Skip to main content
Cisco SD-WAN
Support
Product Documentation
Viptela Documentation

Prepare vEdge Routers for ZTP

  1. Last updated
  2. Save as PDF

Viptela provides an automatic provisioning software as a service (SaaS) called zero-touch provisioning (ZTP), which allows hardware vEdge routers to join the overlay network automatically. The ZTP process begins when you power on a hardware vEdge router for the first time.

For the ZTP process to work:

  • The edge or gateway router at the site where the hardware vEdge router is located must be able to reach public DNS servers. It is recommended that they be configured to reach the Google public DNS servers 8.8.8.8 and 8.8.4.4.
  • The edge or gateway router at the site must be able to reach ztp.viptela.com.
  • A network cable must be plugged into the interface that the hardware router uses for ZTP. These interfaces are:
    • For vEdge 1000 routers: ge0/0
    • For vEdge 2000 routers: ge2/0
    • For vEdge 100 series routers: ge0/4

The ZTP process occurs in the following sequence:

  1. The hardware vEdge router powers up.
  2. The router attempts to contact a DHCP server, sending a DHCP discovery message.
    1. If a DHCP server is present in the network, the router receives a DHCP offer message that contains the IP address of its ZTP interface. Then, the ZTP process continues with Step 3.
    2. If no DHCP server is present and so the router does not receive a DHCP offer, the router initiates an automatic IP address detection process (sometimes called auto-IP). This process examines the ARP packets on the subnetwork and, from these packets, it infers the IP address of the ZTP interface. Then, the ZTP process continues with Step 3.
  3. The router contacts a DNS server to resolve the hostname ztp.viptela.com and receives the IP address of the Viptela ZTP server
  4. The router connects to the ZTP server. The ZTP server verifies the vEdge router and sends the IP address of the vBond orchestrator. This is a vBond orchestrator that is in the same organization as the vEdge router.
  5. The router establishes a transient connection to the vBond orchestrator and sends its chassis ID and serial number. (At this point in the ZTP process, the router does not have a system IP address, so the connection is established with a null system IP address.) The vBond orchestrator uses these two numbers to verify the router. The vBond orchestrator then sends the IP address of the vManage NMS to the router.
  6. The router establishes a connection to the vManage NMS and is verified by the NMS. The vManage NMS sends the router its system IP address.
  7. The router re-establishes a connection to the vBond orchestrator using its system IP address.
  8. The router re-establishes a connection to the vManage NMS using its system IP address. If necessary, the NMS pushes the proper software image to the vEdge router. As part of the software image installation, the router reboots.
  9. After the reboot, the router re-establishes a connection to the vBond orchestrator, which again verifies the router.
  10. The router establishes a connection to the vManage NMS, which pushes the full configuration to the router. (If the router has rebooted, it re-establishes a connection to the vManage NMS.)
  11. The router joins the organization's overlay network.

Note: For the ZTP process to succeed, the vManage NMS must contain a device configuration template for the vEdge router. If the NMS has no template, the ZTP process fails.

Using ZTP on Non-Wireless Routers

The default configuration that is shipped on non-wireless hardware vEdge routers includes the following commands that allow the ZTP process to occur automatically:

  • system vbond ztp.viptela.com—Configures the initial vBond orchestrator to be the Viptela ZTP SaaS server.
  • vpn 0 interface ip dhcp-client—Enables DHCP on one of the interfaces in VPN 0, which is the transport interface. Note that the actual interface in the default configuration varies by router model. This interface must be connected to the Internet, MPLS, metro Ethernet, or other WAN network.

Warning: For ZTP to work, do not modify or delete either of these configuration commands before you connect the vEdge router to a WAN.

Using ZTP on Wireless Routers

The vEdge 100m and vEdge 100wm are wireless routers. On these routers, ZTP is supported using both the cellular and the Ethernet interfaces.

Note: In Release 16.3, you cannot use the LTE USB dongle on a vEdge 1000 router for ZTP.

The vEdge 100m router supports software Releases 16.1 and later. If the vEdge 100m router is running Release 16.2.10 or later, it is recommended, when performing ZTP, that the vManage NMS also be running Release 16.2.10 or later.

The vEdge 100wm router supports software Releases 16.3 and later.

The default configuration that is shipped on wireless hardware vEdge routers includes the following commands that allow the ZTP process to occur automatically on the cellular interface:

  • system vbond ztp.viptela.com—Configure the initial vBond orchestrator to be the Viptela ZTP SaaS server.
  • vpn 0 interface cellular0 ip dhcp-client—Enable DHCP on one of the cellular interface called cellular0 in VPN 0, which is the transport interface. This interface must be connected to the cellular network.
  • vpn 0 interface cellular0 technology—Associate a radio access technology (RAT) with the cellular interface. In the default configuration, the RAT is set to lte. For ZTP to work, you must change this value to auto.
  • vpn 0 interface cellular0 profile 0—Enable automatic profile selection. For firmware-dependent mobile carriers, the automatic profile uses the firmware default values. For other carriers, the automatic profile uses the Mobile Country Code/Mobile Network Code (MCC/MNC) values on the SIM card. One exception is the vEdge 100m-NT: The automatic profile tries OCN MVNO APN before the firmware default, which is NTT Docomo. If the router finds a matching entry, it autocreates profile 16, which is used for the ZTP connection. To check which profile is being used for the active ZTP connection, look at the Active profile entry in the show cellular sessions command output.
    The profile 0 configuration command recognizes the MCCs and MCNs listed in the table below. If your MCC/MNC is supported, you do not need to configure them in the Cellular Profile feature template or with the profile command. If your MCC/MNC is not supported, you must configure them manually, using the Cellular-Profile configuration template or the profile CLI command.
     
    Mobile Country Code (MCC) Country Mobile Network Code (MNC) Profile Name APN vEdge SKU
    United States AT&T Broadband 100m-AT, 100wm-AT
    United States Sprint 100m-SP, 100wm-SP
    United States Verizon vzwinternet 100m-VZ, 100wm-VZ
    214 Spain 07 Telefonica movistar.es 100m-GB, 100wm-GB
    234 United Kingdom 30 Everything everywhere 100m-GB, 100wm-GB
    310 United States 260 T-Mobile fast.t-mobile.com 100m-NA, 100wm-NA
    404 India 45 Airtel airtelgprs.com 100m-GB, 100wm-GB
    440 Japan 10 OCN lte-d.ocn.ne.jp 100m-NT, 100wm-NT
    452

    Vietnam

    		 04 ViettelMobile v-internet 100m-GB, 100wm-GB
    466 Taiwan 92 Chunghwa internet 100m-GB, 100wm-GB
    502 Malaysia 13 CelCom celcom3g 100m-GB, 100wm-GB
    502 Malaysia 19 CelCom celcom3g 100m-GB, 100wm-GB
    505 Australia 01 Telstra telstra.internet 100m-GB, 100wm-GB
    505 Australia 02 Optus connect 100m-GB, 100wm-GB
    505 Australia 03 Vodaphone live.vodafone.com 100m-GB, 100wm-GB
    525 Singapore 01 Singtel internet 100m-GB, 100wm-GB
    525 Singapore 02 Starhub shppd 100m-GB, 100wm-GB
    716 Peru 06 Telefonica movistar.pe 100m-GB, 100wm-GB
    716 Peru 17 Entel entel.pe 100m-GB, 100wm-GB
    724 Brazil 10 Vivo zap.vivo.com.br 100m-GB, 100wm-GB

If you need to use vManage configuration templates to create the portions of the default configuration that allow ZTP to occur automatically, use the VPN-Interface-Cellular feature template. The following figure shows that in the upper portion of the template the Profile ID field is set to 0 and that in the Tunnel Interface tab the tunnel interface is enabled. In Releases 16.3.1 and later, the Technology field has been added, and the default value is "lte". To match the vEdge router's ZTP cellular0 configuration, change the value to "auto".

The following figure shows, in the Advanced tab, that the default cellular MTU configuration is 1428 bytes:

The following guidelines help to troubleshoot issues that can occur when using ZTP from a wireless router:

  • For ZTP to work correctly, ensure that you are using the correct SIM with the correct modem model (SKU).

  • If the default profile APN is not configured correctly, the ZTP process does not work correctly. If ZTP does not work, issue the show cellular status command to display the error. If an error occurs, configure the appropriate APN and retry the ZTP process.

  • For SKUs that do not have default profile APN configurations, such as Generic (MC7304) and North America (MC7354) SKUs, if the automatic profile selection does not detect the APN on the SIM card, configure the profile, including an APN. If the router has a second circuit that has access to the vManage NMS, add the profile information, including the APN, to the feature configuration template and then push the device template to the cellular router. Otherwise, configure the profile on the cellular router from the CLI, including an APN.

  • To check whether the router is unable to detect the SIM card, issue the show cellular status command. Check for the SIM Read error. To correct this problem, insert the SIM card correctly in the router.

  • In Release 16.3.0, after you run ZTP on a cellular router, the cellular interface is in a no shutdown state Because of this, the vManage NMS is unable to push a device configuration template to the router. To correct this problem, from the CLI on the router, configure the cellular interface state to be in shutdown state.

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. There are no recommended articles.
  1. Article type
    Topic
  2. Tags
    This page has no tags.