=== CNM === .. sidebar:: Contents .. contents:: :depth: 3 :local: This chapter covers some aspects related to the :osdx:cfg:`service cnm` tool, which allows you to configure the **Cloud Net Manager (CNM)** service in OSDx. CNM is a service that offers the capability to **manage network devices**. It provides a centralized platform for controlling devices such as routers and access points. It is worth noting that you have to set up an external CNM server, which uses a REST API, from where you will be able to manage the network devices. This server's **URL** will be used to configure the CNM service on the router or access point, therefore it is important to check that the device has access to this URL. .. note:: Before you start setting up this service, please verify that the CNM functionality is enabled in your license. For additional information, please refer to the :doc:`licensing documentation `. Configuration ============= This is the syntax to set up :osdx:cfg:`service cnm`: .. code-block:: none set service cnm [ ... ] To set up CNM on your device, you must configure, at least, the next parameters: * ``role ``, which can be specified to be either ``router`` or ``ap``. * ``url ``, which is the URL of the `Cloud Network Manager` you want to use. .. .. * ``dhcp``, which enables the DHCP mode, to establish a **unique identifier** for the device. After configuring the Router or Access Point from the OSDx CLI, you have to **provision** the device from the CNM web you specified. To start a new provisioning, navigate to the following path in the CNM web interface: ``Devices -> be.Manager -> Provision -> New`` or ``/web/bemanager/provision/new``. You can also accomplish this by using the CNM Rest API. * If you have set up an ``alternate-id`` using :osdx:cfg:`service cnm alternate-id *`, use it as the **ID** in the **Device General Information**. * Another way to provision the device is to enter the **Serial number** in the **Device General Information**, along with the **DVC**, which is written on the label on the back of the device. Finally, in the same form, select whether the device type is a **router**, an **access point** or an **application host**. .. important:: Once the device has been set up and provisioned, running the :osdx:op:`service cnm show` command should display the current **status** of the CNM service. If the service is running correctly, the state should indicate that the CNM service state is **CONNECTED**. If there are any issues with the service, error messages will be displayed here. **Always ensure to check this after provisioning to confirm that the device has been set up correctly.** Additional configuration commands available include: * ``auth dont-verify-server``, to **skip SSL server authentication**. This might be necessary in certain scenarios where the server's SSL certificate is not available or cannot be verified. * ``dhcp``, to enable the **discovery of CNM configuration** settings via **DHCP**, such as the CNM URL. * ``disable``, to completely **disable CNM** management in the device. * ``local-address``, to specify which of the **device's IP addresses** the CNM service should use. * ``local-interface``, to specify which of the **device's interfaces** the CNM service should use. * ``local-vrf``, to specify which of the **device's VRF domain names** the CNM service should use. * ``mark``, to choose a specific number to **mark CNM traffic**. This can be useful for traffic identification and management purposes. * ``monitor``, to configure the **monitoring** of events. This can be useful for keeping track of significant events or changes in the network environment. The events that can be monitored are: ``advisor``, ``alarm``, ``bgp``, ``interface``, ``nhrp`` and ``operation`` (for Network and Service Management, or NSM). * ``startup-delay``, to set a **delay time** before starting CNM management. * ``vrf-mark``, to choose a specific **VRF to mark CNM traffic**. This can be useful in network environments that use VRF for network segmentation and isolation, and you want to mark the traffic for a specific VRF. See :ref:`Configuration commands ` for further details. Set up ------ The most basic set up that you can try is to add a *single device* to the CNM server. In this case, we will use a router and a CNM server, with the URL ````. First of all, **configure the router** to have access to the network and set the CNM parameters: .. code-block:: none set interfaces ethernet eth0 address dhcp set service cnm role router set service cnm url set service cnm alternate-id Then, **provision the router** from the CNM server: 1. Go to ``/web/bemanager/provision`` and click on ``+ New``. 2. Select **Only one device** in **Number of devices** and click on `Continue`. 3. In the **Device General Information** page: * Enter a self-descriptive **Device name**, for example ``MAIN-RS420``. * Select `Router` in **Device Type**. * In the ID field, enter the ```` you configured earlier in the router. 4. Click on `Continue` until you arrive to the **Zero-touch mode** page. 5. Select the `Automatic` activation mode and click on `Done`. Finally, check that the connection between the router and the CNM server has been made successfully: .. code-block:: none admin@osdx$ service cnm show CNM Server URL: CNM State Machine State: CONNECTED Last successful connection: Wed Oct 25 09:17:09 2023 Stats (Total | Fail): Load Configuration: 0 | 0 Purge Security: 0 | 0 Wait-Confirm messages: 0 | 0 Confirm Config: 0 | 0 CACert chain updates: 0 | 0 Errors: Requests to CNM Server failed: 1 Authentication errors: 1 Registering errors: 0 Last error: http response code: 403 (23/10/2023 12:34:56) If it isn't connected, you might have to wait for the router to contact the server. The :osdx:cfg:`service cnm poll-interval *` command can be used to configure the time interval between the router's connections to the CNM server. By default, this occurs every 30 seconds. You can find :doc:`here ` more detailed examples. Monitoring ========== The following operational command can be used to retrieve the status of CNM: :osdx:op:`service cnm show`. *Example:* .. code-block:: none admin@osdx$ service cnm show CNM Server URL: CNM State Machine State: Not connected. No SSL certificate available Stats (Total | Fail): Load Configuration: 0 | 0 Purge Security: 0 | 0 Wait-Confirm messages: 0 | 0 Confirm Config: 0 | 0 CACert chain updates: 0 | 0 Errors: Requests to CNM Server failed: 0 Authentication errors: 0 Registering errors: 0 Moreover, you can use the :osdx:cfg:`service cnm monitor` configuration command to set up monitors that will track system events. .. osdx:cmdtree:: op :maxdepth: 8 service cnm .. _configuration_commands: .. osdx:cmdtree:: cfg :maxdepth: 8 service cnm