fix: correct typos and improve clarity in Junos ZTP tutorial
This commit is contained in:
@@ -6,7 +6,7 @@ tags: "posts"
|
||||
excerpt: "Stop configuring your new lab devices manually!"
|
||||
---
|
||||
|
||||
Most people know that DHCP (Dynamic Host Configuration Protocol) is a protocol used to dynamically allocate IP addresses. But did you know you that it can be used to configure other host device settings? Network device vendors like Junip... *ermm*, HPE Networking... take advantage of DHCP to perform "Zero Touch Provisioning" and even software upgrades for out of the box devices. Here I will show you how to use OPNSense with Dnsmasq DHCP to "auto-provision" your Junos devices.
|
||||
Most people know that DHCP (Dynamic Host Configuration Protocol) is a protocol used to dynamically allocate IP addresses. But did you know that it can be used to configure other host device settings? Network device vendors like Junip... *ermm*, HPE Networking... take advantage of DHCP to perform "Zero Touch Provisioning" and even perform software upgrades for out-of-the-box devices. Here I will show you how to use OPNSense with Dnsmasq DHCP to "auto-provision" your Junos devices.
|
||||
|
||||
|
||||
## Requirements
|
||||
@@ -14,14 +14,14 @@ Most people know that DHCP (Dynamic Host Configuration Protocol) is a protocol u
|
||||
* An OPNSense device with Dnsmasq DHCP enabled<sup><a href="#bottom">[1]</a></sup>
|
||||
* An understanding of OPNSense firewall rules<sup><a href="#bottom">[2]</a></sup>
|
||||
* An (S)FTP server in your network reachable by the Junos devices
|
||||
* A Junos base confiuration file saved on the (S)FTP server.
|
||||
* A Junos base configuration file saved on the (S)FTP server.
|
||||
* At least one zeroized Junos device
|
||||
* A hex converter. [Link to the one I used here](https://www.rapidtables.com/convert/number/ascii-to-hex.html).<sup><a href="#bottom">[3]</a></sup>
|
||||
|
||||
|
||||
## Junos Base Configuration
|
||||
|
||||
Here is a very simple base config below to allow SSH but I highly recommend you set up your own. Try configuring a Junos device once with some basic configuration then use that to create your own template. Remember this will apply to all out of the box devices that pull a DHCP address.
|
||||
Below is a very simple base config to allow SSH, but I highly recommend you set up your own. Try configuring a Junos device once with some basic configuration, then use that to create your own template. Remember, this will apply to all out-of-the-box devices that pull a DHCP address.
|
||||
|
||||
```conf
|
||||
system {
|
||||
@@ -52,7 +52,7 @@ The root password here is set to `Tut0ria1!`. Feel free to customize your base c
|
||||
|
||||
## Configuring DHCP Option 43 Suboptions
|
||||
|
||||
This is the tricky part that really makes or breaks the setup. So, before we start we have to decide on a few things:
|
||||
This is the tricky part that really makes or breaks the setup. Before we start, we have to decide on a few things:
|
||||
|
||||
1. The config filename.
|
||||
2. The file transfer method. (FTP, SFTP, etc.)
|
||||
@@ -64,7 +64,7 @@ For this example we are using the filename `init.conf` and the `FTP` protocol. T
|
||||
|
||||
### Playing with hex
|
||||
|
||||
Well in order to encode all of this info for DHCP option 43 we will need a hex converter to put it all together. The order we will combine them is as follows: `suboption` + `length` + `value`. This can be repeated for all suboptions you're configuring.
|
||||
To encode all of this info for DHCP option 43, we will need a hex converter to put it all together. The order for combining them is as follows: `suboption` + `length` + `value`. This can be repeated for all suboptions you're configuring.
|
||||
|
||||
{% callout "Heads up!" %}
|
||||
Be sure to convert integers like the suboption and value length from <b>decimal</b> to hex. Using ASCII to hex can provide different results.
|
||||
@@ -72,13 +72,13 @@ Be sure to convert integers like the suboption and value length from <b>decimal<
|
||||
|
||||
### Suboption 1
|
||||
|
||||
Junos uses this suboption to set the config filename. For this example we will use suboption `1` + `9` + `init.conf`. Converting this to hex individually (with colon separators) becomes `01` + `09` + `69:6E:69:74:2E:63:6F:6E:66`
|
||||
Junos uses this suboption to set the config filename. For this example, we will use suboption `1` + `9` + `init.conf`. Converting these to hex individually (with colon separators) becomes `01` + `09` + `69:6E:69:74:2E:63:6F:6E:66`
|
||||
|
||||
### Suboption 3
|
||||
This suboption is used by Junos devices to specify the file transfer protocol. Same thing here, convert and combine. Suboption `3` + `3` + `FTP` becomes `03` + `03` + `66:74:70`
|
||||
This suboption is used by Junos devices to specify the file transfer protocol. The same process applies here: convert and combine. Suboption `3` + `3` + `FTP` becomes `03` + `03` + `66:74:70`
|
||||
|
||||
### Putting it all together
|
||||
Once you've performed your conversions, combine it all together like so: `01:09:69:6E:69:74:2E:63:6F:6E:66:03:03:66:74:70`. You should be good to move on to the next step. Unless...
|
||||
Once you've performed your conversions, combine them all like so: `01:09:69:6E:69:74:2E:63:6F:6E:66:03:03:66:74:70`. You should be good to move on to the next step. Unless...
|
||||
|
||||
### Go the extra mile
|
||||
If you have physical Junos devices you can also perform a software upgrade using ZTP. Suboptions 0 or 4 can be used to specify a software image for upgrades. Use the same steps as above to convert the suboptions and combine them. More Junos ZTP [info here](https://www.juniper.net/documentation/us/en/software/junos/junos-install-upgrade/topics/topic-map/zero-touch-provision.html)<sup><a href="#bottom">[4]</a></sup>.
|
||||
|
||||
Reference in New Issue
Block a user