DISABLED
        Smart Licensing Hostname Privacy: DISABLED
    Version Privacy: DISABLED

Transport:
    Type: CSLU
    Cslu address: cslu-local

Policy:
    Policy in use: Merged from multiple sources
    Reporting ACK required: Yes
    Unenforced/Non-Export:
        First report requirement (days): 90 (CISCO default)
        Ongoing reporting frequency (days): 365 (CISCO default)
        On change reporting (days): 90 (CISCO default)
    Enforced (Pepertual/Subscription):
        First report requirement (days): 0 (CISCO default)
        Ongoing reporting frequency (days): 0 (CISCO default)
        On change reporting (days): 0 (CISCO default)
    Export (Perpetual/Subscription):
        First report requirement (days): 0 (CISCO default)
        Ongoing reporting frequency (days): 0 (CISCO default)
        On change reporting (days): 0 (CISCO default)

Miscellaneous:
    Custom Id: <empty>

Usage reporting:
    Last ACK received: <none>
    Next ACK deadline: Jan 12 08:39:14 2022 UTC
    Reporting push interval: 30 days
    Next ACK push check: <none>
    Next report push: Oct 14 08:40:00 2021 UTC
    Last report push: <none>
    Last report file write: <none>

Trust Code installed: Jan 12 08:39:14 2022 UTC
Active: PID: DS-C9148T-K9, SN: JPG220700PY
Jan 12 08:39:14 2022 UTC

switch(config)#
Manage Licenses on SSM On-Prem in Connected Mode
Procedure

Step 1

Log into the SSM On-Prem > Smart Licensing workspace.

If you have deployed ....Then perform these steps ...

SSM On-Prem connected mode

  1. Navigate to Reports > Usage Schedules > Synchronize now with Cisco and generate a license usage RUM report in the Smart Licensing workspace.

  2. Navigate to Inventory > SL Using Policy and select one or more devices by enabling the corresponding check box, and Click Actions for Selected... > Collect Usage.

Step 2

Manage the license consumption on your devices. View the license status and summary using the show license summary or show license usage commands.

Example:
switch# show license summary
License Usage:
License                    Entitlement tag                 Count   Status
-------------------------------------------------------------------------
MDS 9396T 32G 16 port-a... (PORT_ACTIV_9396T_PKG)           48      NOT AUTHORIZED
MDS 9300 series Enterpr... (ENTERPRISE_PKG)                 1       IN USE

switch#

switch# show license usage
	License Authorization:
  Status: Not Applicable

(PORT_ACTIV_9396T_PKG):
  Description: MDS 9396T 32G 16 port-activation
  Count: 48
  Version: 1.0
  Status: NOT AUTHORIZED
  Enforcement Type: ENFORCED
  License Type: Enforced

(ENTERPRISE_PKG):
  Description: MDS 9300 series Enterprise package
  Count: 1
  Version: 1.0
  Status: IN USE
  Enforcement Type: NOT ENFORCED
  License Type: Generic 
switch(config)# 

Step 3

(Optional) Set the time interval for automatic synchronizing of the RUM reports using the license smart usage interval <1-365> command.

Example:
switch# license smart usage interval 90
Cisco Smart Licensing Utility

Cisco Smart License Utility Manager (CSLU) is a Windows-based application that enables you to administer licenses for your devices on premises instead of having to directly connect your devices to CSSM. When you connect a device to CSLU, CSLU becomes the only interface with CSSM. Once the CSLU is operational, devices register to CSLU and report license consumption.

For information about downloading, installing, and using CSLU, see Cisco Smart License Utility

CSLU Modes

The CSLU can be configured in both Online and Offline modes.

  • CSLU Online or Connected - Device initiates communication automatically and sends the RUM report to CSLU as per the default policy. CSLU forwards the RUM report to CSSM and retrieves the acknowledgment (ACK). Based on topologies, this Online Deployment is classified as On-Premises Deployment using CSLU and also termed as Topology1: Connected to CSSM through CSLU. See Steps to Deploy CSLU On-Prem in Online Mode.

  • CSLU Offline or Disconnected - Device initiates communication automatically and sends the RUM reports to CSLU. CSLU is not connected to CSSM, so you need to manually connect to CSSM and upload the RUM reports. Based on the topologies, this Offline Deployment is classified as Offline Deployment using CSLU in Offline Mode and also termed as Topology 3: CSLU Disconnected from CSSM. See CSLU Offline Mode in the Remote Deployments section.

Report License Usage

By default, the CSLU utility application is scheduled to collect data information at 24-hour intervals. CSLU connects to the selected Product Instance(s) and collects the RUM reports. These RUM reports are then stored in the CSLU’s local library.

Steps to Deploy CSLU On-Prem in Online Mode

After you order the license and set up your smart accounts in CSSM:

  1. Activate Licenses on CSLU in Online Mode

  2. Manage Licenses on CSLU in Online Mode

 Note

Use the same procedures to deploy CSLU On-prem proxy method.

Activate Licenses on CSLU in Online Mode
Procedure

Step 1

Go to the Software Download page, click Smart Licensing Utility, and download and install the latest version of CSLU application on your Windows or Linux server. See Cisco Smart Licensing Utility Quick Start Setup Guide for CSLU and Software Download for Linux.

 Note

If you are deploying CSLU proxy method, to configure a proxy see Cisco Smart Licensing Utility User Guide.

Step 2

Set up CSLU preference settings and associate the Smart account and virtual account details. See Cisco Smart Licensing Utility User Guide.

Step 3

Configure the transport mode on the device using the license smart transport cslu command.

Example:
switch# configure
switch(config)# license smart transport cslu

Step 4

Configure the transport URL using the license smart url cslu command.

The default CSLU URL is http://cslu-local:8182/cslu/v1/pi. 8182 is the port number on the CSLU.

Example:
switch(config)# license smart url cslu http://192.0.2.1:8182/cslu/v1/pi
switch(config)# exit

Step 5

If you want to establish trust immediately with CSLU, use the license smart sync all command.

Step 6

Verify the license status using the show license status command. Verify the latest date in the Trust Code Installed field.

Example:
switch# show license status
Utility:
    Status: DISABLED

Smart Licensing using Policy:
    Status: ENABLED

Data Privacy:
    Sending Hostname: yes
    Callhome Hostname Privacy: DISABLED
        Smart Licensing Hostname Privacy: DISABLED
    Version Privacy: DISABLED

Transport:
    Type: CSLU
    Cslu address: cslu-local

Policy:
    Policy in use: Merged from multiple sources
    Reporting ACK required: Yes
    Unenforced/Non-Export:
        First report requirement (days): 90 (CISCO default)
        Ongoing reporting frequency (days): 365 (CISCO default)
        On change reporting (days): 90 (CISCO default)
    Enforced (Pepertual/Subscription):
        First report requirement (days): 0 (CISCO default)
        Ongoing reporting frequency (days): 0 (CISCO default)
        On change reporting (days): 0 (CISCO default)
    Export (Perpetual/Subscription):
        First report requirement (days): 0 (CISCO default)
        Ongoing reporting frequency (days): 0 (CISCO default)
        On change reporting (days): 0 (CISCO default)

Miscellaneous:
    Custom Id: <empty>

Usage reporting:
    Last ACK received: <none>
    Next ACK deadline: Jan 12 08:39:14 2022 UTC
    Reporting push interval: 30 days
    Next ACK push check: <none>
    Next report push: Oct 14 08:40:00 2021 UTC
    Last report push: <none>
    Last report file write: <none>

Trust Code installed: Jan 12 08:39:14 2022 UTC
Active: PID: DS-C9148T-K9, SN: JPG220700PY
Jan 12 08:39:14 2022 UTC


Manage Licenses on CSLU in Online Mode

Perform these steps to manage licenses on CSLU.

.

Procedure

Step 1

Log into CSLU UI .

Step 2

Synchronize the reports from CSLU with Cisco using the CSLU UI..

If you have deployed ....Then perform these steps ...

CSLU Online

Navigate to CSLU > Data Menu > Send to CSSM to immediately send RUM reports to Cisco.

Offline Deployments

Offline deployment is when a device is not communicating with Cisco. Offline deployments, also termed as air-gapped deployments, are used in highly secure environments which have no internet access.

Offline Deployments Based on your Network

Depending on your network environment, you can select the offline deployment methods.

  • Remote deployments - Your On-Premises servers offer disconnected modes. Use disconnected licensing mode by turning off communication with Cisco on your On-Premises servers.

    • SSM On-Prem in Disconnected Mode

    • CSLU in Offline Mode or Disconnected

    See Remote Deployments.

  • Air-gapped deployments from the switch - License reservation offers security for organizations that need a full air-gapped environment when on-premises licensing is not an option. The license reservation solution is for classified environments that don’t allow electronic communication in or out of the environment. With a license reservation solution, you are fully offline without any ongoing communication or additional infrastructure. After you order the license and set up your smart accounts in CSSM, you need to Activate Licenses.

Report License Usage

Report license usage for remote environments - In remote offline deployments, turn off device communication to CSSM on the On-Premises servers. Manually upload the license consumption using RUM reports to establish trust and reporting to CSSM.

Report license usage for air-gapped environments from the switch - In fully offline deployment, no action is required, as there is no trust establishment or reporting of devices to CSSM.

Remote Deployments

Based on the topologies, the two types of remote deployments, where licenses are activated on SSM On-Prem and on CSLU are also termed as Topology 5: SSM On-Prem Disconnected from CSSM and Topology 3: CSLU Disconnected from CSSM respectively.

Steps to Deploy SSM On-Prem in Disconnected Mode

To deploy SLP remotely using SSM On-Prem in Disconnected mode, perform these two steps.

  1. Activate Licenses on SSM On-Prem in Disconnected Mode

  2. Manage Licenses on SSM On-Prem in Disconnected Mode

Activate Licenses on SSM On-Prem in Disconnected Mode
Procedure

Step 1

Go to the Software Download page, click Smart Software Manager On-Prem, and download and install Smart Software Manager On-Prem. See Cisco Smart License Utility Quick Start Setup Guide.

Step 2

Configure SSM On-Prem and create a local account. See SSM On-Prem User Guide

Step 3

Navigate to the License workspace > Inventory > General > Product Usage Registration Tokens, select CSLU Transport URL at the SSM On-Prem UI.

Step 4

Configure the transport mode and SSM On-Prem URL on your device using the license smart transport cslu command.

The SSM On-Prem URL is http://<ip>/cslu/v1/pi/<tenant ID>. Enter the hostname or the IP address of the server where you have installed SSM On-Prem. The tenantID is the default local virtual account ID.

Example:
switch# configure
switch(config)# license smart transport cslu
switch(config)# license smart url cslu http://192.0.2.1:8182/cslu/v1/pi/SATELLITE9-1
switch(config)# exit

Step 5

If you are deploying SSM On-Prem disconnected mode, log off from CSSM.

  1. Set the license transport mode on the device using the license smart transport cslu command.

  2. Retrieve the RUM report on the device using the license smart save usage command.

    Example:
    switch# license smart save usage all usage.txt
  3. Navigate to Manage Licenses > Reports > Usage Data Files in the CSSM workspace to upload the report manually.

  4. Download the acknowledgment (ACK) file from CSSM and import it to the device using the license smart import command.

    Example:
    switch# license smart import tftp://203.0.113.5/auto/tftp-abc/ACK_RUM-usage-20240125.txt
    Import Data Successfull
Manage Licenses on SSM On-Prem in Disconnected Mode
Procedure

Step 1

Log into SSM On-Prem > Smart Licensing workspace.

Step 2

Synchronize the reports from SSM On-Prem with Cisco using the SSM On-Prem > Smart Licensing workspace.

If you have deployed ....Then perform these steps ...

SSM On-Prem disconnected mode

  1. Navigate to Inventory > SL Using Policy> Export/Import All and select Export Usage to Cisco to manually trigger usage collection from the device. Upload the report to CSSM and receive the ACK file.

  2. Navigate to Inventory > SL Using Policy> Export/Import All... and select Import From Cisco to upload the .tar ACK file on the device.

Step 3

Manage the license consumption on your devices. View the license status and summary using the show license summary or show license usage commands.

Example:
switch# show license summary
License Usage:
License                    Entitlement tag                 Count   Status
-------------------------------------------------------------------------
MDS 9396T 32G 16 port-a... (PORT_ACTIV_9396T_PKG)           48      NOT AUTHORIZED
MDS 9300 series Enterpr... (ENTERPRISE_PKG)                 1       IN USE

 
switch# show license usage
	License Authorization:
  Status: Not Applicable

(PORT_ACTIV_9396T_PKG):
  Description: MDS 9396T 32G 16 port-activation
  Count: 48
  Version: 1.0
  Status: NOT AUTHORIZED
  Enforcement Type: ENFORCED
  License Type: Enforced

(ENTERPRISE_PKG):
  Description: MDS 9300 series Enterprise package
  Count: 1
  Version: 1.0
  Status: IN USE
  Enforcement Type: NOT ENFORCED
  License Type: Generic
switch(config)# 

Step 4

(Optional) In the disconnected mode, manually upload the RUM reports with SSM On-Prem for synchronization.

Steps to Deploy CSLU in Offline Mode

To deploy SLP remotely using CSLU in Offline mode, perform these two steps.

  1. Activate Licenses on CSLU in Offline Mode

  2. Manage Licenses on CSLU in Offline Mode

Activate Licenses on CSLU in Offline Mode
Procedure

Step 1

Go to the Software Download page, click Smart Licensing Utility. and download and install the latest version of the CSLU application on your Windows or Linux server. See Cisco Smart Licensing Utility Quick Start Setup Guide for CSLU and Software Download for Linux.

Step 2

Set up CSLU preference settings and associate the Smart account and virtual account details. See Cisco Smart Licensing Utility User Guide.

Step 3

If you want to deploy CSLU Offline mode, navigate to CSLU Preference > Cisco Connectivity and set the option to off in the CSLU UI.

The field switches to Cisco Is Not Available.

  1. Set the license transport mode on the device using the license smart transport off command.

    Example:
    switch# license smart transport off
  2. Retrieve the RUM report using the license smart save usage all command. Specify the filename (usage.txt) for the report.

    Example:
    switch# license smart save usage all usage.txt
  3. Navigate to Manage Licenses > Reports > Usage Data Files and select Upload Usage Data on the CSSM workspace to upload the report manually. The reporting status changes to No errors.

  4. Download the acknowledgment (ACK) file from CSSM and import the acknowledgment (ACK) file using the license smart import command. The first offline communication establishes trust on the device after the import. You can view the updates using the show license summary or show license usage command.

Example:
switch# show license summary
		License Usage:
License                    Entitlement tag                 Count   Status
-------------------------------------------------------------------------
MDS 9396T 32G 16 port-a... (PORT_ACTIV_9396T_PKG)           48      NOT AUTHORIZED
MDS 9300 series Enterpr... (ENTERPRISE_PKG)                 1       IN USE
switch# show license usage
	License Authorization:
  Status: Not Applicable

(PORT_ACTIV_9396T_PKG):
  Description: MDS 9396T 32G 16 port-activation
  Count: 48
  Version: 1.0
  Status: NOT AUTHORIZED
  Enforcement Type: ENFORCED
  License Type: Enforced

(ENTERPRISE_PKG):
  Description: MDS 9300 series Enterprise package
  Count: 1
  Version: 1.0
  Status: IN USE
  Enforcement Type: NOT ENFORCED
  License Type: Generic
switch(config)# 

Step 4

Verify the license status using the show license status command. Verify the latest date in the Trust Code Installed field.

Example:
switch# show license status
	             
License Authorization:
  Status: Not Applicable

(PORT_ACTIV_9396T_PKG):
  Description: MDS 9396T 32G 16 port-activation
  Count: 48
  Version: 1.0
  Status: NOT AUTHORIZED
  Enforcement Type: ENFORCED
  License Type: Enforced

(ENTERPRISE_PKG):
  Description: MDS 9300 series Enterprise package
  Count: 1
  Version: 1.0
  Status: IN USE
  Enforcement Type: NOT ENFORCED
  License Type: Generic
switch(config)# 
Manage Licenses on CSLU in Offline Mode
Procedure

Log into CSLU UI to synchronize the reports from CSLU with Cisco.

If you have deployed...Then perform these steps....
CSLU Offline
  1. Navigate to Menu > Product Instances > Download All for Cisco and download the tar.gz file.

  2. Access the CSSM UI and upload the report at Manage Licenses > Reports > Usage Data Files > Upload Usage Data. Download the acknowledgment (ACK) file from CSSM.

  3. Specify a file path on the device and import the acknowledgment (ACK) file using the license smart import command.

High Availability

This section explains considerations that apply to a High Availability configuration, when running a software version that supports SLP.

Trust Code Requirements in a High Availability Setup

In Dual Supervisor setup, two trust codes are installed. The active Product instance can submit the requests for both the supervisors and install the trust codes that are returned in an ACK.

Policy Requirements in a High Availability Setup

There are no policy requirements that apply exclusively to a High Availability setup. As in case of a standalone product instance, only one policy exists in a High Availability setup as well, and this is on the active. The policy on the active applies to the standby in the setup.

Product Instance Functions in a High Availability Setup

This section explains general product instance functions in a High Availability setup, and what the product instance does when a standby is added.

For trust codes: The active product instance can request (if necessary) and install trust codes for standby.

For policies: The active product instance synchronizes with the standby.

For reporting: Only the active product instance reports usage. The active reports usage information for standby.

In addition to scheduled reporting, the following events trigger reporting:

  • The addition or removal of a standby. The RUM report includes information about the standby that was added or removed.

  • A switchover.

  • A reload.

For addition of a standby:

  • A product instance that is connected to CSLU, does not take any further action.

  • A product instance that is directly connected to CSSM, performs trust synchronization. Trust synchronization involves the following:

    • Installation of trust code on the standby if not installed already.

    • Installation of policy and purchase information, if applicable.

    • Sending of a RUM report with current usage information.

Upgrades

This section describes how upgrade or migration to SLP is handled. It also clarifies how SLP handles all earlier licensing models including: the earlier version of Smart Licensing, Right-to-Use Licensing (RTU), and how evaluation or expired licenses from any of the earlier licensing models are handled in SLP environment.

To migrate to SLP, you must upgrade to a software version that supports SLP. After you upgrade, SLP is the only supported licensing model and the switch continues to operate without any licensing changes. The SLP section provides details and examples for migration scenarios that apply to Cisco Nexus Switches.

 Note

When migrating from traditional licensing model to SLP, license conversion takes place automatically. This Device Led Conversion (DLC) process is triggered when traditional licenses are detected on the device during an upgrade. DLC request is sent to CSSM as part of the license report and may take up to an hour to complete.

Identifying the Current Licensing Model Before Upgrade

Before you upgrade to SLP, if you want to know the current licensing model that is effective on the switch, enter the show running license all command in privileged EXEC mode. This command displays information about the current licensing model for all except the RTU licensing model.

How an Upgrade Affects Enforcement Types for Existing Licenses

An unenforced license that was being used before upgrade, remains available after upgrade. All licenses on Cisco Nexus Switches are unenforced licenses. This includes licenses from the earlier licensing models as follows:

  • Traditional Licensing (PAK)

  • Smart Licensing

  • Right-to-Use (RTU) Licensing

  • Evaluation or expired licenses from any of the above-mentioned licensing models

How an Upgrade Affects Reporting for Existing Licenses

When you upgrade to a software version which supports SLP, reporting is based on the reporting requirements in the policy which can be displayed in the output of the show license status command for the following licenses:

  • Traditional Licenses (PAK)

  • Smart Licenses (Registered and Authorized licenses)

  • Right-to-Use (RTU) Licenses

  • Evaluation or expired licenses

How an Upgrade Affects Transport Type for Existing Licenses

The transport type, if configured in your existing setup, is retained after upgrade to SLP.

When compared to the earlier version of Smart Licensing, other transport types are available with SLP. There is also a change in the default transport mode. The following table clarifies how this may affect upgrades:

Migration Transport Type Before Upgrade Transport Type After Upgrade
SL (EVAL) Callhome

CSLU

SL (Registered)

Callhome

PAK-based NA

CSLU

SL (Registered) with On-Prem callhome

CSLU

How an Upgrade Affects the Token Registration Process

In the earlier version of Smart Licensing, a token was used to register and connect to CSSM. ID token registration is not required in SLP. The token generation feature is still available in CSSM and is used to establish trust when a switch is directly connected to CSSM. See Topology 2: Connected Directly to CSSM.

Downgrades

To downgrade, you must downgrade the software version on the switch. This section provides information about downgrades for new deployments and existing deployments (you upgraded to SLP and now want to downgrade).

New Deployment Downgrade

This section applies if you had a newly purchased switch with a software version where SLP was already enabled by default, and you want to downgrade to a software version where SLP is not supported.

The outcome of the downgrade depends on whether a Trust Code was installed while you were still operating in the SLP environment, and further action may be required depending on the release you downgrade to.

If the topology you implemented while in the SLP environment was connected directly to CSSM, then a trust code installation can be expected or assumed, because it is required as part of topology implementation. For any of the other topologies, trust establishment is not mandatory. Downgrading switches with one of these other topologies will therefore mean that you must restore licenses to a registered and authorized state by following the procedures that are applicable in the Smart Licensing environment. The following table displays the outcome and action for new deployment downgrade to Smart Licensing.

Outcome and Action for New Deployment Downgrade to Smart Licensing

In the SLP Environment

Downgrade to…

Outcome and Further Action

Standalone product instance, which is connected directly to CSSM, and trust established.

Action is required: You must reregister the product instance.

Action is required: You must re-register the product instance.

High Availability setup, which is connected directly to CSSM, and trust established.

Any release that supports Smart Licensing.

Action is required: You must re-register the product instance.

Generate an ID token in the CSSM Web UI and on the product instance, enable smart licensing using license smart enable and configure the license smart register idtoken idtoken all command in global configuration mode.

Any other topology. (Connected to CSSM Through CSLU, CSLU Disconnected from CSSM, No Connectivity to CSSM and No CSLU)

Any release that supports Smart Licensing.

Action is required: Restore licenses to a registered and authorized state by following the procedures that are applicable in the Smart Licensing environment.

Upgrade and Then Downgrade

If you upgrade to a software version that supports SLP and then downgrade to any of the earlier licensing models, license consumption does not change, and any product features you have configured on the product instance are preserved – only the features and functions that are available with SLP are not available anymore. Refer to the corresponding section below to know more about reverting to an earlier licensing model.

Upgrade to SLP and Then Downgrade to Smart Licensing

The outcome of the downgrade depends on whether a Trust Code was installed while you were still operating in the SLP environment, and further action may be required depending on the release you downgrade to. See Table 1.

Migrating to Smart Licensing Using Policy

To upgrade to SLP, upgrade the software version (image) on the switch to a supported version.

Before you Begin

Read the Upgrades section to understand how SLP handles various aspects of all earlier licensing models.

When migrating from traditional licensing model to SLP, license conversion takes place automatically.

Upgrading the Switch Software

See the corresponding release note for the upgrade procedure. If there are any general release-specific considerations, these are called-out in the corresponding release notes.

Also refer to the sample show command outputs of the migration scenarios provided below. Sample outputs are provided for before and after migration, for comparison.

Smart Licensing to Smart Licensing Using Policy

The following is an example of a Cisco MDS 9000 switch migrating from Smart Licensing to SLP. This is a High Availability setup with an active and standby.

The show command outputs below call-out key fields to check, before and after migration.

Smart Licensing to Smart Licensing Using Policy: show Commands

show license summary

Before Upgrade (Smart Licensing)


switch# show license summary
Smart Licensing is ENABLED

Registration:
  Status: REGISTERED
  Smart Account: BU Production Test
  Virtual Account: MDS-Avalon
  Export-Controlled Functionality: Allowed

License Authorization:
  Status: OUT OF COMPLIANCE on Oct 14 06:26:13 2021 UTC

  Last Communication Attempt: SUCCEEDED
  Next Communication Attempt: Oct 14 18:26:56 2021 UTC
  Communication Deadline: Jan 12 06:21:55 2022 UTC

Smart License Conversion:
  Automatic Conversion Enabled: False
  Status: Not started

License Usage:
License                    Entitlement tag                 Count   Status
-------------------------------------------------------------------------
MDS 9396T 32G 16 port a... (PORT_ACTIV_9396T_PKG)           48      OUT OF COMPL
IANCE
MDS 9300 series Enterpr... (ENTERPRISE_PKG)                 1       OUT OF COMPL
IANCE

After Upgrade (SLP)


switch# show license summary
License Usage:
License                    Entitlement tag                 Count   Status
-------------------------------------------------------------------------
MDS 9396T 32G 16 port-a... (PORT_ACTIV_9396T_PKG)           48      NOT AUTHORIZ
ED
MDS 9300 series Enterpr... (ENTERPRISE_PKG)                 1       IN USE

The Status field shows that the licenses are now IN USE instead of registered and authorized. The Count filed indicates the total number of ports that are consuming port licenses.

show license usage

Before Upgrade (Smart Licensing)


switch# show license usage
License Authorization:
  Status: OUT OF COMPLIANCE on Oct 14 06:26:13 2021 UTC

(PORT_ACTIV_9396T_PKG):
  Description: MDS 9396T 32G 16 port activation
  Count: 48
  Version: 1.0
  Status: OUT OF COMPLIANCE

(ENTERPRISE_PKG):
  Description: MDS 9300 series Enterprise package
  Count: 1
  Version: 1.0
  Status: OUT OF COMPLIANCE

After Upgrade (SLP)


switch# show license usage
License Authorization:
  Status: Not Applicable

(PORT_ACTIV_9396T_PKG):
  Description: MDS 9396T 32G 16 port-activation
  Count: 48
  Version: 1.0
  Status: NOT AUTHORIZED
  Enforcement Type: ENFORCED
  License Type: Enforced

(ENTERPRISE_PKG):
  Description: MDS 9300 series Enterprise package
  Count: 1
  Version: 1.0
  Status: IN USE
  Enforcement Type: NOT ENFORCED
  License Type: Generic

The license counts remain the same.

show license status

Before Upgrade (Smart Licensing)


switch# show license status
Smart Licensing is ENABLED

Registration:
  Status: REGISTERED
  Smart Account: BU Production Test
  Virtual Account: MDS-Avalon
  Export-Controlled Functionality: Allowed
  Initial Registration: SUCCEEDED on Oct 14 06:27:26 2021 UTC
  Last Renewal Attempt: None
  Next Renewal Attempt: Apr 12 06:27:26 2022 UTC
  Registration Expires: Oct 14 06:22:22 2022 UTC

License Authorization:
  Status: OUT OF COMPLIANCE on Oct 14 06:26:13 2021 UTC

  Last Communication Attempt: SUCCEEDED on Oct 14 06:27:57 2021 UTC
  Next Communication Attempt: Oct 14 18:27:56 2021 UTC
  Communication Deadline: Jan 12 06:22:54 2022 UTC

Smart License Conversion:
  Automatic Conversion Enabled: False
  Status: Not started

After Upgrade (SLP)


switch# show license status

Utility:
    Status: DISABLED

Smart Licensing using Policy:
    Status: ENABLED

Data Privacy:
    Sending Hostname: yes
    Callhome Hostname Privacy: DISABLED
        Smart Licensing Hostname Privacy: DISABLED
    Version Privacy: DISABLED

Transport:
    Type: CSLU
    Cslu address: cslu-local

Policy:
    Policy in use: Merged from multiple sources
    Reporting ACK required: Yes
    Unenforced/Non-Export:
        First report requirement (days): 90 (CISCO default)
        Ongoing reporting frequency (days): 365 (CISCO default)
        On change reporting (days): 90 (CISCO default)
    Enforced (Pepertual/Subscription):
        First report requirement (days): 0 (CISCO default)
        Ongoing reporting frequency (days): 0 (CISCO default)
        On change reporting (days): 0 (CISCO default)
    Export (Perpetual/Subscription):
        First report requirement (days): 0 (CISCO default)
        Ongoing reporting frequency (days): 0 (CISCO default)
        On change reporting (days): 0 (CISCO default)

Miscellaneous:
    Custom Id: <empty>

Usage reporting:
    Last ACK received: <none>
    Next ACK deadline: Jan 12 08:39:14 2022 UTC
    Reporting push interval: 30 days
    Next ACK push check: <none>
    Next report push: Oct 14 08:40:00 2021 UTC
    Last report push: <none>
    Last report file write: <none>

Trust Code installed: Jan 12 08:39:14 2022 UTC
Active: PID: DS-C9148T-K9, SN: JPG220700PY
Jan 12 08:39:14 2022 UTC 

The Transport:field:A transport type was configured and therefore retained after upgrade.

The Policy: header and details: A custom policy was available in the Smart Account or Virtual Account β€” this has also been automatically installed on the switch. (After establishing trust, CSSM returns a policy. The policy is then automatically installed.)

The Usage Reporting: header: The Nextreport push: field provides information about when the switch will send the next RUM report to CSSM.

The Trust Code Installed: field: The ID token is successfully converted and a trusted connection has been established with CSSM.

show license udi

Before Upgrade (Smart Licensing)


 switch# show license udi
 UDI: SN:JPG22060061

After Upgrade (SLP)


switch# show license udi 
UDI: PID:DS-C9396T-K9, SN:JPG22060061
HA UDI List:
    Active: PID:DS-C9396T-K9, SN:JPG22060061

This is a High Availability setup, and the command displays all UDIs in the setup.

The CSSM Web UI After Migration

Log in to the CSSM Web UI at https://software.cisco.com/software/smart-licensing/alerts. Under Inventory > Product Instances.

Registered licenses in the Smart Licensing environment were displayed with the hostname of the switch in the Name column. After upgrading to SLP, they are displayed with the UDI of the switch. All migrated UDIs are displayed. In this example, they are PID:C9500-16X,SN:FCW2233A5ZV and PID:C9500-16X,SN:FCW2233A5ZY.

Only the active switch reports usage. Therefore, PID:C9500-16X,SN:FCW2233A5ZV displays license consumption information under License Usage.

Smart Licensing to Smart Licensing Using Policy: Active and Standby Switches After Migration
Smart Licensing to Smart Licensing Using Policy: UDI and License Usage under Active Switch
Smart Licensing to Smart Licensing Using Policy: DCN NDB/RTU Licenses Showing up After Upgrade

Reporting After Migration

The switch sends the next RUM report to CSSM, based on the policy.

To change the reporting interval to report more frequently: on the switch, configure the license smart usage interval command.

Evaluation or Eval Expired to Smart Licensing Using Policy

The following is an example of a Cisco MDS 9000 switch with evaluation licenses (Smart Licensing) that were migrated to SLP.

The notion of evaluation licenses does not apply to SLP. When the software version is upgraded to one that supports SLP, all licenses are displayed as IN USE and the Cisco default policy is applied to the switch.

The following table calls out key changes or new fields to check for in the show command outputs, after upgrade to SLP.

Evaluation or Eval Expired to Smart Licensing Using Policy: show Commands

show license summary

Before Upgrade (Smart Licensing, Evaluation Mode)


switch# show license summary
Smart Licensing is ENABLED

Registration:
  Status: UNREGISTERED
  Export-Controlled Functionality: Not Allowed

License Authorization:
  Status: EVAL MODE
  Evaluation Period Remaining: 89 days, 21 hours, 13 minutes, 49 seconds

Smart License Conversion:
  Automatic Conversion Enabled: False
  Status: Not started

License Usage:
License                    Entitlement tag                 Count   Status
-------------------------------------------------------------------------
<empty>                    (ENTERPRISE_PKG)                 1       EVAL MODE
<empty>                    (PORT_ACTIV_9396T_PKG)           48      EVAL MODE

After Upgrade (SLP)


switch# show license summary
License Usage:
License                    Entitlement tag                 Count   Status
-------------------------------------------------------------------------
MDS 9396T 32G 16 port-a... (PORT_ACTIV_9396T_PKG)           48      NOT AUTHORIZED
MDS 9300 series Enterpr... (ENTERPRISE_PKG)                 1       IN USE

All licenses are migrated and IN USE.There are no EVAL MODE licenses.

show license usage

Before Upgrade (Smart Licensing, Evaluation Mode)


switch# show license usage
License Authorization:
  Status: EVAL MODE
  Evaluation Period Remaining: 89 days, 21 hours, 13 minutes, 10 seconds

(ENTERPRISE_PKG):
  Description: <empty>
  Count: 1
  Version: 1.0
  Status: EVAL MODE

(PORT_ACTIV_9396T_PKG):
  Description: <empty>
  Count: 48
  Version: 1.0
  Status: EVAL MODE

After Upgrade (SLP)


switch# show license usage
License Authorization:
  Status: Not Applicable

(PORT_ACTIV_9396T_PKG):
  Description: MDS 9396T 32G 16 port-activation
  Count: 48
  Version: 1.0
  Status: NOT AUTHORIZED
  Enforcement Type: ENFORCED
  License Type: Enforced

(ENTERPRISE_PKG):
  Description: MDS 9300 series Enterprise package
  Count: 1
  Version: 1.0
  Status: IN USE
  Enforcement Type: NOT ENFORCED
  License Type: Generic

show license status

Before Upgrade (Smart Licensing, Evaluation Mode)


switch# show license status

Smart Licensing is ENABLED

Registration:
  Status: UNREGISTERED
  Export-Controlled Functionality: Not Allowed

License Authorization:
  Status: EVAL MODE
  Evaluation Period Remaining: 89 days, 21 hours, 12 minutes, 51 seconds

Smart License Conversion:
  Automatic Conversion Enabled: False
  Status: Not started

After Upgrade (SLP)


switch# show license status

Utility:
    Status: DISABLED

Smart Licensing using Policy:
    Status: ENABLED

Data Privacy:
    Sending Hostname: yes
    Callhome Hostname Privacy: DISABLED
        Smart Licensing Hostname Privacy: DISABLED
    Version Privacy: DISABLED

Transport:
    Type: CSLU
    Cslu address: cslu-local

Policy:
    Policy in use: Merged from multiple sources
    Reporting ACK required: Yes
    Unenforced/Non-Export:
        First report requirement (days): 90 (CISCO default)
        Ongoing reporting frequency (days): 365 (CISCO default)
        On change reporting (days): 90 (CISCO default)
    Enforced (Pepertual/Subscription):
        First report requirement (days): 0 (CISCO default)
        Ongoing reporting frequency (days): 0 (CISCO default)
        On change reporting (days): 0 (CISCO default)
    Export (Perpetual/Subscription):
        First report requirement (days): 0 (CISCO default)
        Ongoing reporting frequency (days): 0 (CISCO default)
        On change reporting (days): 0 (CISCO default)

Miscellaneous:
    Custom Id: <empty>

Usage reporting:
    Last ACK received: <none>
    Next ACK deadline: Jan 12 08:39:14 2022 UTC
    Reporting push interval: 30 days
    Next ACK push check: <none>
    Next report push: Oct 14 08:40:00 2021 UTC
    Last report push: <none>
    Last report file write: <none>

Trust Code installed: <none>

The CSSM Web UI After Migration

No changes in the CSSM Web UI.

Reporting After Migration

Implement any one of the supported topologies and fulfill reporting requirements. See Supported Deployment Models and Topologies. The reporting method depends on the implemented topology.

Feature History for Smart Licensing Using Policy

Release Feature Feature Information

Cisco MDS 9000 NX-OS Release 9.2(2)

Smart Licensing Using Policy (SLP)

This feature was introduced.