Automation

 View Only
last person joined: 6 days ago 

Ask questions and share experiences about Apstra, Paragon, and all things network automation.
  • 1.  Juniper ZTP DHCP Server issues

    Posted 02-15-2017 17:03

    I am currently trying to configure DHCP as part of a ztp setup. Right now my topology is as follows:

    ex2200(me0,10.0.20.2)->(ge-0/0/1,10.0.20.1)srx100(fe-0/0/2,10.0.80.1)<-(eth0,10.0.80.2)centos6.7_dhcp_server

    I have the dhcp server on the 10.0.80.0/24 subnet, and I want it to assign IP addresses into the 10.0.20.0/24 subnet.

    set vendor-string = option vendor-class-identifier;
    option space ZTPDEMO;
    option ZTPDEMO.image-file-name code 0 = text;
    option ZTPDEMO.config-file-name code 1 = text;
    option ZTPDEMO.image-file-type code 2 = text;
    option ZTPDEMO.transfer-mode code 3 = text;
    option ZTPDEMO-encapsulation code 43 = encapsulate ZTPDEMO;
    option ZTPDEMO.image-file-type "symlink";
    option option-150 code 150 = ip-address;
    
    host CAN1 {
     hardware ethernet 80:ac:ac:4c:84:ff;
     fixed-address 10.0.20.3;
     option host-name "to-mdf-ex22-sw5";
     option vendor-class-identifier "Juniper-ex2200-48p-4g;
     option option-150 10.0.80.2;
     option ZTPDEMO.transfer-mode "http";
     option ZTPDEMO.config-file-name "to-mdf-ex22-sw5-config.txt";
     option ZTPDEMO.image-file-name "jinstall-ex-2200-15.1R5.5-domestic-signed.tgz";
    }
    subnet 10.0.20.0 netmask 255.255.255.0 {
     option domain-name-servers 8.8.8.8;
     option routers 10.0.20.1;
     default-lease-time 600;
     max-lease-time 7200;
     authoritative;
     option ZTPDEMO.transfer-mode "http";
     pool {
            range dynamic-bootp 10.0.20.3 10.0.20.254;
            option OPTION-150 10.0.80.2;
            option P61.config-file-name "default-ex2200-c-12p.config";
          }
    }
    

    And here is the error I receive:

    Feb 15 06:26:35 localhost dhcpd: Internet Systems Consortium DHCP Server 4.1.1-P1
    Feb 15 06:26:35 localhost dhcpd: Copyright 2004-2010 Internet Systems Consortium.
    Feb 15 06:26:35 localhost dhcpd: All rights reserved.
    Feb 15 06:26:35 localhost dhcpd: For info, please visit https://www.isc.org/software/dhcp/
    Feb 15 06:26:35 localhost dhcpd: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file
    Feb 15 06:26:35 localhost dhcpd: Wrote 0 deleted host decls to leases file.
    Feb 15 06:26:35 localhost dhcpd: Wrote 0 new dynamic host decls to leases file.
    Feb 15 06:26:35 localhost dhcpd: Wrote 0 leases to leases file.
    Feb 15 06:26:35 localhost dhcpd: 
    Feb 15 06:26:35 localhost dhcpd: No subnet declaration for eth0 (10.0.80.2).
    Feb 15 06:26:35 localhost dhcpd: ** Ignoring requests on eth0.  If this is not what
    Feb 15 06:26:35 localhost dhcpd:    you want, please write a subnet declaration
    Feb 15 06:26:35 localhost dhcpd:    in your dhcpd.conf file for the network segment
    Feb 15 06:26:35 localhost dhcpd:    to which interface eth0 is attached. **
    Feb 15 06:26:35 localhost dhcpd: 
    Feb 15 06:26:35 localhost dhcpd: 
    Feb 15 06:26:35 localhost dhcpd: Not configured to listen on any interfaces!
    Feb 15 06:26:35 localhost dhcpd: 
    Feb 15 06:26:35 localhost dhcpd: This version of ISC DHCP is based on the release available
    Feb 15 06:26:35 localhost dhcpd: on ftp.isc.org.  Features have been added and other changes
    Feb 15 06:26:35 localhost dhcpd: have been made to the base software release in order to make
    Feb 15 06:26:35 localhost dhcpd: it work better with this distribution.
    Feb 15 06:26:35 localhost dhcpd: 
    Feb 15 06:26:35 localhost dhcpd: Please report for this software via the CentOS Bugs Database:
    Feb 15 06:26:35 localhost dhcpd:     http://bugs.centos.org/
    Feb 15 06:26:35 localhost dhcpd: 
    Feb 15 06:26:35 localhost dhcpd: exiting.
    [root@localhost dhcp]# service ssh start
    

    A few other tidbits: iptables is off, and the port is configured statically on the server: eth0 10.0.80.2 255.255.255.0, gateway 10.0.80.1.

    Anyone have any ideas what I am doing wrong?

     

    Also, is it possible to do all of this without the seperate dhcp server? Can I just build a dhcp server with all of these options on the srx?



  • 2.  RE: Juniper ZTP DHCP Server issues
    Best Answer

    Posted 02-16-2017 11:44

    Nevermind, found the solution: was using wrong config on the srx (not configured for switching) and the subnet was wrong length.



  • 3.  RE: Juniper ZTP DHCP Server issues

    Posted 07-25-2018 06:26

    hey man
    we're trying to do the same thing, and we're getting similar errors, can you share your config for ZTP?
    we are using SRX 320, and we have  DHCP configured similary to yours.



  • 4.  RE: Juniper ZTP DHCP Server issues

    Posted 10-20-2018 07:15

    Not sure if you ever got your answer, but here is my working ztp config with dns servers masked for privacy purposes:

    set vendor-string = option vendor-class-identifier;
    option space ztp;
    option ztp.image-file-name code 0 = text;
    option ztp.config-file-name code 1 = text;
    option ztp.image-file-type code 2 = text;
    option ztp.transfer-mode code 3 = text;
    option ztp.alt-image-file-name code 4= text;
    option ztp.http-port code 5= text;
    option ztp-encapsulation code 43 = encapsulate ztp;
    option OPTION-150 code 150 = {ip-address};
    option ztp.image-file-type "symlink";
    
     
    class "ex2200c" {
            match if substring (option vendor-class-identifier, 0, 23) = "Juniper-ex2200-c-12t-2g";
    }
     
    class "ex2300c" {
            match if substring (option vendor-class-identifier, 0, 20) = "Juniper-ex2300-c-12p";
    }
     
    #class "ex2300" {
    #       match if substring (option vendor-class-identifier, 0, 18) = "Juniper-ex2300-48p";
    #}
     
    class "ex4600" {
            match if substring (option vendor-class-identifier, 0, 18) = "Juniper-ex4600-40f";
    }
     
    # MGMT
    subnet 10.250.0.0 netmask 255.255.255.0 {
            option domain-name-servers x.x.x.x, y.y.y.y;
            option broadcast-address 10.250.0.255;
            option routers 10.250.0.1;
            option ntp-servers 10.250.0.70, 10.250.0.71;
            authoritative;
            pool {
                    allow members of "ex2300c";
                    range dynamic-bootp 10.250.0.121 10.250.0.122;
                    option ztp.transfer-mode "http";
                    option OPTION-150 10.250.0.29;
                    option ztp.config-file-name "ex2300-c.config";
                    option ztp.image-file-name "junos-arm-32-15.1X53-D58.3.tgz";
                    }
    
            pool {
                    allow members of "ex2200c";
                    range dynamic-bootp 10.250.0.123 10.250.0.124;
                    option ztp.transfer-mode "http";
                    option OPTION-150 10.250.0.29;
                    option ztp.config-file-name "ex2200-c.config";
                    option ztp.image-file-name "jinstall-ex-2200-12.3R12-S10-domestic-signed.tgz";
                    }
    
           pool {
                   allow members of "ex4600";
                   range dynamic-bootp 10.250.0.125 10.250.0.126;
                   option ztp.transfer-mode "http";
                   option OPTION-150 10.250.0.29;
                   option ztp.config-file-name "ex4600.config";
                   option ztp.image-file-name "jinstall-ex-4600-14.1X53-D46.7-domestic-signed.tgz";
                   }
    
            pool {
    #                deny members of "ex2300";
                    deny members of "ex2200c";
                    deny members of "ex4600";
                    deny members of "ex2300c";
                    range 10.250.0.127 10.250.0.149;
                    }
    }