Zero-Touch Provisioning Overview

Traditionally, the deployment of controllers was a multiple step process where the master controller information and local configurations were first pre-provisioned. After the managed device connected to the network, it established a secure tunnel to the master and downloaded the global configuration. ZTP Zero Touch Provisioning. ZTP is a device provisioning mechanism that allows automatic and quick provisioning of devices with a minimal or at times no manual intervention. automates deployment of managed devices plug-n-play. The managed device now learns the required information from the network and provisions itself automatically. ArubaOS allows a managed device to automatically get its local and global configuration and license limits from Mobility Master.

This section includes the following topics:

Why use ZTP?

ZTP Zero Touch Provisioning. ZTP is a device provisioning mechanism that allows automatic and quick provisioning of devices with a minimal or at times no manual intervention. offers the following advantages over a standard managed device configuration:

  • Simple deployment
  • Reduced operational cost
  • Limits to provisioning errors

A managed device configured using ZTP Zero Touch Provisioning. ZTP is a device provisioning mechanism that allows automatic and quick provisioning of devices with a minimal or at times no manual intervention. automatically discovers the Mobility Master, downloads its local configuration from that Mobility Master, and is provisioned with its device role, and country code.

 

The local configuration is the configuration that is specific to a managed device. That is, not the global configuration shared by a network of managed devices. This includes, but is not limited to, IP addresses and VLANs Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN..

Once the managed device is provisioned, it is ready to obtain its global configuration in either of two ways:

Device-specific configurations that are common across multiple devices can be modified from a central location using the bulk edit feature. Users can apply common device configurations to a group of devices without having to update each device individually. Bulk edit supports, but is not limited to, the following configurations:

Managed Device Provisioning Modes

The administrator has the choice of provisioning modes that select how the managed device is supplied with its own IP address, role, country code, and configuration settings.

Once the managed device learns the IP address of the primary Mobility Master, the managed device contacts that Mobility Master and retrieves its configuration from its assigned configuration node.

 

Before you deploy a managed device, use you must create a configuration for that device at a configuration node on Mobility Master. Mobility Master pushes this configuration to the managed device when the device becomes active on the network.

ArubaOS supports the following provisioning modes for managed devices:

Managed Device Address Pools

Each managed device needs a pool of addresses it can dynamically assign to APs or users on each of its VLANs Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN., and a separate IP address that managed device uses to create a GRE Generic Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. tunnel to Mobility Master. Mobility Master can assign IP these addresses to managed devices using dynamic address pools. These pools allow network administrators to create a generic configuration that provisions managed device interfaces with individual settings that are unique across branch offices. If managed devices are also serving as DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  servers for other devices at that location, smaller DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  pools for those individual branches can be dynamically carved out from a larger DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  pool.

ArubaOS 8.0.0.0 supports three different types of address pools that can be applied to a hierarchy node

Zero-Touch Provisioning Workflows

The managed device obtains its IP address through DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  by sending a DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  discover on the default uplink port. The default uplink port is configured as an access port in VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. 4094.

Next it will attempt to retrieve the provisioning parameters from Activate. If the managed device is unsuccessful in retrieving the provisioning parameters from Activate, it will retry in 30 seconds. The managed device keeps trying to retrieve the provisioning parameters from Activate every 30 seconds until it is successful or the administrator interrupts Auto-Provisioning by initiating mini-setup or full-setup.

To interrupt the auto provisioning process, enter the string mini-setup or full-setup at the initial setup dialog prompt shown below.

Auto-provisioning is in progress. Choose one of the following options to override or debug...

'enable-debug' : Enable auto-provisioning debug logs

'disable-debug': Disable auto-provisioning debug logs

'mini-setup' : Stop auto-provisioning and start mini setup dialog for smart-local role

'full-setup' : Stop auto-provisioning and start full setup dialog for any role

Enter Option (partial string is acceptable):_

ZTP Support Matrix

The following table provides information about the ZTP Zero Touch Provisioning. ZTP is a device provisioning mechanism that allows automatic and quick provisioning of devices with a minimal or at times no manual intervention. support for the platforms.

Table 1: ZTP Support for Platforms

ArubaOS Version

7005

7008

7010

7030

7024

7205

7210

7220

7240

7280

9004

9012

ArubaOS 8.2.2.6

0/0/3

0/0/7

0/0/15

0/0/7

0/0/23

0/0/0

0/0/1

0/0/5

0/0/5

N/A

N/A

N/A

ArubaOS 8.3.0.9

0/0/3

0/0/7

0/0/15

0/0/7

0/0/23

0/0/3

0/0/1

0/0/1

0/0/1

N/A

N/A

N/A

ArubaOS 8.4.0.4

All ports except 0/0/1

All ports except 0/0/1

All ports except 0/0/1

All ports except 0/0/1

All ports except 0/0/1

0/0/3

All ports except 0/0/1

All ports except 0/0/1

All ports except 0/0/1

N/A

N/A

N/A

ArubaOS 8.5.0.2

0/0/3

0/0/7

All ports except 0/0/1

All ports except 0/0/1

All ports except 0/0/1

0/0/3

All ports except 0/0/1

All ports except 0/0/1

All ports except 0/0/1

N/A

0/0/0

N/A

ArubaOS 8.6.0.0

All ports except 0/0/1

All ports except 0/0/1

All ports except 0/0/1

All ports except 0/0/1

All ports except 0/0/1

0/0/0

All ports except 0/0/0

All ports except 0/0/1

All ports except 0/0/1

N/A

0/0/0

0/0/0

ArubaOS 8.7.0.0

All ports except 0/0/1

All ports except 0/0/1

All ports except 0/0/1

All ports except 0/0/1

All ports except 0/0/1

0/0/0

All ports except 0/0/0

0/0/0

All ports except 0/0/1

N/A

0/0/0

0/0/0