Are You Studying for CCNA/CCNP Certification & Using A Physical Lab?
Automate On-Boarding Cisco Legacy IOS Devices
Before I begin this write-up on this python code. I would like provide you with brief background regarding the out-of-box on-boarding process for modern IOS devices.
With iOS-XE/XR and NX-OS, they have on-box python shell. This allows you to automate the on-boarding of new device. This is done via ZTP(zero touch provisioning) process:
- The device ios-xe/xr or nx-os boots up locates a DHCP server.
- It then boot- straps itself with its interface IP address, gateway, and Domain Name System (DNS) server IP address, and then the guest shell is enabled!
- The device then obtains the IP address or URL of an HTTP or TFTP server through DHCP
- Then downloads and executes a pre-written python script to configures the devices and Presto! The device is provisioned and integrated into the network fabric. Reference
I wish the same could be said about the legacy IOS. There is no way to setup ssh/host name/management interface etc etc without going through the legendary(or legacy? you decide) serial console port on the device.
To those of us on the eve of our networking journey studying for CCNA/CCNP, a physical lab environments provides us with crucial hands-on experience. From crimping RJ45 and understand the differences between straight through and crossover cables. All the way to being effectivly read and comprehend routing tables on IOS CLI.
Can you imagine having eBay delivered fully formatted 5-8 boxes(I’ve seen more) of IOS devices And on-boarding device by device via serial(at least gaining ssh access etc)?
The old way
To begin on-boarding a out-of-box IOS based device I would, enter CLI via console port using terminal emulator and set up the following:
1. Device hostname and domain
2. Management SVI with layer 3 addressing and default gateway(L2 switch)
3. Setup local username and password, enable password.
4. Set up RSA crypto to generate key pair and level of encryption.
5. Set up SSH on the virtual terminal line.
6. If the device is a layer 3 device such as router or multilayer switch I may even enable routing and advertise all interfaces using a routing protocol(e.g on OSPF Network 0.0.0.0 255.255.255.255 area x). Subsequently this will provide me access to the device via any interface from my lab environment.
You are finally able to get access via network and continue integrate the IOS device with rest of your lab environment.
After doing this once or twice to learn the CLI, what is gained by repeating this process for multiple times? typing skills?…wrong certification.
My way: Automation Via Serial Console Port
I had to think “out of the box”(pun intended) and come up with a creative way. I did this by automating my self out of the issue.
So 1st thing I did was automate the out of the box on-boarding process.
I did this by using serial built-in module on python. Serial bit stream is slow so had to put a lot of breaks in the code. So I wrote a script to solve my network problem.
1.The python code is executed via serial when you plug the iOS device via console port.
2.Then automatically run the python script off box which does the exact same procedure as the IOS-XE/XR process Except this time it’s via console port.
3.The python code parses from predefined YAML file to the device.
4.the YAML file contains management IP, ssh, username/pass, encrypt show-run pass, enables OSPF on 0.0.0.0 255.255.255.255(so I can reach the device from anywhere) for each out of the box iOS device.
Then I wire up a cat5/6, to the the rest of the network and now that I have ssh set up/management, Then I run the commissioning code to integrate device into the rest of topology.
So it’s a two process 1. Initial automated on-boarding via serial 2. Commissioning the device into the rest of network via ethernet physical port interfaces.
With automation it took approx 30 seconds to do the initial out of the box on boarding via serial console on each device.
Then further 2-5 minute to write a predefined YAML file to model the network, for the device in question and run the python script which parses the YAML to the device. The code locates the device on appropriate serial communication port. Then begins commissioning process into the network.
The code is highly re-usable as all you need to do is edit the values on the easy to read YAML file.
This is for all of those studying for CCNA/CCNP and using physical Legacy IOS devices in there labs.
Especially when you need to reset and reload the startup config/Nvram becaue of a mistake(been there, done that and got the medals).
It will save you time when you are on-boarding legacy IOS device. By automating all of the initial out-of-box on-boarding process through serial console port.
The code is available on my GitHub