No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

eSight V300R009C00 Operation Guide 10

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Typical Configuration Examples

Typical Configuration Examples

Example for Implementing Topology-based Zero Touch Provisioning for the Campus Headquarters

This section describes how to use the topology to implement zero-touch provisioning for the campus headquarters.

Prerequisites

  • The root device and devices to be deployed support zero touch provisioning. For details about device types, see eSight Function List.
  • Onsite engineers have installed device hardware based on the topology plan.
  • Basic configuration has been completed for a root device and the root device has been added to eSight for management and can communicate normally with eSight through SNMP and Telnet.
  • Input or output is not allowed on console interfaces during zero touch provisioning.
  • (Optional) The device software package, license file, and patch file have been prepared and uploaded to eSight.

Networking Requirements

On the wired campus network of company M, there are lots of devices at the aggregation and access layers. Traditionally, the network design, and software/hardware installation and commissioning are performed by different personnel. Each device to be deployed needs to be manually associated with provisioning files through a USB flash drive. The configuration is complex and has low efficiency. Jack, the network administrator of the company, requires that eSight implement unified zero touch provisioning for aggregation and access devices to reduce management cost.

In the following figure, the red circle specifies the devices to be deployed.

Figure 12-17 Implementing topology-based zero touch provisioning for the campus headquarters

Configuration Roadmap

The configuration roadmap is as follows:

  1. Configure the root device as a DHCP server and configure the interface for connecting to lower-layer devices.
  2. Create device files to be deployed.
  3. Create a deployment task.
  4. Plan the network topology through topology deployment.
  5. Match device files for the devices to be deployed.
  6. Clean up configurations for the devices to be deployed and restart the devices.
  7. Compare topologies.
  8. Trigger and start the deployment based on the topology plan.

Data Plan

Table 12-37 Root device

Device Type

Device IP Address

Downstream Port 1

Downstream Port 2

Zero Touch Provisioning Management VLAN

S5720–56C-PWR-HI-AC

10.137.58.61

GE0/0/1

GE0/0/2

VLAN25

Table 12-38 DHCP server

Egress Gateway IP Address

Global IP Address Pool Name

10.137.58.1

dhcp_server

Table 12-39 Devices at the aggregation layer

Device Type

Device Name

Upstream Port

Downstream Port 1

Downstream Port 2

S5720–32C-HI-24S-AC

S5701

GE0/0/1

GE0/0/2

GE0/0/3

S5720–32C-HI-24S-AC

S5702

GE0/0/1

GE0/0/2

GE0/0/3

Table 12-40 Devices at the access layer

Device Type

Device Name

Upstream Port

S2750–28TP-EI-AC

S2701

GE0/0/1

S2750–28TP-EI-AC

S2702

GE0/0/1

S2750–28TP-EI-AC

S2703

GE0/0/1

S2750–28TP-EI-AC

S2704

GE0/0/1

Procedure

  1. Configure the root device as a DHCP server and configure the interface for connecting to lower-layer devices.

    <Device> system-view 
    [Device] dhcp enable 
    [Device] ip pool dhcp_server   //dhcp_server indicates the name of the global address pool.
    [Device-ip-pool-dhcp_server] network 10.137.58.0 mask 255.255.255.0   //10.137.58.0 is the scope of IP addresses to be assigned to the device for which zero-touch provisioning is to be performed. 
    [Device-ip-pool-dhcp_server] gateway-list 10.137.58.1   //10.137.58.1 is the egress gateway address of the DHCP client.
    [Device-ip-pool-dhcp_server] option 148 ascii ipaddr=10.137.58.8;port=32175   //10.137.58.8 is the eSight IP address. If southbound and northbound services are separated for eSight, the eSight IP address here refers to the southbound IP address.
    [Device-ip-pool-dhcp_server] quit  
    [Device] vlan batch 25 to 30 
    [Device] interface vlanif 25   //VLAN25 is the management VLAN of zero touch deployment. 
    [Device-Vlanif25] ip address 10.137.58.1 255.255.255.0   //10.137.58.1 is the IP address of VLANIF25, which is used as the egress gateway address of the DHCP client. 
    [Device-Vlanif25] dhcp select global 
    [Device-Vlanif25] quit 
    [Device] interface GigabitEthernet 0/0/1   //Configure the interface GE0/0/1 for connecting the root device to the lower-layer device. 
    [Device-GigabitEthernet0/0/1] port link-type trunk 
    [Device-GigabitEthernet0/0/1] port trunk pvid vlan 30 
    [Device-GigabitEthernet0/0/1] port trunk allow-pass vlan 30 
    [Device-GigabitEthernet0/0/1] quit 
    [Device] interface GigabitEthernet 0/0/2   //Configure the interface GE0/0/2 for connecting the root device to the lower-layer device. 
    [Device-GigabitEthernet0/0/2] port link-type trunk 
    [Device-GigabitEthernet0/0/2] port trunk pvid vlan 30 
    [Device-GigabitEthernet0/0/2] port trunk allow-pass vlan 30 
    [Device-GigabitEthernet0/0/2] quit

  2. Create device files to be deployed.

    1. Choose Resource > Network > Zero Touch Provisioning > Configuration File Making from the main menu.

    2. Click Create and set parameters.

    3. Click Next and perform basic configuration for lower-layer devices.

      If basic configuration is not performed, lower-layer devices cannot be properly added to eSight for management after they are deployed based on the topology plan.

      The following basic configuration is only for reference and the configuration in the site plan prevails:

       
      # 
      sysname $NEname 
      # 
      vlan $vlan 
      # 
      lldp enable 
      # 
      interface Vlanif $vlan 
      ip address dhcp-alloc 
      # 
      interface $interface_type_in $interface_number_in 
      port link-type trunk 
      port default vlan $vlan 
      # 
      interface $interface_type_out1 $interface_number_out1 
      port link-type trunk  
      port default vlan $vlan 
      # 
      interface $interface_type_out2 $interface_number_out2 
      port link-type trunk 
      port default vlan $vlan 
      # 
      ip route-static 10.137.58.0 255.255.0.0 10.137.58.1 
      # 
      user-interface maximum-vty 5 
      user-interface vty 0 4 
      authentication-mode password 
      user privilege level 15 
      set authentication password cipher $password 
      protocol inbound telnet 
      # 
      return     

      After configuring related basic configuration commands, click Refresh Template Parameters, set related template variables based on the plan, and click OK.

    4. Repeat the preceding substeps to create configuration files of other devices.
    5. (Optional) Prepare software, patches, and license files of devices to be deployed based on the site requirements.

      Choose Resource > Network > Configuration > Device Software Management from the main menu. Choose File Management from the navigation tree on the left and upload the corresponding file.

  3. Create a deployment task.

    1. Choose Resource > Network > Zero Touch Provisioning > Topo Plan-based Provisioning from the main menu.

    2. Right-click a blank area and select Create Task.

    3. Set Root type to campus and Task name to Task for Department AB, and select Auto Active.

    4. Click OK.

  4. Plan the network topology through topology deployment.

    1. Plan the network topology through topology deployment. Double-click the deployment task and click Add Root Device.

    2. Select the root device.

    3. On the Plan Topology tab page, right-click a root device, choose Add Remote Device > Switches from the shortcut menu, set related parameters, and click OK to add an aggregation device.

    4. Click OK.

    5. Add an access device of department A. In detail, right-click the aggregation device S5701, choose Add Remote Device > Switches from the shortcut menu, set related parameters, and click OK.

    6. Add an access device of department B. In detail, right-click the aggregation device S5702, choose Add Remote Device > Switches from the shortcut menu, set related parameters, and click OK.

    7. Adjust the topology and save it. The sorted root device, aggregation device, and access devices are displayed.

    8. (Optional) If device information needs to be modified, right-click the corresponding device and choose Modify from the shortcut menu.

  5. Match device files for the devices to be deployed.

    1. Click the Match File tab, right-click the aggregation device, and choose Match Provisioning File from the shortcut menu. On the page that is displayed, select the corresponding deployment file and click OK.

    2. Repeat the preceding substeps to match device files of other devices.

  6. Clean up configurations for the devices to be deployed and restart the devices.

    To ensure that device configurations are empty, you are advised to perform the configuration cleanup operation.

    Run the following command to clean up the device configurations:

     
    reset saved-configuration 
    y 
    delete /unreserved *.cfg 
    y 
    delete /unreserved *.zip 
    y 
    reboot 
    n   //Select n here. Otherwise, the device generates a new configuration file.
    y     

    The devices to be deployed are assigned with temporary IP addresses through the DHCP server, enter the topology plan-based deployment process, and send deployment requests.

  7. Compare topologies.

    eSight collects the network topology of the deployment area from the root device, compares the network topology with the planned topology, and displays the differences for users to correct.

    1. Click the Compare Topologies tab, right-click the root device, and choose Manually Topology Collection from the shortcut menu.

      If the comparison fails, click Configure Cluster Management VLAN, verify the configuration of the cluster management VLAN, and perform configuration based on the plan again.

    2. Confirm the comparison result.

      If the comparison result indicates that the topology is incorrect, check and correct the physical connections.

  8. Trigger and start the deployment based on the topology plan.

    1. Click the Start Provisioning tab, right-click all devices to be deployed, and choose Start to provision.
    2. (Optional) Activate devices.

      If automatic activation is not selected during deployment task creation, you need to manually activate the devices.

      The devices must be activated from bottom to top one by one based on the topology. An upper-layer device can be activated only when the lower-layer device is activated and restarted successfully. If an upper-layer device is activated first, lower-layer devices are disconnected from the network after the upper-layer device restarts. As a result, the topology plan-based deployment fails.

    3. Verify that the deployment status is displayed as successful for each device, indicating that the topology plan-based deployment is complete.

Result

Choose Topology > Topology Management from the main menu after the deployment is completed. All deployed devices can be displayed, and alarm messages of the devices can be reported to eSight.

Example for Implementing Topology-based Zero Touch Provisioning for the Enterprise Data Center

This section describes how to use the topology to implement zero-touch provisioning for enterprise data centers.

Prerequisites

  • The root device and devices to be deployed support zero touch provisioning. For details about device types, see eSight Specification List.
  • Onsite engineers have installed device hardware based on the topology plan.
  • The root device has been added to eSight for management and can communicate normally with eSight through SNMP, Telnet, or NETCONF.
  • The FTP server has been enabled on the root device to serve as the intermediate file server that provides the intermediate file in the Python format for topology-based deployment.
  • A DHCP server has been configured and uses the root device as the gateway.
  • Input or output is not allowed on console interfaces during zero touch provisioning.
  • The device software package, license file, and patch file have been prepared and uploaded to eSight.

Networking Requirements

There are a large number of Top of Rack (TOR) switches in an enterprise data center. Network administrators need to have high technical skills and they spend a long time configuring these switches. Network administrators require that eSight can automatically complete basic configurations for the TOR switches without human intervention.

Figure 12-18 Implementing topology-based zero touch provisioning for the enterprise data center

Configuration Roadmap

The configuration roadmap is as follows:

  1. Select the root device and configure VLAN 1 as a pass VLAN on the root device. (By default, VLAN 1 is used as the dedicated VLAN for zero touch provisioning.)
  2. Configure the root device as a DHCP server.
  3. Pre-define the intermediate file in the Python format on the intermediate file server of the root device.
  4. Prepare deployment files for devices to be deployed.
  5. Plan the network topology.
  6. Match files for devices to be deployed.
  7. Delete configurations of devices to be deployed and restart them.
  8. Compare topologies.
  9. Trigger deployment. The devices to be deployed then download corresponding files.

Data Plan

Table 12-41 Root device

Device Type

Device IP Address

Downstream Port

CE12808

10.58.1.2

10GE1/0/3

Table 12-42 DHCP server

VLAN ID

Egress Gateway Address

Global Address Pool Name

1

10.58.1.1

ce-ztp

Table 12-43 Intermediate file server

IP Address

User Name

Password

Intermediate File in Python Format

10.58.1.2

admin

Changeme123

ztp_script_tor.py

Table 12-44 Access device

Device Type

Device Name

IP Address

Upstream Port

CE6850-48S4Q-EI

huadsf

10.58.1.25

10GE1/0/1

Procedure

  1. Configure the root device as a DHCP server.

    system-view 
    dhcp enable 
    interface vlanif 1 
    dhcp select global 
    quit 
    ip pool ce-ztp 
    network 10.58.1.0 mask 255.255.255.0 
    gateway-list 10.58.1.1 
    option 148 ascii ipaddr=10.58.1.8;port=32175 
    option 67 ascii ftp://admin/Changeme123@10.58.1.2/ztp_script_tor.py

  2. Pre-define the intermediate file in the Python format on the intermediate file server of the root device.

    Pre-define the intermediate file in the Python format on the root device.

    Modify the value of ESIGHT_SERVER_IP to the IP address of the eSight.

    The #md5sum parameter in the first line also needs to be re-generated.

  3. Prepare deployment files for devices to be deployed.

    1. Choose Resource > Network > Zero Touch Provisioning > Configuration File Making from the main menu.

    2. Click Create and set parameters.

    3. Click Next and add the following command manually.

      ip address $TORMNGIP $mask

      Click Refresh Template Parameters and set parameters to create configuration files.

    4. Repeat the preceding steps to create configuration files of other devices.
    5. (Optional) Prepare the software, patch, and license file for the device to be deployed based on the site requirements.

      Choose Resource > Network > Configuration > Device Software Management from the main menu. Choose File Management from the navigation tree on the left and upload the corresponding file.

  4. Plan the network topology.

    1. Choose Resource > Network > Zero Touch Provisioning > Topo Plan-based Provisioning from the main menu.

    2. Right-click a blank area on the page and select Create Task.

    3. Set Root type to campus and Task name to TOR_Topo, and click OK.

    4. Double-click a deployment task, click Add Root Device, and select the root device.

    5. Right-click a root device, choose Add Remote Device from the shortcut menu, set related parameters, and click OK.

    6. Adjust the topology and save the adjustment.

    7. Right-click a device to be deployed, select Modify, and set MAC or ESN.

  5. Match deployment files for devices to be deployed.

    1. Click the Match File tab, right-click a device to be deployed, and choose Match Provisioning File from the shortcut menu.
    2. Select corresponding deployment files in the displayed dialog box.

  6. Delete configurations of devices to be deployed and restart them.

    To ensure that device configurations are empty, you are advised to perform the configuration cleanup operation.

    Run the following command to clean up the device configurations:

     
    reset saved-configuration 
    y 
    delete /unreserved *.cfg 
    y 
    delete /unreserved *.zip 
    y 
    reboot 
    n   //Select n here. Otherwise, the device generates a new configuration file.
    y     

    The DHCP server allocates a temporary IP address to each device to be deployed. The topology-based deployment process is started. The devices to be deployed send deployment requests.

  7. Compare topologies.

    eSight collects the network topology in the deployment areas from the root device and compares the topology with the planned topology to show differences. Users can correct the network topology accordingly.

    1. Click the Compare Topology tab, right-click the root device, and choose Enable LLDP from the shortcut menu if LLDP is not enabled for the device.
    2. Right-click the root device and choose Manually Topology Collection from the shortcut menu.
    3. Confirm the comparison result.

  8. Trigger deployment. The devices to be deployed then download corresponding files.

    1. Click the Start Provisioning tab, right-click all devices to be deployed, and choose Start to provision from the shortcut menu.
    2. The deployment delivery result is displayed, and the deployment process is refreshed to complete the deployment process.

Result

After the deployment process is complete, users can find newly deployed devices on Topology Management, and alarms of these devices are normally reported to the eSight.

Example for Implementing MAC/ESN-based Zero Touch Provisioning

This section describes how to implement zero-touch provisioning for branches by manually recording the MAC address and ESN.

Prerequisites

  • The root device and devices to be deployed support MAC/ESN-based zero touch provisioning. For details about device types, see eSight Function List.
  • A root device has been added to eSight for management and can communicate normally with eSight through SNMP and Telnet.
  • A DHCP server has been configured and uses the root device as a gateway.
  • Input or output is not allowed on console interfaces during zero touch provisioning.
  • The device software package, license file, and patch file have been prepared and uploaded to eSight.

Networking Requirements

On the wired campus network of company M, there are lots of devices at the aggregation and access layers. The configuration is complex. Jack, the network administrator of the company, requires that eSight implement unified MAC/ESN-based Zero Touch Provisioning for aggregation and access devices to reduce management cost.

In the following figure, the red circle specifies the devices to be deployed.

Figure 12-19 Implementing MAC/ESN-based zero touch provisioning

Configuration Roadmap

The configuration roadmap is as follows:

  1. Select a root device and configure VLAN 1 as a pass VLAN on the root device.
  2. Configure the root device as a DHCP server.
  3. Plan provisioning files for devices.
  4. Power on the devices and manually record MAC addresses/ESNs of the devices.
  5. Match the MAC addresses/ESNs with provisioning files.
  6. Trigger provisioning. After the devices upload the provisioning files, the provisioning is complete.

Data Plan

Table 12-45 Root device

Device Type

Device IP Address

Downstream Port 1

Downstream Port 2

S5720–56C-PWR-HI-AC

10.137.58.61

GE0/0/1

GE0/0/2

Table 12-46 Devices at the aggregation layer

Device Type

IP Address

Upstream Port

Downstream Port 1

Downstream Port 2

S5720–32C-HI-24S-AC

10.137.58.1

GE0/0/1

GE0/0/2

GE0/0/3

S5720–32C-HI-24S-AC

10.137.58.2

GE0/0/1

GE0/0/2

GE0/0/3

Table 12-47 Devices at the access layer

Device Type

IP Address

Port

S2750–28TP-EI-AC

10.137.58.3

GE0/0/1

S2750–28TP-EI-AC

10.137.58.4

GE0/0/1

S2750–28TP-EI-AC

10.137.58.5

GE0/0/1

S2750–28TP-EI-AC

10.137.58.62

GE0/0/1

Table 12-48 Device MAC/ESN

Location

MAC Address

ESN

Device Type

Device Model

Configuration File

Aggregation 1

00E0-FC12-AA4B

S5700-28C-HI

N1.zip

S5700.cc

Aggregation 2

00E0-FC12-AA5B

S5700-28C-HI

N2.zip

S5700.cc

Access 1

AAC1223431

S2750-28TP-EI-AC

N3.zip

S2700.cc

Access 2

AAC1223432

S2750-28TP-EI-AC

N4.zip

S2700.cc

Access 3

BAC1223433

S2750-28TP-EI-AC

N5.zip

S2700.cc

Access 4

BAC1223436

S2750-28TP-EI-AC

N6.zip

S2700.cc

Procedure

  1. Perform the following operations on the root device:

    • Specify VLAN 1 as a pass VLAN on the root device.
    • Configure the root device as a DHCP server.
    <Device> system-view 
    [Device] dhcp enable 
    [Device] ip pool dhcp_server   //dhcp_server indicates the name of the global address pool.
    [Device-ip-pool-dhcp_server] network 10.137.58.0 mask 255.255.255.0   //10.137.58.0 is the scope of IP addresses to be assigned to the device for which zero-touch provisioning is to be performed. 
    [Device-ip-pool-dhcp_server] gateway-list 10.137.58.1   //10.137.58.1 is the egress gateway address of the DHCP client.
    [Device-ip-pool-dhcp_server] option 148 ascii ipaddr=10.137.58.8;port=32175   //10.137.58.8 is the eSight IP address. If southbound and northbound services are separated for eSight, the eSight IP address here refers to the southbound IP address.
    [Device-ip-pool-dhcp_server] quit
    [Device] vlan 1   
    [Device-vlan1] quit 
    [Device] interface vlanif 1 
    [Device-Vlanif1] ip address 10.137.58.1 255.255.255.0   //10.137.58.1 is the IP address of VLANIF1, which is used as the egress gateway address of the DHCP client. 
    [Device-Vlanif1]dhcp select global
    [Device-Vlanif1] quit 

  2. Prepare configuration files for devices to be deployed.

    1. Choose Resource > Network > Zero Touch Provisioning > Configuration File Making from the main menu.

    2. Click Create, enter the following parameters, and click Next. Click OK. The configuration file is created for the aggregation devices.

    3. Repeat the preceding step to create a configuration file for the access devices.

  3. Connect cables of devices to be deployed and power on them. Manually record MAC addresses/ESNs, locations, and models of the devices into an excel file.

  4. Match the configuration file, software package, patch file, and license file with the devices to be deployed.

    1. Choose Resource > Network > Zero Touch Provisioning > Device ID-based Provisioning from the main menu.

    2. Click Create and then choose Create Device > Batch Import.

    3. In the Batch Import dialog box that is displayed, upload the excel file created in step 2 and click OK.
    4. The provisioning task is created. Select the provisioning task, click Match Provisioning File, and select the correct configuration file, software package, patch file, and license file.
    5. Click OK. The provisioning file matching task is complete.

  5. Trigger provisioning and restart the switches after they download corresponding files.

    1. Select the created manual provisioning task and click Start. Click Active.
    2. In the dialog box that is displayed, choose I have understood the consequence of the operation and confirm to perform the operation. and click OK.
    3. The devices are restarted and download the latest provisioning files. Then, the entire provisioning task delivery is complete.

Result

After the deployment is complete, Choose Topology > Topology Management from the main menu. All deployed devices can be displayed, and alarm messages of the devices can be reported to eSight.

Example for Deploying AR Routers Through Sending SMS Messages

Network administrators can send SMS messages remotely to deploy AR routers integrated with the 3G\LTE module. This mode simplifies the deployment process and reduces the deployment cost.

Prerequisites

  • Deployment personnel in the branch site have installed and powered on the AR routers. The 3G\LTE module integrated on the AR routers can normally receive SMS messages.
  • The AR routers in the branches can successfully communicate with the AR routers and eSight in the headquarters through APN dialup.
  • SMS server parameters have been set on eSight, and the SMS server can successfully communicate with eSight.

Networking Requirements

Finance company M wants to deploy two AR routers in new branch sites through SMS message-based provisioning.

Figure 12-20 Networking diagram

Configuration Roadmap

  1. Make an AR router configuration template.
  2. Set SIM card parameters.
  3. Set SMS message parameters.
  4. Create SMS message-based deployment tasks to deploy the AR routers.

Data Plan

Table 12-49 APN parameter plan

APN Name

User Name

Password.

lte

admin

eSight123

Table 12-50 AR parameter plan

AR

Phone Number

IMSI

Device ID

IP Address

AR1

1311111XXXX

460018020704273

24-9e-ab-52-dc-23

10.136.57.58

AR2

1312222XXXX

460029130815384

35-9e-ab-63-dc-34

10.137.58.59

Procedure

  1. Make an AR router configuration template.

    1. Choose Resource > Network > Zero Touch Provisioning > Configuration File Making from the main menu.

    2. In the navigation tree on the left, choose Make Configuration Template, click Create, and set related parameters.

    3. Click Next.

    4. Click OK.

    5. Repeat the operations to make a configuration template for the other AR.

  2. Set SIM card parameters.

    1. Choose Resource > Network > Zero Touch Provisioning > Short Message-based Provisioning from the main menu.
    2. In the navigation tree on the left, choose Manage SIM Card, and click Batch Import.
    3. Download the template and set related parameters.

    4. Upload the template.

    5. Click Create.

  3. Set SMS message parameters.

    1. In the navigation tree on the left, choose Manage Short Message, click Create, and set SMS message parameters.

    2. Click OK.

    3. Repeat the operations to set SMS message parameters for the other AR.

  4. Create SMS message-based deployment tasks to deploy the AR routers.

    1. In the navigation tree on the left, choose Short Message Deployment, click Create, choose Create Device > Batch Import.
    2. Download the template and set related parameters.

    3. Upload the template.

    4. Click Create.

    5. Select the AR router to be deployed, click Match Provisioning File, and select the configuration template.

    6. Click OK, and verify the configuration template and variables in the template.

    7. Click OK.

    8. Select the SMS message-based provisioning task and click Cell Number to deploy the AR routers.
    9. Repeat the operations to deploy the other AR.

Result

Choose Topology > Topology Management from the main menu after the deployment is complete to view the newly deployed devices.

Translation
Download
Updated: 2019-09-07

Document ID: EDOC1100011877

Views: 314875

Downloads: 637

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next