Device Plug-and-Play
In the CloudCampus Solution, iMaster NCE-Campus can quickly provision network services to campus network devices through NETCONF only after the devices have gone online on iMaster NCE-Campus. On large- or medium-sized campus networks, there are a large number of switches downstream from the core layer. In most cases, you need to first use command lines to connect core switches to iMaster NCE-Campus in the southbound direction, and then configure the core switches as the root devices of the management subnet and configure DHCP to allow switches downstream from the core layer to go online iMaster NCE-Campus. Then, these switches are plug-and-play, simplifying network deployment.
Onboarding Process of Switches Downstream from the Core Layer on iMaster NCE-Campus Through DHCP
As shown in Figure 1-7, a switch downstream from the core layer (for example, Switch A) goes online on iMaster NCE-Campus as follows:
An administrator configures the DHCP server function on the core switch or deploys an independent DHCP server on the network, enables the DHCP function on VLANIF 1, and configures DHCP Option 148, which contains the NETCONF enabling status as well as the IP address/URL and port number of iMaster NCE-Campus.
After Switch A starts up with no configuration, it sends a DHCP request packet containing VLANIF 1 to the DHCP server by default.
Because all interfaces of Switch A are added to VLAN 1 by default before delivery, the core switch can communicate with Switch A in VLAN 1.
The core switch that functions as a DHCP server receives the request packet and sends a DHCP response packet containing DHCP Option 148 to Switch A.
After receiving the DHCP response packet, Switch A enables NETCONF based on the Option 148 field and obtains the URL/IP address and port number of iMaster NCE-Campus.
Based on the obtained URL/IP address and port number of iMaster NCE-Campus, Switch A initiates authentication and registration with iMaster NCE-Campus.
Auto-negotiated Management VLAN
If VLAN 1 is used as the management VLAN between the core and aggregation/access switches, broadcast storms may occur. Therefore, VLAN 1 is not recommended as the management VLAN between them. If a VLAN other than VLAN 1 is used as the management VLAN, you need to configure the auto-negotiated management VLAN function on the core switch that functions as the root device. Then, interconnected interfaces on the switches can be automatically added to the auto-negotiated management VLAN through packet negotiation.
Assume that VLAN 4080 is used as the management VLAN. After the core switch is managed by iMaster NCE-Campus, aggregation and access switches establish management channels with the core switch through the auto-negotiated management VLAN function, , as illustrated in Figure 1-8. The detailed process is described as follows:
- On the core switch, an administrator creates a management subnet, configures the DHCP server function and auto-negotiated management VLAN function, specifies VLAN 4080 as the auto-negotiated management VLAN, and configures an IP address pool on VLANIF 4080.
- After the core switch is configured, aggregation switches automatically add their interfaces connected to the core switch to VLAN 4080 through protocol packet auto-negotiation.
- After the management channels between the core and aggregation switches are established, access switches automatically add their interfaces connected to the aggregation switches to VLAN 4080 through protocol packet auto-negotiation.
- A DHCP address pool has been configured on the VLANIF interface corresponding to the auto-negotiated management VLAN on the root device.
Upstream switches have been successfully registered with iMaster NCE-Campus.
iMaster NCE-Campus has delivered the ID of the auto-negotiated management VLAN to upstream switches.
iMaster NCE-Campus has delivered upstream switches the configuration that enables the function of delivering the ID of the auto-negotiated management VLAN to downstream switches.
Upstream switches have been enabled to send LLDP packets carrying auto-negotiated management VLAN information to downstream switches. This function is enabled by default.
Eth-Trunk Pre-configuration
On a large or midsize campus network, Eth-Trunks are typically used between switches to ensure link reliability. You can plan the network first and then import the planned pre-configured Eth-Trunk information to iMaster NCE-Campus. After a switch goes online in plug-and-play mode, iMaster NCE-Campus delivers the Eth-Trunk pre-configuration to the switch. As shown in Figure 1-9, the aggregation switches (Aggre-a and Aggre-b) implement plug-and-play through management VLAN auto-negotiation and then go online on iMaster NCE-Campus through Eth-Trunks. The process is as follows:
- Import the pre-configured information about the Eth-Trunks between switches to iMaster NCE-Campus in a batch using a network plan template, including the names of upstream and downstream switches, physical port numbers, and Eth-Trunk interface names.
- The aggregation switches go online on iMaster NCE-Campus through management VLAN auto-negotiation.
- After the aggregation switches go online, iMaster NCE-Campus delivers the pre-configured Eth-Trunk information to them.
- The core and aggregation switches are connected through Eth-Trunks, and automatically renegotiate the management VLAN. Finally, the aggregation switches come back online on iMaster NCE-Campus through Eth-Trunks.