cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
28
Views
0
Helpful
8
Replies
Highlighted
Cisco Employee

Day-0 configuration via terminal server

For a POC, we are being asked to provision a day-0 configuration to ASR9K using a terminal server connection. Can NSO handle a scenario where a Telnet username and password is required by the terminal server, and a second username / password requested over the telnet session by the ASR9000 device? i.e. two username/password authentication stages in order to get CLI access to the device under management?

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Day-0 configuration via terminal server

The IOS CLI NED supports console access. I am not sure if the XR does but I do believe that could be done. So, a single NED is needed.

 

I can imagine different ways to solve your problem using reactive fastmap but would need more info to help you.

 

One example could be:

 

               - Device is created with console IP and access info.

 

               - Service is committed and day0 config is sent.

 

               - Subscriber app checks management ip is working (ping it) and then changes device IP address/port/authgroup (outside of FASTMAP). Sets devices as ³ready² and re-deploys the service.

 

               - When re-deployed, service checks device status and if ³ready² sends

 

day1 config. This means that FASTMAP has sent day0+day1 configs.

 

               - For now on device is managed by management port.

 

8 REPLIES 8
Cisco Employee

Re: Day-0 configuration via terminal server

 

This would require

 

 

- some minimal changes to the NED to do the two-stage auth

 

- some additional data augmented under /devices/device that

 

   can hold the extra auth data.

 

  Easy.

Cisco Employee

Re: Day-0 configuration via terminal server

Thanks for the response.

 

Our requirement is something like this, the initial day-0 config is going to be over terminal server connection and after the day-0 is configured, we would need to switch over to a pure IP based in-band management.

So for this requirement will we need to have 2 NEDs?

Cisco Employee

Re: Day-0 configuration via terminal server

The IOS CLI NED supports console access. I am not sure if the XR does but I do believe that could be done. So, a single NED is needed.

 

I can imagine different ways to solve your problem using reactive fastmap but would need more info to help you.

 

One example could be:

 

               - Device is created with console IP and access info.

 

               - Service is committed and day0 config is sent.

 

               - Subscriber app checks management ip is working (ping it) and then changes device IP address/port/authgroup (outside of FASTMAP). Sets devices as ³ready² and re-deploys the service.

 

               - When re-deployed, service checks device status and if ³ready² sends

 

day1 config. This means that FASTMAP has sent day0+day1 configs.

 

               - For now on device is managed by management port.

 

Cisco Employee

Re: Day-0 configuration via terminal server

Lennart just built something like this for the IOS NED. This seems similar except for IOS both devices for that case have iOS cli.

 

Not sure how tough it would be to nest a different NED (XR) for the second device

Cisco Employee

Re: Day-0 configuration via terminal server

A multi NED solution is boring. Much better if there are two ways to connect/auth from the same NED.

 

The first is is used initially (day0), once that is done, some op marker is set, making the Java code in the NED choose the latter once day0 is there (through the terminal server)

Cisco Employee

Re: Day-0 configuration via terminal server

Lennart, will ping you and see if we can get this working for ASR9K.

Cisco Employee

Re: Day-0 configuration via terminal server

Here is the overall scenario.

 

 

The device to added and brought up are a cell site router, where we need to push the day-0 config. The day-0 config will be basic, loopback address and the ospf config over the terminal server connection.

 

 

After the device i.e. The Loopback is accessible we need to switchover to the managing it via the Loopback address.

 

 

What we were thinking is to have the day-0 config added via templates and get it on-boarded into NSO.

 

 

Post which all the service provisioning can happen via NSO service models.

 

 

Any suggestions are welcome.

Cisco Employee

Re: Day-0 configuration via terminal server

Currently the cisco-iosxr does not support that but, it is easy and it has already been done in other neds, e.g. alu-sr.

 

 

I believe you still have to request it, using the official channels and format, nso-ned@cisco.com

 

Content for Community-Ad
August's Community Spotlight Awards