Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Deployment Methods for ACX Routers

 

The zero touch deployment (ZTD) process includes two deployment methods: the Push method and the Pull method. These deployment methods can be used to deploy ACX routers across a wide variety of deployment scenarios.

Pull Method Overview

The Pull method involves the ACX router and a centralized configuration server:

  • The ACX router uses information obtained during the initial autoinstallation process to connect to the configuration server.

  • The configuration server has DHCP, TFTP, and FTP services enabled. It also stores Junos OS software images, configuration files, and scripts that automate the configuration process.

  • A basic configuration is loaded onto the ACX router from the configuration server.

  • A series of scripts enable the remaining steps of the ZTD process, such as applying a production configuration to the ACX router, upgrading its Junos OS version, and so on.

Push Method Overview

The Push method involves the ACX router and a centralized configuration server, with help from the Junos Space Network Management Platform:

  • The ACX router uses information obtained during the initial autoinstallation process to connect to the configuration server (which has DHCP, TFTP, and FTP services enabled).

  • A basic configuration is loaded onto the ACX router from the configuration server.

    • In scenarios where the ACX router does not have reachability to make the initial connection to the configuration server, the ZTD method is not possible. In these cases, a variation called one touch deployment is available. This method uses a USB drive to load the basic configuration onto the ACX locally. The process then continues as usual.

  • The ACX router connects to the Junos Space Platform, which applies a production configuration template, upgrades the Junos OS version, and so on.

Zero Touch Deployment Using the Pull Method

As noted above, the Pull method of deploying ACX routers does not involve any network management solution or software to manage ACX routers. Most of the intelligence to upgrade the ACX router configuration and Junos OS image is placed on the ACX router itself, with support being provided by the configuration server.

The Pull method is divided into three phases, each with its own dedicated script. The scripts are stored on the configuration server, where the ACX router can download and execute them in sequence.

The three scripts perform the following functions:

  • Phase 0—Bootstraps the device and provides a basic configuration, which enables remote management access.

  • Phase 1— Establishes a transparent management (OAM) plane by assigning uplink interfaces to a management VLAN. In principle, ZTD can be accomplished more quickly using just a single script (Phase 0) when deploying ACX routers in a star topology. For networks built with a ring or chain topology, this additional phase is required to enable ZTD management by establishing shared VLAN connectivity that spans across the entire access segment. Even before the final configuration is loaded to the node, an established management plane allows the next ACX router in the ring or chain to start its ZTD process.

  • Phase 2—Generates a configuration based on inputs and parameters from the global configuration template, and loads a final site-specific configuration, if available

Figure 1 describes the steps involved in deploying ACX routers using the Pull method.

Figure 1: Deploying ACX Routers Using the Pull Method
Deploying ACX Routers Using the
Pull Method

Zero touch deployment by using the Pull method can be accomplished as follows:

  1. The MSP or customer NOC prepares for ZTD deployment by:

    • Making a list of the platforms to be deployed, including serial number and platform type

    • Storing all the necessary elements to the configuration server, including the basic ACX router configuration (by device model, if applicable), global configuration, production configuration (per ACX device), production version of Junos OS, and the op scripts required to enable ZTD during various stages, at the T/FTP location

  2. The manufacturer ships the new device(s) to the customer site(s).

  3. The field technician arrives on site, unpacks the ACX router, installs it into a rack, completes the necessary cabling and powers up the device, which triggers the autoinstallation function.

  4. As part of the initial DHCP message exchange, the ACX router receives the URL to obtain a basic configuration, which is stored at the TFTP location on the configuration server. By the end of the autoinstallation process, an IP address is assigned and a basic configuration is committed to the ACX router.

  5. The basic configuration contains the URL to the ZTD Phase 0 script and the global configuration template, which are stored at the FTP location on the configuration server. Event options in the configuration execute the script and download the global configuration template to the ACX router.

  6. When the global configuration is downloaded to the ACX router, the event options for the Phase 0 script are stopped and new event options included in the global configuration take effect.

    The global configuration contains event options and URLs to the ZTD Phase 1 and Phase 2 scripts, as well as a production configuration for the ACX router.

  7. Event options in the global configuration template trigger the execution of the ZTD Phase 1 script.

    The Phase 1 script performs following tasks:

    • Configures dedicated uplink interfaces, also known as network-to-network interfaces (NNI) based on the input parameters read from the global configuration template

    • Creates a bridge domain for a management VLAN, to enable a transparent Layer 2 management plane

    • Places logical units of the NNIs inside the management bridge domain

    • Uses DHCP-assigned parameters to create a static IP configuration:

      • IRB management IP address in the same bridge domain to enable management access to the ACX router. The script copies the dynamic IP configuration assigned via the DHCP client configuration and copies it into the IP configuration of the IRB interface and default route. After static IP configuration is completed, the script deletes the configuration for the DHCP client.

      • Default route

      • Unique hostname

      • Creates a configuration for VSTP for the management VLAN (if multiple rings or partially meshed topology is used)

      • Deletes the DHCP client configuration

    • Deactivates the event options for ZTD Phase 1

    • Activates the event options for ZTD Phase 2

  8. ZTD Phase 2 checks the current Junos OS software version on the ACX router and compares it with the version recommended for production. The production version of the Junos OS image is specified in the basic configuration template. If the parameters for a recommended version of Junos OS are not found or set as “inactive”, the ACX router continues with its current version of the Junos OS. If the current Junos OS version is different from the recommended production version, the script downloads the new Junos OS image to the ACX router from the FTP server.

  9. The ACX router validates the software image and starts the upgrade procedure. On successful installation, the ACX router reboots.

  10. The ACX router connects to the FTP server and checks for a configuration file that matches its serial number (<serial-number>.conf). The router downloads the file and upgrades its configuration to this production configuration.

Zero Touch Deployment Using the Push Method

As noted earlier, the Push method of deploying ACX routers uses assistance provided by a network management solution. The Junos Space Platform provides rapid deployment support, including device discovery, configuration templates, and OS upgrade capabilities. And once the devices are deployed, Junos Space can then serve as an ongoing central network management solution.

Zero touch deployment using Junos Space can be accomplished using scripts and aggregation routers configured as ZTD helpers to establish connectivity to the configuration server. Figure 2 describes the steps involved in deploying ACX routers with the Push method.

Junos Space enables zero touch (and one touch) deployment of ACX routers through the following features:

  • Connection profile—A set of connectivity parameters to assign IP addresses to specific NNIs of the ACX routers during the autoconfiguration process. The connection profile can be assigned to the modeled instance so that all device instances use common connectivity parameters to obtain the IP addresses. Junos Space allows you to assign IP addresses through DHCP, PPPoE, PPPoA, and statically (IP addresses are verified with the IP addresses assigned in Junos Space Platform).

  • Device configuration deployment using the following features:

    • Configuration template—Used to deploy a common production configuration to multiple ACX routers (included in one modeled instance) during the autoconfiguration process. You create a template definition and a configuration template by using the template definition. You can deploy the configuration in the configuration template automatically from Junos Space, or manually through a USB device or a configuration server.

    • Quick template—A template created without a template definition can be associated with an instance, and the configuration can be deployed to the ACX router automatically or manually.

    • Modify device configuration—Used to create and add an ACX router-specific configuration to the ACX router.

    • Review and deploy configuration—Used to approve or reject the configuration changes assigned to the ACX router and deploy the approved configuration.

    This NCE uses a configuration template to deploy a configuration to ACX routers.

    Note

    You must enable the approval-based workflow in the Modify Application Settings page in the Administration workspace to be able to approve or reject the configuration changes on the ACX routers.

  • Junos OS image management—Junos Space can stage and deploy Junos OS images to devices under its management. Using the Images and Scripts workspace, upload multiple Junos OS software images (specific to an ACX router model) to Junos Space. These images are associated to specific device instances when you create a modeled instance, and deployed to the ACX routers during the zero touch deployment process.

  • Modeling devices—A collection of device instances (also known as modeled devices) that can be created in the Junos Space database before the ACX routers are discovered. You specify IP addresses (static connection profile), hostnames, Junos OS versions, and serial numbers per device, and assign a connection profile to the modeled instance. You can also assign a device template containing the production configuration to all device instances.

  • Device activation—Instances of devices created as part of the modeled instance are activated to associate each device instance to a physical device on your network. This is done through a device-initiated connection by loading a configlet to the device (one touch deployment), or a Junos Space-initiated connection (zero touch deployment). The configlet contains the following details:

    • Outbound SSH configuration to connect to the Junos Space Platform.

    • Authentication details of the ACX router (username and password)

    • IP address assignment details

    • Hostname (if you selected hostname validation)

    Depending on whether the ACX routers must be activated immediately or in the future, modeled devices can be activated when the modeled instance is created or by using the Activate Modeled Device workflow.

    • Activating a device at the time of creating a modeled instance—You must load the configlet generated from the modeled instance to the ACX router. On reboot, the ACX router obtains the IP address and connects to Junos Space.

    • Activating a device by using the Activate Modeled Device workflow and a device-initiated connection—You must load the configlet generated for the modeled device to the ACX router. On reboot, the ACX router obtains the IP address and connects to Junos Space.

    • Activating a device by using the Activate Modeled Device workflow and a Junos Space-initiated connection—You must specify the IP address of the ACX router to initiate a Junos Space-initiated connection to the ACX router. This method is typically used when:

      • The ACX router cannot connect to the Junos Space server after the configlet is loaded to the ACX router and the ACX router has reachability to the Junos Space server.

      • The Junos Space server does not accept inbound SSH connections.

    Note

    During activation, if you selected hostname or serial number validation, the hostname and serial number are validated.

Figure 2: Push Method of Deploying ACX Routers
Push Method of Deploying ACX Routers

Zero touch deployment using the Push method and scripts can be accomplished as follows:

  1. In Junos Space, perform the following steps:

    1. Create device templates containing the production configuration for ACX routers using the Device Templates workspace (Device Templates > Templates). We recommend that you validate the configuration on another device before deploying to a production ACX router.

    2. Import the desired (recommended) version of the Junos OS using the Images and Scripts workspace.

    3. Create a connection profile specifying the mode of IP address assignment to the ACX routers using the Devices workspace (Devices > Model Devices > Connection Profiles).

    4. Create a modeled instance with the details of purchased and to-be-deployed ACX routers. Modeled instances contain details such as hostname, serial number, ACX Series device model, connection profile, configuration updates (by using the device templates feature), and Junos OS software images. The details such as hostname, serial number, and platform can be uploaded through a CSV file.

    5. Generate configlets for the modeled device instance. The contents of the configlet should be copied

      • to a configuration file, space_configlet.conf, and stored in the FTP server repository, or

      • to a USB flash drive to used by the field installer if the one touch deployment model is used.

    6. Use one of the following methods to deploy additional configuration to the ACX router instance:

      • Create Quick templates and assign the Quick template to the ACX router’s instance.

      • Modify, review, and deploy the configuration of the ACX router instance.

  2. Activate or activate later.

    If you are activating the ACX router through a device-initiated connection, the NOC activates the modeled instance of the ACX router through a device-initiated connection with the Automatic configuration update option selected, and sends the configlet with the initial connection parameters to the field technician to discover the ACX router.

    If you activate the modeled instance of the ACX router, the status moves from the Modeled state to Waiting for Deployment state.

  3. The manufacturer ships the new device(s) to the customer site(s).

  4. The field technician arrives on site, unpacks the ACX router, installs it into a rack, completes the necessary cabling and powers up the device.

    If using the zero touch deployment (ZTD) method, this triggers the autoinstallation function.

    If using the one touch deployment (OTD) method, the field installer plugs in the USB flash drive containing the Junos Space configlet.

  5. For the ZTD method, the ACX router exchanges messages with the DHCP server and receives initial IP settings, as well as the URL to obtain a basic configuration. By the end of the autoinstallation process, an IP address is assigned and a basic configuration is committed to the ACX router. The basic configuration triggers the ZTD Phase 1 script, which downloads and commits a global configuration template. The global configuration then triggers the ZTD Phase 1 script, which configures a management VLAN. The global configuration then triggers the ZTD Phase 2 script, which downloads and commits a configlet. The configlet enables the ACX router to connect to the Junos Space server. Note that for the Push method, the Phase 2 script does not include upgrading the Junos OS or downloading a final configuration to the device. These steps are performed by Junos Space (see next steps).

    For the OTD method, the USB drive provides the configlet, and resulting connectivity to Junos Space.

  6. The ACX router connects to the Junos Space server using SSH.

    Once the connection is established, Junos Space authenticates the ACX router credentials (username and password or key-based) and validates the serial number or hostname (as assigned during the modeled instance creation).

    On successful validation, the ACX router is added to the Junos Space database. On the Junos Space Devices > Device Management page, the ACX router’s state moves from Modeled or Waiting for Deployment to Out of Sync.

  7. Junos Space checks the Junos OS version on the ACX router and upgrades or downgrades the image as appropriate (to the version specified in the modeled instance).

  8. Junos Space deploys and commits the production configuration (through device templates, quick templates, or modify configuration workflow) to the ACX router.

    When the ACX router reboots and reconnects to Junos Space, the router’s state on the Devices > Device Management page moves to In Sync if the production configuration is deployed successfully, or to Out of Sync or Connecting or Sync Failed if unsuccessful.