ON THIS PAGE
Obtaining Configurations and Software Image Without User Intervention Using Phone-Home Client
The phone-home client (PHC) enables the device to securely obtain bootstrapping data, such as a configuration or software image, with no user intervention other than having to physically connect the device to the network.
PHC depends on the following software and utilities to operate:
Connectivity to redirect server and phone-home server (PHS)
SLAX support for configuration commits
Factory default configuration
Mechanism to retrieve device serial number
SHA1/MD5 utilities to verify software image
Basic utilities like GREP and AWK
Understanding the Phone-Home Client
PHC enables the device to securely obtain bootstrapping data, such as a configuration or software image, with no user intervention other than having to physically connect the device to the network. When the device first boots, PHC connects to a redirect server, which then redirects to PHS to get the configuration or software image.
Similar to DHCP-based ZTP, the device must be in factory default state in order for PHC to provision the device. If the device is not in factory default state, you can issue the request system zeroize command to bring the device back to the factory default state.
Understanding the Redirect Server Configuration
By default, the factory default configuration includes the redirect server URL, which is https://redirect.juniper.net.
Understanding Interoperability Between the Phone-Home Client and DHCP-Based ZTP
Both PHC and the DHCP-based ZTP methods are available. To avoid conflicts between these two provisioning methods, the following steps are taken when the device boots up:
Provisioning does not start if the device is not in factory default mode. If the device is not in factory default mode, issue the request system zeroize command.
If the DHCP client receives either partial or complete DHCP options, PHC is aborted, and DHCP-based ZTP attempts to provision the device until it is successful.
If the DHCP client does not receive DHCP options, PHC attempts to provision the device until it is successful.
If PHC fails to connect to the redirect server, however, DHCP-based ZTP attempts to provision the device. Both provisioning methods attempt to provision the device until one method is successful.
Understanding the Phone-Home Client Process
The following steps take place when PHC is launched:
PHC connects to the redirect server.
The device downloads and installs the software image from PHS.
If the software upgrade fails, the process starts over.
The device reboots, and PHC validates the installed software image when the device comes back online.
The device downloads the configuration.
If a script (either pre-configuration script, post-configuration scripts, or both) was received as part of the configuration, the following happens:
PHC supports both Python and shell scripts.
The pre-configuration script is executed.
The configuration received from the redirect server is committed.
The post-configuration script is executed.
PHC sends a bootstrap-complete message to the PHS.
PHC cleans up the downloaded resources.
The phone-home configuration, along with any supporting configuration, is deleted from the device.
If any of the above steps fail, the phone-home process starts over again from the beginning, and a bootstrap failure error message is sent to PHS
Understanding the Configuration File Format for the Phone-Home Client
PHC supports XML as the file format for the configuration file.
For example, the configuration file format looks like this:
[ Configuration in XML format ]
Currently, only the merge and override CLI commands are supported on configurations received by the PHC.
Understanding Pre-Configuration and Post-Configuration Scripts
You can include pre-configuration and post-configuration scripts on PHS in addition to, or instead of, using the Junos OS CLI. Embed the scripts in base64 encoded format. PHC extracts the encoded scripts from the bootstrap information received from PHS, decodes, and then runs the decoded scripts at the appropriate stages of provisioning.
Verifying that the Phone-Home Client Downloaded the Configuration and Software Image
To verify the progress of the phone-home process, you can view the notification.xml file on PHS.