Zero-Touch Provisioning
Unknown
m 177 prog ztpZero-Touch Provisioning
To address network provisioning challenges, Cisco introduces a zero-touch provisioning model. This module describes the Zero-Touch Provisioning feature.
Note The Zero-Touch Provisioning feature is enabled automatically; no configuration is required. · Restrictions for Zero-Touch Provisioning, on page 1 · Information About Zero-Touch Provisioning, on page 1 · Sample Zero-Touch Provisioning Configurations, on page 3 · Feature Information for Zero-Touch Provisioning, on page 32
Restrictions for Zero-Touch Provisioning
· Zero-Touch Provisioning is not supported on Cisco Catalyst 9200L SKUs. · On Cisco Catalyst 9800-L Wireless Controller, if both the service port as well as one of the data ports
are enabled and connected, then AutoInstall will reach out to the service port by default. · The Cisco Catalyst 9800-L Wireless Controller does not support virtual port group (VPG) and network
address translation (NAT). Hence, applications or scripts cannot communicate from the Guest Shell to the network through data ports. On the Cisco Catalyst 9800-L Wireless Controller, the ZTP scripts downloaded through the data port or the service port will not be able to communicate externally.
Information About Zero-Touch Provisioning
Zero-Touch Provisioning Overview
Zero-Touch Provisioning provides open bootstrap interfaces to automate network device provisioning in heterogeneous network environments. When a device that supports Zero-Touch Provisioning boots up, and does not find the startup configuration (during initial installation), the device enters the Zero-Touch Provisioning mode. The device searches for a Dynamic Host Control Protocol (DHCP) server, bootstraps itself with its interface IP address, gateway, and
Zero-Touch Provisioning 1
�DHCP Server Configuration for Zero-Touch Provisioning
Zero-Touch Provisioning
Domain Name System (DNS) server IP address, and enables Guest Shell. The device then obtains the IP address or URL of an HTTP/TFTP server, and downloads the Python script from an HTTP/TFTP server to configure the device.
Guest Shell provides the environment for the Python script to run. Guest Shell executes the downloaded Python script and applies an initial configuration to the device.
After initial provisioning is complete, Guest Shell remains enabled. For more information, see the Guest Shell chapter.
Note In case Zero-Touch Provisioning fails, the device falls back to AutoInstall to load configuration files. For more information, see Using AutoInstall and Setup.
DHCP Server Configuration for Zero-Touch Provisioning
In ZTP, a DHCP server must be running on the same network as the new device that is being provisioned. ZTP is supported on both management ports and in-band ports.
When the new device is switched on, it retrieves the IP address information of the HTTP or TFTP server where the Python script resides, and the folder path of the Python script from the DHCP server. For more information on Python Scripts, see the Python API chapter.
The DHCP server responds to DHCP discovery events with the following options:
· Option 150: (Optional) Contains a list of IP addresses that point to the HTTP or TFTP server in the management network that hosts the Python scripts to be run.
· Option 67: Contains the Python script file path in the HTTP/TFTP server.
After receiving these DHCP options, the device connects to the HTTP or TFTP server, and downloads the Python script. At this point, because the device does not have a route to reach the HTTP or TFTP server, it uses the default route provided by the DHCP server.
DHCP Client Behavior From Cisco IOS XE Amsterdam 17.2.1 release onwards, the device product identification (PID), Cisco Network Plug and Play (PnP), the serial number, and the MAC address is set in the DHCP client options. These client options can be used as variables at the DHCP server. The DHCP client options can be used to identify the device and send a unique Python file through option 67 or boot filename.
Table 1: DHCP Client Options
Device Information Product ID Serial number MAC address Cisco Network PnP
DHCPv4 124 61/toggles 61/toggles 60
DHCPv6 16/toggles 16/toggles 1 15
Zero-Touch Provisioning 2
�Zero-Touch Provisioning
DHCPv6 Support
DHCPv6 Support
In Cisco IOS XE Fuji 16.9.1, Dynamic Host Control Protocol Version 6 (DHCPv6) support is added to the Zero-touch provisioning feature. DHCPv6 is enabled by default, and will work on any device that boots without a startup configuration.
Note DHCPv6 is only supported on Catalyst 9300 and 9500 Series Switches.
DHCPv6 is supported by both TFTP and HTTP download of Python scripts. If the HTTP or TFTP download of Python scripts fail, the device will revert to the start (without any configuration). For both DHCPv4, and DHCPv6 to work, the correct HTTP file path must be available in the DHCP configuration. There can be scenarios where the same interface can have both IPv4 and IPv6 addresses, or two different interfaces in the network - one can receive IPv4 traffic and the other IPv6 traffic. We recommend that you use either the DHCPv4 or DHCPv6 option in your deployment. The following is a sample DHCPv4: /etc/dhcp/dhcpd.conf:
host <hostname> { hardware ethernet xx:xx:xx:xx:xx:xx; option dhcp-client-identifier "xxxxxxxxxxxxxx"; option host-name "<hostname>". option log-servers x.x.x.x; fixed-address x.x.x.x; if option vendor-class-identifier = "..." { option vendor-class-identifier "..."; if exists user-class and option user-class = "iPXE" { filename "http://x.x.x.x/.../<image>"; } else { filename "http://x.x.x.x/.../<script-name>"; } }
}
The following is a sample ISC DHCPv6 server configuration:
option dhcp6.bootfile-url "http://[2001:DB8::21]/sample_day0_script.py";
Sample Zero-Touch Provisioning Configurations
Sample DHCP Server Configuration on a Management Port Using TFTP Copy
The following is a sample DHCP server configuration using TFTP copy, when connected via the management port on a device:
Device> enable Device# configure terminal Device(config)# ip dhcp excluded-address 10.1.1.1 Device(config)# ip dhcp excluded-address vrf Mgmt-vrf 10.1.1.1 10.1.1.10 Device(config)# ip dhcp pool pnp_device_pool Device(config-dhcp)# vrf Mgmt-vrf Device(config-dhcp)# network 10.1.1.0 255.255.255.0
Zero-Touch Provisioning 3
�Sample DHCP Server Configuration on a Management Port Using HTTP Copy
Zero-Touch Provisioning
Device(config-dhcp)# default-router 10.1.1.1 Device(config-dhcp)# option 150 ip 203.0.113.254 Device(config-dhcp)# option 67 ascii /sample_python_dir/python_script.py Device(config-dhcp)# exit Device(config)# interface gigabitethernet 1/0/2 Device(config-if)# no ip dhcp client request tftp-server-address Device(config-if)# end
Sample DHCP Server Configuration on a Management Port Using HTTP Copy
The following is a sample DHCP server configuration using HTTP copy, when connected via the management port on a device:
Device> enable Device# configure terminal Device(config)# ip dhcp pool pnp_device_pool Device(config-dhcp)# vrf Mgmt-vrf Device(config-dhcp)# network 10.1.1.0 255.255.255.0 Device(config-dhcp)# default-router 10.1.1.1 Device(config-dhcp)# option 67 ascii http://198.51.100.1:8000/sample_python_2.py Device(config-dhcp)# end
Sample DHCP Server Configuration on an In-Band Port Using TFTP Copy
The following is a sample DHCP server configuration using TFTP copy, when connected via the in-band port on a device:
Device> enable Device# configure terminal Device(config)# ip dhcp excluded-address 10.1.1.1 Device(config)# ip dhcp pool pnp_device_pool Device(config-dhcp)# network 10.1.1.0 255.255.255.0 Device(config-dhcp)# default-router 10.1.1.1 Device(config-dhcp)# option 150 ip 203.0.113.254 Device(config-dhcp)# option 67 ascii /sample_python_dir/python_script.py Device(config-dhcp)# exit Device(config)# interface gigabitethernet 1/0/2 Device(config-if)# no ip dhcp client request tftp-server-address Device(config-if)# end
Sample DHCP Server Configuration on an In-Band Port Using HTTP Copy
The following is a sample DHCP server configuration using HTTP copy, when connected via the in-band port on a device:
Device> enable Device# configure terminal Device(config)# ip dhcp excluded-address 10.1.1.1 Device(config)# ip dhcp pool pnp_device_pool Device(config-dhcp)# network 10.1.1.0 255.255.255.0
Zero-Touch Provisioning 4
�Zero-Touch Provisioning
Sample DHCP Server Configuration on a Linux Ubuntu Device
Device(config-dhcp)# default-router 10.1.1.1 Device(config-dhcp)# option 67 ascii http://192.0.2.1:8000/sample_python_2.py Device(config-dhcp)# end
Sample DHCP Server Configuration on a Linux Ubuntu Device
The following sample DHCP server configuration displays that the server is either connected to the management port or in-band port on a device, and a Python script is copied from a TFTP server.
root@ubuntu-server:/etc/dhcp# more dhcpd.conf
subnet 10.1.1.0 netmask 255.255.255.0 {
range 10.1.1.2 10.1.1.255;
host 3850 {
fixed-address
10.1.1.246 ;
hardware ethernet
CC:D8:C1:85:6F:00;
option bootfile-name !<opt 67>
" /python_dir/python_script.py";
option tftp-server-name !<opt 150> "203.0.113.254";
}
}
The following sample DHCP configuration shows that a Python script is copied from an HTTP server to the device:
Day0_with_mgmt_port_http
-------------------------
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.2 192.168.1.255;
host C2-3850 {
fixed-address
192.168.1.246 ;
hardware ethernet
CC:D8:C1:85:6F:00;
option bootfile-name
"http://192.168.1.46/sample_python_2.py";
}
}
Once the DHCP server is running, boot a management-network connected device, and the rest of the configuration is automatic.
Sample DHCPv6 Server Configuration on a Management Port Using TFTP Copy
The following is a sample DHCPv6 server configuration using TFTP copy, when connected via the management port on a device:
Device> enable Device# configure terminal Device(config)# ipv6 dhcp pool ztp Device(config-dhcpv6)# address prefix 2001:DB8::1/64 Device(config-dhcpv6)# domain-name cisco.com Device(config-dhcpv6)# bootfile-url tftp://[2001:db8::46]/sample_day0_script.py Device(config-dhcpv6)# exit Device(config)# interface vlan 20 Device(config-if)# ipv6 dhcp server ztp
Zero-Touch Provisioning 5
�Sample Python Provisioning Script
Zero-Touch Provisioning
Device(config-if)# end
Sample Python Provisioning Script
The following is a sample Python script can be used from either an HTTP or a TFTP server:
print "\n\n *** Sample ZTP Day0 Python Script *** \n\n"
# Importing cli module import cli
print "\n\n *** Executing show platform *** \n\n" cli_command = "show platform" cli.executep(cli_command)
print "\n\n *** Executing show version *** \n\n" cli_command = "show version" cli.executep(cli_command)
print "\n\n *** Configuring a Loopback Interface *** \n\n" cli.configurep(["interface loop 100", "ip address 10.10.10.10 255.255.255.255", "end"])
print "\n\n *** Executing show ip interface brief *** \n\n" cli_command = "sh ip int brief" cli.executep(cli_command)
print "\n\n *** ZTP Day0 Python Script Execution Complete *** \n\n"
Boot Log for Cisco 4000 Series Integrated Services Routers
The following sample Zero-Touch Provisioning boot log displays that Guest Shell is successfully enabled, the Python script is downloaded to the Guest Shell, and the Guest Shell executes the downloaded Python script and configures the device for Day Zero.
% failed to initialize nvram ! <This message indicates that the startup configuration is absent on the device. This is the first indication that the Day Zero work flow is going to start.>
This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
Zero-Touch Provisioning 6
�Zero-Touch Provisioning
Boot Log for Cisco 4000 Series Integrated Services Routers
If you require further assistance please contact us by sending email to export@cisco.com.
cisco ISR4451-X/K9 (2RU) processor with 7941237K/6147K bytes of memory. Processor board ID FJC1950D091 4 Gigabit Ethernet interfaces 32768K bytes of non-volatile configuration memory. 16777216K bytes of physical memory. 7341807K bytes of flash memory at bootflash:. 0K bytes of WebUI ODM Files at webui:.
%INIT: waited 0 seconds for NVRAM to be available
--- System Configuration Dialog ---
Would you like to enter the initial configuration dialog? [yes/no]: % !!<DO NOT TOUCH. This is Zero-Touch Provisioning>> Generating 2048 bit RSA keys, keys will be non-exportable... [OK] (elapsed time was 1 seconds) The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable Guestshell enabled successfully
*** Sample ZTP Day0 Python Script ***
*** Configuring a Loopback Interface ***
Line 1 SUCCESS: interface loop 100 Line 2 SUCCESS: ip address 10.10.10.10 255.255.255.255 Line 3 SUCCESS: end
*** Executing show ip interface brief ***
Interface GigabitEthernet0/0/0 GigabitEthernet0/0/1 GigabitEthernet0/0/2 GigabitEthernet0/0/3 GigabitEthernet0 Loopback100
IP-Address unassigned unassigned unassigned 192.168.1.246 192.168.1.246 10.10.10.10
OK? Method Status YES unset down YES unset down YES unset down YES DHCP up YES DHCP up YES TFTP up
Protocol down down down up up up
*** ZTP Day0 Python Script Execution Complete ***
Press RETURN to get started!
Zero-Touch Provisioning 7
�Boot Log for Cisco Catalyst 9000 Series Switches
Zero-Touch Provisioning
The Day Zero provisioning is complete, and the IOS prompt is accessible.
Boot Log for Cisco Catalyst 9000 Series Switches
The following sections displays sample Zero-Touch Provisioning boot logs. These logs shows that Guest Shell is successfully enabled, the Python script is downloaded to the Guest Shell, and the Guest Shell executes the downloaded Python script and configures the device for Day Zero.
% Checking backup nvram % No config present. Using default config
FIPS: Flash Key Check : Begin FIPS: Flash Key Check : End, Not Found, FIPS Mode Not Enabled
! <This message indicates that the startup configuration is absent on the device. This is the first indication that the Day Zero work flow is going to start.>
Cisco IOS XE Everest 16.6.x to Cisco IOS XE Fuji 16.8.x This section displays the sample boot logs before the .py script is run:
Press RETURN to get started!
The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable
*** Sample ZTP Day0 Python Script ***
...
*** ZTP Day0 Python Script Execution Complete ***
The section shows how to configure the device for Day Zero provisioning:
Initializing Hardware...
System Bootstrap, Version 17.2.1r[FC1], RELEASE SOFTWARE (P) Compiled Thu 02/20/2020 23:47:51.50 by rel
Current ROMMON image : Primary
Last reset cause
: SoftwareReload
C9300-48UXM platform with 8388608 Kbytes of main memory
Preparing to autoboot. [Press Ctrl-C to interrupt] 0 boot: attempting to boot from [flash:cat9k_iosxe.16.06.05.SPA.bin] boot: reading file cat9k_iosxe.16.06.05.SPA.bin
Zero-Touch Provisioning 8
�Zero-Touch Provisioning
Boot Log for Cisco Catalyst 9000 Series Switches
##################################################################################################
Both links down, not waiting for other switches Switch number is 1
Restricted Rights Legend
Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706
Cisco IOS Software [Everest], Catalyst L3 Switch Software (CAT9K_IOSXE), Version 16.6.5, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2018 by Cisco Systems, Inc. Compiled Mon 10-Dec-18 12:52 by mcpre
Cisco IOS-XE software, Copyright (c) 2005-2018 by cisco Systems, Inc. All rights reserved. Certain components of Cisco IOS-XE software are licensed under the GNU General Public License ("GPL") Version 2.0. The software code licensed under GPL Version 2.0 is free software that comes with ABSOLUTELY NO WARRANTY. You can redistribute and/or modify such GPL code under the terms of GPL Version 2.0. For more details, see the documentation or "License Notice" file accompanying the IOS-XE software, or the applicable URL provided on the flyer accompanying the IOS-XE software.
% Checking backup nvram % No config present. Using default config
FIPS: Flash Key Check : Begin FIPS: Flash Key Check : End, Not Found, FIPS Mode Not Enabled
This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to export@cisco.com.
cisco C9300-48UXM (X86) processor with 1392780K/6147K bytes of memory. Processor board ID FCW2144L045
Zero-Touch Provisioning 9
�Boot Log for Cisco Catalyst 9000 Series Switches
Zero-Touch Provisioning
2048K bytes of non-volatile configuration memory. 8388608K bytes of physical memory. 1638400K bytes of Crash Files at crashinfo:. 11264000K bytes of Flash at flash:. 0K bytes of WebUI ODM Files at webui:.
Base Ethernet MAC Address Motherboard Assembly Number Motherboard Serial Number Model Revision Number Motherboard Revision Number Model Number System Serial Number
: ec:1d:8b:0a:68:00 : 73-17959-06 : FOC21418FPQ : B0 : A0 : C9300-48UXM : FCW2144L045
%INIT: waited 0 seconds for NVRAM to be available SETUP: new interface Vlan1 placed in "shutdown" state
Press RETURN to get started!
*Sep 4 20:35:07.330: %SMART_LIC-6-AGENT_READY: Smart Agent for Licensing is initialized *Sep 4 20:35:07.493: %IOSXE_RP_NV-3-NV_ACCESS_FAIL: Initial read of NVRAM contents failed *Sep 4 20:35:07.551: %IOSXE_RP_NV-3-BACKUP_NV_ACCESS_FAIL: Initial read of backup NVRAM contents failed *Sep 4 20:35:10.932: dev_pluggable_optics_selftest attribute table internally inconsistent
@ 0x1D4
*Sep 4 20:35:13.406: %CRYPTO-4-AUDITWARN: Encryption audit check could not be performed *Sep 4 20:35:13.480: %SPANTREE-5-EXTENDED_SYSID: Extended SysId enabled for type vlan *Sep 4 20:35:13.715: %LINK-3-UPDOWN: Interface Lsmpi18/3, changed state to up *Sep 4 20:35:13.724: %LINK-3-UPDOWN: Interface EOBC18/1, changed state to up *Sep 4 20:35:13.724: %LINEPROTO-5-UPDOWN: Line protocol on Interface LI-Null0, changed state to up *Sep 4 20:35:13.724: %LINK-3-UPDOWN: Interface GigabitEthernet0/0, changed state to down *Sep 4 20:35:13.725: %LINK-3-UPDOWN: Interface LIIN18/2, changed state to up *Sep 4 20:35:13.749: WCM-PKI-SHIM: buffer allocation failed for SUDI support check *Sep 4 20:35:13.749: PKI/SSL unable to send Sudi support to WCM *Sep 4 20:35:14.622: %IOSXE_MGMTVRF-6-CREATE_SUCCESS_INFO: Management vrf Mgmt-vrf created
with ID 1, ipv4 table-id 0x1, ipv6 table-id 0x1E000001
*Sep 4 20:34:42.022: %STACKMGR-6-STACK_LINK_CHANGE: Switch 1 R0/0: stack_mgr: Stack port 1 on Switch 1 is nocable
*Sep 4 20:34:42.022: %STACKMGR-6-STACK_LINK_CHANGE: Switch 1 R0/0: stack_mgr: Stack port 2 on Switch 1 is down
*Sep 4 20:34:42.022: %STACKMGR-6-STACK_LINK_CHANGE: Switch 1 R0/0: stack_mgr: Stack port 2 on Switch 1 is nocable
*Sep 4 20:34:42.022: %STACKMGR-6-SWITCH_ADDED: Switch 1 R0/0: stack_mgr: Switch 1 has been added to the stack. *Sep 4 20:34:42.022: %STACKMGR-6-SWITCH_ADDED: Switch 1 R0/0: stack_mgr: Switch 1 has been added to the stack. *Sep 4 20:34:42.022: %STACKMGR-6-SWITCH_ADDED: Switch 1 R0/0: stack_mgr: Switch 1 has been added to the stack. *Sep 4 20:34:42.022: %STACKMGR-6-ACTIVE_ELECTED: Switch 1 R0/0: stack_mgr: Switch 1 has been elected ACTIVE. *Sep 4 20:35:14.728: %LINEPROTO-5-UPDOWN: Line protocol on Interface Lsmpi18/3, changed state to up *Sep 4 20:35:14.728: %LINEPROTO-5-UPDOWN: Line protocol on Interface EOBC18/1, changed state to up *Sep 4 20:35:15.506: %HMANRP-6-HMAN_IOS_CHANNEL_INFO: HMAN-IOS channel event for switch 1: EMP_RELAY: Channel UP! *Sep 4 20:35:15.510: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state
Zero-Touch Provisioning 10
�Zero-Touch Provisioning
Boot Log for Cisco Catalyst 9000 Series Switches
to down *Sep 4 20:35:34.501: %LINK-5-CHANGED: Interface Vlan1, changed state to administratively down *Sep 4 20:35:34.717: %SYS-5-RESTART: System restarted -Cisco IOS Software [Everest], Catalyst L3 Switch Software (CAT9K_IOSXE), Version 16.6.5, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2018 by Cisco Systems, Inc. Compiled Mon 10-Dec-18 12:52 by mcpre *Sep 4 20:35:34.796: %LINK-3-UPDOWN: Interface GigabitEthernet0/0, changed state to up *Sep 4 20:35:35.266: %SYS-6-BOOTTIME: Time taken to reboot after reload = 283 seconds *Sep 4 20:35:35.796: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to up *Sep 4 20:35:36.607: %LINK-3-UPDOWN: Interface GigabitEthernet1/1/1, changed state to down *Sep 4 20:35:36.607: %LINK-3-UPDOWN: Interface GigabitEthernet1/1/2, changed state to down *Sep 4 20:35:36.607: %LINK-3-UPDOWN: Interface GigabitEthernet1/1/3, changed state to down *Sep 4 20:35:36.608: %LINK-3-UPDOWN: Interface GigabitEthernet1/1/4, changed state to down *Sep 4 20:35:36.608: %LINK-3-UPDOWN: Interface TenGigabitEthernet1/1/1, changed state to down *Sep 4 20:35:36.608: %LINK-3-UPDOWN: Interface TenGigabitEthernet1/1/2, changed state to down *Sep 4 20:35:36.608: %LINK-3-UPDOWN: Interface TenGigabitEthernet1/1/3, changed state to down *Sep 4 20:35:36.608: %LINK-3-UPDOWN: Interface TenGigabitEthernet1/1/4, changed state to down *Sep 4 20:35:36.608: %LINK-3-UPDOWN: Interface TenGigabitEthernet1/1/5, changed state to down *Sep 4 20:35:36.609: %LINK-3-UPDOWN: Interface TenGigabitEthernet1/1/6, changed state to down *Sep 4 20:35:36.609: %LINK-3-UPDOWN: Interface TenGigabitEthernet1/1/7, changed state to down *Sep 4 20:35:36.609: %LINK-3-UPDOWN: Interface TenGigabitEthernet1/1/8, changed state to down *Sep 4 20:35:36.609: %LINK-3-UPDOWN: Interface FortyGigabitEthernet1/1/1, changed state to down *Sep 4 20:35:36.609: %LINK-3-UPDOWN: Interface FortyGigabitEthernet1/1/2, changed state to down *Sep 4 20:35:37.607: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/1/1,
changed state to down *Sep 4 20:35:37.608: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/1/2,
changed state to down *Sep 4 20:35:37.608: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/1/3,
changed state to down *Sep 4 20:35:37.609: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/1/4,
changed state to down *Sep 4 20:35:37.609: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet1/1/1,
changed state to down *Sep 4 20:35:37.609: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet1/1/2,
changed state to down *Sep 4 20:35:37.609: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet1/1/3,
changed state to down *Sep 4 20:35:37.609: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet1/1/4,
changed state to down *Sep 4 20:35:37.609: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet1/1/5,
changed state to down *Sep 4 20:35:37.609: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet1/1/6,
changed state to down *Sep 4 20:35:43.511: AUTOINSTALL: Obtain tftp server address (opt 150) 159.14.27.2 *Sep 4 20:35:43.511: PNPA: Setting autoinstall complete to true for 159.14.27.2 *Sep 4 20:35:57.673: %PLATFORM_PM-6-FRULINK_INSERTED: 8x10G uplink module inserted in the
switch 1 slot 1 *Sep 4 20:36:19.562: [IOX DEBUG] Guestshell start API is being invoked
*Sep 4 20:36:19.562: [IOX DEBUG] provided idb is mgmt interface
Zero-Touch Provisioning 11
�Boot Log for Cisco Catalyst 9000 Series Switches
Zero-Touch Provisioning
*Sep 4 20:36:19.562: [IOX DEBUG] Setting up guestshell to use mgmt-intf
*Sep 4 20:36:19.562: [IOX DEBUG] Setting up chasfs for iox related activity
*Sep 4 20:36:19.562: [IOX DEBUG] Setting up for iox pre-clean activity if needed
*Sep 4 20:36:19.562: [IOX DEBUG] Waiting for iox pre-clean setup to take affect
*Sep 4 20:36:19.562: [IOX DEBUG] Waited for 1 sec(s) for iox pre-clean setup to take affect
*Sep 4 20:36:19.562: [IOX DEBUG] Auto-configuring iox feature
*Sep 4 20:36:19.563: [IOX DEBUG] Waiting for CAF and ioxman to be up, in that order
*Sep 4 20:36:20.076: %UICFGEXP-6-SERVER_NOTIFIED_START: Switch 1 R0/0: psd: Server iox has been notified to start *Sep 4 20:36:23.564: [IOX DEBUG] Waiting for another 5 secs
*Sep 4 20:36:28.564: [IOX DEBUG] Waiting for another 5 secs The process for the command is not responding or is otherwise unavailable
*Sep 4 20:36:33.564: [IOX DEBUG] Waiting for another 5 secs The process for the command is not responding or is otherwise unavailable
*Sep 4 20:36:34.564: [IOX DEBUG] Waited for 16 sec(s) for CAF and ioxman to come up
*Sep 4 20:36:34.564: [IOX DEBUG] Validating if CAF and ioxman are running
*Sep 4 20:36:34.564: [IOX DEBUG] CAF and ioxman are up and running
*Sep 4 20:36:34.564: [IOX DEBUG] Building the simple mgmt-intf enable command string
*Sep 4 20:36:34.564: [IOX DEBUG] Enable command is: request platform software iox-manager
app-hosting guestshell enable
*Sep 4 20:36:34.564: [IOX DEBUG] Issuing guestshell enable command and waiting for it to be up The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable
*Sep 4 20:36:38.578: [IOX DEBUG] Waiting for another 5 secs The process for the command is not responding or is otherwise unavailable
*Sep 4 20:36:39.416: %LINK-3-UPDOWN: Interface TenGigabitEthernet1/0/48, changed state to up
*Sep 4 20:36:40.416: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet1/0/48,
changed state to upThe process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable
*Sep 4 20:36:43.586: [IOX DEBUG] Waiting for another 5 secs Guestshell enabled successfully
*Sep 4 20:37:45.321: [IOX DEBUG] Checking for guestshell mount path
*Sep 4 20:37:45.321: [IOX DEBUG] Validating if guestshell is ready for use
*Sep 4 20:37:45.321: [IOX DEBUG] Guestshell enabled successfully
Zero-Touch Provisioning 12
�Zero-Touch Provisioning
Boot Log for Cisco Catalyst 9000 Series Switches
*** Sample ZTP Day0 Python Script ***
*** Executing show platform ***
Switch Ports
------ -----
1
62
Model --------C9300-48UXM
Serial No. MAC address
Hw Ver.
----------- -------------- -------
FCW2144L045 ec1d.8b0a.6800 V01
Switch/Stack Mac Address : ec1d.8b0a.6800 - Local Mac Address
Mac persistency wait time: Indefinite
Current
Switch# Role
Priority
State
-------------------------------------------
*1
Active
1
Ready
Sw Ver. -------16.6.5
*** Executing show version ***
Cisco IOS XE Software, Version 16.06.05
Cisco IOS Software [Everest], Catalyst L3 Switch Software (CAT9K_IOSXE), Version 16.6.5,
RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2018 by Cisco Systems, Inc.
Compiled Mon 10-Dec-18 12:52 by mcpre
Cisco IOS-XE software, Copyright (c) 2005-2018 by cisco Systems, Inc.
All rights reserved. Certain components of Cisco IOS-XE software are
licensed under the GNU General Public License ("GPL") Version 2.0. The
software code licensed under GPL Version 2.0 is free software that comes
with ABSOLUTELY NO WARRANTY. You can redistribute and/or modify such
GPL code under the terms of GPL Version 2.0. For more details, see the
documentation or "License Notice" file accompanying the IOS-XE software,
or the applicable URL provided on the flyer accompanying the IOS-XE
software.
ROM: IOS-XE ROMMON
BOOTLDR: System Bootstrap, Version 17.2.1r[FC1], RELEASE SOFTWARE (P)
Switch uptime is 2 minutes
Uptime for this control processor is 4 minutes
System returned to ROM by Reload Command
System image file is "flash:cat9k_iosxe.16.06.05.SPA.bin"
Last reload reason: Reload Command
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
Technology Package License Information:
-----------------------------------------------------------------
Technology-package
Technology-package
Current
Type
Next reboot
------------------------------------------------------------------
Zero-Touch Provisioning 13
�Boot Log for Cisco Catalyst 9000 Series Switches
Zero-Touch Provisioning
network-advantage Permanent
network-advantage
cisco C9300-48UXM (X86) processor with 1392780K/6147K bytes of memory.
Processor board ID FCW2144L045
36 Ethernet interfaces
1 Virtual Ethernet interface
4 Gigabit Ethernet interfaces
20 Ten Gigabit Ethernet interfaces
2 Forty Gigabit Ethernet interfaces
2048K bytes of non-volatile configuration memory.
8388608K bytes of physical memory.
1638400K bytes of Crash Files at crashinfo:.
11264000K bytes of Flash at flash:.
0K bytes of WebUI ODM Files at webui:.
Base Ethernet MAC Address
: ec:1d:8b:0a:68:00
Motherboard Assembly Number
: 73-17959-06
Motherboard Serial Number
: FOC21418FPQ
Model Revision Number
: B0
Motherboard Revision Number
: A0
Model Number
: C9300-48UXM
System Serial Number
: FCW2144L045
Switch Ports Model
SW Version
SW Image
------ ----- -----
----------
----------
* 1 62 C9300-48UXM
16.6.5
CAT9K_IOSXE
Configuration register is 0x102
Mode ---BUNDLE
*** Configuring a Loopback Interface ***
Line 1 SUCCESS: interface loop 100 Line 2 SUCCESS: ip address 10.10.10.10 255.255.255.255 Line 3 SUCCESS: end
*** Executing show ip interface brief ***
Interface Vlan1 GigabitEthernet0/0 Tw1/0/1 Tw1/0/2 Tw1/0/3 Tw1/0/4 Tw1/0/5 Tw1/0/6 Tw1/0/7 Tw1/0/8 Tw1/0/9 Tw1/0/10 Tw1/0/11 Tw1/0/12 Tw1/0/13 Tw1/0/14 Tw1/0/15 Tw1/0/16 Tw1/0/17 Tw1/0/18 Tw1/0/19 Tw1/0/20 Tw1/0/21 Tw1/0/22 Tw1/0/23 Tw1/0/24
IP-Address unassigned 10.127.128.3 unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned
OK? Method Status
Protocol
YES unset administratively down down
YES DHCP up
up
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
Zero-Touch Provisioning 14
�Zero-Touch Provisioning
Boot Log for Cisco Catalyst 9000 Series Switches
Tw1/0/25 Tw1/0/26 Tw1/0/27 Tw1/0/28 Tw1/0/29 Tw1/0/30 Tw1/0/31 Tw1/0/32 Tw1/0/33 Tw1/0/34 Tw1/0/35 Tw1/0/36 Te1/0/37 Te1/0/38 Te1/0/39 Te1/0/40 Te1/0/41 Te1/0/42 Te1/0/43 Te1/0/44 Te1/0/45 Te1/0/46 Te1/0/47 Te1/0/48 GigabitEthernet1/1/1 GigabitEthernet1/1/2 GigabitEthernet1/1/3 GigabitEthernet1/1/4 Te1/1/1 Te1/1/2 Te1/1/3 Te1/1/4 Te1/1/5 Te1/1/6 Te1/1/7 Te1/1/8 Fo1/1/1 Fo1/1/2 Loopback100
unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned 10.10.10.10
YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES TFTP
down down down down down down down down down down down down down down down down down down down down down down down up down down down down down down down down down down down down down down up
*** Configuring username, password, SSH ***
Line 1 SUCCESS: username cisco privilege 15 password cisco Line 2 SUCCESS: ip domain name domain Line 3 SUCCESS: line vty 0 15 Line 4 SUCCESS: login local Line 5 SUCCESS: transport input all Line 6 SUCCESS: end
*** ZTP Day0 Python Script Execution Complete ***
down down down down down down down down down down down down down down down down down down down down down down down up down down down down down down down down down down down down down down up
Cisco IOS XE Fuji 16.9.x to Cisco IOS XE Gibraltar 16.11.x This section displays the sample boot logs before the .py script is run:
--- System Configuration Dialog --Would you like to enter the initial configuration dialog? [yes/no]: The process for the command is not
Zero-Touch Provisioning 15
�Boot Log for Cisco Catalyst 9000 Series Switches
Zero-Touch Provisioning
responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable guestshell installed successfully Current state is: DEPLOYED guestshell activated successfully Current state is: ACTIVATED guestshell started successfully Current state is: RUNNING Guestshell enabled successfully
The section shows how to configure the device for Day Zero provisioning:
Both links down, not waiting for other switches Switch number is 1
Restricted Rights Legend
Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013.
Cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706
Cisco IOS Software [Fuji], Catalyst L3 Switch Software (CAT9K_IOSXE), Version 16.9.4, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2019 by Cisco Systems, Inc. Compiled Thu 22-Aug-19 18:14 by mcpre
PLEASE READ THE FOLLOWING TERMS CAREFULLY. INSTALLING THE LICENSE OR LICENSE KEY PROVIDED FOR ANY CISCO SOFTWARE PRODUCT, PRODUCT FEATURE, AND/OR SUBSEQUENTLY PROVIDED SOFTWARE FEATURES (COLLECTIVELY, THE "SOFTWARE"), AND/OR USING SUCH SOFTWARE CONSTITUTES YOUR FULL ACCEPTANCE OF THE FOLLOWING TERMS. YOU MUST NOT PROCEED FURTHER IF YOU ARE NOT WILLING TO BE BOUND BY ALL THE TERMS SET FORTH HEREIN.
Your use of the Software is subject to the Cisco End User License Agreement (EULA) and any relevant supplemental terms (SEULA) found at http://www.cisco.com/c/en/us/about/legal/cloud-and-software/software-terms.html.
You hereby acknowledge and agree that certain Software and/or features are licensed for a particular term, that the license to such Software and/or features is valid only for the applicable term and that such Software and/or features may be shut down or otherwise terminated by Cisco after expiration of the applicable license term (e.g., 90-day trial period). Cisco reserves the right to terminate any such Software feature electronically or by any other means available. While Cisco may provide alerts, it is your sole responsibility to monitor your usage of any such term Software feature to ensure that your systems and networks are prepared for a shutdown of the
Zero-Touch Provisioning 16
�Zero-Touch Provisioning
Boot Log for Cisco Catalyst 9000 Series Switches
Software feature.
% Checking backup nvram % No config present. Using default config
FIPS: Flash Key Check : Key Not Found, FIPS Mode Not Enabled cisco C9300-48UXM (X86) processor with 1419044K/6147K bytes of memory. Processor board ID FCW2144L045 2048K bytes of non-volatile configuration memory. 8388608K bytes of physical memory. 1638400K bytes of Crash Files at crashinfo:. 11264000K bytes of Flash at flash:. 0K bytes of WebUI ODM Files at webui:.
Base Ethernet MAC Address Motherboard Assembly Number Motherboard Serial Number Model Revision Number Motherboard Revision Number Model Number System Serial Number
: ec:1d:8b:0a:68:00 : 73-17959-06 : FOC21418FPQ : B0 : A0 : C9300-48UXM : FCW2144L045
%INIT: waited 0 seconds for NVRAM to be available
--- System Configuration Dialog ---
Would you like to enter the initial configuration dialog? [yes/no]: The process for the command is not
responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable
Zero-Touch Provisioning 17
�Boot Log for Cisco Catalyst 9000 Series Switches
Zero-Touch Provisioning
The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable The process for the command is not responding or is otherwise unavailable guestshell installed successfully Current state is: DEPLOYED guestshell activated successfully Current state is: ACTIVATED guestshell started successfully Current state is: RUNNING Guestshell enabled successfully
HTTP server statistics: Accepted connections total: 0
*** Sample ZTP Day0 Python Script ***
*** Executing show platform ***
Switch Ports
------ -----
1
64
Model --------C9300-48UXM
Serial No. MAC address
Hw Ver.
----------- -------------- -------
FCW2144L045 ec1d.8b0a.6800 V01
Switch/Stack Mac Address : ec1d.8b0a.6800 - Local Mac Address
Mac persistency wait time: Indefinite
Current
Switch# Role
Priority
State
-------------------------------------------
*1
Active
1
Ready
Sw Ver. -------16.9.4
*** Executing show version ***
Cisco IOS XE Software, Version 16.09.04 Cisco IOS Software [Fuji], Catalyst L3 Switch Software (CAT9K_IOSXE), Version 16.9.4, RELEASE
SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2019 by Cisco Systems, Inc. Compiled Thu 22-Aug-19 18:14 by mcpre
Zero-Touch Provisioning 18
�Zero-Touch Provisioning
Boot Log for Cisco Catalyst 9000 Series Switches
Cisco IOS-XE software, Copyright (c) 2005-2019 by cisco Systems, Inc.
All rights reserved. Certain components of Cisco IOS-XE software are
licensed under the GNU General Public License ("GPL") Version 2.0. The
software code licensed under GPL Version 2.0 is free software that comes
with ABSOLUTELY NO WARRANTY. You can redistribute and/or modify such
GPL code under the terms of GPL Version 2.0. For more details, see the
documentation or "License Notice" file accompanying the IOS-XE software,
or the applicable URL provided on the flyer accompanying the IOS-XE
software.
ROM: IOS-XE ROMMON
BOOTLDR: System Bootstrap, Version 17.2.1r[FC1], RELEASE SOFTWARE (P)
Switch uptime is 4 minutes
Uptime for this control processor is 5 minutes
System returned to ROM by Reload Command
System image file is "flash:cat9k_iosxe.16.09.04.SPA.bin"
Last reload reason: Reload Command
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
Technology Package License Information:
------------------------------------------------------------------------------
Technology-package
Technology-package
Current
Type
Next reboot
------------------------------------------------------------------------------
network-advantage
Smart License
network-advantage
None
Subscription Smart License
None
Smart Licensing Status: UNREGISTERED/EVAL EXPIRED
cisco C9300-48UXM (X86) processor with 1419044K/6147K bytes of memory.
Processor board ID FCW2144L045
36 Ethernet interfaces
1 Virtual Ethernet interface
4 Gigabit Ethernet interfaces
20 Ten Gigabit Ethernet interfaces
2 TwentyFive Gigabit Ethernet interfaces
2 Forty Gigabit Ethernet interfaces
2048K bytes of non-volatile configuration memory.
8388608K bytes of physical memory.
1638400K bytes of Crash Files at crashinfo:.
11264000K bytes of Flash at flash:.
0K bytes of WebUI ODM Files at webui:.
Base Ethernet MAC Address
: ec:1d:8b:0a:68:00
Motherboard Assembly Number
: 73-17959-06
Motherboard Serial Number
: FOC21418FPQ
Model Revision Number
: B0
Motherboard Revision Number
: A0
Model Number
: C9300-48UXM
System Serial Number
: FCW2144L045
Switch Ports Model
SW Version
SW Image
Mode
------ ----- -----
----------
----------
----
* 1 64 C9300-48UXM
16.9.4
CAT9K_IOSXE
BUNDLE
Configuration register is 0x102
*** Configuring a Loopback Interface ***
Zero-Touch Provisioning 19
�Boot Log for Cisco Catalyst 9000 Series Switches
Zero-Touch Provisioning
Line 1 SUCCESS: interface loop 100 Line 2 SUCCESS: ip address 10.10.10.10 255.255.255.255 Line 3 SUCCESS: end
*** Executing show ip interface brief ***
Any interface listed with OK? value "NO" does not have a valid configuration
Interface
IP-Address
OK? Method Status
Protocol
Vlan1
unassigned
NO unset up
up
GigabitEthernet0/0
10.127.128.5 YES DHCP up
up
Tw1/0/1
unassigned
YES unset down
down
Tw1/0/2
unassigned
YES unset down
down
Tw1/0/3
unassigned
YES unset down
down
Tw1/0/4
unassigned
YES unset down
down
Tw1/0/5
unassigned
YES unset down
down
Tw1/0/6
unassigned
YES unset down
down
Tw1/0/7
unassigned
YES unset down
down
Tw1/0/8
unassigned
YES unset down
down
Tw1/0/9
unassigned
YES unset down
down
Tw1/0/10
unassigned
YES unset down
down
Tw1/0/11
unassigned
YES unset down
down
Tw1/0/12
unassigned
YES unset down
down
Tw1/0/13
unassigned
YES unset down
down
Tw1/0/14
unassigned
YES unset down
down
Tw1/0/15
unassigned
YES unset down
down
Tw1/0/16
unassigned
YES unset down
down
Tw1/0/17
unassigned
YES unset down
down
Tw1/0/18
unassigned
YES unset down
down
Tw1/0/19
unassigned
YES unset down
down
Tw1/0/20
unassigned
YES unset down
down
Tw1/0/21
unassigned
YES unset down
down
Tw1/0/22
unassigned
YES unset down
down
Tw1/0/23
unassigned
YES unset down
down
Tw1/0/24
unassigned
YES unset down
down
Tw1/0/25
unassigned
YES unset down
down
Tw1/0/26
unassigned
YES unset down
down
Tw1/0/27
unassigned
YES unset down
down
Tw1/0/28
unassigned
YES unset down
down
Tw1/0/29
unassigned
YES unset down
down
Tw1/0/30
unassigned
YES unset down
down
Tw1/0/31
unassigned
YES unset down
down
Tw1/0/32
unassigned
YES unset down
down
Tw1/0/33
unassigned
YES unset down
down
Tw1/0/34
unassigned
YES unset down
down
Tw1/0/35
unassigned
YES unset down
down
Tw1/0/36
unassigned
YES unset down
down
Te1/0/37
unassigned
YES unset down
down
Te1/0/38
unassigned
YES unset down
down
Te1/0/39
unassigned
YES unset down
down
Te1/0/40
unassigned
YES unset down
down
Te1/0/41
unassigned
YES unset down
down
Te1/0/42
unassigned
YES unset down
down
Te1/0/43
unassigned
YES unset down
down
Te1/0/44
unassigned
YES unset down
down
Te1/0/45
unassigned
YES unset down
down
Te1/0/46
unassigned
YES unset down
down
Te1/0/47
unassigned
YES unset down
down
Te1/0/48
unassigned
YES unset up
up
GigabitEthernet1/1/1 unassigned
YES unset down
down
GigabitEthernet1/1/2 unassigned
YES unset down
down
GigabitEthernet1/1/3 unassigned
YES unset down
down
Zero-Touch Provisioning 20
�Zero-Touch Provisioning
Boot Log for Cisco Catalyst 9000 Series Switches
GigabitEthernet1/1/4 Te1/1/1 Te1/1/2 Te1/1/3 Te1/1/4 Te1/1/5 Te1/1/6 Te1/1/7 Te1/1/8 Fo1/1/1 Fo1/1/2 TwentyFiveGigE1/1/1 TwentyFiveGigE1/1/2 Loopback100
unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned 10.10.10.10
YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES TFTP
down down down down down down down down down down down down down up
down down down down down down down down down down down down down up
*** Configuring username, password, SSH ***
Line 1 SUCCESS: username cisco privilege 15 password cisco **CLI Line # 1: WARNING: Command has been added to the configuration using a type 0 password.
However, type 0 passwords will soon be deprecated. Migrate to a supported password type Line 2 SUCCESS: ip domain name domain Line 3 SUCCESS: line vty 0 15 Line 4 SUCCESS: login local Line 5 SUCCESS: transport input all Line 6 SUCCESS: end
*** ZTP Day0 Python Script Execution Complete ***
Press RETURN to get started!
Cisco IOS XE Gibraltar 16.12.x to Cisco IOS XE Amsterdam 17.1.x This section displays the sample boot logs before the .py script is run:
--- System Configuration Dialog --Would you like to enter the initial configuration dialog? [yes/no]: day0guestshell installed
successfully Current state is: DEPLOYED day0guestshell activated successfully Current state is: ACTIVATED day0guestshell started successfully Current state is: RUNNING Guestshell enabled successfully
*** Sample ZTP Day0 Python Script *** ...
*** ZTP Day0 Python Script Execution Complete ***
Zero-Touch Provisioning 21
�Boot Log for Cisco Catalyst 9000 Series Switches
Zero-Touch Provisioning
Guestshell destroyed successfully
The section shows how to configure the device for Day Zero provisioning:
Both links down, not waiting for other switches Switch number is 1
Restricted Rights Legend
Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013.
Cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706
Cisco IOS Software [Gibraltar], Catalyst L3 Switch Software (CAT9K_IOSXE), Version 16.12.3a,
RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2020 by Cisco Systems, Inc. Compiled Tue 28-Apr-20 09:37 by mcpre
This software version supports only Smart Licensing as the software licensing mechanism.
PLEASE READ THE FOLLOWING TERMS CAREFULLY. INSTALLING THE LICENSE OR LICENSE KEY PROVIDED FOR ANY CISCO SOFTWARE PRODUCT, PRODUCT FEATURE, AND/OR SUBSEQUENTLY PROVIDED SOFTWARE FEATURES (COLLECTIVELY, THE "SOFTWARE"), AND/OR USING SUCH SOFTWARE CONSTITUTES YOUR FULL ACCEPTANCE OF THE FOLLOWING TERMS. YOU MUST NOT PROCEED FURTHER IF YOU ARE NOT WILLING TO BE BOUND BY ALL THE TERMS SET FORTH HEREIN.
Your use of the Software is subject to the Cisco End User License Agreement (EULA) and any relevant supplemental terms (SEULA) found at http://www.cisco.com/c/en/us/about/legal/cloud-and-software/software-terms.html.
You hereby acknowledge and agree that certain Software and/or features are licensed for a particular term, that the license to such Software and/or features is valid only for the applicable term and that such Software and/or features may be shut down or otherwise terminated by Cisco after expiration of the applicable license term (e.g., 90-day trial period). Cisco reserves the right to terminate any such Software feature electronically or by any other means available. While Cisco may provide alerts, it is your sole responsibility to monitor your usage of any such term Software feature to ensure that your systems and networks are prepared for a shutdown of the Software feature.
% Checking backup nvram % No config present. Using default config
FIPS: Flash Key Check : Key Not Found, FIPS Mode Not Enabled
All TCP AO KDF Tests Pass
Zero-Touch Provisioning 22
�Zero-Touch Provisioning
Boot Log for Cisco Catalyst 9000 Series Switches
cisco C9300-48UXM (X86) processor with 1343703K/6147K bytes of memory. Processor board ID FCW2144L045 2048K bytes of non-volatile configuration memory. 8388608K bytes of physical memory. 1638400K bytes of Crash Files at crashinfo:. 11264000K bytes of Flash at flash:. 0K bytes of WebUI ODM Files at webui:.
Base Ethernet MAC Address Motherboard Assembly Number Motherboard Serial Number Model Revision Number Motherboard Revision Number Model Number System Serial Number
: ec:1d:8b:0a:68:00 : 73-17959-06 : FOC21418FPQ : B0 : A0 : C9300-48UXM : FCW2144L045
--- System Configuration Dialog ---
Would you like to enter the initial configuration dialog? [yes/no]: day0guestshell installed successfully
Current state is: DEPLOYED day0guestshell activated successfully Current state is: ACTIVATED day0guestshell started successfully Current state is: RUNNING Guestshell enabled successfully
HTTP server statistics: Accepted connections total: 0
*** Sample ZTP Day0 Python Script ***
*** Executing show platform ***
Switch Ports
------ -----
1
65
Model --------C9300-48UXM
Serial No. MAC address
Hw Ver.
----------- -------------- -------
FCW2144L045 ec1d.8b0a.6800 V01
Switch/Stack Mac Address : ec1d.8b0a.6800 - Local Mac Address
Mac persistency wait time: Indefinite
Current
Switch# Role
Priority
State
-------------------------------------------
*1
Active
1
Ready
Sw Ver. -------16.12.3a
*** Executing show version ***
Cisco IOS XE Software, Version 16.12.03a Cisco IOS Software [Gibraltar], Catalyst L3 Switch Software (CAT9K_IOSXE), Version 16.12.3a,
RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2020 by Cisco Systems, Inc. Compiled Tue 28-Apr-20 09:37 by mcpre Cisco IOS-XE software, Copyright (c) 2005-2020 by cisco Systems, Inc.
Zero-Touch Provisioning 23
�Boot Log for Cisco Catalyst 9000 Series Switches
Zero-Touch Provisioning
All rights reserved. Certain components of Cisco IOS-XE software are
licensed under the GNU General Public License ("GPL") Version 2.0. The
software code licensed under GPL Version 2.0 is free software that comes
with ABSOLUTELY NO WARRANTY. You can redistribute and/or modify such
GPL code under the terms of GPL Version 2.0. For more details, see the
documentation or "License Notice" file accompanying the IOS-XE software,
or the applicable URL provided on the flyer accompanying the IOS-XE
software.
ROM: IOS-XE ROMMON
BOOTLDR: System Bootstrap, Version 17.2.1r[FC1], RELEASE SOFTWARE (P)
Switch uptime is 4 minutes
Uptime for this control processor is 9 minutes
System returned to ROM by Reload Command
System image file is "flash:cat9k_iosxe.16.12.03a.SPA.bin"
Last reload reason: Reload Command
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
Technology Package License Information:
------------------------------------------------------------------------------
Technology-package
Technology-package
Current
Type
Next reboot
------------------------------------------------------------------------------
network-advantage
Smart License
network-advantage
None
Subscription Smart License
None
AIR License Level: AIR DNA Advantage
Next reload AIR license Level: AIR DNA Advantage
Smart Licensing Status: UNREGISTERED/EVAL EXPIRED
cisco C9300-48UXM (X86) processor with 1343703K/6147K bytes of memory.
Processor board ID FCW2144L045
1 Virtual Ethernet interface
4 Gigabit Ethernet interfaces
36 2.5 Gigabit Ethernet interfaces
20 Ten Gigabit Ethernet interfaces
2 TwentyFive Gigabit Ethernet interfaces
2 Forty Gigabit Ethernet interfaces
2048K bytes of non-volatile configuration memory.
8388608K bytes of physical memory.
1638400K bytes of Crash Files at crashinfo:.
11264000K bytes of Flash at flash:.
0K bytes of WebUI ODM Files at webui:.
Base Ethernet MAC Address
: ec:1d:8b:0a:68:00
Motherboard Assembly Number
: 73-17959-06
Motherboard Serial Number
: FOC21418FPQ
Model Revision Number
: B0
Motherboard Revision Number
: A0
Model Number
: C9300-48UXM
System Serial Number
: FCW2144L045
Switch Ports Model
SW Version
SW Image
Mode
------ ----- -----
----------
----------
----
* 1 65 C9300-48UXM
16.12.3a
CAT9K_IOSXE
BUNDLE
Configuration register is 0x102
*** Configuring a Loopback Interface ***
Zero-Touch Provisioning 24
�Zero-Touch Provisioning
Boot Log for Cisco Catalyst 9000 Series Switches
Line 1 SUCCESS: interface loop 100 Line 2 SUCCESS: ip address 10.10.10.10 255.255.255.255 Line 3 SUCCESS: end
*** Executing show ip interface brief ***
Interface Vlan1 GigabitEthernet0/0 Tw1/0/1 Tw1/0/2 Tw1/0/3 Tw1/0/4 Tw1/0/5 Tw1/0/6 Tw1/0/7 Tw1/0/8 Tw1/0/9 Tw1/0/10 Tw1/0/11 Tw1/0/12 Tw1/0/13 Tw1/0/14 Tw1/0/15 Tw1/0/16 Tw1/0/17 Tw1/0/18 Tw1/0/19 Tw1/0/20 Tw1/0/21 Tw1/0/22 Tw1/0/23 Tw1/0/24 Tw1/0/25 Tw1/0/26 Tw1/0/27 Tw1/0/28 Tw1/0/29 Tw1/0/30 Tw1/0/31 Tw1/0/32 Tw1/0/33 Tw1/0/34 Tw1/0/35 Tw1/0/36 Te1/0/37 Te1/0/38 Te1/0/39 Te1/0/40 Te1/0/41 Te1/0/42 Te1/0/43 Te1/0/44 Te1/0/45 Te1/0/46 Te1/0/47 Te1/0/48 GigabitEthernet1/1/1 GigabitEthernet1/1/2 GigabitEthernet1/1/3
IP-Address unassigned 10.127.128.10 unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned
OK? Method Status YES unset up YES DHCP up YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset up YES unset down YES unset down YES unset down
Protocol up up down down down down down down down down down down down down down down down down down down down down down down down down down down down down down down down down down down down down down down down down down down down down down down down up down down down
Zero-Touch Provisioning 25
�Boot Log for Cisco Catalyst 9000 Series Switches
Zero-Touch Provisioning
GigabitEthernet1/1/4 Te1/1/1 Te1/1/2 Te1/1/3 Te1/1/4 Te1/1/5 Te1/1/6 Te1/1/7 Te1/1/8 Fo1/1/1 Fo1/1/2 TwentyFiveGigE1/1/1 TwentyFiveGigE1/1/2 Ap1/0/1 Loopback100
unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned 10.10.10.10
YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES TFTP
down down down down down down down down down down down down down up up
down down down down down down down down down down down down down up up
*** Configuring username, password, SSH ***
Line 1 SUCCESS: username cisco privilege 15 password cisco **CLI Line # 1: WARNING: Command has been added to the configuration using a type 0 password.
However, type 0 passwords will soon be deprecated. Migrate to a supported password type Line 2 SUCCESS: ip domain name domain Line 3 SUCCESS: line vty 0 15 Line 4 SUCCESS: login local Line 5 SUCCESS: transport input all Line 6 SUCCESS: end
*** ZTP Day0 Python Script Execution Complete ***
Guestshell destroyed successfully
Press RETURN to get started!
Cisco IOS XE Amsterdam 17.2.x and Later Releases This section displays the sample boot logs before the .py script is run:
--- System Configuration Dialog ---
Would you like to enter the initial configuration dialog? [yes/no]:
Acquired IPv4 address 10.127.128.8 on Interface GigabitEthernet0/0
Received following DHCPv4 options:
bootfile
: test.py
tftp-server-ip : 159.14.27.2
OK to enter CLI now...
pnp-discovery can be monitored without entering enable mode
Entering enable mode will stop pnp-discovery
Attempting bootfile tftp://159.14.27.2/test.py day0guestshell activated successfully Current state is: ACTIVATED
Zero-Touch Provisioning 26
�Zero-Touch Provisioning
Boot Log for Cisco Catalyst 9000 Series Switches
day0guestshell started successfully Current state is: RUNNING Guestshell enabled successfully
*** Sample ZTP Day0 Python Script ***
...
*** ZTP Day0 Python Script Execution Complete ***
Guestshell destroyed successfully
The section shows how to configure the device for Day Zero provisioning:
Both links down, not waiting for other switches Switch number is 1
Restricted Rights Legend
Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013.
Cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706
Cisco IOS Software [Amsterdam], Catalyst L3 Switch Software (CAT9K_IOSXE), Version 17.2.1, RELEASE SOFTWARE (fc4)
Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2020 by Cisco Systems, Inc. Compiled Thu 26-Mar-20 03:29 by mcpre
This software version supports only Smart Licensing as the software licensing mechanism.
PLEASE READ THE FOLLOWING TERMS CAREFULLY. INSTALLING THE LICENSE OR LICENSE KEY PROVIDED FOR ANY CISCO SOFTWARE PRODUCT, PRODUCT FEATURE, AND/OR SUBSEQUENTLY PROVIDED SOFTWARE FEATURES (COLLECTIVELY, THE "SOFTWARE"), AND/OR USING SUCH SOFTWARE CONSTITUTES YOUR FULL ACCEPTANCE OF THE FOLLOWING TERMS. YOU MUST NOT PROCEED FURTHER IF YOU ARE NOT WILLING TO BE BOUND BY ALL THE TERMS SET FORTH HEREIN.
Your use of the Software is subject to the Cisco End User License Agreement (EULA) and any relevant supplemental terms (SEULA) found at http://www.cisco.com/c/en/us/about/legal/cloud-and-software/software-terms.html.
You hereby acknowledge and agree that certain Software and/or features are licensed for a particular term, that the license to such Software and/or features is valid only for the applicable term and that such Software and/or features may be shut down or otherwise terminated by Cisco after expiration of the applicable license term (e.g., 90-day trial period). Cisco reserves the right to terminate any such Software feature electronically or by any other means available. While Cisco may provide alerts, it is your sole responsibility to monitor your usage of any such term Software feature to
Zero-Touch Provisioning 27
�Boot Log for Cisco Catalyst 9000 Series Switches
Zero-Touch Provisioning
ensure that your systems and networks are prepared for a shutdown of the Software feature.
% Checking backup nvram % No config present. Using default config
FIPS: Flash Key Check : Key Not Found, FIPS Mode Not Enabled
All TCP AO KDF Tests Pass cisco C9300-48UXM (X86) processor with 1338934K/6147K bytes of memory. Processor board ID FCW2144L045 2048K bytes of non-volatile configuration memory. 8388608K bytes of physical memory. 1638400K bytes of Crash Files at crashinfo:. 11264000K bytes of Flash at flash:.
Base Ethernet MAC Address Motherboard Assembly Number Motherboard Serial Number Model Revision Number Motherboard Revision Number Model Number System Serial Number CLEI Code Number
: ec:1d:8b:0a:68:00 : 73-17959-06 : FOC21418FPQ : B0 : A0 : C9300-48UXM : FCW2144L045 :
No startup-config, starting autoinstall/pnp/ztp... Autoinstall will terminate if any input is detected on console Autoinstall trying DHCPv4 on GigabitEthernet0/0 Autoinstall trying DHCPv6 on GigabitEthernet0/0
--- System Configuration Dialog ---
Would you like to enter the initial configuration dialog? [yes/no]:
Acquired IPv4 address 10.127.128.8 on Interface GigabitEthernet0/0
Received following DHCPv4 options:
bootfile
: test.py
tftp-server-ip : 159.14.27.2
OK to enter CLI now...
pnp-discovery can be monitored without entering enable mode
Entering enable mode will stop pnp-discovery
Attempting bootfile tftp://159.14.27.2/test.py day0guestshell activated successfully Current state is: ACTIVATED day0guestshell started successfully Current state is: RUNNING Guestshell enabled successfully
*** Sample ZTP Day0 Python Script ***
*** Executing show platform ***
Zero-Touch Provisioning 28
�Zero-Touch Provisioning
Boot Log for Cisco Catalyst 9000 Series Switches
Switch Ports
------ -----
1
65
Model --------C9300-48UXM
Serial No. MAC address
Hw Ver.
----------- -------------- -------
FCW2144L045 ec1d.8b0a.6800 V01
Switch/Stack Mac Address : ec1d.8b0a.6800 - Local Mac Address
Mac persistency wait time: Indefinite
Current
Switch# Role
Priority
State
-------------------------------------------
*1
Active
1
Ready
Sw Ver. -------17.02.01
*** Executing show version ***
Cisco IOS XE Software, Version 17.02.01
Cisco IOS Software [Amsterdam], Catalyst L3 Switch Software (CAT9K_IOSXE), Version 17.2.1,
RELEASE SOFTWARE (fc4)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2020 by Cisco Systems, Inc.
Compiled Thu 26-Mar-20 03:29 by mcpre
Cisco IOS-XE software, Copyright (c) 2005-2020 by cisco Systems, Inc.
All rights reserved. Certain components of Cisco IOS-XE software are
licensed under the GNU General Public License ("GPL") Version 2.0. The
software code licensed under GPL Version 2.0 is free software that comes
with ABSOLUTELY NO WARRANTY. You can redistribute and/or modify such
GPL code under the terms of GPL Version 2.0. For more details, see the
documentation or "License Notice" file accompanying the IOS-XE software,
or the applicable URL provided on the flyer accompanying the IOS-XE
software.
ROM: IOS-XE ROMMON
BOOTLDR: System Bootstrap, Version 17.2.1r[FC1], RELEASE SOFTWARE (P)
Switch uptime is 2 minutes
Uptime for this control processor is 8 minutes
System returned to ROM by Reload Command
System image file is "flash:cat9k_iosxe.17.02.01.SPA.bin"
Last reload reason: Reload Command
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
Technology Package License Information:
------------------------------------------------------------------------------
Technology-package
Technology-package
Current
Type
Next reboot
------------------------------------------------------------------------------
network-advantage
Smart License
network-advantage
None
Subscription Smart License
None
AIR License Level: AIR DNA Advantage
Next reload AIR license Level: AIR DNA Advantage
Smart Licensing Status: UNREGISTERED/EVAL EXPIRED
cisco C9300-48UXM (X86) processor with 1338934K/6147K bytes of memory.
Processor board ID FCW2144L045
1 Virtual Ethernet interface
Zero-Touch Provisioning 29
�Boot Log for Cisco Catalyst 9000 Series Switches
Zero-Touch Provisioning
4 Gigabit Ethernet interfaces
36 2.5 Gigabit Ethernet interfaces
20 Ten Gigabit Ethernet interfaces
2 TwentyFive Gigabit Ethernet interfaces
2 Forty Gigabit Ethernet interfaces
2048K bytes of non-volatile configuration memory.
8388608K bytes of physical memory.
1638400K bytes of Crash Files at crashinfo:.
11264000K bytes of Flash at flash:.
Base Ethernet MAC Address
: ec:1d:8b:0a:68:00
Motherboard Assembly Number
: 73-17959-06
Motherboard Serial Number
: FOC21418FPQ
Model Revision Number
: B0
Motherboard Revision Number
: A0
Model Number
: C9300-48UXM
System Serial Number
: FCW2144L045
CLEI Code Number
:
Switch Ports Model
SW Version
SW Image
------ ----- -----
----------
----------
* 1 65 C9300-48UXM
17.02.01
CAT9K_IOSXE
Configuration register is 0x102
*** Configuring a Loopback Interface ***
Line 1 SUCCESS: interface loop 100 Line 2 SUCCESS: ip address 10.10.10.10 255.255.255.255 Line 3 SUCCESS: end
*** Executing show ip interface brief ***
Interface Vlan1 GigabitEthernet0/0 Tw1/0/1 Tw1/0/2 Tw1/0/3 Tw1/0/4 Tw1/0/5 Tw1/0/6 Tw1/0/7 Tw1/0/8 Tw1/0/9 Tw1/0/10 Tw1/0/11 Tw1/0/12 Tw1/0/13 Tw1/0/14 Tw1/0/15 Tw1/0/16 Tw1/0/17 Tw1/0/18 Tw1/0/19 Tw1/0/20 Tw1/0/21 Tw1/0/22 Tw1/0/23 Tw1/0/24 Tw1/0/25 Tw1/0/26 Tw1/0/27
IP-Address unassigned 10.127.128.8 unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned
OK? Method Status YES unset up YES DHCP up YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down YES unset down
Mode ---BUNDLE
Protocol up up down down down down down down down down down down down down down down down down down down down down down down down down down down down
Zero-Touch Provisioning 30
�Zero-Touch Provisioning
Boot Log for Cisco Catalyst 9000 Series Switches
Tw1/0/28 Tw1/0/29 Tw1/0/30 Tw1/0/31 Tw1/0/32 Tw1/0/33 Tw1/0/34 Tw1/0/35 Tw1/0/36 Te1/0/37 Te1/0/38 Te1/0/39 Te1/0/40 Te1/0/41 Te1/0/42 Te1/0/43 Te1/0/44 Te1/0/45 Te1/0/46 Te1/0/47 Te1/0/48 GigabitEthernet1/1/1 GigabitEthernet1/1/2 GigabitEthernet1/1/3 GigabitEthernet1/1/4 Te1/1/1 Te1/1/2 Te1/1/3 Te1/1/4 Te1/1/5 Te1/1/6 Te1/1/7 Te1/1/8 Fo1/1/1 Fo1/1/2 TwentyFiveGigE1/1/1 TwentyFiveGigE1/1/2 Ap1/0/1 Loopback100
unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned unassigned 10.10.10.10
YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES unset YES TFTP
down down down down down down down down down down down down down down down down down down down down up down down down down down down down down down down down down down down down down up up
down down down down down down down down down down down down down down down down down down down down up down down down down down down down down down down down down down down down down up up
*** Configuring username, password, SSH ***
Line 1 SUCCESS: username cisco privilege 15 password cisco **CLI Line # 1: WARNING: Command has been added to the configuration using a type 0 password.
However, type 0 passwords will soon be deprecated. Migrate to a supported password type Line 2 SUCCESS: ip domain name domain Line 3 SUCCESS: line vty 0 15 Line 4 SUCCESS: login local Line 5 SUCCESS: transport input all Line 6 SUCCESS: end
*** ZTP Day0 Python Script Execution Complete ***
Guestshell destroyed successfully Script execution success!
Zero-Touch Provisioning 31
�Feature Information for Zero-Touch Provisioning
Zero-Touch Provisioning
Press RETURN to get started!
Feature Information for Zero-Touch Provisioning
The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Zero-Touch Provisioning 32
�Zero-Touch Provisioning
Feature Information for Zero-Touch Provisioning
Table 2: Feature Information for Zero-Touch Provisioning
Feature Name Zero-Touch Provisioning
Release
Feature Information
Cisco IOS XE Everest 16.5.1a
Cisco IOS XE Everest 16.5.1b
Cisco IOS XE Fuji 16.7.1
Cisco IOS XE Fuji 16.8.2
Cisco IOS XE Gibraltar 16.12.1
Cisco IOS XE Amsterdam 17.2.1
Cisco IOS XE Amsterdam 17.3.1
Zero-Touch Provisioning 33
�Feature Information for Zero-Touch Provisioning
Feature Name
Release
Zero-Touch Provisioning 34
Zero-Touch Provisioning
Feature Information To address network provisioning challenges, Cisco introduces a zero-touch provisioning model. In Cisco IOS XE Everest 16.5.1a, this feature was implemented on the following platforms:
· Cisco Catalyst 3650 Series Switches · Cisco Catalyst 3850 Series Switches · Cisco Catalyst 9300 Series Switches · Cisco Catalyst 9500 Series Switches
In Cisco IOS XE Everest 16.5.1b, this feature was implemented on the following platform:
· Cisco 4000 Series Integrated Services Router models with a minimum of 8 GB RAM to support Guest Shell.
In Cisco IOS XE Fuji 16.7.1, this feature was implemented on the following platform:
· Cisco ASR 1000 Aggregation Services Routers (ASR1001-X, ASR1001-HX, ASR1002-X, ASR1002-HX)
In Cisco IOS XE Fuji 16.8.2, this feature was implemented on the following platform:
· Cisco ASR 1000 Series Aggregation Services Routers (ASR1004, ASR1006, ASR1006-X, ASR1009-X, ASR1013)
In Cisco IOS XE Gibraltar 16.12.1, this feature was implemented on the following platforms:
· Cisco Catalyst 9200 Series Switches Note This feature is not supported on C9200L SKUs.
· Cisco Catalyst 9300L SKUs · Cisco Catalyst 9600 Series Switches · Cisco Catalyst 9800-40 Wireless
Controllers · Cisco Catalyst 9800-80 Wireless
Controllers
In Cisco IOS XE Amsterdam 17.2.1, this
�Zero-Touch Provisioning
Feature Information for Zero-Touch Provisioning
Feature Name
Release
Feature Information
feature was implemented on the following platforms:
· Cisco Cloud Services Router 1000V Series
· Cisco C1100 Terminal Services Gateway (Supported only on C1100TGX-1N24P32A)
In Cisco IOS XE Amsterdam 17.3.1, this feature was implemented on the following platforms:
· Cisco Catalyst 8200 Series Edge Platforms
· Cisco Catalyst 8300 Series Edge Platforms
· Cisco Catalyst 8500 and 8500L Series Edge Platforms
In Cisco IOS XE Bengaluru 17.4.1, this feature was implemented on the following platform:
· Cisco Catalyst 8000V Edge Software
Zero-Touch Provisioning: HTTP Download
Cisco IOS XE Fuji 16.8.1 Cisco IOS XE Fuji 16.8.1a
Zero-Touch Provisioning supports HTTP and TFTP file download. In Cisco IOS XE Everest 16.8.1, this feature was implemented on the following platforms:
· Cisco 4000 Series Integrated Services Routers
· Cisco Catalyst 3650 Series Switches
· Cisco Catalyst 3850 Series Switches
· Cisco Catalyst 9300 Series Switches
· Cisco Catalyst 9500 Series Switches
In Cisco IOS XE Fuji 16.8.1a, this feature was implemented on Cisco Catalyst 9500-High Performance Series Switches.
Zero-Touch Provisioning 35
�Feature Information for Zero-Touch Provisioning
Zero-Touch Provisioning
Feature Name
DHCPv6 Support for Zero-Touch Provisioning
Release
Feature Information
Cisco IOS XE Fuji 16.9.1
Cisco IOS XE Amsterdam 17.3.2a
In Cisco IOS XE Fuji 16.9.1, this feature was implemented on the following platforms:
· Cisco Catalyst 9300 Series Switches
· Cisco Catalyst 9500 Series Switches
In Cisco IOS XE Amsterdam 17.3.2a, this feature was implemented on the following platforms:
· Cisco Catalyst 9800-40 Wireless Controllers
· Cisco Catalyst 9800-80 Wireless Controllers
Side-Effect Synchronization Cisco IOS XE Bengaluru of the Configuration Database 17.4.1
During configuration changes in the DMI, a partial synchronization of the changes that are triggered when a command or RPC is configured happens. This is called the side-effect synchronization, and it reduces the synchronization time and NETCONF downtime.
This feature was implemented on the following platforms:
· Cisco ASR 1000 Aggregation Services Routers
· Cisco Catalyst 8500 and 8500L Series Edge Platforms
· Cisco Catalyst 9200 Series Switches
· Cisco Catalyst 9300 Series Switches
· Cisco Catalyst 9400 Series Switches
· Cisco Catalyst 9500 Series Switches
· Cisco Catalyst 9600 Series Switches
Zero-Touch Provisioning Through YANG Models
Cisco IOS XE Cupertino 17.7.1
ZTP is enabled through YANG models when NETCONF is enabled.
This feature is supported on all platforms that support NETCONF-YANG.
Zero-Touch Provisioning 36
�Zero-Touch Provisioning
Feature Information for Zero-Touch Provisioning
Feature Name
Zero-Touch Provisioning Support on Data Port
Release
Cisco IOS XE Cupertino 17.7.1
Feature Information
ZTP is supported on data port for both IPv4 and IPv6.
This feature is implemented on the following platform:
· Cisco Catalyst 9800-L Wireless Controller
Zero-Touch Provisioning 37
�Feature Information for Zero-Touch Provisioning
Zero-Touch Provisioning
Zero-Touch Provisioning 38
�DITA Open Toolkit XEP 4.30.961; modified using iText 2.1.7 by 1T3XT