Zero Touch Provisioning (ZTP) Commands

This chapter describes the commands that can be used to manually invoke Zero Touch Provisioning (ZTP).

Manually invoking ZTP helps you to provision the router in stages and it is ideal to test configurations without having to restart a router.

For more information about ZTP, see ZTP chapter in the System Management Configuration Guide for Cisco NCS 5500 Series RoutersSystem Management Configuration Guide for Cisco NCS 540 Series RoutersSystem Management Configuration Guide for Cisco NCS 560 Series Routers.

ztp bootz-server

To store the bootstrap server information that the router receives from the Bootz server during the initial boot process, use the ztp bootz-server command in XR Config mode.

When the standby control cards or line cards are inserted dynamically on the router, the ZTP-Bootz workflow uses this server information to communicate with the Bootz server and obtain the ownership vouchers for the standby control cards or line cards based on the serial number of the cards.

ztp bootz-server ip ip-address port port { trust-anchor trust-anchor }

Syntax Description

ip ip-address

Specifies the IPv4 or IPv6 address or hostname of the Bootz server.
port port

Specifies the port number of the Bootz server.
trust-anchor trust-anchor

Specifies the trust anchor certificate path for the Bootz server.

Command Default

No default behavior or values

Command Modes

XR Config mode

Command History

Release

Modification

Release 24.3.1

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Examples

This example shows how to configure the ztp bootz-server command by providing the trust anchor certificate path for the Bootz server. 

RP/0/RP0/CPU0:ios(config)#ztp bootz-server ip 1.1.1.1 port 5000 trust-anchor /misc/disk1/ta.cert

This example shows the stored server information.

RP/0/RP0/CPU0:ios#show running-config ztp
Thu Aug 29 12:35:07.013 IST
ztp
 bootz-server ip 1.1.1.1 port 5000 trust-anchor /misc/disk1/ta.cert action none
!

ztp breakout

Manual Zeo Touch Provisioning (ZTP) invocation using CLI commands allows ZTP to run over more interfaces.

To invoke platform interface discovery before invoking DHCP, use the ztp breakout command in EXEC mode.

.

ztp breakout [ debug ] [ verbose ]{[ nosignal-stay-in-breakout-mode ] | [ nosignal-stay-in-state-noshut ] | [ hostname ] | [ apply configuration ]}

Syntax Description

debug

Run with additional logging to the console(cisco-support)
verbose

Run with logging to the console(cisco-support).
apply configuration

XR configuration commands to apply(cisco-support)
hostname

XR hostname to set(cisco-support)
nosignal-stay-in-breakout-mode

On no signal, prefer interfaces to remain in breakout mode(cisco-support)
nosignal-stay-in-state-noshut

On no signal, prefer interfaces to be noshut(cisco-support)

Command Default

No default behavior or values

Command Modes

EXEC

Command History

Release Modification

Release 7.0.1

This command was introduced.

Usage Guidelines

Use the ztp breakout command to perform a 4x10 breakout detection on all 40 Gigabit ports. By default if no link is detected on any of the four 10Gigabit interfaces, the port will remain in 40 Gig mode. The nosignal-stay-in-breakout-mode argument will force the port in breakout mode when all breakout interfaces from the same physical port have no signal locked, and place the four 10Gigabitinterfaces in shutdown mode. The nosignal-stay-in-state-noshut argument will leave the port in breakout mode and place the four 10Gigabit interfaces in no shutdown mode.

No progress logs are shown by default, although there will be XR syslogs for important events. If you wish to see more logs, add verbose after the ztp terminate command. If these logs are not enough, add debug before verbose .

Logs can be found in disk0:/ztp/ztp.log.

ztp clean

Manual Zeo Touch Provisioning (ZTP) invocation using CLI commands allows ZTP to run over more interfaces.

To remove all Zero Touch Provisioning (ZTP) logs and settings saved on disk, use the ztp clean command in EXEC mode.

ztp clean [ debug ] [ verbose ]

Syntax Description

debug

Run with additional logging to the console(cisco-support).
verbose

Run with logging to the console(cisco-support)

Command Default

No default behavior or values

Command Modes

EXEC

Command History

Release Modification

Release 7.0.1

This command was introduced.

Usage Guidelines

If you wish to run ZTP as if from a clean boot, use the ztp clean command to remove all ZTP logs and settings. Use commit replace to reload, and then ZTP will run again as if from first boot.

No progress logs are shown by default, although there will be XR syslogs for important events. If you wish to see more logs, add verbose after the ztp clean command. If these logs are not enough, add debug before verbose .

Logs can be found in disk0:/ztp/ztp.log.

Examples

This example shows how to remove all ZTP files saved on disk:

RP/0/RP0/CPU0:router#ztp clean verbose
Mon Oct 10 17:03:43.581 UTC
Remove all ZTP temporary files and logs? [confirm] [y/n] :y
All ZTP files have been removed.
If you now wish ZTP to run again from boot, do 'conf t/commit replace' followed by reload.

ztp initiate

To invoke a new ZTP DHCP session, use the ztp initiate command in EXEC mode.

ztp initiate {[ apply configuration ] | [ dataport ] | [ dhcp4 ] | [ dhcp6 ] | [ dhcp4-client-identifier ] | [ dhcp6-client-identifier ] | [ dscp value ] | [ dscp6 value ] | [ hostname ] | [ interface ] | [ management ] | [ noprompt ]} [ debug ] [ verbose ]

Syntax Description

debug

Run with additional logging to the console(cisco-support)
verbose

Run with logging to the console(cisco-support)
apply configuration

XR configuration commands to apply(cisco-support)
dataport

Send DHCP requests on all ADMIN UP physical LC interfaces.
dhcp4

Send only DHCP IPv4 requests(cisco-support)
dhcp6

Send only DHCP IPv6 requests(cisco-support)
dhcp4-client-identifier

Override default dhcp-client-identifier(cisco-support)

dhcp6-client-identifier

Override default dhcp6-client-id(cisco-support)
dscp value

DSCP/Prec Value(cisco-support)
dscp6 value

DSCP6/Prec Value(cisco-support)
hostname

XR hostname to set(cisco-support)
interface

Send DHCP requests only on the given interface(cisco-support)
management

Send DHCP requests on the platforms management interface(cisco-support)
noprompt

Run without prompting(cisco-support)

Command Default

No default behavior or values

Command Modes

EXEC

Command History

Release Modification

Release 7.0.1

This command was introduced.

Usage Guidelines

Use the ztp initiate command to forceably inititate the ZTP, ignoring username configuration. ztp initiate allows the execution of a script even when the system has already been configured. This command is useful for testing ZTP without forcing a reload. This command is particularly useful to test scripts or if some manual operations are required before provisioning the box. ztp initiate can specify any data interfaces and management interface on the system to be used for the whole ZTP process. If you don't specify an interface, ztp will be invoked on management interface only.

No progress logs are shown by default, although there will be XR syslogs for important events. If you wish to see more logs, add verbose after the ztp initiate command. For more details, add debug before verbose .

Logs can be found in disk0:/ztp/ztp.log.

Examples

This example shows how to bring up the interface manually:


RP/0/RP0/CPU0:router#ztp initiate debug verbose interface TenGigE 0/0/0/0
Invoke ZTP? (this may change your configuration) [confirm] [y/n] :

This example shows how to get rid of the prompting:


RP/0/RP0/CPU0:router#ztp initiate noprompt
Mon Jun 27 20:40:10.353 UTC
ZTP will now run in the background.
Please use "show logging" or look at /disk0:/ztp/ztp.log to check progress.

This example shows how to invoke the breakout discovery and ZTP, ZTP is invoked on the interfaces which are up:


RP/0/RP0/CPU0:router# ztp breakout debug verbose
RP/0/RP0/CPU0:router# ztp initiate dataport debug verbose
Invoke ZTP? (this may change your configuration) [confirm] [y/n] :

ztp terminate

To terminate all existing Zero Touch Provisioning (ZTP) processes, use the ztp terminate command in EXEC mode.

ztp terminate [ debug ] [ verbose ] [ noprompt ]

Syntax Description

debug

Run with additional logging to the console(cisco-support).
verbose

Run with logging to the console(cisco-support)
noprompt

Run without prompting(cisco-support)

Command Default

No default behavior or values

Command Modes

EXEC

Command History

Release Modification

Release 7.0.1

This command was introduced.

Usage Guidelines

If you want to terminate an already running ZTP process, use the ztp terminate command. Be careful to use the ztp terminate command because unproperly usage of this command may leave your system in a partially configured state.

No progress logs are shown by default, although there will be XR syslogs for important events. If you wish to see more logs, add verbose after the ztp terminate command. If these logs are not enough, add debug before verbose .

Logs can be found in disk0:/ztp/ztp.log.


Note

Unproperly cleanup of the interface IP configuration in Linux in the XR namespace may cause the same IP present in the global Virtual Routing and Forwarding (VRF) and XR namespace at the same time.

Examples

This example shows how to terminate the ZTP sessions in progress:

RP/0/RP0/CPU0:router#ztp terminate verbose
Mon Oct 10 16:52:38.507 UTC
Terminate ZTP? (this may leave your system in a partially configured state) [confirm] [y/n] :y
ZTP terminated