Introduction to Zero Touch Provisioning(ZTP)
Viptela provides the automatic provisioning of the vEdge routers by a process called Zero touch provisioning where the vEdge router join the overlay network without the manual intervention. Only pre-requisite to get the ZTP working on vEdge is to have internet connectivity so that we can get DHCP address from that internet circuit and also get public DNS reachability.
By default factory setting when a vEdge router boots it will try to contact to a URL ztp.viptela.com which is a service hosted by Cisco on the public cloud/internet.
How Zero Touch Provisioning works?
The complete steps for the ZTP process on Hardware vEdge routers are listed as below:
- vEdge router after having internet connectivity boots up.
- The router then sends a DHCP discover message and tries to get an IP from the DHCP server of internet service provider.
- If the DHCP server is reachable the router will get an IP address for its ZTP interface.
- If no DHCP server is reachable the router will then initiate a process called automatic IP detection to get its ZTP interface address.
- Once the ZTP interface gets the IP address from DHCP or auto IP, router will send a DNS resolution request for ztp.viptela.com to public DNS server.
- The DNS server on receiving this request will verify the vEdge router and will send back the IP address of the vBond orchestrator of particular organization.
- The router then tries to reach the vBond public IP and authenticates itself with vBond by sharing its chassis number and serial number. vBond is also authenticated at the vEdge router side.
- Post the successful authentication and validation, vBond shares the IP address of vManage and vSmart with vEdge.
- The vEdge router then proceeds to connect to vManage and mutual authentication & validation takes place. Once the authentication and validation is complete vManage gives the vEdge its system IP address.
- The router re-establishes a connection to the vBond orchestrator using its system IP address.
- The router re-establishes a connection to the vManage NMS using its system IP address and downloads its full configuration.
- The vEdge router also does mutual authentication and validation with vSmart controllers using its system IP.
- Once the authentication and validation succeeds the vEdge router successfully joins the Viptela overlay network.
Note: For the ZTP process to succeed, the vManage NMS must contain a device configuration template for the vEdge router. If the NMS has no template, the ZTP process fails.