Hi,

As I continue to study on Juniper DC realm, from the official blueprint it looks like ZTP is the first beast to tackle. I was skeptical if it would be possible to deal ZTP with VQFX and it looks like we can definitely do it. I have not tested anything related to upgrade, but one can imagine if we are deploying a Image (virtual-one) we are already aware about the Junos version and am not sure if it is really possible to upgrade one easily as a real-device, so I shall keep it to only configuration.

First Things first

-> What I have used Hardware – Everything done on a single server – Dell R810

-> Software – Vmware workstation (Ubuntu server with VSFTP/ISC-DHCP-SERVER installed)  and VQFX over Vagrant.

This is how the network is connected – By this time you should have understood how bad can one Possibly draw.

Prepping the Server

-> First, Understand DHCP is the heart of ZTP, you need to know on what options that it operates on, why a specific option is required and what it does, I shall write a detailed post about it but as of now we have to setup DHCP server, I have used isc-dhcp-server on ubuntu, simply because of the fact, Juniper has documentation for it.

The config file looks like the below.


r@ubuntu:~$ cat /etc/dhcp/dhcpd.conf
option domain-name "example.org";
option domain-name-servers ns1.example.org, ns2.example.org;
default-lease-time 600;
max-lease-time 7200;
ddns-update-style none;


# JUNIPER VQFX-1K ZTP Configuration


subnet 15.0.0.0 netmask 255.255.255.0 {
range 15.0.0.108 15.0.0.120;
option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
}
option space NEW_OP;
option NEW_OP.config-file-name code 1 = text;
option NEW_OP.image-file-type code 2 = text;
option NEW_OP.transfer-mode code 3 = text;
option NEW_OP.alt-image-file-name code 4= text;
option NEW_OP-encapsulation code 43 = encapsulate NEW_OP;


host vqfx1k
{
hardware ethernet 02:05:86:71:3d:07;
fixed-address 15.0.0.107;
option tftp-server-name "15.0.0.100";
option host-name "vqfx-1k-via-ztp";
option NEW_OP.transfer-mode "ftp";
option NEW_OP.config-file-name "/srv/ftp/test.conf";
}

As per any Basics of DHCP, you need to have an interface which belongs to the subnet-pool you are going to distribute and then mention that Interface in the /etc/defaults/isc-dhcp-server

 

-> Hardware Address below is the interface address of Xe-0/0/1 , you can use wide varitey of parameters for ZTP and also not use anything at all, for this demonstration

 

The final service is the FTP service, this is required to copy your files and OS Images to the Router/Switch, when you install vsftpd, you need to enable it for anonymous login, rest all at their defaults, the DEFAULT directory which is uses will /SRV/FTP, so I have copied my configuration file to this directory.

 

Prepping the VQFX

-> Default it comes with “auto-image-upgrade” under chassis, for your testing it still comes with the same, make sure you put it in the same network as your DHCP server would connect to that all.

This is how the VQFX boots – up

 

Observing the status on DHCP – Server is Active

Am now configuring “set chassis auto-image-upgrade”, this option comes by default on a Hardware is what I read, but for VQFX, and for testing we have to enable as I see that Juniper didnt include this in the configuration, Documentation says we have to do “request system zeroize” and then with auto-image-upgrade as the default set under chassis, that will take-over.

observing DHCP-server, looks like it allocated the IP 107 as per the configuration.

And instantaneously, configuration is applied on the device and If you notice the Hostname is now changed.

Just to convince myself that we are already in that era, i renamed the vendor-id field in the ztp-config file to see if its all real, again it looks to be real. Welcome to ZTP.

 

-R