ZTP+ Device Configuration

Using Extreme Networks' ZTP+ (Zero Touch Provisioning Plus) functionality, you can quickly add new ZTP+-enabled devices to your network and configure them in ExtremeCloud IQ Site Engine.

Typically, when adding a new device to the network, a network administrator connects a console cable to the device to access the local console and manually configure the device.

	IMPORTANT:	Stacked ExtremeXOS/Switch Engine systems must be running ExtremeXOS/Switch Engine version 30.3 or later to support ZTP+ configuration.

In ExtremeCloud IQ Site Engine, new devices are automatically discovered on the network the moment they are connected. ZTP+-enabled devices send information to ExtremeCloud IQ Site Engine automatically, including the serial number, the number and speed of the ports, and the firmware version. When a ZTP+-enabled device is connected, you can add it to ExtremeCloud IQ Site Engine with minimal server configuration. In addition, the latest updates are automatically downloaded to the new device. This process minimizes the amount of time needed to configure a new device and deploy it on the network.

Prerequisites

Before connecting your devices, configure the following:

• Select the Reference Firmware Image Location
• Default Device Configuration in ExtremeCloud IQ Site Engine
• Download XMODs (ExtremeXOS/Switch Engine devices only)
• General Network Configuration
• NOS Persona Change from Switch Engine to Fabric Engine

Select the Reference Firmware Image Location

You can configure ExtremeCloud IQ Site Engine to automatically update your device's firmware and application versions. When upgrading the firmware image on your device, access the appropriate firmware image for your version from ExtremeNetworks.com and save it on your server to a directory you configure in ExtremeCloud IQ Site Engine. After the firmware image is saved on the ExtremeCloud IQ Site Engine server, it is available in ExtremeCloud IQ Site Engine and can be downloaded to the device.

For the device to recognize a new version is available, the firmware image must be downloaded from ExtremeNetworks.com to your server and saved in a directory you configure in ExtremeCloud IQ Site Engine.

To configure the file transfer directory:

1. Access the Options tab.
2. Select Inventory Manager in the left panel.
3. Enter the Firmware Directory Path in either the FTP Server Properties, SCP Server Properties, or TFTP Properties section of the right panel, depending on the file transfer settings used.
4. Download the latest firmware image for your device from ExtremeNetworks.com and save it in the specified directory.

When you download the firmware image from ExtremeNetworks.com and save it on the ExtremeCloud IQ Site Engine server, use the Firmware tab in ExtremeCloud IQ Site Engine to download the image from the ExtremeCloud IQ Site Engine server to the device.

1. Access the Network > Firmware tab.
2. Expand the Device Type navigation tree in the left-panel for the device family you are configuring and select the folder for the type of device.
3. Right-click the firmware file you downloaded (specified in the section above) and select Set as Reference Image.

Your device automatically updates with this firmware image when it restarts and is logged in the Event log with a Category of Inventory.

Default Device Configuration in ExtremeCloud IQ Site Engine

Before connecting your devices, you can configure the default settings that ExtremeCloud IQ Site Engine applies to all devices you add to the network. This is accomplished using the Site tab.

1. Access the Devices tab in ExtremeCloud IQ Site Engine.
2. Expand the World Site navigation tree and select the map in the left panel into which you are adding the devices.
3. Select the Site tab in the right panel.

4. Select the Automatically Add Devices checkbox in the Discovered Device Actions section and any other actions you want to occur on your devices discovered in ExtremeCloud IQ Site Engine.
   G
   
   
   

5. Use the Custom Configuration section to automatically run a script on devices being added to the site, if necessary.
   
   

   CAUTION:

   If the script or workflow task selected for the Custom Configuration restarts the device, other actions selected to execute during discovery might not execute (for example, Add Trap Receiver).

6. Select Add Device to Policy Domain or Add Device to ExtremeControl Engine Group to automatically add devices being added to the site to a Policy Domain or ExtremeControl engine group.
7. Add the VLANs that are used on your devices on the VLAN Definition tab by selecting the Add button and entering the Name and VID.
8. Use the Port Templates tab to create a port configuration, if necessary.
9. Enter the Gateway Address, Domain Name, and DNS Server address on the ZTP+ Device Defaults tab. Additionally, you can configure the NTP Server address and select the protocols to enable on your devices, if necessary.
10. Select Save.
    
    The default configuration for this site is complete and any devices you discover with this site selected use this criteria.

Download XMODs (ExtremeXOS/Switch Engine devices only)

XMODs are files that work in conjunction with firmware image upgrades to enhance ZTP+ functionality on ExtremeXOS/Switch Engine devices as well as provide bug fixes for existing features. Like firmware image upgrades, they are posted by Extreme Networks on github and ExtremeNetworks.com. Save XMODs in the directory you specify in the Firmware Directory Path field. Do not set an XMOD as the reference image.

IMPORTANT:

ExtremeXOS devices running version 21.1.1.4 require an update to the CloudConnector XMOD for ZTP+ to function properly. Save the most recent XMOD in the Firmware Directory Path specified above to update the device, allowing ZTP+ to function as intended. Recent ExtremeXOS/Switch Engine firmware images already include the CloudConnector XMOD, and no updates are required for ZTP+ functionality. If multiple CloudConnector XMOD files exist in the same directory on the ExtremeCloud IQ Site Engine server as the reference image, ExtremeCloud IQ Site Engine downloads the XMOD file with the higher version number on the device.

General Network Configuration

In order for the switch to communicate to the ExtremeCloud IQ Site Engine server:

• The DHCP Server needs to return a DNS Server and Domain Name to the ZTP+ device.
• The DNS Server needs to map the name extremecontrol.<domain-name> to the IP address of the ExtremeCloud IQ Site Engine server.

NOS Persona Change from Switch Engine to Fabric Engine

You can configure the ExtremeCloud IQ Site Engine to change the persona of a switch from Switch Engine to Fabric Engine during the ZTP+ process. For the persona change to occur, you must:

• Upload the Fabric Engine firmware to both the TFTP and SFTP directories (Network > Firmware > Upload...)
• Configure the Fabric Engine firmware in the SFTP directory as a reference image
• Configure the NOS Persona Change field as To Fabric Engine for a specific site, or manually during the ZTP+ process

Adding the Device to the ExtremeCloud IQ Site Engine Database

Now that the default criteria is configured for devices added to the World Site and you set up the DHCP and DNS servers allowing the device to communicate with the ExtremeCloud IQ Site Engine database, connect the device and add it to ExtremeCloud IQ Site Engine.

1. Connect the device to your network.
   
   ZTP+ enabled devices communicate with ExtremeCloud IQ Site Engine securely via an HTTPS connection and transmit information to ExtremeCloud IQ Site Engine, including the serial number, firmware version, MAC address, operating system, and port information. ExtremeCloud IQ Site Engine determines the status of devices and if new updates are available in the Firmware tab and set as Reference images, they are automatically installed.

2. Open the Discovered tab in ExtremeCloud IQ Site Engine.
   
   The device is listed with a Status of ZTP+ Pending Edit, indicating the device configuration needs to be edited before adding it to the ExtremeCloud IQ Site Engine server.
   
   

3. Select the device and select the Configure Devices button.
   
   The Configure Device window opens.
   
   
   

4. Select the Default Site for the device.
5. Select the Poll Group for the device, which indicates the frequency with which ExtremeCloud IQ Site Engine checks for new configurations or updates.
6. Select the appropriate Poll Type, which determines how devices are managed on your network:
   
   • ZTP Plus — Devices are polled using ZTP+ functionality.
   • SNMP — After devices are added to ExtremeCloud IQ Site Engine via ZTP+, devices are polled using SNMP and are managed manually.
7. Open the ZTP+ Device Settings tab.
8. Configure the fields on the ZTP+ Device Settings tab to determine how the device is managed by ExtremeCloud IQ Site Engine using ZTP+ functionality.

9. Open the Ports section of the window by selecting the section heading.
   
   The Ports section opens, displaying the ports transmitted by the device to ExtremeCloud IQ Site Engine when connected to the network.
   
   

10. Select a port in the list to configure the port Name, Alias, Configuration, or port VLAN ID.
    
    You can also add and delete ports by selecting the Add and Delete buttons, respectively:
    1. Enter the port Alias.
    2. Select the port Configuration, which is its role or purpose for the device.
       • Access — The port provides access to end-systems.
       • Interswitch — The port connects the switch to another switch.
       • Management — The port is used to manage the network via ExtremeCloud IQ Site Engine.
    3. Enter a VLAN ID for the port in the PVID field.
    4. Configure the port Speed and Duplex.
       
11. Open the ZTP+ VLAN Definition section of the window by selecting the section heading.
    
    The ZTP+ VLAN definition section opens, containing any VLANs you configured on the Site tab.
    
    
12. Add any device-specific VLANs to those already included in the list by selecting the Add button.
13. Change any incorrect fields in the Device, Device Annotation, or Discovered Device Actions sections.
14. Select Save at the bottom of the window.
    
    The device is added to the ExtremeCloud IQ Site Engine database and moves from the Discovered tab to the Devices tab.
    

	NOTES:	If you did not select Automatically Add Devices on the Site tab, the device remains on the Discovered tab with a Status of ZTP+ Complete. Select the device, select the Add Devices button (the Add Device window appears), and select the Add button to add the device to the ExtremeCloud IQ Site Engine database.
		In the event a configuration is not correctly transmitted to the switch or if connectivity is lost during any part of this process, the device resets and allows the process to restart.

The device Status (displayed on the Discovered tab) is now ZTP+ Staged, indicating ExtremeCloud IQ Site Engine will push the configuration to the device the next time the device contacts ExtremeCloud IQ Site Engine.

When ExtremeCloud IQ Site Engine pushes the configuration to the device, the device Status is ZTP+ Complete.

ExtremeCloud IQ Site Engine generates an event indicating it is upgrading a device image, when the device image is upgraded to the latest version, and when a configuration is sent to a device.

ExtremeAnalyticsEngine ZTP+ Configuration

Using Extreme Networks' ZTP+ (Zero Touch Provisioning Plus) functionality, you can quickly add new ExtremeAnalyticsengines to your network and configure them in ExtremeCloud IQ Site Engine.

	IMPORTANT:	Logging in to the engine and running the initial engine configuration script will result in the ZTP+ configuration process being shutdown.

Once ZTP+ enabled devices are configured and connected in ExtremeCloud IQ Site Engine, you can view important data and flow collector information on the ExtremeAnalytics tab.

General Network Configuration

In order for the engine to communicate with the ExtremeCloud IQ Site Engine server:

• The DHCP Server needs to return a DNS Server and Domain Name to the ZTP+ device.
• The DNS Server needs to map the name extremecontrol.<domain-name> to the IP address of the ExtremeCloud IQ Site Engine server.

Once ExtremeCloud IQ Site Engine and the ZTP+ device are pre-configured, you can add the site definition to the ExtremeCloud IQ Site Engine database.

Adding the Device to the ExtremeCloud IQ Site Engine Database

When the default criteria is configured for devices added to the World Site and you set up the DHCP and DNS servers allowing the device to communicate with the ExtremeCloud IQ Site Engine database, connect the device and add it to the Discovered tab.

1. Open the Discovered tab in ExtremeCloud IQ Site Engine.
   
   The device is listed with a Status of ZTP+ Pending Edit, indicating the device configuration needs to be edited before adding it to the ExtremeCloud IQ Site Engine server. Add the ZTP device settings and the flow source information.
   
   
2. Right-click the device and select Configure Devices tab from the drop-down list.
   
   The Configure Device window opens.

3. Select the ZTP+ Device Settings tab.
   
   

4. Configure the fields on the ZTP+ Device Settings tab to determine how the ExtremeAnalyticsengine is managed by ExtremeCloud IQ Site Engine using ZTP+ functionality.

5. Select the Flow Sources tab in the Configure Device window.
   
   

6. Select the ExtremeAnalyticsengine flow information.
   
   
1. Select the Add () button.
   
   The Add Flow Source window displays.
2. Select FC-180 from the Flow Source drop-down list.
   
3. Select the Source Ports from the drop-down list.

4. Select the Destination Port from the drop-down list.
   
   
   

5. Select the Enable Tunneling checkbox.
6. Select the Tunnel IP address from the drop-down list.
7. Select OK to complete the Flow Source configuration.

	NOTES:	If you did not select Automatically Add Devices on the Site tab, the ExtremeAnalyticsengine remains on the Discovered tab with a Status of ZTP+ Complete. Select the engine, select the Add Devices button (the Add Device window appears), and select the Add button to add the engine to the ExtremeCloud IQ Site Engine database.
		In the event a configuration is not correctly transmitted to the switch or if connectivity is lost during any part of this process, the engine resets and allows the process to restart.

Completing Configuration and Enforcing the Engine in ExtremeAnalytics

The engineStatus (displayed on the Discovered tab) is now ZTP+ Staged, indicating ExtremeCloud IQ Site Engine will push the configuration to the device the next time the device contacts ExtremeCloud IQ Site Engine.

Open the Configuration tab. The engine is configured with the ZTP+ enabled device and is displayed in the Overview window. Enforce the engine to complete the process.