Login
    Contents x
    Zero Touch Provisioning with Vision EMS
    • 15 Jan 2024
    • 13 Minutes to read
    • Contributors
    • Print
    • Dark
      Light
    • PDF
    Contents

    Zero Touch Provisioning with Vision EMS

    • Updated on 15 Jan 2024
    • 13 Minutes to read
    • Contributors
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    Overview

    This article describes how to prepare automated provisioning of a new Skylight performance elements installation with focuses on:

    • Layer-2 "Plug and Go"
    • Vision EMS configuration

    Definition of the Problem

    As the network grows, network operators have to install and provision numerous performance elements. Provisioning consists of providing the initial configuration of the newly-installed performance elements.

    Without an automated provisioning method, network operators have to ask installers to configure by hand each NE installed on consumer premises. We want a method that minimizes the time spent in the installation and provisioning of the performance elements at customer premises. Ideally, the installer will just connect the NE and leave the place. This method is called “Plug and Go”.

    Accedian devices support this “Plug and Go” feature. However, this feature is limited to the establishment of the initial connectivity with the newly-installed performance elements. The network operator still needs to manually provision each NE.

    With the Discovery Scheduler and the CLI configuration steps of Vision EMS 2.2, you can now automate the provisioning of the newly installed performance elements. Thus, in conjunction with the “Plug and Go” feature, we can achieve Zero Touch Provisioning (ZTP) as the process can be fully-automated.

    Theory of Operation

    Plug & Go

    Plug & Go is a feature of performance elements that simplifies the initial connection setup. With this feature, a technician can install a performance element and note its serial number. Then, a network operator can query a performance element identified as the Inventory Collector and figure out the IP address of the newly-installed performance element. With this, the network operator can connect on the performance element and provision it. However this is still a manual operation that we can eliminate with Vision EMS 2.2.

    Beaconner

    The beaconner is a performance element that broadcasts Plug & Go beacon packets on the network. These packets contain elementary information about the management network such as the subnet IP address, subnet mask, and gateway.

    The performance elements listen to these Plug & Go beacon packets and configure an IP interface to their management function using them. This IP interface is called the Auto interface.

    By default, the Auto interface will listen to any beaconner that sends Plug & Go beacon packets, so we have to design our network in such a way that there is only one beaconner visible from the performance elements we want to configure automatically.

    Once configured, the performance element will broadcast Plug & Go inventory packets. These packets contain information about the performance element such as its IP address and serial number.

    Inventory Collector

    The Inventory Collector is a performance element that listens to the Plug & Go inventory packets. It mounts a table of the performance elements its sees so the network operator can connect on this performance element and see the list of the performance elements configured with the Plug & Go.

    The Inventory Collector and the Beaconner functions can be located in the same performance element.

    Discovery Scheduler

    The Discovery Scheduler is a feature of Vision EMS that allows automatic discovery and provisioning of the performance elements.

    The network operator prepares a list of performance elements along with a configuration job that contains provisioning information for these performance elements. The configuration job is then launched using the Discovery Scheduler.

    At every 15 minutes, the Discovery Scheduler queries the Inventory Collector for the list of performance elements. When a new performance element appears in this list, the Discovery Scheduler compares this performance element with the list of performance elements it has in the configuration job. If there is a match, the Discovery Scheduler runs the configuration job for the new performance element.

    The result of this is that the newly-installed NE can be provisioned automatically without human intervention.

    Network Topology

    This section explains how to configure an L2 network for ZTP using Plug & Go and the Discovery Scheduler of Vision EMS. As mentioned above, the network must be configured so there is only one beaconner in the management subnet. Moreover, Vision EMS must have access to this subnet. The following figure illustrates the kind of network topology we can support:

    Multiple zones network topology

    image.png

    In this figure, we show 3 zones: Zone 1 and 2 represents two different carrier Ethernet network areas while the Operator’s network represents the network where the network operating center could be located. Each of these zones represents a different management subnet.

    In the remainder of this article, we will use the following reference network topology to illustrate how to configure the performance elements and Vision EMS to achieve ZTP:

    Reference L2 network topology

    image.png

    In this figure, NE represents network elements (performance elements):

    • The MGMT port of the Vision EMS appliance is connected to the operator’s network.
    • The network port of NE1 is connected to the operator’s network. We will use NE1 to create a management VLAN so management traffic will be carried over VLAN 500 on the zone 1 network.
    • The client port of NE1 is connected to the client port of NE2. We will use NE2 as the Beaconner and the Inventory Collector for the zone 1 network.
    • The network port of NE2 is connected to the zone 2 network.
    • The zone 2 network is connected to the network port of NE2, NE3 and NE4. NE3 and NE4 represent performance elements that we want to provision automatically after their installation.

    NE (performance element) Setup

    In this section we will configure NE1 and NE2 of the reference L2 network topology so we they are ready to assume their role in ZTP of NE3 and NE4.

    NE1 Configuration (Network Entry Point)

    NE1 is our network entry point.

    In this section we will provide the procedure to configure NE1 sowe have a management VLAN on the zone 1 network.

    Prerequisites

    • The installer has a laptop with a serial port.
    • The network port of NE1 is connected to the operator’s network.
    • The laptop Ethernet interface is connected to the operator’s network.
    • The client port of NE1 is connected to the client port of NE2
    • The console port of NE1 is connected to the serial port of the laptop.
    • NE1 is brand new or it had a factory reset before we execute the configuration procedure.
    • There is a DHCP server on the operator’s network that gave an IP address to the network interface of NE1.

    Procedure

    1. Log in NE1 through the console port using username admin and password admin.
    2. Enter: interface show
    3. Note the network interface IP address.
    4. Connect to NE1 using a web browser with the network interface IP address.
    5. Select System > Configuration > Interface.
    6. Get the session writelock by clicking the lock.png icon.
    7. Press Add to add a new interface.
    8. Enter the following values:

    MgtEntryPoint interface setup on NE1
    image.png

    1. Apply this change

    At this point, we have a management interface in VLAN 500 so we will be able to forward management traffic on this VLAN. We could have used another VLAN ID but this is the one we will use toward the remainder of this application note.

    1. Select Traffic > Filters > L2 filters.

    2. Press Add to add a new filter.

    3. Enter the following values:

    ManagementVLAN filter on NE1
    image.png

    1. Apply the changes.

    At this point, we have a filter that can recognize the frames tagged with VLAN 500.

    1. Select Traffic > Policies.

    2. Select Traffic A (which corresponds to the traffic incoming the client port).

    3. Select 1-1 in the policy configuration section.

    4. Configure the policy with the following parameters.

    Client port policy on NE1
    image.png

    1. Apply the changes.

    At this point, management frames incoming the client port on VLAN 500 are removed from the VLAN 500 and can be forwarded on the network port as ordinary traffic for the operator’s network.

    1. Select Traffic > Policies.

    2. Select Traffic B (which corresponds to the traffic incoming the network port).

    3. Select 2-1 in the policy configuration section.

    4. Configure the policy with the following parameters.

    Network port policy on NE1
    image.png

    1. Apply the changes.

    At this point, management frames incoming the network port are tagged with the VLAN 500 and can be forwarded on the client port as management traffic.

    NE2 Configuration (Beaconner and Inventory Collector)

    NE2 is our Beaconner and Inventory Collector in the zone 1 network. In this section we will provide the procedure to configure NE2 so:

    • It sends Plug & Go beacons on the zone 1 network through its network interface.
    • It collects Plug & Go inventory packets from that network
    • It can be managed in the VLAN 500, the management VLAN we choose.
    • It bridges the management network from NE1 to the zone 1 performance elements.

    Prerequisites

    • The installer has a laptop with a serial port.
    • The network port of NE2 is connected to the zone 1 network.
    • The client port of NE2 is connected to the client port of NE1.
    • The console port of NE2 is connected to the serial port of the laptop.
    • NE2 is brand new or it had a factory reset before we execute the configuration procedure.
    • We have an IP address to manage NE2 along with a subnet mask and an appropriate gateway. In this example we will use:
      • IP address: 192.168.106.175/24
      • Gateway: 192.168.016.1.

    Procedure

    1. Log in NE2 through the console port using the username admin and password admin

    2. Enter:
      interface edit Management dhcp disable
      interface edit Management address 192.168.106.175 interface edit Management netmask 255.255.255.0 interface edit Management gateway 192.168.106.1

    At this point we configured the management interface IP access parameters

    1. Enter:
      interface add NetEntryPoint port Client
      interface edit NetEntryPoint type vlan vlan1-id 500 vlan1-ethertype c-vlan

    At this point we defined a management interface on VLAN 500

    1. Enter:
      interface add Bridge type bridge ip-override enable sub-intf Management, NetEntryPoint
      interface edit Bridge address 192.168.106.175 gateway
      192.168.106.1

    At this point we have a management interface that responds to the client port on VLAN 500.

    1. Enter:
      interface edit Network type vlan vlan1-id 500 vlan1-ethertype c-vlan interface edit Bridge sub-intf Management,Network,NetEntryPoint

    At this point we have a management interface that responds to the network port on VLAN 500.

    1. Enter:
      interface beacon edit Network rate 60
      interface beacon edit Network subnet 192.168.106.0 interface beacon edit Network netmask 255.255.255.0 interface beacon edit Network gateway 192.168.106.1 interface beacon edit Network ip-config-mode auto-static interface beacon edit Network domain-id zone1 interface beacon edit Network state enable

    At this point the Beaconner function is enabled.

    1. Enter:
      inventory edit state enable

    At this point the Inventory Collector function is enabled.

    Vision EMS Configuration

    Overview

    In this section, we will configure Vision EMS so it can automatically provision new performance elements installed in the network. The only information needed to connect the configuration of a NE with the NE is the serial number of the NE. Thus, it is important that the NE with the right serial number is installed at the right location.

    Prerequisites

    We assume that the performance elements in the zone 1 network are accessible from Vision EMS, i.e. there is an IP route between the zone 1 network and the operator’s network where Vision EMS resides.

    We assume that the credential to access NE1 and NE2 are known and already configured in Vision EMS.

    Managing NE1 and NE2

    We have to manually add NE1 and NE2 in Vision EMS to manage them. Managing NE2 is mandatory as Vision EMS will poll it to get the list of the new performance elements that appear in the zone 1 network.

    Procedure

    1. Log in Vision EMS with operator or administrator rights.

    2. In NE Management > Managed, click the plus.png icon.

    3. Provide the information needed to access NE1.

    NE1 entry in Vision EMS
    image.png

    1. Click Save performance elements

    2. In NE Management > Managed, click the plus.png icon.

    3. Provide the information needed to access NE2.

    NE2 entry in Vision EMS

    image.png

    Make sure the Enable inventory pooling checkbox is checked. This tell Vision EMS to use this NE to discover the new performance elements.

    1. Click Save performance elements .

    ME reference dataset

    Definition

    The ME reference dataset is the list of the performance elements that will be installed. Vision EMS uses the serial number of the performance elements to identify them and associate the proper configuration. Thus, it is important that the NE with the right serial number is installed at the right location.
    The ME reference dataset is a CSV file that has the following format:

    NEID,SYSNAME,SERIAL,MGMTIPADDRESS
    3,,G178-1206,
    4,,G178-1129,

    In this example, the sysname is not known and the IP address is not known. However, the serial number of the NE we want to install is known. The NEID is an index used to relate the performance elements defined in the ME reference dataset to entries configuration step datasets.

    Procedure

    Using a text editor, create a ME reference dataset that contains the serial number of the performance elements that are going to be installed in the network.

    1. Log in Vision EMS with operator or administrator rights.

    2. In NE Commissioning > Data Sets, click the plus.png icon.

    3. Provide the information needed to access ME reference data set file.

    ME Ref Data Set import
    image.png

    1. Click Choose File and select the ME reference dataset file prepared earlier.

    2. Click Import data set

    3. Close the window

    CLI set

    Definition

    A CLI set is a file that contains CLI commands that we want to be executed on the performance elements when we run a configuration job. The CLI set is a text file.

    In the ZTP process we need to run a CLI command on the performance elements configured with the Plug & Go feature so they stop listening to Plug & Go beacons and their IP address is frozen.

    Procedure

    1. Using a text editor, create a text file that will contain the CLI commands. In this example, the file is named “Disable Interface Discovery.txt”.

    2. In this file, type:
      interface discovery edit state disable

    3. Save and close the file.

    4. Log in Vision EMS with operator or administrator rights.

    5. In NE Commissioning > CLI sets, click the plus.png icon.

    6. Provide a name for the CLI set

    7. Click Choose File..

    8. Select the CLI command file.

    9. Click Import CLI commands.

    CLI Set import
    image.png

    1. Close the window

    Configuration Job

    The next step is to create the configuration job that defines the provisioning parameters we want to apply on NE discovery. In our example, we will configure SNMP traps to be sent to Vision EMS.
    The configuration job must contain a CLI set configuration step to freeze the network configuration discovered with the Plug & Go feature so the performance elements have a fixed IP address.

    Procedure

    1. Log in Vision EMS with operator or administrator rights.

    2. In NE Commissioning > Configuration Jobs, click the plus.png icon.

    3. Provide a name for the configuration job.

    4. Enable ME reference data set.

    5. Select the ME reference data set that contains the list of the performance elements to be installed.

    6. Select CLI step.

    7. Select the CLI script name.

    CLI step
    image.png

    The next steps depend on what you intend to provision on NE discovery. In this example, we will configure the SNMP agent and the SNMP traps.

    1. Select the SNMP agent step.

    2. Enable SNMP agent.

    3. Enable usage of host name as system mane.

    4. Set Read-only community to “public”.

    5. Set Read-write community to “private”.

    6. Enable link trap generation.

    7. Select SNMP traps step.

    8. Enable trap receiver 1.

    9. Set Type to v2c-1.

    10. Set community string to “trap”.

    11. Set notification receiver to the IP address of Vision EMS.

    12. Click Apply.

    13. Click Close.

    Discovery Scheduler

    Definition

    In this section we will configure the Discovery Scheduler to automatically run our configuration job when a NE appears in the network.

    Procedure

    1. Log in Vision EMS with operator or administrator rights.

    2. In NE Commissioning > Discovery Scheduler, click the flower.png icon.

    3. Provide the default NE credentials.

    4. Enable the Discovery Scheduler.

    5. Double click the Config job name box.

    6. Select the configuration job.

    Discovery Scheduler configuration

    image.png

    1. Click Apply.

    At this point the Discovery Scheduler is enabled. At every 15 minutes, it will run the configuration job on the new performance elements the Inventory Collector sees that match the ME reference list.

    Summary

    Once the initial configuration of the management VLAN, the Beaconner and the Inventory Collector is done and the Discovery Scheduler is configured in Vision EMS, the procedure to add a new NE is the following:

    1. Edit the ME reference data set file to add the performance elements that are going to be installed.

    2. Load this ME reference data set in Vision EMS.

    3. Install the NE, no configuration required.

    4. Within 15 minutes after the installation of the NE, it will be provisioned.

    © 2024 Accedian Networks Inc. All rights reserved. Accedian®, Accedian Networks®,  the Accedian logo™, Skylight™, Skylight Interceptor™ and per-packet intel™, are trademarks or registered trademarks of Accedian Networks Inc. To view a list of Accedian trademarks visit: http://accedian.com/legal/trademarks/. 

    Was this article helpful?
    What's Next
    Get In Touch
    Learn
    About Us
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout