Jun 10, 2024 — ... map. Topology dashboard. Table 6: Crosswork Data Gateway. What's New? Feature. Crosswork ... This guide includes Cisco. Crosswork Data Gateway installation.
Cisco Crosswork Network Controller 7.0 What's New in this Release (EFT) First Published: 2024-06-10 This document provides What's New in this Release information for Cisco Crosswork Network Controller 7.0 EFT. Overview Y Cisco Crosswork Network Controller empowers customers to simplify and automate intent-based network service provisioning, monitoring and optimization in a multi-vendor network environment with a common P GUI and API. The solution combines intent-based network automation to deliver critical capabilities for service orchestration and fulfillment, network optimization, service path computation, device deployment and management, and O anomaly detection with the option for automated remediation. Using telemetry gathering and automated responses, Cisco Crosswork Network Controller delivers network optimization capabilities that would be nearly impossible to replicate even with a highly skilled and dedicated staff operating the network. The fully integrated solution combines core capabilities from multiple innovative, industry-leading products C including Cisco Network Services Orchestrator (NSO), Cisco Segment Routing Path Computation Element (SR-PCE), Cisco WAN Automation Engine (WAE), Cisco Crosswork Data Gateway, and an evolving suite of applications operating on the Cisco Crosswork Infrastructure. Its unified user interface allows real-time visualization of the network topology and services, as well as service and transport provisioning, via a single T pane of glass. While its feature-rich API allows operators to seamlessly integrate the solution with other applications they use to operate, monitor, and provision services on the network. Solution Components F Cisco Crosswork Network Controller 7.0.x components hosted on the Crosswork cluster: A Table 1: Component DRCisco Crosswork Infrastructure Description A resilient and scalable platform on which all of the Cisco Crosswork applications can be deployed. The infrastructure is based on a cluster architecture for extensibility, scalability, and high availability. Cisco Crosswork Data Gateway A secure, common collection platform for gathering network data from multi-vendor devices that supports multiple data collection protocols including MDT, SNMP, CLI, standards-based gNMI (dial-in), and syslog. Cisco Crosswork Network Controller 7.0 What's New in this Release (EFT) 1 Solution Components REVIEW DRAFT - CISCO CONFIDENTIAL Component Description Cisco Crosswork Optimization Engine Provides closed-loop tracking of the network state and real-time network optimization in response to changes in network state, allowing operators to effectively maximize network capacity utilization, as well as increase service velocity. Provides traffic engineering visualization of SR-MPLS, SRv6, DRAFT COPY CiscoCrossworkHealthInsights (optional add-on) Cisco Crosswork Change Automation (optional add-on) Cisco Crosswork Active Topology Cisco Service Health Cisco Crosswork Zero-Touch Provisioning (optional add-on) and RSVP-TE policies. A network health application that performs real-time Key Performance Indicator (KPI) monitoring, alerting, and troubleshooting. Using the UI and a robust set of APIs, operators can leverage any combination of Cisco-provided or their own custom-built KPIs to dynamically detect changes to the network's performance. When combined with Cisco Crosswork Change Automation remediation of issues detected in the network can be performed with a simple click or through predefined automated responses. Automates deploying changes to the network to simplify day-to-day operations (implement normal changes) or to deploy changes manually or through automated responses to events detected using Crosswork Health Insights. An application of Crosswork Network Controller that enables VPN (L2VPN, L3VPN) service provisioning, service oriented transport (SR-MPLS, SRv6, CS-SR, RSVP-TE) provisioning and topology visualization. Through service extensibility features operators can customize both the service creation and service visualization capabilities provided by Crosswork Active Topology. An application that overlays a service level view of the environment, making it easier to monitor the health of L2VPN and L3VPN services. It enables you to see how issues impact services traversing the network. By providing visibility into the health of network services, it helps prioritize remediation efforts and informs operators about deviations from service level agreements (SLAs). Automatic onboarding of new IOS-XR and IOS-XE devices and provisioning of Day0 configuration, resulting in faster deployment of new hardware at a lower operating cost. Products that integrate with Cisco Crosswork Network Controller 7.0.x: Cisco Crosswork Network Controller 7.0 What's New in this Release (EFT) 2 REVIEW DRAFT - CISCO CONFIDENTIAL Solution Components Table 2: Component Description Cisco Network Services Orchestrator An orchestration platform that makes use of pluggable function packs to translate network-wide service intent into device-specific configuration. Cisco NSO provides flexible service orchestration and lifecycle management across physical network elements and DRAFT COPY cloud-based virtual network functions (VNFs), fulfilling the role of the Network Orchestrator (NFVO) within the ETSI architecture. It provides complete support for physical and virtual network elements, with a consistent operational model across both. It can orchestrate across multi-vendor environments and support multiple technology stacks, enabling extension of end-to-end automation to virtually any use case or device. Cisco Segment Routing Path Computation An IOS-XR multi-domain stateful PCE supporting both segment Element (SR-PCE) routing (SR) and Resource Reservation Protocol (RSVP). Cisco SR-PCE builds on the native Path Computation Engine (PCE) abilities within IOS-XR devices, and provides the ability to collect topology and segment routing IDs through BGP-LS, calculate paths that adhere to service SLAs, and program them into the source router as an ordered list of segments. Cisco WAN Automation Engine (WAE) A network design and planning tool used to visualize and optimize networks. The network abstraction contains all relevant information, including topology, configuration, and traffic details. Users leverage WAE to model, simulate and analyze failures, design changes, and the impact of traffic growth. Cisco WAE also provides traffic and topology analysis to Crosswork Change Automation and Crosswork Health Insights, playing a crucial role in various integrations, such as: · Network Optimization: Provides traffic and topology analysis, helping optimize network resources and ensures efficient routing, capacity planning, and performance improvements. · Service Assurance: Integrates with service assurance platforms and monitors network health, detects anomalies, and triggers corrective actions. · SDN and NFV: Automates network provisioning and adapts to dynamic changes, ensuring service continuity and efficient resource utilization. · Multi-Vendor Environments: Supports multi-vendor networks and bridges gaps between different network elements, enhancing interoperability. Cisco Crosswork Network Controller 7.0 What's New in this Release (EFT) 3 What's New in this Release REVIEW DRAFT - CISCO CONFIDENTIAL What's New in this Release The following tables list the primary new features and functionality introduced in Cisco Crosswork Network Controller 7.0: · Table 3: Traffic Engineering · Table 4: Service Health DRAFT COPY ·Table5:Topology · Table 6: Crosswork Data Gateway · Table 7: Device Lifecycle Management · Table 8: Platform Infrastructure · Table 9: Documentation Table 3: Traffic Engineering Feature Bandwidth on Demand (BWoD) feature pack Alarms and Events Virtual Routing and Forwarding (VRF) Interface Index (IfIndex) IS-IS Layer 1 and Layer 2 Cisco WAN Automation Engine (WAE) plan file Interface Names What's New? You now have the option to have BWoD find a path with a specified Flexible Algorithm SID. The acceptable SID values are 0, 1, and 128-255. Traffic engineering alarms and events have been added or updated to be more consistent with other Crosswork services. Duplicate IP addresses on two interfaces in the same router are now supported when configured in a VRF table. Crosswork now supports multiple IP addresses on a single IfIndex. Crosswork now discovers L1 and L2 links. They are displayed on the topology map as dotted lines between devices. You can now export a plan file from Crosswork to be used in WAE. A plan file is comprised of a series of tables that store information about a network, including topology, configuration information, traffic, failure state, and visual layout. Crosswork now abstracts any non-standardized interface name and populates the interfaceName value. As a result, only the interfaceName is used which helps alleviate device telemetry, polling, and configuration problems. The Link Summary details page now displays the following field changes: · Interface Name--Reflects the interfaceName value. · Interface Description--If applicable, reflects the non-standardized interface name. Cisco Crosswork Network Controller 7.0 What's New in this Release (EFT) 4 REVIEW DRAFT - CISCO CONFIDENTIAL Table 4: Service Health Feature Monitor Service Health using Accedian Skylight What's New? What's New in this Release DRAFT COPY Cisco Crosswork Network Controller 7.0 What's New in this Release (EFT) 5 What's New in this Release REVIEW DRAFT - CISCO CONFIDENTIAL Feature What's New? Crosswork Network Controller can leverage external probing from Accedian Skylight to measure performance metrics of the L3VPN services. These metrics are then compared with the contracted SLA (defined in the Heuristic package), and the results are accessible on the UI for further analysis. You can monitor 2000 L3VPN services and 200 sessions per service. DRAFT COPY Note Monitoring L3VPN services using Accedian Skylight is only possible with Advanced monitoring and requires a Skylight Essentials license. See Skylight Licensing Tiers for more information. Sign up and create an account with the self sign-up tool to access the Skylight Solution documentation. Prerequisites 1. Install the Accedian Skylight Solution. Note This is a guided installation and will be led by Cisco's Customer Experience (CX) team. The Accedian Skylight Solution has the following components: a. Skylight Analytics b. Skylight RoadRunner c. Skylight Orchestrator d. Agent - a SFP plugged into routers 2. Have the following certificates from Accedian Skylight downloaded on your local system or on a folder that can be accessed by Crosswork Network Controller: · CA certificate · Client certificate · Client key 3. Add Accedian Skylight as a Provider in Crosswork Network Controller a. Create a credential profile. Navigate to Administration> Credential Profiles, click + to create a new profile. Enter a name. Enter protocols as HTTPS and gNMI. Add a username and password for both the protocols and click Save. b. Create a certificate profile. Navigate to Administration > Certificate Management, click + to add a certificate profile. Enter a name, select the Certificate Role as Accedian Provider Mutual Auth. Upload the Cisco Crosswork Network Controller 7.0 What's New in this Release (EFT) 6 REVIEW DRAFT - CISCO CONFIDENTIAL What's New in this Release Feature What's New? certificates (ca_cert.pem, client_cert.pem, and client_key.key). c. Onboard Accedian as a provider. Navigate to Administration > Manage Provider Access , click +. Enter details in the fields that are displayed and click Save. · Provider Name: Enter a name for Accedian provider. DRAFT COPY · Credential profile: Select the credentialprofile that you had created for Accedian. · Family: Select ACCEDIAN_PROXY. · Certificate profile : Select the Accedian certificate profile that you created in Step 2. · Connection types: Supported protocols are automatically updated from the Accedian credential profile. · IP addresses: Enter IP addresses in IPv4 format · Ports: Enter 443 for HTTPS and a port value for GNMI. · Encoding Type: Select PROTO (Only encoding of type PROTO is supported). d. Confirm reachability 1. From the main menu, choose Administration > Manage Provider Access. 2. Confirm that the Accedian Skylight provider shows a green reachability status without any errors High-Level Workflow After an L3VPN service is provisioned with the probe intent and service monitoring is enabled, a probe session to monitor the service starts automatically (by invoking RESTConf APIs). The probe intent and probe topology are learnt from provisioned service.The following probe intents are supported: · Agent configurations: ne-id, VLAN, IP, sub-interface · Topology: point-to-point, hub-spoke, full-mesh The list of RESTConf APIs that are invoked to provision probes sessions are: · endpoint, session, service, session activation Cisco Crosswork Network Controller 7.0 What's New in this Release (EFT) 7 What's New in this Release REVIEW DRAFT - CISCO CONFIDENTIAL Feature What's New? Service Health automatically subscribes to gNMI telemetry from the Accedian Skylight provider. Accedian Skylight streams the probe metrics to Crosswork Data Gateway. Crosswork Data Gateway collects the data using parameterized collection jobs. Service Health evaluates the metrics against the thresholds in the Heuristic Packages and reports symptoms and health status in the UI. DRAFT COPY ViewProbeSessionDetailsontheUI You can view the probe session details for a service under the Probe Sessions tab on the Service Details page. Click the graph icon next to a probe session for a detailed view of the performance metrics. To view the Performance Metrics for a service in a carousel view, click the '...' icon in the Actions column. The Historical Data tab displays the historical data of the metric values for the last 24 hours or from the time when monitoring was enabled for the service, whichever is lesser. Reactivate Probe Sessions from UI You can reactivate the probe sessions for a L3VPN service with probe provisioning errors by clicking the Reactivate Probe for the service. The Probe Sessions page gets updated automatically to reflected the updated metrics if the probe session was reactivated successfully. Historical metric data in the Service The Service Details page for L2VPN and L3VPN services includes Details page historical data for selected metrics. The following metrics are displayed: · L2VPN service - Latency, Jitter, Packet Loss (SD, DS), Delay (SR-PM), Variance (SR-PM) · L3VPN service - Delay, Variance Service Health dashboard The historical data will be available for 90 days, with an option to select a specific time range to display a chart for each metric. A new Service Health Dashboard displays a consolidated view of L2VPN and L3VPN services. It also shows the Session and SLA Breaches of the L2VPN and L3VPN services. Cisco Crosswork Network Controller 7.0 What's New in this Release (EFT) 8 REVIEW DRAFT - CISCO CONFIDENTIAL What's New in this Release Table 5: Topology Feature What's New? Enhanced topology visualization Cisco Crosswork Network Controller 7.0 introduces enhanced navigation, of large VPNs provisioning and visualization of the service overlay and details for large VPNs that contain more than 50 endpoints and up to 5,000 VPN nodes. When a user selects a VPN service in the UI that is too large to display in DRAFT COPY full (sincea maximumof 50 endpointscan only be displayedat one time), they can click Select endpoints and choose from a list of endpoints so to visualize the service overlay and details. The list shows only the endpoints on devices in the current selected device group. The list also provides filters to easily narrow down the list of endpoints to select. Preconditions and limitations: · Large VPN with more than 50 endpoints only supported for L3VPN with IETF NM model based service intent. · Maximum number of vpn-node (PE) in the L3VPN: 5,000. · Maximum number of endpoints (UNI/PE-CE interface) in the L3VPN: 20,000. · Maximum number of policies or tunnels per large VPN: 5,000. · Maximum number of large VPN service instances in each deployment: 6. · Recommended provisioning of endpoints in a single request with a single L3VPN: 500. Enhancements in the Topology The Topology UI has the following updates: UI - Links Visualization · The newly added Links tab shows all links in the displayed map on the left panel. · The Devices tab contains a global links table displaying all link details and metrics present in the topology map on the left panel. · The following link metrics are collected for Topology visualization in both map and details panels: · Bandwidth utilization, Packet error and Packet drops. · Delay and Jitter - These metrics are collected only when Crosswork Service Health is installed and SR-PM is enabled. · In the Topology map, you can display the link color based on a chosen metric, and define thresholds for these metrics from the Administration > Topology > Metric Thresholds page. · The Link Details page has a History tab to display historical data for all collected metrics. Cisco Crosswork Network Controller 7.0 What's New in this Release (EFT) 9 What's New in this Release REVIEW DRAFT - CISCO CONFIDENTIAL Feature Topology dashboard What's New? A new Topology dashlet has been added to the Dashboards page. It provides details about L2 and L3 links, along with link metrics. Clicking on L2 or L3 links in the dashboard takes you to the Topology UI, where the relevant map is displayed in the left pane. The Devices and Links tabs in the right pane provide details about the devices and links in the map. DRAFT COPY Table6:CrossworkDataGateway Feature What's New? Support for dual-stack configurations Crosswork Network Controller introduces support for dual-stack configurations, enabling the system to establish connections using both IPv4 and IPv6 protocols. With this enhancement, Crosswork can now seamlessly communicate with various systems (such as NTP, DNS, Syslog) and devices (SSH, SNMP, MDT) concurrently over both IPv4 and IPv6. In dual-stack mode, Crosswork gives priority to IPv6 for all communication purposes. For information on configuring a dual stack when creating or editing a pool and adding destinations, see Cisco Crosswork Network Controller 7.0 Administration Guide. A new custom package to support different file formats The Crosswork UI offers the capability to upload the aggregate package, a newly introduced custom package type. This innovative aggregate package feature allows you to combine and merge various southbound file formats into a single, unified package. For information on the adding and downloading the aggregate packages through the Crosswork UI, see Cisco Crosswork Network Controller 7.0 Administration Guide. Crosswork Data Gateway is deployable on VMware vCenter version 8.0 Cisco Crosswork Network Controller 7.0 and Crosswork Data Gateway instances can be installed on VMware vCenter and ESXi version 8.0. For information on the installation of Crosswork Data Gateway on vCenter, see Cisco Crosswork Network Controller 7.0 Installation Guide. Embedded Collectors The Embedded Collectors is an on-premises solution that collects network data through collector services. The collectors support data collection from multivendors devices using secure protocols such as SNMP, CLI, gNMI, and Syslog. Later, the collector transfers the data to either Cisco Crosswork or external destinations, such as Kafka or external gRPC. For information on the installation of embedded collectors, see Cisco Crosswork Network Controller 7.0 Installation Guide. Cisco Crosswork Network Controller 7.0 What's New in this Release (EFT) 10 REVIEW DRAFT - CISCO CONFIDENTIAL What's New in this Release Feature What's New? Interactive menu option for The interactive menu has been improved with a new option that enables changing the controller IP of a data you to modify the controller's IP or FQDN in these scenarios: gateway · A data gateway may fail to enroll with Crosswork Network Controller if deployed with an invalid controller. · A data gateway is registered with a Crosswork Network Controller, DRAFT COPY Table7:DeviceLifecycleManagement Feature Device Management Software Image Management and the controller's VIP IP or IP is changed to an FQDN. This change might be necessary for Geo Redundancy configuration. For more information on how to use the new menu option, see the Configure Controller IP for Crosswork Data Gateway section in Cisco Crosswork Network Controller 7.0 Administration Guide. What's New? Network management has been enhanced with new features allowing for customized monitoring and management of network devices. These include: · Tag Management window to manage the tags available for assignment to the devices in your network. Tags can provide information such as the device's physical location and its administrator's email ID, which can be used to group devices. · A comprehensive Network Inventory overview listing device names, types, hardware details, and operational statuses. · Device-level inventory control for precise management. · Regular inventory synchronization for up-to-date network device tracking. · Options for Device Groups and Port Groups are available, which can be utilized for performance monitoring data collection based on specific parameters. Crosswork's Software Image Management (SWIM) now offers improved management of device software images, enabling seamless deployment, upgrades, and downgrades across a two-version range. Additionally, it supports specialized firmware upgrades for Field Programmable Devices (FPD) to maintain devices with unique firmware needs efficiently. Cisco Crosswork Network Controller 7.0 What's New in this Release (EFT) 11 What's New in this Release REVIEW DRAFT - CISCO CONFIDENTIAL Feature What's New? Monitoring Policies Monitoring policies help you control how Crosswork monitors your network. You can create and customize different monitoring policies to monitor network wide device information to manage your network health. Monitoring policies are available for: · Device Health DRAFT COPY ManagingAlerts Zero Touch Provisioning · Interface Health · Optical SFP Interfaces · Optical ZR Pluggable Devices Crosswork's alert management has been improved to offer a more comprehensive system notification experience, incorporating alarms for immediate issues and events for significant occurrences. Enhancements include: · Standardized alarms and events notifications for better integration and visibility. · Customizable metrics selection for detailed transport path views and historical trends. · Option to configure and customize your settings to receive alerts. · A unified view of service metrics along the transport path, depending on activated monitoring policies. · System-level event processing with throttling mechanisms to prevent system overload and maintain network stability and performance. · UI/UX workflow changes Zero Touch Provisioning sub-menu is integrated under "Device Management" section of the UI main menu, consolidating various individual sub-menus. This allows user to go to a landing page where Serial numbers/OVs, Config Files, ZTP Profiles and Devices can be configured while optimizing redundant functions and ensuring no impact to end-to-end ZTP operations. · ZTP-SWIM integration for Image CRUD ZTP and SWIM will be packaged together as part of Single VM based Crosswork Network Controller deployment. · Enhance API-Ul to support new vendor field New Vendor field has been added in "Add device" "Add Configuration Files" and " Add Profile" menus. Cisco Crosswork Network Controller 7.0 What's New in this Release (EFT) 12 REVIEW DRAFT - CISCO CONFIDENTIAL What's New in this Release Table 8: Platform Infrastructure Feature What's New Geo Redundancy This release introduces the second phase of the geo redundancy solution for Crosswork Network Controller and its components in case of a region or data center failure. Dual Stack Support Crosswork has added support for dual stack (IPv4 and IPv6) within a DRAFT COPY SingleVMbasedCrosswork Network Controller Table 9: Documentation Feature Documentation single cluster installation. This release introduces the single VM based Cisco Crosswork Network Controller solution that allows you to leverage the device lifecycle functionalities of Crosswork, and it is deployed using a unified package consisting of Crosswork Infrastructure, Embedded Collectors, and Element Management Functions. What's New? · An Information Portal is now available for Crosswork Network Controller 7.0. Information is categorized per functional area, making it easy to find and easy to access. · The Cisco Crosswork Network Controller 7.0 Installation Guide covers installation of the cluster and installation of Crosswork applications on top of the infrastructure. This guide includes Cisco Crosswork Data Gateway installation. · The Cisco Crosswork Network Controller 7.0 Administration Guide covers setup and maintenance of the Crosswork system. There is no longer a Getting Started Guide for Cisco Crosswork Network Controller. This guide includes Cisco Crosswork Data Gateway and ZTP information. · The Cisco Crosswork Network Controller 7.0.x Solution Workflow Guide provides an overview of the solution and its supported use cases. It walks users step by step through various common usage scenarios to illustrate how users can work with the solution components to achieve the desired benefits. Cisco Crosswork Network Controller 7.0 What's New in this Release (EFT) 13 © Cisco Systems, Inc. All rights reserved. DRAFT COPYDITA Open Toolkit XEP 4.30.961; modified using iText 2.1.7 by 1T3XT