Zero-Touch
Zero-Touch automates network device deployment and configuration, eliminating manual setup. Devices boot with no pre-existing configuration and automatically retrieve settings via protocols like DHCP/TFTP.
With Zero-Touch you can:
- Rapidly configure new devices remotely during initial deployments
- Automatically restore corrupted configurations during self-recovery
- Transfer settings seamlessly to replacement devices during hardware replacement
There are three main formats in which Zero-Touch distributes configurations:
-
Template: Distribute configurations based on templates. Used when introducing a new device to the network at a remote office.
-
Self-recovery: Convenient for resetting a device that has been overwritten with an abnormal configuration and no longer works properly.
-
Restore specific device: Useful for updating device equipment. For example, if the device you were previously using breaks down and you want to replace it with another device of the same model, you can write the settings that were used until then to the new device.
NetLD Zero-Touch distributes configurations using these protocols. Therefore, it is necessary to properly configure a firewall when using it.
Zero-Touch Requirements
To use Zero-Touch, the following conditions must be met:
-
The IOS version of the target device must be IOS 15.2(2) or later for PnP.
-
Devices must not have a startup-config.
-
The target device must be in a network where DHCP IP address distribution is possible if you want NetLD to perform as the DHCP server itself. If the target device exists outside the network where NetLD can be distributed, you can set DHCP relay on the device on the route so the NetLD server can receive DHCP requests from the target device.
DHCP relay example:
Managing New Devices
When deploying new devices via NetLD Zero-Touch, ensure the device has no pre-existing startup configuration during initial provisioning. To achieve this, select vendor-specific No Configuration ordering options (e.g., CCP-CD-NOCF or CCP-EXPRESS-NOCF) when procuring hardware. This ensures the device boots into a clean state for automated template deployment.
DHCP Server
To set up a DHCP server:
-
Click [Settings] on the Global Menu to open the Server Settings window.
-
Click [Zero-Touch] in the left sidepanel.
-
Click the
button to set up a new DHCP pool.
| Item | Explanation |
|---|---|
| Enable DHCP server | Check this box if you want to use NetLD’s DHCP server. |
| lease time | Set the DHCP lease time. |
- Enter the necessary information, and click the [OK] button.
| Item | Explanation |
|---|---|
| Pool name | Enter the name of the DHCP pool to create |
| Relay server CIDR | Enter the IP range where the DHCP relay server exists |
| Address range | Enter the IP address range to distribute (required) |
| Sub-net mask | Enter subnet mask (required) |
| Default gateway | Specify the device’s default gateway |
| DNS server (optional) | Specify the DNS server for server name resolution from the device |
If done correctly, a new item should be added to the table below.
Use an External DHCP Server
When using a non-NetLD DHCP server for device provisioning, you must configure additional DHCP options beyond basic network settings. Required configurations vary by Plug-and-Play (PnP) type. Option 43 allows you to add vendor-specific information.
The figure below is an example of a Windows DHCP server setting.
Enter the information in the ASCII field, using ; to separate.
Create a Template
In large networks, there may be multiple devices with similar configurations, but differing IP addresses, hostnames, DNSs, and syslog server addresses. Smart Change utilizes templates to send similar commands tailored for each device. Zero-Touch can utilize the same template for commands and device configurations.
To create a template:
-
Click the [Zero-Touch] main tab > [Templates] subtab.
-
Click the
button to open the [Add Configuration Template] window.
-
Select [Dynamic Configuration] as the template type.
-
Enter a name for the new template in the “Template Name” field. (The “Description” is optional.)
-
Click the [OK] button.
The “Configuration” text area will open on the right side of the screen.
- Enter the original configuration in this area.
If you already have a device of the same model in your inventory as the one you plan to use with Zero-Touch, you can change that device’s configuration (e.g.start-up config) and paste it here.
Once you have added all the required variables, you need to save your template.
- Click the [Save] button at the top right of the text area to save your created template.
If you do not want to save the deployed configuration on the device, add a
no-persist option at the end of cns config initial... when deploying the
configuration.
Device Registration
Now we have the necessary templates ready for Zero-Touch. The next step is to register the devices to which you want to distribute the settings. You also need to set template variable values for each target device.
-
Click the [Zero-Touch] main tab > [Configurations] subtab.
-
Click the
button to configure Zero-Touch on the device.
Import External Template Values
Tables written externally can be used as template values.
Follow the steps below to import Excel files:
-
Click the [Zero-Touch] main tab (Click the [Close] button if you are currently editing device data.)
-
Click the [Import] button to display the submenu.
-
Select [Export import file] or [Export template] from the submenu.
| Item | Explanation |
|---|---|
| Import template | Load and register the Excel file containing variable values. |
| Export file for import | Outputs a blank Excel sheet where you can add values. |
| Export template | Outputs an Excel sheet that reflects the current variable values. |
-
Edit the output file values, and enter the template variables in order.
-
Save after entering.
-
Return to NetLD, and click the [Zero-Touch] main tab > [Configurations] subtab again.
-
Select [Import Template] from the menu that appears.
Zero-Touch Self-Recovery
Instead of sending a new configuration, Zero-Touch can send other configurations previously stored inside NetLD. This function is useful, for example, if the currently running device configuration is accidentally deleted. A device that loses its configuration will become unresponsive and cannot be recovered without the use of special features such as Zero-Touch.
The steps are similar to other Zero-Touch template steps:
-
Click the [Zero-Touch] main tab > [Configurations] subtabs.
-
Click the
button on the [Configurations] subtab to open the “PnP Device Configuration” window.
-
Enter the necessary information in the device configuration dialog.
-
In the “PnP Device Configuration” window, select the [Self-Recovery] option in the dropdown menu as the “Deployment Type” .
- Click the [OK] button to save.
The configuration data stored within NetLD will be rewritten to the device. There are no other differences from template delivery mode.
Zero-Touch Device Restore
Zero-Touch Device Restore is used when replacing an old device with a new device. This feature is extremely useful when the device is located far away (e.g. in another data center), and there is no one on site to operate it directly.
When you run Zero-Touch in this mode, you can connect a new device to the same location as the old device, write configuration from your old device to your new device, and restore your old device.
The steps for Zero-Touch Device Restore are similar those for Zero-Touch Self-Recovery:
- Click the [Configurations] subtab, and click the button.
-
Enter the required information in the Zero-Touch “PnP Device Configuration” window.
-
Select the [Specific Device Recovery] from the dropdown menu as the “Deployment Type”.
- In the “Recovery Device ID” field, specify the device ID as in the first field, but enter the ID of the old device before replacement.
The configuration information for the old device in NetLD is then uploaded to the new device over the network. Other operations are the same as those for create a template
- Click the [OK] button to save.