Automation

 View Only
last person joined: 5 days ago 

Ask questions and share experiences about Apstra, Paragon, and all things network automation.

ZTP EX & SRX DHCP OFFER REJECTED

  • 1.  ZTP EX & SRX DHCP OFFER REJECTED

    Posted 12-14-2023 16:25
    Edited by JEREMIE ROUZET 12-14-2023 16:35

    Hi,

    Please find below the error messages i receive once i try to start ZTP process with a SRX300 and EX2300-C :

    From SRX300:

    Auto Image Upgrade: DHCP OFFER Client ge-0/0/0.0: Invalid config.
    No File Server Information. OFFER REJECTED.

    Auto Image Upgrade: DHCP client(s) with NO VALID CONFIG, phone-home ZTP started

    Auto Image Upgrade: Waiting for phone-home ZTP to complete

    Auto Image Upgrade: Phone-home ZTP failed, reset all enabled DHCP clients

    Auto Image Upgrade: DHCP INET6 Client State Reset :

    Auto Image Upgrade: DHCP INET6 Client State Reset :

    Auto Image Upgrade: DHCP OFFER Client ge-0/0/0.0: Invalid config.
    No File Server Information. OFFER REJECTED.

    Auto Image Upgrade: DHCP client(s) with NO VALID CONFIG, phone-home ZTP started

    From EX2300-C:

    Auto Image Upgrade: DHCP OFFER Client irb.0: Invalid config.
    No File Server Information. OFFER REJECTED.

    Auto Image Upgrade: DHCP client(s) with NO VALID CONFIG, phone-home ZTP started

    Auto Image Upgrade: Waiting for phone-home ZTP to complete

    Auto Image Upgrade: Phone-home ZTP failed, reset all enabled DHCP clients

    Auto Image Upgrade: DHCP Client State Reset: irb.0 vme.0

    Auto Image Upgrade: DHCP OFFER Client irb.0: Invalid config.
    No File Server Information. OFFER REJECTED.

    Auto Image Upgrade: DHCP client(s) with NO VALID CONFIG, phone-home ZTP started

    Auto Image Upgrade: Waiting for phone-home ZTP to complete

    Have you ever faced that issue ? Can you please advise ?

    Please find below the sample of my dhcpd.conf file :

    # dhcpd.conf
    #
    # Sample configuration file for ISC dhcpd
    #
    # Attention: If /etc/ltsp/dhcpd.conf exists, that will be used as
    # configuration file instead of this file.

    # option definitions common to all supported networks...
    option domain-name "int.jeyriku.net";
    option domain-name-servers jeysrv02.int.jeyriku.net, jeysrv04.int.jeyriku.net;

    default-lease-time 600;
    max-lease-time 7200;

    # The ddns-updates-style parameter controls whether or not the server will
    # attempt to do a DNS update when a lease is confirmed. We default to the
    # behavior of the version 2 packages ('none', since DHCP v2 didn't
    # have support for DDNS.)
    ddns-update-style none;

    # If this DHCP server is the official DHCP server for the local
    # network, the authoritative directive should be uncommented.
    authoritative;

    set vendor-string = option vendor-class-identifier;
    option option-150 code 150={ ip-address};
    option space ztp-jeylan-vl100;
    option ztp-jeylan-vl100.image-file-name code 0 = text;
    option ztp-jeylan-vl100.config-file-name code 1 = text;
    option ztp-jeylan-vl100.image-file-type code 2 = text;
    option ztp-jeylan-vl100.transfer-mode code 3 = text;
    option ztp-jeylan-vl100.alt-image-file-name code 4 = text;
    option ztp-jeylan-vl100.http-port code 5= text;
    option ztp-jeylan-vl100-encapsulation code 43 = encapsulate ztp-jeylan-vl100;

    #
    # Classes
    #
    #Class to Match Option 60

    #class "Juniper-Class-Router" {
    #        match option vendor-class-identifier;
    #}

    class "Juniper-Class-Router" {
            match if substring(option vendor-class-identifier, 0, 14) = "Juniper-srx300";
    }
    class "Juniper-Class-Switch" {
            match if substring(option vendor-class-identifier, 0, 14) = "Juniper-ex2300";
    }
    class "Cisco-Class" {
            match option vendor-class-identifier;
    }
    class "Juniper-Class-Other" {
            match option vendor-class-identifier;
    }

    #
    # Subnet declarations
    #
    #VLAN 100 Subnet Declaration

    subnet 192.168.100.0 netmask 255.255.255.0 {
     option subnet-mask 255.255.255.0;
     option routers 192.168.100.254;
     option broadcast-address 192.168.100.255;

      subclass "Juniper-Class-Router" "Juniper-srx300" {
       option option-150 192.168.0.249;
       option tftp-server-name "192.168.0.249";
       option ztp-jeylan-vl100.alt-image-file-name "/netos/tftp/juniper/router/srx300/junos-srxsme-21.3R3-S4.2.tgz";
       option ztp-jeylan-vl100.image-file-name "/netos/tftp/juniper/router/srx300/junos-srxsme-21.3R3-S4.2.tgz";
       option ztp-jeylan-vl100.config-file-name "/netconf/juniper/router/srx300/srx_add_config_v2-1.config";
       option ztp-jeylan-vl100.transfer-mode "http";
       option ztp-jeylan-vl100.http-port "80";
       option ztp-jeylan-vl100.image-file-type "symlink";
      }
      subclass "Juniper-Class-Switch" "Juniper-ex2300" {
       option option-150 192.168.0.249;
       option tftp-server-name "192.168.0.249";
       option ztp-jeylan-vl100.alt-image-file-name "/netos/tftp/juniper/switch/ex2300c/junos-arm-32-21.3R3-S5.5.tgz";
       option ztp-jeylan-vl100.image-file-name "/netos/tftp/juniper/switch/ex2300c/junos-arm-32-21.3R3-S5.5.tgz";
       option ztp-jeylan-vl100.config-file-name "/netconf/juniper/switch/ex/ex_add_config_v2-1.config";
       option ztp-jeylan-vl100.transfer-mode "http";
       option ztp-jeylan-vl100.http-port "80";
       option ztp-jeylan-vl100.image-file-type "symlink";
      }
      subclass "Cisco-Class" "ciscopnp" {
       option bootfile-name "netconf/cisco/router/iosxe_register_netbox2.py";
       option tftp-server-name "192.168.0.249";
      }
      subclass "Juniper-Class-Other" "" {
       option option-150 192.168.0.249;
       option tftp-server-name "192.168.0.249";
       option ztp-jeylan-vl100.alt-image-file-name "/netos/tftp/juniper/router/srx300/junos-srxsme-20.3R1.8.tgz";
       option ztp-jeylan-vl100.image-file-name "/netos/tftp/juniper/router/srx300/junos-srxsme-20.3R1.8.tgz";
       option ztp-jeylan-vl100.config-file-name "/netconf/juniper/router/srx300/srx_add_config_v2-1.conf";
       option ztp-jeylan-vl100.transfer-mode "http";
       option ztp-jeylan-vl100.http-port "80";
       option ztp-jeylan-vl100.image-file-type "symlink";
      }

      pool {
       allow members of "Juniper-Class-Router";
       deny members of "Juniper-Class-Switch";
       deny members of "Cisco-Class";
       range 192.168.100.10 192.168.100.19;
      }
      pool {
       allow members of "Juniper-Class-Switch";
       deny members of "Juniper-Class-Router";
       deny members of "Cisco-Class";
       range 192.168.100.20 192.168.100.29;
      }
      pool {
       allow members of "Cisco-Class";
       deny members of "Juniper-Class-Switch";
       deny members of "Juniper-Class-Router";
       range 192.168.100.30 192.168.100.39;
      }
      pool {
       allow members of "Juniper-Class-Other";
       range 192.168.100.40 192.168.100.49;
      }
    }

    Thanks in advance for your kind help,

    Regards,



    ------------------------------
    Jerems
    ------------------------------