Environment : There is no specific environment to make use of this featue
- Auto Device detection and Configuration dynamically configure ports based on the type of device detected on the port.
- When the MAS detects a new device on a port, it will apply appropriate configuration based on the predefined configuration for that device type.
- Link Layer Discovery Protocol (LLDP) is used to detect devices.
- Currently supported only for Aruba AP/IAP that can send Aruba’s Proprietary LLDP TLV
Supported Profiles
---------------------------
- MSTP Profile
- GVRP Profile
- PVST Profile
- LLDP Profile
- POE Profile
- Ethernet Link Profile
- QOS Profile
- Policer Profile
- MTU
- Ingress/Egress ACL
- QOS Trust Mode
- Switching Profile
- Port Security Profile
- Interface Trusted Mode
- Interface to Shutdown
(ArubaS1500-24P) (config) #device-group ?
ap Configure the device-group access-point
(ArubaS1500-24P) (config) #device-group ap
(ArubaS1500-24P) (device-group access-point) #?
aaa-profile Apply AAA profile to interface
auto-lacp Enable Auto LACP
enable Enable device config
enet-link-profile Apply ethernet link profile to interface
gvrp-profile Apply GVRP profile to interface
ip Apply IP access control list
lldp-profile Apply lldp profile to interface
mstp-profile Apply MSTP profile to interface
mtu Set MTU on interface between 64 and 9216
no Delete Command
poe-profile Apply PoE profile to interface
policer-profile Apply policer profile to interface
port-security-profile Apply security profile to interface
pvst-port-profile Apply PVST profile to interface
qos Interface QoS
qos-profile Apply QoS profile to interface
shutdown Enable or disable interfaces
switching-profile Apply switchport profile to interface
trusted Set trusted mode for the interface
(ArubaS1500-24P) (device-group access-point) #
- show device-group-config <device-type>
(ArubaS1500-24P) #show device-group-config ap
device-group access-point (N/A)
-------------------------------
Parameter Value
--------- -----
Enable Device Config false
Enable Auto LACP true
Interface MSTP Profile mstpEdge
Interface GVRP Profile N/A
Interface PVST Profile PVSTEDGE
Interface LLDP Profile device-group-default
Interface PoE Profile device-group-default
Interface Ethernet Link Profile default
Interface QoS Profile N/A
Interface Policer Profile N/A
Interface AAA Profile mac-ics-dot1x
Interfaces To Shutdown N/A
Interface MTU 1514
Interface Ingress ACL N/A
Interface Egress ACL N/A
Interface Session ACL N/A
Interface QoS Trust Mode auto
Interface Switching Profile access_vlan_30
Interface Security Profile N/A
Interface Trusted Mode Untrusted
show device-group interfaces
(SW-3) #show device-group interfaces
Device-Group Config Attached Interfaces
---------------------------------------
Device Type Interface List
----------- --------------
access-point 1/0/38,2/0/14
(ArubaS1500-24P) #show lldp neighbor
Capability codes: (R)Router, (B)Bridge, (A)Access Point, (P)Phone, (S)Station
(r)Repeater, (O)Other
LLDP Neighbor Information
-------------------------
Local Intf Chassis ID Capability Remote Intf Expiry (Secs) System Name
---------- ---------- ---------- ----------- ------------- -----------
GE0/0/0 00:0b:86:6c:20:c0 B:R gigabitethernet0/0/14 116 Mgmt-Rack33
GE0/0/10 160.160.160.27 B:P 002290041325:P1 172 SEP002290041325
GE0/0/39 24:de:c6:ca:9e:b4 B:A 24:de:c6:ca:9e:b4 111 ap115
GE0/0/41 d8:c7:c8:cf:b5:48 B:A d8:c7:c8:cf:b5:48 110 ap93
GE0/0/43 00:24:6c:cc:61:26 B:A 00:24:6c:cc:61:26 103 ap93-4
GE1/0/0 00:0b:86:6a:c1:80 B:R gigabitethernet0/0/10 98 BC_46
GE1/0/10 160.160.160.28 B:P 000F8F28DA65:P1 158 SEP000F8F28DA65
GE1/0/36 d8:c7:c8:cf:bd:ae B:A d8:c7:c8:cf:bd:ae 103 ap93-2
GE1/0/38 d8:c7:c8:c7:12:22 B:A d8:c7:c8:c7:12:22 103 ap104
GE1/0/40 00:24:6c:cc:61:61 B:A 00:24:6c:cc:61:61 103 ap93-3
GE2/0/0 6c:f3:7f:c3:67:2a B:A 6c:f3:7f:c3:67:2a 112 6c:f3:7f:c3:67:2a
Number of neighbors: 11
(ArubaS1500-24P) #
- Log generated when device-config is applied/removed.
- Informational level in system logs.
(ArubaS1500-24P) (config) #logging level informational system
(ArubaS1500-24P) (config) # show log system 10 | include Device
Jun 30 12:54:35 :312201: <INFO> |l2m| Aruba Device config applied for device access-point on gigabitethernet1/0/40
Jun 30 12:55:06 :312202: <INFO> |l2m| Aruba Device config removed for device access-point on gigabitethernet0/0/41
- Shutdown command from device-config is only effective till lldp neighbor is present.
- After interface is shut down from device-group, lldp neighborship gets lost and causing original interface config to gets applied, thus interface comes back up. Now lldp neigborship gets formed again and interface gets shut down again. This cycle will go on and on.
- Fix: shut down interface at the interface level and then from device-group. This will effectively keep the interface down always.
- Same cycle seen if poe is disabled in device-group but enabled on physical interface.
Notes
------
- Disabled by default.
- LLDP used to detect devices
- Currently only Aruba AP/IAP supported.
- Only one template. It will be applied to all devices detected.
- Once interface-config is overwritten by device-config, interface config cannot be changed.
- Interface shutdown only from device-config
- Once device is removed, interface config gets reset to previous config only after lldp neighborship times out.
- Currently mirroring profile cannot be applied