Setting up ZTP on a trusted network

The following procedure is an overview of setting up a Zero Touch Provisioning (ZTP) environment to provision newly installed switches automatically. The procedure is intended for network administrators who are familiar with automatically provisioning switches in a network, and does not provide detailed information about configuring or managing switches.

  1. For each switch model to be provisioned using ZTP, do the following:
    1. Obtain the switch firmware image file.
    2. Prepare the switch configuration file. The configuration file becomes the running configuration and the startup configuration on the switch.
  2. Set up a TFTP server and record its IP address. The address is required when you set up the DHCP server. The switch must be able to reach the TFTP server and DHCP server, either on the same subnet, or on a remote subnet via DHCP relay.

    Switches support provisioning through a network connected to a data port or through a network connected to the management port.

  3. Publish the configuration files and image files to the TFTP server. You need to know the locations of the files and the IP address of the TFTP server when you set up the vendor class options on the DHCP server.
  4. On the DHCP server, set up vendor classes for each switch model you plan to provision. To do this you need the following information:
    • The IP address of the TFTP server. Using a host name is not supported.

    • The path to the switch configuration and firmware image files on the TFTP server.

    • The vendor class identifier (VCI) for each switch model.

      You can obtain the VCI by entering the show dhcp client vendor-class-identifier command from a switch CLI command prompt in the manager context. The VCI is the text string in the response that starts with Aruba.

      For example:

      switch# show dhcp client vendor-class-identifier
      Vendor Class Identifier:  Aruba xxxxx xxxx

      Where x indicates the switch model number.

  5. At the installation site, provide the switch installer with a Cat6 network cable connected to the network that includes the DHCP and TFTP servers, and information about the switch port to use. The switch installer plugs the cable into the data port you specify.

    The ZTP operation begins when power is applied to the switch after the network cable is installed.

  6. Assuming the downloaded configuration includes a way to access the CLI of the switch, you can enter the following command to show the options offered by the DHCP server and the status of the ZTP operation:

    show ztp information