What Is ZTP?
Zero Touch Provisioning (ZTP) allows newly delivered or unconfigured devices to automatically load deployment files upon power-on, including system software, patch files, and configuration files. ZTP also enables devices to automatically obtain and load deployment files, without requiring onsite manual intervention in device deployment and configuration. As such, ZTP reduces labor costs and improves deployment efficiency.
Why Do We Need ZTP?
During network device deployment, deployment engineers need to perform software commissioning onsite after hardware installation is complete. When a large number of widely distributed devices need to be deployed, engineers need to manually configure each device or import configurations to deploy the devices. This causes low device deployment efficiency and high labor costs.
ZTP addresses these issues. It enables devices to automatically obtain and load deployment files, without requiring onsite manual intervention in device deployment and configuration. As such, ZTP reduces labor costs and improves deployment efficiency. ZTP can be implemented in the following deployment modes:
- USB-based deployment: allows users to deploy devices using a USB flash drive.
- DHCP-based deployment: A DHCP server (also called ZTP server) needs to be deployed first. After an unconfigured device is powered on, it automatically starts the ZTP process. If a dedicated Bootstrap server is deployed, two-way authentication and data encryption are used to ensure the reliability of ZTP data. This ZTP mode is called Secure Zero Touch Provisioning (SZTP).
- Email-based deployment: A deployment email is sent to the mailbox of a deployment engineer. After receiving the deployment email, the deployment engineer clicks the URL in the email to start the deployment process. The device is then automatically deployed.
The following table describes the advantages and constraints of the three deployment modes. Select a proper deployment mode based on the network scenario.
Deployment Mode |
Advantages |
Constraints |
|---|---|---|
USB-based deployment |
USB-based deployment is simple, does not require high skills for deployment engineers, and does not require PCs onsite. This deployment mode is applicable for carriers or enterprises to deploy devices in batches. After device administrators import configurations to devices in warehouses, deployment engineers at sites only need to connect cables and power on the devices. |
USB flash drives are required and configuration files required for deployment must be prepared and saved to the USB flash drives. Device ESNs need to be bound to sites in advance, and the devices must be delivered to the corresponding sites. |
DHCP-based deployment |
DHCP-based deployment is simple and flexible. Only a DHCP server needs to be deployed. After deployment engineers at sites connect cables and power on devices, the devices are automatically deployed, with no need of additional operations. In addition, this mode does not require strict mapping between devices and sites. |
This mode applies to the scenario where devices access the network through DHCP and the DHCP server on the underlay network is configurable. |
Email-based deployment |
Email-based deployment does not require high skills for deployment engineers. Deployment engineers only need to perform simple operations on web pages to complete the device deployment. A variety of terminals (including smart phones, tablets, laptops, and PCs) can be used for device deployment and can connect to devices to be deployed in wireless and wired modes. Additionally, deployment operations are simple. This mode is relatively flexible and applies to various scenarios. It does not require strict mapping between devices and sites. |
Deployment engineers at sites need to prepare a deployment terminal, connect it to the device to be deployed, and access URL in the deployment email. |
How Is ZTP Implemented?
The following figure shows the ZTP process. After an unconfigured device is powered on and started, it checks whether a USB flash drive is inserted. If a USB flash drive is inserted and the usb.ini file exists in the root directory of the USB flash drive, the device starts the USB-based deployment process. If no USB flash drive is inserted, the device starts the DHCP-based deployment or SZTP process. The device functions as a DHCP client and sends a DHCP request packet to the DHCP server. If the device receives a packet carrying Option 143 from the DHCP server, the device starts the SZTP process. Otherwise, the device starts the DHCP-based deployment process. In Huawei SD-WAN Solution, ZTP can also be implemented in email-based deployment mode. If a controller is deployed at a site and the deployment engineer receives a deployment email containing a URL, the deployment engineer can access the URL in the email to start the deployment process.
Deployment process of an unconfigured device upon power-on
For details about the USB-, DHCP-, and email-based deployment modes, see USB-based Deployment, DHCP-based Deployment, and Email-based Deployment.
Application of ZTP in SD-WAN Scenarios
In the SD-WAN Solution, large enterprises usually have thousands of branch sites that are widely distributed. The site deployment is complex, and it is impossible for professional engineers to deploy devices at each site. In this case, deployment engineers can deploy devices in batches through ZTP. To learn about the application of ZTP in SD-WAN scenarios, watch the following video.
- Author: Li Jiaojiao
- Updated on: 2021-09-30
- Views: 11999
- Average rating:
