Switching

 View Only
last person joined: 6 days ago 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.

Mist Wired Assurance and Dynamic Port Configuration

  • 1.  Mist Wired Assurance and Dynamic Port Configuration

    Posted 10-13-2022 06:08
    You may or may not have used Dynamic Port Configuration in Mist Wired Assurance. I find this feature extremely powerful.

    If you allow a port config to use DPC, it will listen to LLDP and MAC changes on the ports and automatically place for instance APs, cameras, PLCs and whatever, in a VLAN of your choice (and apply anything else you can do in a port profile).

    The documentation is good but not complete. Here are some findings that may help someone:

    - Detecting a Mist AP with DPC is best done with LLDP Description and at "If text starts with" you fill in "Mist Systems" (without the quotation marks!!!). Make sure the Port Config applied to your free ports has "Enable Dynamic Configuration" checked (well described in the docs).
    - The text string is case sensitive. Do not match on "Mist systems" if the LLDP string starts with "Mist Systems" with a capital S (which it does from a Mist AP).
    - No wildcards or regexps are parsed. Mist Systems* or Mist Systems.* will NOT match the LLDP System Description even though the full LLDP is "Mist Systems 802.11ax Access Point."
    - If you enter quotation marks (" or '), those will be interpreted as text characters. only use those if they are actually present in the LLDP message from the device.
    - Space is allowed in a string (and is parsed as a literal space). Again, do not use quotation marks!
    - Comma separates strings. The string "Brand, Model" would match either "Brand" or "Model" (note there is no space before Model and I only use " here to indicate the string boundaries, do not use in Mist). Caveat!!! Only if the strings are equal in length this will work as expected. See example below.

    Commas are present in LLDP strings:

    System Description : Juniper Networks, Inc. ex2200-c-12p-2g , version 12.3R12-S18.2 Build date: 2021-04-07 03:59:25 UTC




    Example:

    LLDP Description, If text starts with: Mist Systems, FBtest
    sw01-3 cscript MXOC: rules: [{'equals_any': ['Mist Systems', 'FBtest'], 'expression': '[0:12]', 'src': 'lldp_system_description', 'usage': 'mist_ap_profile'}]
    sw01-3 cscript MXOC: Matched usage mist_ap_profile for port ge-0/0/2 from restricted

    Example using single quotation marks:

    LLDP Description, If text starts with: 'Mist Systems, FBtest'
    cscript MXOC: rules: [{'equals_any': ["'Mist Systems", "FBtest'"],
    Not matching what I want.

    Example using comma in LLDP string:
    LLDP Description, If text starts with: Juniper Networks, Inc. ex2200-c-12p-2g

    sw01-3 cscript MXOC: rules: [{'equals_any': ['Juniper Networks', 'Inc. ex2200-c-12p-2g'], 'expression': '[0:20]', 'src': 'lldp_system_description', 'usage': 'v124'}, {'equals_any': ['Mist Systems', '"FB\'test""'], 'expression': '[0:12]', 'src': 'lldp_system_description', 'usage': 'mist_ap_profile'}]
    This will not match the starting string "Juniper Networks" as the string match length is set to 20 (the 0:20 you see above). It would have matched the second string after the comma, but only if that was at the beginning of the LLDP string.

    LLDP from switch:
    sw01-3 cscript MXOC: LLDP: {'lldp_system_name': 'EX2200-Office-2', 'lldp_chassis_id': 'a8:d0:e5:b2:af:80', 'lldp_system_description': 'Juniper Networks, Inc. ex2200-c-12p-2g , version 12.3R10.2 Build date: 2015-06-25 15:34:48 UTC', 'lldp_serial_number': '', 'lldp_hardware_revision': '', 'lldp_manufacturer_name': '', 'lldp_oui': ''}



    I have a suggestion in the Mist "idea" section labelled "dynamic port" with the above content. That is a suggestion to Mist to have a default button to detect Mist APs with DPC. I think the user shoudn't need to worry about LLDP strings or MAC address vendor prefixes in order to do that. If you find this useful, please vote on that "idea". Just search for "dynamic port" in the idea section and you'll find it. The idea section can be reached by clicking on the light bulb icon in the top right corner of your Mist portal.

    Please pitch in if you have more ideas regarding DPC!

    /Fredrik