Guidelines and Limitations
This section lists guidelines and limitations that are related to the Cisco DCNM Release 11.1(1).
-
The icons or fonts on Cisco DCNM GUI may not appear correctly on Microsoft Windows 10 browsers. This problem can occur if your Windows 10 is set to block untrusted fonts or some security or mitigation options. Microsoft's Internet Explorer Browser Support team has provided with the following steps to address this issue.
Configure the Allow Font Downloads Internet Explorer Setting on the Internet Zone and Restricted Sites Zone (enabled by default). Perform the following steps:
-
Search for Group Policy Editor in Control Panel.
-
Choose Computer Configuration > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page > Internet Zone > Allow Font Downloads.
-
Double click and choose the Enabled radio button.
-
Click OK.
-
Choose Computer Configuration > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page > Restricted Sites Zone > Allow Font Downloads.
-
Double click and choose the Enabled radio button.
-
Click OK.
-
Restart the computer so that the new setting takes effect.
-
-
You must apply patch for any changes that happen on switch side (Nexus 3000 and/or Nexus 9000), to enable Cisco DCNM to support those features. To apply that patch to your Cisco DCNM Native HA setup, follow the steps below:
-
Stop the services on the Active node using the /etc/init.d/FMServer stop command.
-
Run patch.sh on the Active node.
-
Run patch.sh on Standby node.
Note
Services are not stopped on Standby node.
-
Start services on the Active node using the /etc/init.d/FMServer start command.
-
Stop the services on Active node using the /etc/init.d/FMServer stop command, and roll back the patch.
-
Roll back the patch on the Standby node.
-
Start services on the Active node using /etc/init.d/FMServer start command.
-
-
The Cisco DCNM Virtual Machine Manager integration does not display in topology when the PKCS12 certificate is used. The REST API call to the ElasticSearch fails, and hence the Compute visualization feature does not work. This is because ElasticSearch uses the same SSL, and when you create a new self-signed SSL, you have to maintain the same version with ElasticSearch as well. Therefore the issue is with creating a self-signed SSL and then having the old one at /usr/elasticsearch/fmserver.jks. To address this issue, use JKS keystore format and do not use the PKCS12 certificate. Make sure that the same JKS file is copied to both JBoss and ElasticSearch locations.
-
To check the status of the running Postgres database in Native HA setup, use pg_ctl command. Do not use the systemctl command.
-
Do not begin the password with Hash (#) symbol. Cisco DCNM considers the password as an encrypted text if it begins with # symbol.
-
POAP Dynamic Breakout—From Cisco NX-OS Release 7.0(3)I4(1), POAP dynamically breaks out ports to detect a DHCP server behind one of the broken-out ports. Previously, the DHCP server that is used for POAP was directly connected to a normal cable as the breakout cables were not supported. POAP determines which breakout map (for example, 10gx4, 50gx2, 25gx4, or 10gx2) brings up the link that is connected to the DHCP server. If breakout is not supported on any of the ports, POAP skips the dynamic breakout process. After the breakout loop completes, POAP proceeds with the DHCP discovery phase as normal.
Cisco DCNM leverages the dynamic breakout to simplify the fabric setup by retaining successful breakout configuration. Since dynamic breakout requires the other side of the link to be active, there are circumstances where you must manually breakout interfaces, or may notice breakout in places which are not desired. In those situations, you must adjust the ports on the Interfaces page before performing Save and Deploy in the Fabric Builder.
-
Before using the licensed features, install a Cisco DCNM license for each Nexus-managed platform. For information about licensing, see the Cisco DCNM Licensing Guide, Release 11.x.
-
Depending on how a switch handles the cdp enable CLI command (enabled or disabled by default), Cisco DCNM shows this as config difference, although the Save and Deploy operation is performed to correct it. This depends on the default behavior of the switch image (that is, whether the show running-config shows the CLI or not). To address this issue, the respective policy template that is applied on the interfaces must be updated, so that the CLI is ignored during the configuration compliance check.
-
Create a free-form configuration on all the white box switches that are managed by Cisco DCNM as shown below, and deploy them on all the switches before the final Save and Deploy operation.
line console speed 115200 stopbits 2
This is only applicable to the Cisco DCNM LAN Fabric mode.
-
On Microsoft Windows 2016 Standard server, run the Cisco DCNM installation EXE file as an administrator. Cisco DCNM installation will not start on Microsoft Windows 2016 Standard server unless you set the EXE file as an administrator. To start the installation EXE file, you can right-click on the EXE file, and choose Run as administrator.
-
When the Cisco Nexus 9000v Virtual Switches are cloned, they may use the same serial number. Since Cisco DCNM discovers them using the same serial number, the device discovery operation fails.
-
Addition of FEX or breakout of interfaces is not supported in External Fabrics.
-
You cannot access the Cisco DCNM Web UI, when the user system is configured with the same IP address range as that of internal subnet used by the Application Framework in DCNM. For more information, see Cisco DCNM Troubleshooting Guide.
-
The VXLAN OAM feature in Cisco DCNM is only supported on a single fabric or site.
-
You cannot configure ICAM on the Cisco Nexus 9000 Series Switches Release 7.0(3)I7(6), and therefore, the telemetry will fail until the switch issue is resolved.
-
Though you can delete PMN hosts, we recommended that you use this option with extreme caution, understanding that manual effort is needed to bring the solution back in sync.
-
Cisco DCNM in Media Controller Deployment Release 11.x does not support non-default VRFs for Cisco Nexus 9000 Release 9.3(x).
-
From Cisco DCNM Release 11.2(1), the Device Connector allows you to change the access mode via the Web UI at Administration > DCNM Server > Device Connector > Settings > General. The Cisco Intersight will not configure its device connector, and therefore, the Read-Only and Allow Control access mode in the Device Connector are not operational.
-
Cisco DCNM does not support hot snapshots. While taking snapshots, we recommend that you power off the VM. Otherwise, ensure that you uncheck the Snapshot the virtual machine's memory option.
-
Cisco DCNM does not support suspending or unsuspending of the VMs.
-
Do not install NIR on standalone DCNM
-
If NIR was installed and stopped, it does not stop service containers running on DCNM compute nodes.
If the NIR application is deleted from DCNM, a few service containers continues to run DCNM compute nodes and must be stopped manually using afw service commands.
-
When DCNM Tracker is enabled, the NIR LAN Telemetry feature in Managed mode and the EPL feature with the Configure my Fabric option selected, will not work. As a workaround, disable the DCNM tracker on the switches that are configured during the EPL or NIR LAN Telemetry configuration. For EPL, disable the DCNM tracker on the Spines/Route Reflectors (both RR1 and RR2). For NIR LAN Telemetry, disable the DCNM tracker on all the switches selected for telemetry configuration.
-
The DCNM installer creates a _deviceImage-0.iso in the DCNM VM folder and mounts the ISO permanently to the VM. If this ISO is removed or the CD/DVD is disconnected, the VM will not boot. The VM will enter Emergency Mode and prompt you with the message:Give root password for maintenance. If the VM is down, CD/DVD drive can be disconnected. However, after you power it up again, the VM will enter Emergency Mode and provide a prompt.
-
For leaf-leaf ports in non-VPC cases, DCNM will always push the shutdown command. If you want to bring up the port, add the no cdp enable command to the interface freeform policy on one of the ports.
-
Two-factor authentication is not supported in DCNM.
-
In Cisco DCNM SAN deployment, if the DCNM server streaming the SAN analytics is over-utilized, the Elasticsearch database service goes down. This results in performance issues. The Pipeline service may be consuming all the CPU and system resources on the Cisco DCNM server. To troubleshoot this, do the following task:
-
Stop the Pipeline service.
-
Reduce the streaming load from the MDS fabric.
-
Start Elasticsearch service.
-
Start the Pipeline service.
-
-
In Cisco DCNM SAN deployment, when you enable or disable alarms on a Primary node, it will not be applied to all the nodes in the Federation. You must manually enable or disable alarms on all nodes on all servers in the Federation setup. You must restart the DCNM Server to apply the changes.
-
In Cisco DCNM SAN deployment, when you add or delete alarm policies on a Primary node, it will not be applied to all the nodes in the Federation. You must restart all the DCNM servers to apply this change on all servers in the Federation setup.
-
In Cisco DCNM SAN deployment, when you modify the server properties on Cisco DCNM Web UI > Administration > DCNM Server > Server Properties on a Primary node, it will not be applied to all the nodes in the Federation. You must manually make the changes to the server properties on all nodes on all servers in the Federation setup. You must restart the DCNM Server to apply the changes.
-
SAN Insights is not recommended on Windows Deployments, and is no longer supported from Release 11.3(1).
-
SAN Insights is best supported on Linux from Release 11.0(1), and on Cisco DCNM OVA/ISO deployments from Release 11.3(1).
-
From Cisco DCNM Release 11.3(1), you cannot download the SAN Client package from the Software Downloads page. You must install Cisco DCNM, launch Web UI to download the SAN Client and Device Manager. For more information, Cisco DCNM Installation and Upgrade Guide for SAN Deployment.
-
We recommend that you do not upgrade any underlying third-party software separately. All the necessary software components will be DCNM upgrade will cause performance issues.
Certain commands must not be executed on Cisco DCNM, as they may harm the functionality of various components on the network. The following table shows the commands and specifies the reason why they must not be executed.
Command |
Reason |
---|---|
systemctl restart network |
This is a common Linux command that the network administrators use when editing the interface properties. The command has shown to render the DCNM useless when converting to the cluster mode. Use the equivalent appmgr commands for changing any IP addresses for eth0, eth1, or eth2 interfaces. |