Wireless Access

last person joined: 5 hours ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

ZTP with DHCP to Provision a Managed Device (v. 8.4.0.x)

  • 1.  ZTP with DHCP to Provision a Managed Device (v. 8.4.0.x)

    Posted May 23, 2019 08:54 AM

    Hi folks,

     

    I was just playing around with ZTP and Activate. Everything is working as expected.
    After that I read about using the an DHCP Option to get the settings for an MD to establish the connection to the VMM.

    The 8.4.x user guide is not very informative about how to configure this feature on the DHCP server.

    I set up the Option 43 in the right order and I can see the values in a packet capture on the uplink at the MD but the MD gives the output: Master info not received, trying activate

     

    I think there is something missing in the DHCP Server config. Maybe the option 60, but I can't find out which value the MD expects.

     

    Does anyone of you guys have any expirience with this, or can tell me how it has to be configured correctly?

     

    thanks in advance

     

     



  • 2.  RE: ZTP with DHCP to Provision a Managed Device (v. 8.4.0.x)

    Posted Aug 21, 2019 07:12 AM

    For option 60 you need the value "ArubaMC".

    Then the controller will see the value of option 43.

     

    But after this, I keep getting the error this error message when I enable provisioning-debug:

    Received DHCP response, My IP = x.x.x.x, Master = none, Mask = 255.255.255.0, GW = x.x.x.x, DNS = x.x.x.x, Country code = none, Physical Port = 7
    DNS server name x.x.x.x assigned to info structure..
    Invalid key name or invalid option 43 format.
    Invalid option-43 received from DHCP.
    Correct the value or clear the option-43 to proceed to activate. Reseting the DHCP
    Re-Starting auto provisioning
    Re-Initiated DHCP, awaiting DHCP response


  • 3.  RE: ZTP with DHCP to Provision a Managed Device (v. 8.4.0.x)

    Posted Aug 21, 2019 06:25 PM

    I was researching this early this year and my understanding is that it does not work for controllers, MC or VMC. That may have changed in a more recent version of the OS, but I don't believe that is the case. I tried it back then and could not get it to work either.

     

    I hope this helps,



  • 4.  RE: ZTP with DHCP to Provision a Managed Device (v. 8.4.0.x)

    Posted Aug 22, 2019 02:26 AM

    Thank you for that info. I've tested it yesterday with v8.5.0.2.

    I've also opened a support ticket. I will post the outcome of Aruba's feedback.



  • 5.  RE: ZTP with DHCP to Provision a Managed Device (v. 8.4.0.x)

    Posted Nov 24, 2019 07:27 AM

    Hello - I'm wondering if anyone had this working. Quite interested in the feature but haven't been able to seen it work. 

     

    Is there still the limitation that it will only accept ZTP on the last port - i.e. G0/0/7 on a Aruba7030 ? 



  • 6.  RE: ZTP with DHCP to Provision a Managed Device (v. 8.4.0.x)

    Posted Nov 24, 2019 09:35 AM
    With 8.4 and above you can use any copper port except for the 2nd one which is reserved for if you need to log into the controller and configure port settings, for instance PPPOE login settings.

    I hope this helps.


  • 7.  RE: ZTP with DHCP to Provision a Managed Device (v. 8.4.0.x)

    Posted Nov 24, 2019 05:13 PM

    Thanks for the feedback.

     

    Does it have to be copper - i.e if I use fiber would ZTP function ? 

    Is it available to both Aruba 70xx and 72xx or limited to the 'branch' controllers which are the 70xx ?  

     

     



  • 8.  RE: ZTP with DHCP to Provision a Managed Device (v. 8.4.0.x)

    Posted Nov 25, 2019 03:08 AM

    I think I found the problem/solution.

    In the documentation Aruba Sipport sent me, a whole different format was used for option 43 compared to the documentation found publicly.

    The public documentation format for option 43 is:

    masterip, country-code, master-mac1, master-mac2

    For me, this format is understood as:

    10.100.10.195,BE,00:50:56:41:1d:16,00:50:56:41:31:74

     

     

     

    But the confidential or internal documentation states a different format:

    mip=10.9.196.160, mm1=aa:aa:aa:aa:aa:aa, cc=US

    or

    mip = 10.9.196.160 , cc= US,   vm2= 00:0C:29:B9:20:64 , vm1= 00:0C:29:B9:20:5A, vip=10.45.34.187

    So for me this looks like this:

    mip=10.100.10.195,cc=BE,vm1=00:50:56:41:1d:16,vm2=00:50:56:41:31:74

    And this is recognized by the remote controller :)



  • 9.  RE: ZTP with DHCP to Provision a Managed Device (v. 8.4.0.x)

    Posted Nov 25, 2019 10:08 AM

    The documentation does not have enough detail.  We will get this fixed and I will post here when it is updated.



  • 10.  RE: ZTP with DHCP to Provision a Managed Device (v. 8.4.0.x)

    Posted Apr 03, 2020 07:30 AM
    Hi,
    I am interested in utilzing also ZTP via DHCP to do a large migration from AOS6.x (Master/Local) to AOS8.x (virtual MM based). When can we expect the documentation updated or the info shared upfront here ?
    Sending people onsite to just do execute the inital setup via Console-access is an issue. Of course I know, that the MM-prepartion must be done very carefully and tested upfront.
     
    Or do exist some hidden alternatives (if utilizing Activate is not an option) ?
    like e.g. placing an "answer-file" upfront on the flash which will be used to answer all the questions asked during a "full-setup" if that file exists....
     


  • 11.  RE: ZTP with DHCP to Provision a Managed Device (v. 8.4.0.x)

    Posted Apr 10, 2020 12:50 AM

    Using Activate, you should be able to automate this upgrade. I believe the following steps would work.

    1. Configure the MC in Activate to be configured using ZTP.

    2. Copy AOS8 software to one of the two system partitions (do not reboot yet, but make sure that the 8.x partition is configured as the boot partition)

    3. Make sure you have the necessary licenses installed on the MM.

    4. Make sure the MC is connected to a network that has a DHCP server and Internet access. Make sure the connection is copper and not the 2nd Ethernet port.

    4. Do a "write erase all" of the MC and then reboot it

     

    When the MC boots, it will boot of the AOS 8 partition. Without any config, It will obtain an IP address from DHCP and attempt to communicate with Activate. If everything is configured properly, Activate should point the MC to the MM, and the MM will download the configuration to the MC.

     

    I hope this helps,

    David



  • 12.  RE: ZTP with DHCP to Provision a Managed Device (v. 8.4.0.x)

    Posted Apr 15, 2020 03:40 AM
    Hi David,
    many thanx for explaining how it should work utilizing Activate.
    Definitely I would like to try this with my lab equipment
    but I might not be allowed to make use of internet/cloud-services (customer rules).
    The documentation does mention it should be possible to make use of DHCP-option43 as well - but the way it is described seems to be not working.
    And Colin states that the "documentation does not have enough detail" - so I am wondering when a fix of the documentation can be expected.
    Or if someone from Aruba will be allowed to post the description upfront here as a solution for "ZTP with DHCP to Provision a MD".

    Thanx
    Jochem
     


  • 13.  RE: ZTP with DHCP to Provision a Managed Device (v. 8.4.0.x)

    Posted Apr 15, 2020 09:57 PM

    I have not seen DHCP option 43 work with an MC and ZTP. I tested it last year and it was not configured at that time and I have not heard of it being made to work. So you either need to do a Full-setup or a mini-setup if you have console access to the MC, or use Activate. Activate requires the MC to be in the Activate database, the MM to also be there, along with the provisioning configuration in Activate. The MC needs to be factory reset and connected to any copper Ethernet (except the 2nd port) if it's ArubaOS 8.4 or newer, with the Ethernet port having a DHCP server and Internet access. If the OS is earlier than 8.4, then you need to use the last copper Ethernet port.

     

    I hope this helps,