SuperBaby,
The previous incarnation of Zero-Touch Provisioning was called Auto-Provision. This feature is available since EXOS v12.5 so it is present in your switches. But it is not enabled by default.
To enable it, reset the switch to factory default with
unconfigure switch allthen enable auto-provision with
enable auto-provisionThis command will take effect the next time the switch reboots, and you'll know that it is active because when you log in the following message will be displayed:
Note: This switch has Auto-Provision enabled to obtain configuration remotely. Commands should be limited to:
show auto-provision
show log
Any changes to this configuration will be discarded at the next reboot if auto provisioning sends a ".cfg" file.
(auto-provision) lab10.sw1.1 # When in this mode the switch will alternately try to obtain an IP address using DHCP from the default vlan and then from the mgmt vlan. When it gets an IP address, it will also expect to receive additional information through DHCP Option 43.
This process will continue indefinitelly until one of these things happens:
Now, let's see how to program Option 43 in a Windows DHCP Server.
Since Option 43 is "vendor-dependent", there is a mechanism to select the correct information to send to a device.
When a device that wants to receive Option 43 information sends a DHCP request, it includes a piece of information called Vendor Class Identifier (Option 60).
Extreme switches will use their System-Type as VCI. The one in the example (Summit-PC) corresponds to the Virtual Switch (EXOS-VM) I usually use in my labs.
To know the System-Type of a given switch, execute
show switchand there you'll find it.
The DHCP server will look for Option 43 information specific to that VCI and send it with the IP address offer. if it doesn't find a matching VCI, it will send nothing.
In the Windows DHCP Server, you need to define a vendor class for each type of switch (VCI) that you will service.
Open the DHCP Manager. Select your server and right-click on it. Select Define Vendor Classes from the pop-up menu.
Press Add...
Enter the name of this Vendor Class (I give it the same name as the VCI), enter an optional description, and enter the VCI that you expect to receive from this device (Summit-PC). Press OK.
The new Vendor Class should appear in the list. Press Close.
Select your server and right-click on it once more. Select Set Predefined Options... from the pop-up menu.
In the pop-up window select your newly created Vendor Class.
Press Add...
Define an Option type with a name of tftp-server-address, a data type of ip address and a code of 100. Press OK.
Type the IP address of your TFTP server in the Value field.
Add a second option with a name of config-file-name, a data type of string and a code of 101. Press OK.
Type the name of the config file that you want to download to this type of switch. Press OK to end the process.
You can enable these options globally for all DHCP scopes, or you can enable it for scopes individually. If you don't enable them, they won't be sent...
To enable an option globally, right-click in Server Options and select Configure Options.
In the pop-up window select Advanced.
Select the desired Vendor Class and check each of the options that you want to enable (100 and 101). Press OK.
The Server Options window will now show these options. Note that these options correspond to Vendor Class Summit-PC.
We will need to repeat this procedure for each VCI we want to use. Here's an example where I have added a Vendor Class for X460-48p. In this case, the virtual machine and the X460-48p will receive different configuration files. the DHCP server will decide which is the correct value to send based on the VCI it receives..
If you want to enable these options individually for each scope, the procedure is exactly the same, but you have to perform it on the Scope Options of the individual scope.
If an option was enabled globally and you re-enable it locally, you can change the option value. So, if the global TFTP server address for all X460-48p points to a server in the central office, you can reprogram the value for the scope of a remote office so it uses a local TFTP server instead of the global one.
Hope this is what you're looking for...
The previous incarnation of Zero-Touch Provisioning was called Auto-Provision. This feature is available since EXOS v12.5 so it is present in your switches. But it is not enabled by default.
To enable it, reset the switch to factory default with
unconfigure switch allthen enable auto-provision with
enable auto-provisionThis command will take effect the next time the switch reboots, and you'll know that it is active because when you log in the following message will be displayed:
Note: This switch has Auto-Provision enabled to obtain configuration remotely. Commands should be limited to:
show auto-provision
show log
Any changes to this configuration will be discarded at the next reboot if auto provisioning sends a ".cfg" file.
(auto-provision) lab10.sw1.1 # When in this mode the switch will alternately try to obtain an IP address using DHCP from the default vlan and then from the mgmt vlan. When it gets an IP address, it will also expect to receive additional information through DHCP Option 43.
This process will continue indefinitelly until one of these things happens:
- The switch receives a DHCP with a valid Option 43
- You disable auto-provision
- Code 100: TFTP Server IP Address
- Code 101: Config file name (either .cfg or .xsf)
- Code 102: SNMP Trap Server IP Address
Now, let's see how to program Option 43 in a Windows DHCP Server.
Since Option 43 is "vendor-dependent", there is a mechanism to select the correct information to send to a device.
When a device that wants to receive Option 43 information sends a DHCP request, it includes a piece of information called Vendor Class Identifier (Option 60).
Extreme switches will use their System-Type as VCI. The one in the example (Summit-PC) corresponds to the Virtual Switch (EXOS-VM) I usually use in my labs.
To know the System-Type of a given switch, execute
show switchand there you'll find it.
The DHCP server will look for Option 43 information specific to that VCI and send it with the IP address offer. if it doesn't find a matching VCI, it will send nothing.
In the Windows DHCP Server, you need to define a vendor class for each type of switch (VCI) that you will service.
Open the DHCP Manager. Select your server and right-click on it. Select Define Vendor Classes from the pop-up menu.
Press Add...
Enter the name of this Vendor Class (I give it the same name as the VCI), enter an optional description, and enter the VCI that you expect to receive from this device (Summit-PC). Press OK.
The new Vendor Class should appear in the list. Press Close.
Select your server and right-click on it once more. Select Set Predefined Options... from the pop-up menu.
In the pop-up window select your newly created Vendor Class.
Press Add...
Define an Option type with a name of tftp-server-address, a data type of ip address and a code of 100. Press OK.
Type the IP address of your TFTP server in the Value field.
Add a second option with a name of config-file-name, a data type of string and a code of 101. Press OK.
Type the name of the config file that you want to download to this type of switch. Press OK to end the process.
You can enable these options globally for all DHCP scopes, or you can enable it for scopes individually. If you don't enable them, they won't be sent...
To enable an option globally, right-click in Server Options and select Configure Options.
In the pop-up window select Advanced.
Select the desired Vendor Class and check each of the options that you want to enable (100 and 101). Press OK.
The Server Options window will now show these options. Note that these options correspond to Vendor Class Summit-PC.
We will need to repeat this procedure for each VCI we want to use. Here's an example where I have added a Vendor Class for X460-48p. In this case, the virtual machine and the X460-48p will receive different configuration files. the DHCP server will decide which is the correct value to send based on the VCI it receives..
If you want to enable these options individually for each scope, the procedure is exactly the same, but you have to perform it on the Scope Options of the individual scope.
If an option was enabled globally and you re-enable it locally, you can change the option value. So, if the global TFTP server address for all X460-48p points to a server in the central office, you can reprogram the value for the scope of a remote office so it uses a local TFTP server instead of the global one.
Hope this is what you're looking for...
SuperBaby,
If your new switch has EXOS v15.7.1 you can take advantage of Zero-Touch Provisioning Option 125.
When a switch with v15.7 boots up in factory default it will request an IP address using DHCP. This will be done alternatively through the mgmt port and any connected port in the default vlan.
You should program your DHCP server to send back Option 125 with the address of the NetSight server.
Option 125 should contain the following:
0x00 0x00 0x15 0xf8 0x06 0x01 0x04 and then the IP address of the server.
So if your server has an IP address of 172.16.56.34, dof example, the string returned by Option 125 should be:
0x00 0x00 0x15 0xf8 0x06 0x01 0x04 0xac 0x10 0x38 0x22
When the switch starts and receives an IP address and Option 125 it will send a SNMP trap to the NetSight server. The NetSight server will show this newly discovered switch in OneView -> Devices -> Discoverd
Then you can right-click on it and select Load Configuration
This will open a window that will let you upgrade its firmware and download a configuration
If your new switch has EXOS v15.7.1 you can take advantage of Zero-Touch Provisioning Option 125.
When a switch with v15.7 boots up in factory default it will request an IP address using DHCP. This will be done alternatively through the mgmt port and any connected port in the default vlan.
You should program your DHCP server to send back Option 125 with the address of the NetSight server.
Option 125 should contain the following:
0x00 0x00 0x15 0xf8 0x06 0x01 0x04 and then the IP address of the server.
So if your server has an IP address of 172.16.56.34, dof example, the string returned by Option 125 should be:
0x00 0x00 0x15 0xf8 0x06 0x01 0x04 0xac 0x10 0x38 0x22
When the switch starts and receives an IP address and Option 125 it will send a SNMP trap to the NetSight server. The NetSight server will show this newly discovered switch in OneView -> Devices -> Discoverd
Then you can right-click on it and select Load Configuration
This will open a window that will let you upgrade its firmware and download a configuration
