Topic: tech juniper jaut prev next

tech juniper jaut > Junos Platform Automation and DevOps (JAUT)

Junos Platform Automation and DevOps (JAUT)

Module 17: Zero Touch Provisioning

Juniper Zero Touch Provisioning (ZTP) automates some of the tasks in provisioning a new Junos device. A new device can be installed in a rack, cabled, and the ‘me0’ (EX and most QFX series) or ‘em0’ (most other series) management interface connected to a management network for configuration.

The management interface is preconfigured to request an IP address via DHCP. ZTP settings are communicated via DHCP options.

Option 43 sub option 00 (or sub option 04) is used to communicate the desired firmware version. If both sub options 00 and 04 are set, the value in sub option 00 is preferred.

The switch verifies the software image it should be using. It evaluates other DHCP options; 43 sub option 03 informs the switch of the transfer mode (FTP, TFTP or HTTP). DHCP option 150 (or 66) informs the switch of the storage server’s IP address. If both are set, option 150 is preferred.

The switch downloads the configuration file, using other DHCP options. DHCP option 43 sub option 01 informs the switch of the configuration file name. The same options for storage server and transfer mode as for the firmware image are used.

Junos Space Server with Network Director can be used to provision the DHCP server with the required options and place Junos and configuration files on the storage server.

In practice, it is possible to apply a specific IP address and specific DHCP options to a device using its MAC address. Alternatively, if the MAC address is unknown, each device can be provisioned on its own network.

It is possible that the device to be provisioned has been configured before. In this case, it will be necessary to access the device to run the ‘zeroize’ command first;

request system zeroize

This does not leave the switch with an empty configuration. It includes statements to trigger the ZTP process and enable debugging.

All physical interfaces are configured as Layer 2 ports in the default VLAN. The IRB and management interface ‘vme0’ are configured for Layer 3 operations and as DHCP clients.

ZTP operations can be monitored by the console port.