Val:~$ whoami

I am Val Glinskiy, network engineer specializing in data center networks. TIME magazine selected me as Person of the Year in 2006.

Search This Blog

Wednesday, June 18, 2014

Auto Provisioning

Network automation is hot topic lately and has been my favorite past time for quite a while. While vendors provided tools to make changes on the switches and routers - Cisco Works come to mind - getting initial configuration on the switch was still manual process. Network operators would come up with some kind of template in Excel or text file and then replace host name and management IP address. To get initial configuration on the switch, one would use copy/paste, a process prone to errors, or upload text file to the switch and copy it to startup-config or candidate configuration. Latter process required configured management IP address and default gateway.  In addition to that operators had to upgrade/downgrade operating system.
Fast forward to today's era of Chef/Puppet/Ansible/Other appropriated household word. Cisco came up with (and Arista duly replicated) Power-on Auto Provisioning for its Nexus switches, POAP for short. In DHCP option 67 you need to provide Python script name that switch will download and execute. Arista also supports Bash scripts. Cisco even provides a script that can upgrade NX-OS and download corresponding configuration file based on one of the following parameters: switch name, management interface MAC address, serial number or CDP neighbors. You can write your own script to generate configuration on the fly.
Juniper came up with somewhat catchier name - Zero Touch Provisioning. It does not allow you run scripts. Juniper touted Junos as first network operating system that allowed scripts long before Cisco came up with EEM. Also, you have to use DHCP vendor options to encode configuration file name and Junos image file name.  So, in your DHCP server you have to put something like this: 0x00306a696e7374616c6c2d7166782d332d31332e325835302d4431352e332d646f6d65737469
632d7369676e65642e74677a0111646e6a722d6c61622d716678312e636667. Not very informative. Juniper promised to implement SLAX script support in near future and abandon DHCP vendor option in favor of option 67. Python support might come later.