Date created: Thursday, June 30, 2022 10:42:19 AM. Last modified: Thursday, June 30, 2022 10:42:25 AM
IOS-XR ZTP - DHCPd
This is an example dhcpd config which shows how to return two URLs, one for insecure ZTP and one for secure ZTP:
option domain-name "lab";
default-lease-time 600;
max-lease-time 7200;
ddns-update-style none;
##log(info,concat("*** dhcp-parameter-request-list:",binary-to-ascii(10,8,",",option dhcp-parameter-request-list),"***"));
option space cisco-vendor-id-vendor-class code width 1 length width 1;
option vendor-class.cisco-vendor-id-vendor-class code 9 = {string};
option OPTION_V4_SZTP_REDIRECT code 143 = text;
class "ncs540-secure" {
match if binary-to-ascii(10,8,",",option dhcp-parameter-request-list) ~= ",143" and
( ( substring(option vendor-class.cisco-vendor-id-vendor-class,19,99)="N540-ACC-SYS") or
( substring(option vendor-class.cisco-vendor-id-vendor-class,19,99)="N540X-ACC-SYS") );
log(info,concat(option dhcp-client-identifier, " requests secure ZTP"));
}
class "ncs540" {
match if not (binary-to-ascii(10,8,",",option dhcp-parameter-request-list) ~= ",143") and
( ( substring(option vendor-class.cisco-vendor-id-vendor-class,19,99)="N540-ACC-SYS") or
( substring(option vendor-class.cisco-vendor-id-vendor-class,19,99)="N540X-ACC-SYS") );
log(info,concat(option dhcp-client-identifier, " requests insecure ZTP"));
}
shared-network ZTP {
subnet 10.0.0.0 netmask 255.255.255.0 {
option domain-name "bllab.isp.sky.com";
pool {
allow members of "ncs540";
range 10.0.0.10 10.0.0.19;
if exists user-class {
option bootfile-name = concat( "http://labserver.net:8080/get_config?dhcp_remote_id=", option agent.remote-id);
}
option routers 100.0.0.1;
}
pool {
allow members of "ncs540-secure";
range 10.0.0.20 10.0.0.29;
option OPTION_V4_SZTP_REDIRECT "https://labserver.net:8443";
option routers 100.0.0.1;
}
}
}
Previous page: IOS-XR Enabling Optional Packages
Next page: RSP440-TR Disk Mirroring