ZTP configuration

To manage devices, the DHCP server and the FTP server must be set up to provide the environment.

Click to expand in new window
ZTP configuration

DHCP server

DHCP Server version 4.2.4 was tested on Ubuntu 14.04 (Trusty). The dhcpd.conf file must have option 66 (TFTP Server Name) and option 67 (Filename) set for ZTP. Option 66 is used for the FTP server IP address or host name. Option 67 is used for the ZTP configuration file path.

When the device starts the DHCP process, it sends the DHCP client ID to the DHCP server to get the IP address and options 66/67. The device then downloads the ZTP configuration file from the FTP server. To set up a different ZTP configuration file for different devices, the DHCP Client ID can be used in the dhcpd.conf file. Whenever dhcpd.conf is changed, the dhcpd server must be restarted.

FTP server

vsFTP server version 3.0.2 was installed and tested on Ubuntu 14.04 (Trusty). The FTP server stores the ZTP configuration file, firmware, switch configuration file, or Python script. The location of these configuration files under the FTP server base directory is flexible.

HTTP server

Apache server version 2.4.18 was installed and tested on Ubuntu 14.04 (Trusty). The HTTP server stores the ZTP configuration file, firmware, switch configuration file, or Python script. The location of these configuration files under the HTTP server base directory is flexible.

ZTP configuration script

The ZTP process can run the script to set up the device configuration automatically. For now, only the Python script is supported. The script takes no parameters.

The script can automate any command line, including SLX-OS and Linux commands, such as the configuration download command, copy ftp:// . . . running-config.

ZTP configuration file

The ZTP configuration file has two configuration sections: common and device-specific. The common section is shared by all the switches in the IP Fabric. The settings in the device-specific section can be used for a single switch or a group of switches with the DHCP client ID. If the host_client_id string matches the starting substring of the DHCP client ID of the switch, the device-specific section is used by the switch.

Python script example

The following is an example Python script. 

# !/usr/local/python/3.3.2/bin/python3
import os
import sys, getopt

def main(argv):
      log.write("apply config\n")
# change login banner
      CLI(“conf ; banner login DAD ; end”)
# config download
      CLI(“copy scp://root:extr123@192.169.0.2/castorT.startup.cfg running-config”)
if __name__ == "__main__":
   main(sys.argv[1:])

FTP server configuration file

The following is an example FTP server configuration file. 

local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=NO
listen_ipv6=YES

pam_service_name=vsftpd
userlist_enable=NO
tcp_wrappers=YES

# dad settings
anonymous_enable=YES
no_anon_password=YES
anon_root=/var/ftp
delay_failed_login=30
max_clients=100
anon_max_rate=8388608

DHCP server configuration file

The following is an example DHCP server configuration file, dhcp.conf 

# ddns-update-style standard;
ddns-update-style interim;
ddns-ttl 600;
ignore client-updates; # Overwrite client configured FQHNs
ddns-domainname "infralab.com.";
ddns-rev-domainname "in-addr.arpa.";

option ntp-servers 192.168.0.2;
option domain-name-servers 192.168.0.2;
option domain-name "infralab.com";
option domain-search "infralab.com";

default-lease-time 600;
max-lease-time 7200;

authoritative;

log-facility local7;

key "extr-key" {
	algorithm hmac-md5;
	secret "dtBgNTAoqZmwV5c4SueybjOvhe6OIqgac1uQrzGBv5O4X4nIEBEEGWRf0lCnbFhuIJXGExNBjDdNSqgBMeNI8w==";
};

subnet 192.168.0.0 netmask 255.255.255.0 {
  range 192.168.0.100 192.168.0.200;
  option subnet-mask 255.255.255.0;
  option broadcast-address 192.168.0.255;
  zone 0.168.192.in-addr.arpa. {
        primary 192.168.0.2;
        key "extr-key";
  }
  zone infralab.com. {
        primary 192.168.0.2;
        key "extr-key";
  }
}
# cluster switches
group{
  option bootfile-name "/config/unified-cfg.min";
  option tftp-server-name "192.168.0.2";
  option routers 192.168.0.2;
  
  # sw0
  host sw0 {
	option dhcp-client-identifier = "EXTREMENETWORKS##SLX9240##EXG3342L00V";
	hardware ethernet 52:54:00:0E:95:8B;
	fixed-address 192.168.0.90;
# fixed ip address

ZTP configuration file

The following example has three sections: common, switch 1, and switch 2. 

version=3
date=03/20/2018
supported_nos=17s.1.03 
  
  common_begin
  vcsmode=SA
  scriptcfgflag=2 #0-config file only, 1-script only, 2 both
  script=/script/ztp.py
  fwdir=/fw/slxos17s.1.03_bld04
  common_end

  # model SLXL9140 hosts 
  host_client_id=EXTREMENETWORKS##SLX9140
  script=/script/Frreddomlic.py
  startup=/config/freedomlic.cfg
  host_end

  # model SLX9140 with serial number
  host_client_id=EXTREMENETWORKS##SLX9140##EXH3327M014
  startup=/config/freedom_ospf.cfg
  script=/script/FreedomZTP.py
  host_end

  # model Accton hosts with serial number
  host_client_id=EXTREMENETWORKS##ModelNumber##SerialNumber
  startup=/config/AcctonConfig.cfg
  script=/script/AcctonZTP.py
  host_end

ZTP configuration file definitions

The following table contains the ZTP configuration file definitions.

Table 1. ZTP configuration file definitions
Variable description Description
version Only version 3 is supported.
date The last modified date.
supported_nos The release firmware version supporting the ZTP configuration file.
host_client_id, host_end

Host_client_id marks the beginning of the section host_end marks the end. User could set up the switch specific section with full dhcp client id or its prefix.

Ex. host_client_id=EXTREMENETWORKS##SLX9140##EXH3319M01J

script=/script/dad1new.py

host_end

common_begin, common_end The setting in the section will be shared by all switches.
vcsmode=SA Only standalone mode is supported.
vcstimeout

If omitted, the default is 60 minutes.

The timeout to wait for ZTP to complete configuration file download or Python script. If the configuration download process or Python script has issues, the zero touch provisioning process will stop the download after timeout and claim that ZTP is complete. You will need to increase the timeout if configuration download or Python script takes a long time to complete.

fwdir Firmware path in the FTP/HTTP server. For example Fwdir=/fw/ slxoss17r.1.00_bld34. If base directory of the server is /var/ftp, then the absolute path of firmware in ftp server is located at /var/ftp/fw/slxoss174.1.00_bld34.
startup The path to the switch configuration file in the FTP server. If omitted, the switch will take the default configuration. The value can be "default" or user configuration file.
scriptcfgflag

The default is 0, when not specified. The meaning of the value is:

0 - only use startup, script is ignored

1 - only use script, startup is ignored

script The device configuration Python script file.

ZTP commands

ZTP has two commands, dhcp ztp log and dhcp ztp cancel. These are illustrated below.

The following displays current ZTP progress. 
device# dhcp ztp log
ZTP, Sat Feb 17 02:48:51 2001, ========== ZTP start ==========
ZTP, Sat Feb 17 02:48:51 2001, disable raslog
ZTP, Sat Feb 17 02:48:51 2001, CLI is ready
ZTP, Sat Feb 17 02:49:19 2001, inband ports are enabled
ZTP, Sat Feb 17 02:49:19 2001, serial number = 771232X1750017
ZTP, Sat Feb 17 02:49:19 2001, model name = AS7712-32X
ZTP, Sat Feb 17 02:49:19 2001, use both management inteface and inband interfaces
ZTP, Sat Feb 17 02:49:19 2001, checking inband interfaces link status
ZTP, Sat Feb 17 02:49:19 2001, find link up on intefaces: eth0
ZTP, Sat Feb 17 02:49:19 2001, start dhcp process on interfaces: eth0
ZTP, Sat Feb 17 02:49:20 2001, interface eth0 receives dhcp response
ZTP, Sat Feb 17 02:49:20 2001, ping server 192.169.0.1
ZTP, Sat Feb 17 02:49:21 2001, ping succeed
ZTP, Sat Feb 17 02:49:21 2001, download ZTP config file from https://192.169.0.1/config/ztp.conf
ZTP, Sat Feb 17 02:49:21 2001, download ZTP config file from http://192.169.0.1/config/ztp.conf
ZTP, Sat Feb 17 02:49:21 2001, receive ZTP configuration file [ztp.conf]
ZTP, Sat Feb 17 02:49:21 2001, interface eth0 connectivity test pass
ZTP, Sat Feb 17 02:49:21 2001, download switch config file [startup.cfg]
ZTP, Sat Feb 17 02:49:21 2001, ZTP configuration sanity check pass
ZTP, Sat Feb 17 02:49:22 2001, skip firmware upgrade
ZTP, Sat Feb 17 02:49:38 2001, replay config file...
ZTP, Sat Feb 17 02:50:25 2001, commit configuration
ZTP, Sat Feb 17 02:50:25 2001, ZTP succeed
ZTP, Sat Feb 17 02:50:25 2001, enable raslog
ZTP, Sat Feb 17 02:50:25 2001, ========== ZTP completed ==========

device# dhcp ztp cancel
Warning: This command will terminate the existing ZTP session
Do you want to continue? [y/n] y

The following cancels the current ZTP session.

Note

Note

Before making any configuration changes from the CLI, the user must reboot the switch to return to the default configuration. A reboot abandons all switch configuration set by ZTP. 
device# dhcp ztp cancel
Warning: This command will terminate the existing ZTP session
Do you want to continue? [y/n] y
9037309-01 Rev AA