Zero Touch Provisioning Plus (ZTP+) auto-provisioning occurs in phases after you connect the switch to the network, if the switch is in factory ship state with no valid configuration saved on the device.
The Connect phase is the first phase of ZTP+ during which the switch connects to the ExtremeCloud IQ Site Engine server on the network. The ExtremeCloud IQ Site Engine server is discovered by resolving the DNS name extremecontrol.<domain-name>.
If the attempt is successful, the ExtremeCloud IQ Site Engine server responds with an Accept message. When connectivity is established, the switch communicates with the ExtremeCloud IQ Site Engine server securely and transmits information, such as its serial number, model number. The switch then progresses to the next phase of ZTP+.
After a successful connect to the ExtremeCloud IQ Site Engine server, the next phase of ZTP+ is the Upgrade phase. This phase verifies that the switch is running the image file version that is currently selected as the reference version on the ExtremeCloud IQ Site Engine server.
Image file validation is initiated by the switch. After a successful connect, the switch sends an image file upgrade request to the ExtremeCloud IQ Site Engine server with details on the current image file version. If the image file versions on the switch and the ExtremeCloud IQ Site Engine server match, no upgrade is initiated, and the switch moves to the next phase of ZTP+. If the ExtremeCloud IQ Site Engine server detects a different image file version, ZTP+ initiates the .tgz image file download from a specified URL location.
After a successful image upgrade, the switch reboots and reconnects to the ExtremeCloud IQ Site Engine server. If there are errors in the image upgrade process, an event is added to the server log. The switch then retries the image upgrade.
The next phase after the image upgrade is ZTP+ Configuration phase. During this phase, the switch queries the ExtremeCloud IQ Site Engine server for configuration updates, and initiates auto-provisioning by transmitting information, such as the image version, model name, and serial number. The switch then attempts to apply the configuration that is pushed from the ExtremeCloud IQ Site Engine server.
If the switch can still communicate with the ExtremeCloud IQ Site Engine server after the configuration is applied, the new configuration is automatically saved on the switch. The switch can be managed through ExtremeCloud IQ Site Engine using Simple Network Management Protocol (SNMP). However, if the configuration that is pushed from the ExtremeCloud IQ Site Engine server breaks switch connectivity to the ExtremeCloud IQ Site Engine server, the switch reboots without saving the configuration. After the switch reboots, ZTP+ onboarding restarts.
Any configurations pushed from the ExtremeCloud IQ Site Engine server to devices using the initial ZTP+ configuration push are not displayed in the show log file detail command output. The logs associated with the Cloud connector are logged internally to state_machine.txt and ztp_plus.txt files located in /intflash/cc/cc_logs/.
ExtremeCloud IQ Site Engine uses ZTP+ to configure the following items:
Auto-sense parameters, including a port data I-SID
DvR role and domain
Note
On a factory-defaulted device, you can enable a DvR leaf node without rebooting the switch. You can restore the factory default state using the boot config flags factorydefaults zero-touch command. For more information, see Enable Factory Default Behavior.
Link Layer Discovery Protocol (LLDP) neighbor discovery
Note
Based on the LLDP discovery, you can use port templates on the ExtremeCloud IQ Site Engine server. Enabling or disabling LLDP is not supported.Login
Management I-SID on-boarding
CLIP configuration
Network Time Protocol (NTP)
Port configuration
SNMP
VLANs
Note
ZTP+ cannot manage VLAN port membership. With ZTP+, new VLANs are created with no ports. Ports cannot be removed from the onboarding VLAN. Ports cannot be added to another VLAN. VLAN port membership is managed through Auto-sense functionality or through manual configuration after initial onboarding is complete.
VRF creation including VLAN assignment