Configuration Guide Using Auto-Config in AOS - ADTRAN Support ...

61200560L1-29.2BJanuary 2013Configuration GuideUsing Auto-Config in AOSThis configuration guide provides an overview of the automaticself-configuration feature (referred to as Auto-Config) in the ADTRANOperating System (AOS). This guide outlines the configuration optionsavailable to configure and use Auto-Config in multiple networksituations. Troubleshooting information and additional documentationresources are provided at the end of this guide. Appendix A explains howto create a configuration file for use with the Auto-Config feature.This guide consists of the following sections:• Auto-Config Overview on page 2• Hardware and Software Requirements and Limitations on page 4• Logging Into the AOS CLI on page 4• Configuring Auto-Config on page 5• Zero-Touch Provisioning on page 9• Configuration Examples on page 12• Auto-Config Command Summary on page 21• Troubleshooting on page 22• Additional Resources on page 26• Appendix A: Creating Configuration Files in AOS on page 27

Auto-Config Auto-Config OverviewAuto-Config OverviewThe Auto-Config feature provides an automated method for configuring a new AOS unit. It enables anewly deployed AOS unit to download and apply configuration parameters automatically from asecondary configuration file. However, Auto-Config does require some preparation and planning toperform these configuration actions correctly. This guide provides the necessary information for properAuto-Config setup and operation.In this document, three different network scenarios are used as examples to describe the flexibilityAuto-Config provides to configure an AOS product. The first method is standard operation and is best usedin an enterprise network, using Trivial File Transfer Protocol (TFTP) to download a specific configurationfile. The second method is enhanced Auto-Config and is best used in a service provider environment whereHypertext Transfer Protocol (HTTP) or Hypertext Transfer Protocol Secure (HTTPS) is used to downloada specific configuration file. Using these enhanced settings also allows redirecting to a second server forfurther configuration settings. The third method is Zero-Touch Provisioning and requires removing thestartup configuration prior to booting up the unit. Once the unit is booted without a startup configuration, itautomatically downloads the necessary configuration settings from a host unit through TFTP.Auto-Config AttributesThere are several attributes that determine the way Auto-Config functions when it is initiated. Many ofthese attributes are optional and may not pertain to your specific needs. This section provides anintroduction and brief explanation of each attribute. For more details, refer to Configuring Auto-Config onpage 5.File Transfer MethodsThe file transfer method specifies which of three methods to use when transferring configuration files forthe purpose of automatically configuring the unit. The methods supported are TFTP, HTTP, and HTTPS.The default method is TFTP. Specifying HTTP or HTTPS may require additional authenticationparameters and is explained below.Authentication MethodsIf your file system requires authentication when using HTTP or HTTPS to transfer the configuration files,an authentication user name and password will need to be provided. If required, this information must betransmitted from the local unit to the HTTP(S) server to allow the configuration file to download. Tosupport a variety of needs, AOS allows the user name to be entered using system variables. These systemvariables represent system parameters such as: system name, serial number, description, software version,and medium access control (MAC) address. Authentication is explained in detail in Specifying anAuthentication User Name and Password on page 6.Another method of authentication that can be used is a specific MAC Address. This method requiresentering the MAC address or an interface, and enabling the MAC address authentication mode. The MACaddress will be included in the HTTP user agent header. This option is explained in Using the MACAddress for Authentication on page 6.Configuration Server SpecificationsThe configuration server is a network server or another AOS device that provides the configuration filesnecessary to complete Auto-Config. Locating the server is accomplished by entering the static IPv461200560L1-29.2B © 2013 ADTRAN, Inc. 2

Auto-Config Auto-Config Overviewaddress (or host name) of the server, or learning the address through Dynamic Host Configuration Protocol(DHCP). DHCP Options 66 or 160 can also be used to specify the server address. When using eitherOption 66 or 160, the DHCP server must have the appropriate option defined in order to successfullylocate the configuration server. These settings are explained in Step 2: Specify the configuration serverlocation (optional) on page 5.File Name OptionsThe file name refers to the configuration file that is downloaded to the local unit and applied to the runningconfiguration. This file must exist on the host unit in order for it to be successfully downloaded. The filecan be specified as a file name or a system variable. To support a variety of needs, AOS allows the filename to be entered using system variables. These system variables represent system parameters such as;system name, serial number, description, software version, and MAC address. DHCP Option 67 can alsobe used to specify the file name. These options are explained in detail in Step 5: Configure the file name onpage 7.Configuration Settings ApplicationWhen a new unit retrieves configuration settings from a host unit through TFTP, HTTP, or HTTPS, thenew configuration settings can either be appended to the existing running configuration (and savedmanually), or completely overwrite the existing startup configuration. This behavior is specified using theauto-config apply-config command as explained in Step 7: Specify whether to append or replace theconfiguration file on page 8.Triggering MethodsThere are a number of different triggers to invoke Auto-Config in AOS if Auto-Config is currently off (ordisabled).1. The auto-config command can be manually entered from the Global Configuration Mode on the unitconsole.2. The auto-config restart command can be manually entered from the Enable Command Mode on theunit console.3. The auto-config command can be included in the unit’s startup configuration file. Upon bootup whenthe startup configuration file is processed, Auto-Config will initiate. This method is often used when astartup configuration file is downloaded from a host unit and applied to the existing runningconfiguration.4. Auto-Config can be initiated when the unit receives a SIP NOTIFY with check-sync event. This methodis only available on certain AOS units. The unit must be configured with a SIP user to accept check-syncevents (using the auto-config sip-notify user command). When received, the check-sync eventrestarts Auto-Config.5. Auto-Config can be initiated using Zero-Touch Provisioning, so called because no one directly drivesthe process. This method is only available on certain AOS units. Auto-Config will initiate when a unitboots up with no startup configuration file present on the local file system. Not all units triggerAuto-Config when booted without a startup configuration file. This method is explained in Zero-TouchProvisioning on page 9.61200560L1-29.2B © 2013 ADTRAN, Inc. 3

Auto-Config Configuring Auto-Config• Configuring Auto-Config on page 5• Zero-Touch Provisioning on page 9Configuring Auto-ConfigIt is recommended to review all the following steps and the examples provided in Configuration Exampleson page 12 before attempting to configure and use Auto-Config. This will provide the greatestunderstanding of the options available and how they apply to your specific needs.Step 1: Specify the file transfer methodThis step indicates the file transfer method to use when transferring the configuration file from a server tothe AOS device. The default file transfer method is TFTP. Unless your file server requires HTTPS orHTTP as the file transfer protocol, you do not need to change the default method. To change the method toHTTPS or HTTP, enter the auto-config method https or auto-config method http command from theGlobal Configuration mode prompt. If no port is specified, the default port number is used when eithercommand is entered, HTTP port 80 and HTTPS port 443. Enter the command as follows:(config)#auto-config method tftporor(config)#auto-config method https(config)#auto-config method httpTo use a port number other than the default HTTP or HTTPS port, enter the commands as follows:(config)#auto-config method https port or(config)#auto-config method http port The valid range for is 1 through 65535.Step 2: Specify the configuration server location (optional)The configuration server is located through DHCP using either Option 66 or Option 160, or by specifyingthe host name or IPv4 address. By default, if this step is not configured, Auto-Config attempts to locate theserver using DHCP Option 66. When using either instance of Option 66 or 160, the DHCP server musthave the appropriate option defined in order to successfully locate the configuration server. Enter thecommand from the Global Configuration mode prompt as follows:(config)#auto-config server dhcpor(config)#auto-config server dhcp option 66or61200560L1-29.2B © 2013 ADTRAN, Inc. 5

Auto-Config Configuring Auto-Config(config)#auto-config server dhcp option 160or(config)#auto-config server [ | ]Step 3: Configure the authentication for HTTP/HTTPS only (optional)HTTP or HTTPS file transfer methods allow authentication to occur before the transfer is allowed. Addingan authentication user name and password for the file transfer increases the system security. Anotheroption is to use the MAC address of the new unit to confirm the identity of the unit requesting the files.Each of these authentication methods are optional and depend on your specific needs.Specifying an Authentication User Name and PasswordA specific user name and password can be specified using the following command:(config)#auto-config authname password The default user name is adtran and the default password is adtran.For more flexibility, the user name can also be specified using the following system variables to indicatesystem parameters:$SYSTEM_NAME - the host name of the system$SYSTEM_SERIAL_NUMBER - the serial number of the system$SYSTEM_DESCRIPTION - the product name and software version$SYSTEM_SOFTWARE_VERSION - the running software version$AUTH_MAC_ADDRESS - MAC address for MAC authenticationIn the following example, $SYSTEM_NAME is used to define the user name, and a password is provided:(config)#auto-config authname $SYSTEM_NAME password fRiax&crOus9I#pUsing the MAC Address for AuthenticationAuthentication can also be provided using a MAC address. To use this method, enable the MAC addressmode to include the MAC address in the HTTP User Agent header, and specify the MAC address or aninterface from which to use the assigned MAC address. Enter the commands as follows:(config)#auto-config mac-auth mode http-user-agent(config)#auto-config mac-auth address or(config)#auto-config mac-auth mode http-user-agent(config)#auto-config mac-auth interface To disable MAC address authentication, enter the following command:(config)#auto-config mac-auth mode none61200560L1-29.2B © 2013 ADTRAN, Inc. 6

Auto-Config Configuring Auto-ConfigStep 4: Configure the HTTP authentication modeThere are two HTTP authentication modes that can be enabled or disabled individually. By default, bothmodes are enabled. The basic mode uses clear text authentication, and digest uses encrypted textauthentication. To enable the authentication mode, enter the commands as follows:(config)#auto-config http-auth basic(config)#auto-config http-auth digestAt least one mode must be enabled at all times. An error will occur if both authenticationmodes are disabled.To disable either of the authentication modes, enter the no form of the command as follows:(config)#no auto-config http-auth basic(config)#no auto-config http-auth digestStep 5: Configure the file nameOnce triggered, Auto-Config searches for a file on the file server to provide instructions on how to boot up.When found, the file is downloaded from the file server using the method defined in Step 1: Specify the filetransfer method on page 5. The file name can be retrieved using the default method from DHCP Option 67or the file name can be specified using the auto-config filename command (including the filepath is optional). Additionally, the file name can be defined with an exact file name or using the followingsystem parameters representing system values:$SYSTEM_NAME - the host name of the system$SYSTEM_SERIAL_NUMBER - the serial number of the system$SYSTEM_DESCRIPTION - the product name and software version$SYSTEM_SOFTWARE_VERSION - the running software version$AUTH_MAC_ADDRESS - MAC address for MAC authenticationTo configure the unit to retrieve the file name according to the DHCP Option 67 (which is the defaultsetting), enter the command as follows:(config)#auto-config filename dhcpWhen using DHCP Option 67, the DHCP server must have Option 67 defined in ordersuccessfully locate the file name.To define the file name using one of the system parameters, enter the command as follows:(config)#auto-config filename $SYSTEM_NAME.cfgTo define a file name using a system parameter and include the file path, enter the command as follows:(config)#auto-config filename config/adtran/$SYSTEM_NAME.cfg61200560L1-29.2B © 2013 ADTRAN, Inc. 7

Auto-Config Configuring Auto-ConfigTo define a specific file name, enter the auto-config filename command as follows:(config)#auto-config filename AUTO_CONFIG.cfgTo define a specific file name and include the file path, enter the command as follows:(config)#auto-config filename config/adtran/AUTO_CONFIG.cfgStep 6: Specify retry attempts (optional)Use the auto-config retry-count command to specify the maximum number of retries allowed todownload a configuration file. By default, the number of retries is set to 0 allowing the feature tocontinuously retry until the Auto-Config is disabled. To set the number of retries to 100, enter thecommand as follows:(config)#auto-config retry-count 100Valid range is 0 to 1000.Step 7: Specify whether to append or replace the configuration fileOnce the configuration file is obtained by Auto-Config, the new configuration settings can be appended tothe existing running configuration using the auto-config apply-config append command, or replace theexisting startup configuration file using the auto-config apply-config replace command. Replacing thestartup configuration will automatically reboot the unit so that the new startup configuration will be used.The default setting is to append the running configuration file. Enter the command as follows:(config)#auto-config apply-config appendor(config)#auto-config apply-config replaceUsing the append keyword only appends the parameters to the currently runningconfiguration. It does not affect the startup configuration file. The appended parameterswill not be retained if the unit is rebooted. To store the running configuration as the startupconfiguration after Auto-Config is done, make certain the last line of the configuration isthe do write command.Step 8: Trigger Auto-ConfigOnce all of the Auto-Config settings are configured, a method to trigger the Auto-Config process must beinitiated. This trigger can be performed by one of several methods as explained previously in TriggeringMethods on page 3. These methods are explained below:To restart the Auto-Config process, issue the auto-config restart command from the Enable Mode prompt.Enter the commands as follows:(config)#exit#auto-config restart61200560L1-29.2B © 2013 ADTRAN, Inc. 8

Auto-Config Zero-Touch ProvisioningAuto-Config can be triggered by halting Auto-Config and then restarting it from the Global Configurationmode. To stop (halt) Auto-Config processes once they have begun, enter the Global Configuration modeand enter the no auto-config command, followed by restarting the Auto-Config processes using theauto-config command. Enter the commands as follows:#configure terminal(config)#no auto-config(config)#auto-configAuto-Config can also be triggered by a SIP NOTIFY message. The SIP NOTIFY (check-sync event) canbe configured to trigger the restart of Auto-Config using the auto-config sip-notify user command. This command specifies a SIP user to receive the SIP NOTIFY (check-sync event) whichtriggers the Auto-Config process. Enter the command as follows:(config)#auto-config sip-notify user Only certain AOS devices support SIP NOTIFY check-sync events. In order for the SIPNOTIFY message to be received, the AOS platform must support ip sip (this excludesswitches and routers without SIP proxy), and have it enabled in the configuration. Thefirewall must be provisioned to allow the unit to receive SIP messages from the server.Zero-Touch ProvisioningAnother method for using Auto-Config is to allow the AOS device to self-configure upon bootup,receiving the necessary configuration settings from a DHCP client on the host. This method is referred toas Zero-Touch Provisioning because the user does not supply any of the unit’s configuration settings.Zero-Touch Provisioning can be used to replace a unit that has already been in service, with a new device.Zero-Touch Provisioning is not available on all AOS products. Refer to the AOS FeatureMatrix, available online at ADTRAN’s Support Forum, https://supportforums.adtran.comfor a complete list of the platforms capable of using this method.This method does not require changing any of the default settings for Auto-Config. Instead, the AOS unitis rebooted after removing the startup configuration file. The unit goes through the Auto-Config processand finds the network device from which to download its configuration file. The steps to initiateZero-Touch Provisioning and the process which occurs, is outlined below.1. Remove the startup configuration.To remove the startup configuration, enter the erase startup-configuration command from the EnableMode prompt:(config)#erase startup-configurationErasing a startup configuration file will permanently destroy all the data in that file!61200560L1-29.2B © 2013 ADTRAN, Inc. 9

Auto-Config Zero-Touch Provisioning2. Reboot the unit.To reboot the unit once the startup configuration is removed, enter the reload command from theEnable Mode prompt:(config)#reloadThe following example shows the output of a NetVanta 1534 booting up without a startup configurationfile.ADTRAN, Inc., NetVanta 1534 (1702590G1)AOS Version: R10.04.00, Checksum 5F091215, Wed Jul 27 13:26:46 2012Cause of reset: External Hard Resetvfs: NONVOL: 240 tracks, 64 sectors/track, 1024 bytes/sector.SNMP Agent: Starting: Success!FTP server: Starting service on first mounted drive.cli: starting user interfaceGigabit switch chip initializingNo startup-config found.Starting Auto-Config, press enter to begin or...You have 60 seconds to press escape to halt Auto-Config.Once the unit discovers that it does not have a startup configuration file (highlighted in line 9), AOStriggers Auto-Config, but allows the user 60 seconds respond to the prompt. There are two valid keyresponses. Each have different outcomes as explained below.• Escape key - Cancels Auto-Config and AOS boots without any startup configuration file having beenloaded.• Enter key - Aborts the remaining portion of the 60-second waiting period and the unit immediatelyproceeds to booting with Auto-Config active.If neither key is pressed at the prompt, the timer expires within 60 seconds and the unit continues with theAuto Config process.Once Auto-Config is triggered, the following message displays:2005.10.12 12:59:52 AUTOCONFIG Started. To halt enter config-mode and type "no auto-config".Events That Occur Once Auto-Config is Triggered for Zero Touch ProvisioningOnce Auto-Config is triggered, a series of events occurs. The following information is provided to assistwith understanding the process and what occurs on the unit.Auto-Config alters a unit’s configuration ONLY if the unit is booted without a startupconfiguration file. If Auto-Config is triggered by other means, it assumes the unit’s runningconfiguration allows network connectivity to download the file and does not change thesettings.61200560L1-29.2B © 2013 ADTRAN, Inc. 10

Auto-Config Zero-Touch ProvisioningWhen Auto-Config terminates, it does not automatically undo any of the settings. If it isdesired that the unit’s final running configuration not retain any of the settings added inthis step, the user must either disable them manually or add commands that disable themto the file downloaded and applied by Auto-Config.1. Auto-Config enables basic IP connectivity to ensure the steps that follow will complete successfully.For example, on a switch this means that Auto-Config enables VLAN 1 with all switchports inVLAN 1, and enables the DHCP client for the interface. The equivalent AOS commands issued wouldbe as follows:int vlan 1ip address dhcpno shutdown2. Auto-Config enables all non-switch Ethernet ports and activates a DHCP client on these ports. Forexample, on a NetVanta 3305 (a router with two Ethernet ports), the equivalent AOS commands issuedwould be as follows:interface ethernet 0/1ip address dhcpno shutdownexitinterface ethernet 0/2ip address dhcpno shutdown3. One of the DHCP clients should obtain a lease from a DHCP server on the network. The lease shouldinclude a file name (DHCP option 67) and a TFTP server address (DHCP Option 66) as well as thelessee’s IPv4 address. Auto-Config uses this information to download the configuration file.There can be multiple DHCP clients operating on a single Auto-Config host. AOS keeps DHCP clientsordered internally, and Auto-Config uses data from the first DHCP client that provides both options 66and 67.4. Auto-Config uses TFTP to attempt to download the configuration file. If all the necessary data ispresent, the file is downloaded from the host. The current status displays Downloading as shown in thefollowing show auto-config command output:#show auto-configAuto-Config is enabled, current status: Downloading.File transfer method is TFTPConfig Server is 10.10.10.1Config filename is TESTFILEMaximum retry count is 0 (repeat indefinitely), total retries is 0Last failure: HTTP: Could not send initial message to HTTP serverThe show auto-config command (entered from the Enable Mode prompt) displays thecurrent state of the Auto-Config feature. For a complete explanation of the outputdisplayed, see Troubleshooting on page 22.61200560L1-29.2B © 2013 ADTRAN, Inc. 11

Auto-Config Configuration ExamplesIf TFTP fails to download the file, Auto-Config waits for 60 seconds and re-attempts the download.The current status displays Download Pending as shown in the following show auto-configcommand output:#show auto-configAuto-Config is enabled, current status: Download Pending.File transfer method is TFTPConfig Server is not setConfig filename is not setMaximum retry count is 0 (repeat indefinitely), total retries is 0Last failure: Config filename is not knownThe maximum number of retries is set to 0 by default, which means downloads will repeat indefinitelyuntil a successful download occurs. If Auto-Config is unable to download the configuration file withinthe maximum number of retries, a failure is declared and Auto-Config is halted. The current statusdisplays as Download failed as shown in the following show auto-config command output:#show auto-configAuto-Config is enabled, current status: Download failed.File transfer method is TFTPConfig Server is myServerConfig filename is myFile.cfgMaximum retry count is 0 (repeat indefinitely), total retries is 0Last failure: DNS could not resolve host nameThe download process may not resolve on the first attempt and could require subsequentattempts to resolve successfully.5. If the configuration file is successfully received, Auto-Config proceeds to apply the configuration fileto the unit’s running configuration. Applying the configuration file affects the running configurationonly, not the startup configuration file. To store the running configuration as the startup configurationafter Auto-Config is complete, make certain the last command of the downloaded file is do write.Configuration ExamplesThe example scenarios contained in this section are designed to enhance understanding of Auto-Configconfigurations on AOS products. The examples describe some of the common real-world configurations.All configurations provided in this section use the CLI.The configuration parameters entered in these examples are sample configurations only.These applications should be configured in a manner consistent with the needs of yourparticular network. CLI prompts have been removed from the configuration examples toprovide a method of copying and pasting configurations directly from this configurationguide into the CLI. These configurations should not be copied without first making thenecessary adjustments to ensure they will function properly in your network.61200560L1-29.2B © 2013 ADTRAN, Inc. 12

Auto-Config Configuration ExamplesExample 1: Standard Auto-Config with TFTP MethodIn this example, a Total Access 916 automatically configures itself from a NetVanta 3305 following astandard Auto-Config approach using TFTP to transfer the configuration file and DHCP server to assign anIPv4 address. Only a few of the Auto-Config default settings are changed in this example, allowing betterunderstanding of how Auto-Config functions. The connectivity between these two units is shown in FigureFigure 1 on page 13, as well as the events that occur during the automatic configuration process.Total Access 916Auto-Config New UnitDHCP Clienteth 0/1192.168.62.1eth 0/1NetVanta 3305DHCP and TFTP ServerUnit boots up with Auto-Configsettings entered by user.Interface comes upDHCP client enabledResolve host name SERV1Auto-Config is triggeredApply default file name configurationto the running configuration.DHCP client requests IPv4 addressDHCP server response, contains:DHCP option 67 (file name)DHCP option 66 (TFTP server)Contacts SERV1Requests default file name via TFTPDownload default file name*Applying the configuration file affectsthe running configuration only and not thestartup configuration file. To store therunning configuration as the startupconfiguration after Auto-Config is done,make certain the last line of the downloadedfiles is do write.Figure 1. Example of Auto-Config Using a TFTP and DHCP ServerThe Total Access 916 is a new unit on the network and will use a startup configuration file(CONFIG-TA916.cfg) to prepare itself through automatic configuration. The NetVanta 3305 acts as theDHCP and TFTP servers.The following example shows the configuration of the Total Access 916:Total Access 916 ConfigurationThe following commands are entered into the Total Access 916:#config terminal!interface eth 0/1ip address dhcpmedia-gateway ip primaryno shutdownexit!auto-config!end61200560L1-29.2B © 2013 ADTRAN, Inc. 13

Auto-Config Configuration ExamplesNetVanta 3305 ConfigurationThe following output shows the pertinent information from the running configuration of the NetVanta3305:#show running-configBuilding configuration...!hostname "Router3305"!interface eth 0/1ip address 192.168.62.1 255.255.255.0no shutdown!ip route 0.0.0.0 0.0.0.0 10.20.20.2!ip dhcp-server pool "POOL1"network 192.168.62.0 255.255.255.0option 66 ascii 192.168.62.1option 67 ascii CONFIG-TA916.cfg!endSince the NetVanta 3305 is also acting as the TFTP server, its file system must contain the configurationfile (CONFIG-TA916.cfg) for the new unit to download. The configuration file will configure the unit.The Total Access 916 obtains the TFTP server address and TFTP file name via DHCP.The following are the contents of the file CONFIG-TA916.cfg:Router3305#show file CONFIG-TA916.cfgvoice feature-mode network!voice dial-plan 1 local NXX-XXXXvoice dial-plan 2 long-distance 1-NXX-NXX-XXXX!voice class-of-service GLOBALcall-privilege all!voice codec-list GLOBALdefaultcodec g729codec g711ulaw!voice trunk T01 type sipsip-server primary 10.0.0.1registrar primary 10.0.0.1!voice grouped-trunk MAINtrunk T01accept $ cost 061200560L1-29.2B © 2013 ADTRAN, Inc. 14

Auto-Config Configuration Examplesvoice user 1001connect fxs 0/1cos day "GLOBAL"sip-identity 1001 T01 register auth-name USER1 password PASSWORD1codec-group GLOBAL!voice user 1002connect fxs 0/2cos day "GLOBAL"sip-identity 1002 T01 register auth-name USER2 password PASSWORD2codec-group GLOBAL!ip sip!line telnet 0 4loginpassword adtran!auto-config!do write!Example 2: Enhanced Auto-Config for Broadsoft Device ManagementIn this example, a Total Access 916 is a new unit to be installed and the host unit is a NetVanta 3305configured as both the DHCP and HTTPS server. The Total Access 916 is manually configured with theEthernet interface (eth 0/1) set to DHCP, the auto-config apply-config is set to replace, the auto-configtransfer method is set to HTTPS with authentication credentials provided, and accepts SIP NOTIFY totrigger a restart of the Auto-Config. When the Total Access 916 requests a DHCP address, it receivesOption 66 and 67 from the host unit.The connectivity between these two units is shown in Figure 2 on page 16, as well as the events that occurduring the automatic configuration process.61200560L1-29.2B © 2013 ADTRAN, Inc. 15

Auto-Config Configuration ExamplesTotal Access 916Auto-Config New UnitDHCP Clienteth 0/1192.168.62.1eth 0/1NetVanta 3305DHCP and HTTPS ServerUnit boots up with Auto-Configsettings entered by user.Interface comes upDHCP client requests IPv4 addressDHCP server response, contains:DHCP Option 66 (HTTPS server)DHCP Option 67 (file nameResolve host name SERV1Auto-Config is triggeredContacts SERV1Requests default file name via HTTPSSends authentication challengeResponds with credentialsCompares configuration files(recognizes files are different)Unit reboots*Compares configuration files(recognizes files are same)no action takenAuto-Config is restartedAccepts credentialsDownload default file nameSend SIP NOTIFY with check-sync eventRequests default file name via HTTPSSends authentication challengeApply default file name configurationCompares configuration files(recognizes files are different)Unit reboots*Compares configuration files(recognizes files are same)no action takenResponds with credentialsAccepts credentialsDownload default file name*Each time the unit reboots, Auto-Configrestarts and the configuration file istransferred. If set to replace the startupconfiguration, the unit will compare the newlydownloaded file with its current startupconfiguration file for differences. If the files areidentical, no action is taken and Auto-Configis done. If the files are different, the unitoverwrites the current startup configuration filewith the new file and reboots the unit.Figure 2. Application Example for Broadsoft Device ManagementThe configuration of both units in this scenario are provided below, as well as the configuration file that isdownloaded from the host unit to the Total Access 916.Total Access 916 ConfigurationThe following commands are entered into the Total Access 916:#config terminal!interface eth 0/1ip address dhcpmedia-gateway ip primaryno shutdown61200560L1-29.2B © 2013 ADTRAN, Inc. 16

Auto-Config Configuration Examplesexit!auto-configauto-config apply replaceauto-config authname $SYSTEM_SERIAL_NUMBER password fRiax&crOus9I#pauto-config method https!!endNetVanta 3305 ConfigurationThe following output shows the pertinent information from the running configuration of the NetVanta3305:#show running-configBuilding configuration...!hostname "Router3305"!interface eth 0/1ip address 192.168.62.1 255.255.255.0no shutdown!ip route 0.0.0.0 0.0.0.0 10.20.20.2!ip dhcp-server pool "POOL1"network 192.168.62.0 255.255.255.0option 66 ascii 192.168.62.1option 67 ascii CONFIG-TA916.cfg!endContents of CONFIG-TA916.cfg Configuration FileThe following output shows the pertinent information from the configuration file:voice trunk T01 type sipsip-server CORPORATEvoice grouped-trunk TOBROADSOFTtrunk T01accept $voice user 2001connect fxs 0/1sip-identity 2001 T01 register auth-name JSMITH password fRiax&crOus9I#p61200560L1-29.2B © 2013 ADTRAN, Inc. 17

STAT1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 241 3 579 11 13 1517 19 21 232 4 6 810 12 14 1618 20 22 2425 26NetVanta 1534Auto-Config Configuration Examples!auto-configauto-config apply replaceauto-config authname $SYSTEM_SERIAL_NUMBER password fRiax&crOus9I#pauto-config http-auth basicauto-config http-auth digestauto-config method httpsauto-config sip-notify user 2001!Example 3: Zero-Touch Provisioning, No Startup-ConfigIn the following example, a NetVanta 3305 is configured as both the DHCP and TFTP server. TheNetVanta 1534 is the new unit and uses Auto-Config to automatically configure itself with the informationprovided from the host unit (NetVanta 3305). Initially, the NetVanta 1534 must have the startupconfiguration manually removed. The unit is then rebooted and allowed to automatically self-configure.The connectivity between the two units and the events that occurs during the automatic configuration areshown in Figure 3 on page 18.NetVanta 1534Auto-Config New UnitNetVanta 3305DHCP and TFTP ServerDHCP Clientgiga-swx 0/110.10.10.5eth 0/1Startup configuration removedUnit rebootsInterface comes upResolve host name SERV1Auto-Config is triggeredApply TESTFILE configurationDHCP client requests IPv4 addressDHCP server response, contains:DHCP option 67 (file name)DHCP option 66 (TFTP server)Auto-Config contacts SERV1Auto-Config requests TESTFILEvia TFTPDownload TESTFILEFigure 3. Application Example for Zero-Touch ProvisioningErasing a startup configuration file will permanently destroy all the data in that file!61200560L1-29.2B © 2013 ADTRAN, Inc. 18

Auto-Config Configuration ExamplesThe following initial commands are entered on the NetVanta 1534 to remove the startup configuration andreboot the unit:NetVanta 1534(config)#erase startup-configErase startup-configuration? [y or n]yStartup configuration erased.(config)#(config)#reloadThe following output shows the pertinent sections from the running configuration of the NetVanta 3305:NetVanta 3305#show running-configBuilding configuration...!hostname "Router"no enable password!ip subnet-zeroip classlessip domain-proxyip host SERV1 10.10.10.5ip routing!ip dhcp-server excluded-address 10.10.10.5!ip dhcp-server pool "POOL1"network 10.10.10.0 255.255.255.0dns-server 10.10.10.5netbios-node-type h-nodedefault-router 10.10.10.5tftp-server SERV1bootfile TESTFILE!interface eth 0/1ip address 10.10.10.5 255.255.255.0no shutdown!ip tftp server61200560L1-29.2B © 2013 ADTRAN, Inc. 19

Auto-Config Configuration ExamplesOn the NetVanta 3305, the DHCP pool POOL1 lists a bootfile option (67) called TESTFILE. For thisexample, TESTFILE must also reside on the NetVanta 3305 which is shown by the following output fromthe show flash command:#show flash4690344 NV3305A-11-01-00.biz1280 startup-config119 TESTFILE4842824 bytes used, 1737400 available, 6580224 totalIn our example, the TESTFILE consists of commands to create two VLANs, disable Auto-Config, andsave the configuration using the do write command at the end of the file. When TESTFILE is applied tothe NetVanta 1534, all of these commands will be executed. The contents of TESTFILE are shown in thefollowing example:#show file TESTFILEUsing 120 bytesvlan 100vlan 101exitno auto-configdo writeOnce the NetVanta 1534 boots up and discovers that it does not have a startup configuration file, AOStriggers Auto-Config but allows the user 60 seconds to respond to the prompt to cancel the process orcontinue. There are two valid key responses, press the Escape or Enter key. (This behavior is described infurther detail in Zero-Touch Provisioning on page 9.) The NetVanta 1534 obtains a DHCP lease with datapertinent to Auto-Config. It resolves the host name SERV1 into IP address 10.10.10.5. It then proceeds todownload TESTFILE from 10.10.10.5. Once the download is complete, Auto-Config applies theconfiguration to the unit.After the application of the TESTFILE contents on the NetVanta 1534, the running configuration showsthe new settings as follows:#show running-configBuilding configuration...!!no auto-configauto-config server SERV1auto-config filename TESTFILE!!vlan 100name "VLAN0100"vlan 101name "VLAN0101"!end61200560L1-29.2B © 2013 ADTRAN, Inc. 20

Auto-Config Auto-Config Command SummaryAuto-Config Command SummaryThe CLI commands used to configure Auto-Config are summarized in Table 1.Table 1. Auto-Config CommandsPrompt Command Description(config)# auto-config method tftp Specifies using the TFTP file transfer methodwhen transferring the configuration file. This isthe default file transfer method for Auto-Config.(config)#(config)#auto-config method [http | https][port ]auto-config server dhcpauto-config server dhcpoption [66 | 160]Specifies using the HTTP(S) file transfer methodwhen transferring the configuration file. It isoptional to specify a port number.Specifies using DHCP to automatically learn theconfiguration server settings. Optionally, if Option66 or 160 are specified, this indicates using oneof these methods to define the DHCP serverlocation.(config)# auto-config server [ |]Specifies the IPv4 address or host name of TFTPserver from which to retrieve Auto-Configparameters.(config)#(config)#(config)#(config)#(config)#auto-config authname password auto-config mac-auth mode[http-user-agent | none]auto-config mac-auth addressauto-config mac-auth interfaceauto-config http-auth basicauto-config http-auth digestSpecifies the authentication user name andpassword to access the host server. The username can also be defined using a systemvariable and is explained is Step 3: Configure theauthentication for HTTP/HTTPS only (optional)on page 6.Specifies the MAC authentication mode.Currently the only choices are http-user-agentor none. The parameter none indicates no MACauthentication mode is used.Enables using the MAC address mode forauthentication and specifies the MAC address.Specifies an interface from which to use the MACaddress for authentication.Enables the HTTP(S) authentication modesbasic and/or digest. By default, both areenabled.(config)# auto-config filename Specifies the configuration file name (includingthe file path is optional) to download. The filename can also be defined using systemparameters and is explained in Step 5: Configurethe file name on page 7. The default for thiscommand is auto-config filename dhcp.61200560L1-29.2B © 2013 ADTRAN, Inc. 21

Auto-Config TroubleshootingTable 1. Auto-Config Commands (Continued)Prompt Command Description(config)# auto-config filename dhcp Specifies using DHCP Option 67 to learn theconfiguration file name. The default setting isdhcp which requires DHCP Option 67 to bedefined on the DHCP server or auto-config willnot download a configuration file.(config)# auto-config retry-count Specifies the maximum number of retries allowedto automatically configure the unit. Range is 0 to1000. The default is set to 0, allowing the featureto continuously retry until Auto-Config isdisabled.(config)# auto-config apply-config [append |replace]Specifies whether to append the existing runningconfiguration or replace the startup configurationwith the new configuration settings. The defaultsetting is to append to the running configuration.# auto-config restart Restarts the Auto-Config process if it has beenpreviously halted. This command is executedfrom the Enable Mode prompt.(config)# [no] auto-config Enables the automatic self-configuration feature.Use the no form of this command to halt theautomatic configuration process once started.(config)# auto-config sip-notify user Specifies the SIP user to whom SIP NOTIFY(check-sync events) are sent. This is one of themethods that can be used to trigger theAuto-Config process.TroubleshootingThere are several show command and debug commands that can be entered from the Enable Mode promptto assist with troubleshooting the Auto-Config feature.Show CommandsThe following show commands can be used to display specific portions of the configuration.The show auto-config command displays the current state of the Auto-Config feature. It displays thecurrent method, current server, file name, last attempt status, number of retries attempted, and reason forthe last failure. This output changes depending on the status of the function while it is running.61200560L1-29.2B © 2013 ADTRAN, Inc. 22

Auto-Config TroubleshootingFor example, the command is entered while the Auto-Config function is actively downloading aconfiguration file:>enable#show auto-configAuto-Config is enabled, current status: Downloading.File transfer method is TFTPConfig Server is 10.10.10.1Config filename is ADTRAN_CONFIG.cfgMaximum retry count is 0 (repeat indefinitely), total retries is 0Last failure: HTTP: Could not send initial message to HTTP serverThe available states displayed by Auto-Config are described in Table 2.Table 2. Auto-Config Current StatusCurrent StatusApplying configuration.DownloadingDownload error.Download failed.Download pending.IdleSuccessDescriptionAuto-Config is in the process of applying new configuration settings from thedownloaded configuration file.Auto-Config is in the process of downloading the configuration file.An error was experienced during the previous download attempt. Auto-Configis waiting to retry the download attempt.An error was encountered during the previous download attempt and themaximum number of retries has been reached.A download is pending, waiting on a timer.When comparing the configuration file with the startup configuration, the fileswere the same. No further action will be taken.Auto-Config was successful in downloading the configuration file.The show flash command can be useful to confirm the configuration files that exist on the device prior tocreating any new configuration files:>enable#show flash5970 startup-config5710 startup-config.bak13439188 T9162A-R10-4-M-5-E.biz13795810 T9162A-R10-5-0-2-E.biz27611341 bytes used, 4157714 available, 31769055 totalIf a file name already exists on a unit and an attempt is made to save a new one with thesame name, it will overwrite the file with the new contents. This will destroy the oldcontents. Always confirm the file system prior to saving new configuration files.61200560L1-29.2B © 2013 ADTRAN, Inc. 23

Auto-Config TroubleshootingThe show running-config auto-config command shows the Auto-Config settings of the current runningconfiguration:>enable#show running-config auto-configBuilding configuration...!!auto-configauto-config filename ADTRAN_CONFIG.cfgauto-config http-auth basicno auto-config http-auth digestauto-config server 10.17.220.1!EndDebug CommandsThe debug auto-config command activates debug messages associated with Auto-Config events. Debugmessages are displayed in real time. Use the no form of this command to disable the debug messages.Turning on a large amount of debug information can adversely affect the performance ofyour unit.The debug auto-config command displays the Auto-Config processes as they occur and is an excellenttool for assisting with troubleshooting this feature. The following is sample output displays theAuto-Config features is started:>enable#debug auto-config1970.01.01 12:12:05 AUTOCONFIG.STATUS Beginning1970.01.01 12:12:05 AUTOCONFIG.TIMER Loading timer with 500 milliseconds#1970.01.01 12:12:05 AUTOCONFIG Started. To halt enter config-mode and type "no auto-config".1970.01.01 12:12:05 AUTOCONFIG.STATUS Pending1970.01.01 12:12:05 AUTOCONFIG.TIMER Loading timer with 40 seconds#The following sample output displays that the initial settings have been applied and the first configurationfile (TA916_BOOTSTRAP.cfg) is downloaded. Once the TA916_BOOTSTRAP.cfg file is applied,Auto-Config is restarted (due to the bootstrap configuration file configuration).>enable#debug auto-config1970.01.01 12:12:45 AUTOCONFIG.STATUS Download: TA916_BOOTSTRAP.CFG from 10.17.220.11970.01.01 12:12:45 AUTOCONFIG.TIMER Loading timer with 1 seconds1970.01.01 12:12:46 AUTOCONFIG.STATUS Applying Configuration1970.01.01 12:12:47 AUTOCONFIG.TIMER Loading timer with 500 milliseconds61200560L1-29.2B © 2013 ADTRAN, Inc. 24

Auto-Config Troubleshooting1970.01.01 12:12:47 AUTOCONFIG.STATUS Done1970.01.01 12:12:47 AUTOCONFIG.TIMER Loading timer with 500 milliseconds1970.01.01 12:12:47 AUTOCONFIG Done. File: TA916_BOOTSTRAP.CFG applied to running-config.1970.01.01 12:12:47 AUTOCONFIG.STATUS Beginning1970.01.01 12:12:47 AUTOCONFIG.TIMER Loading timer with 500 milliseconds1970.01.01 12:12:47 AUTOCONFIG Delayed Restart from event config entry1970.01.01 12:12:48 AUTOCONFIG Started. To halt enter config-mode and type "no auto-config".The following sample output displays the new Auto-Config settings (applied from theTA916_BOOTSTRAP.CFG file) are executed:>enable#debug auto-config1970.01.01 12:12:48 AUTOCONFIG.STATUS Pending1970.01.01 12:12:48 AUTOCONFIG.TIMER Loading timer with 20 seconds1970.01.01 12:13:08 AUTOCONFIG.STATUS Download: AUTO_CONFIG_FINAL.CFG from 10.17.220.11970.01.01 12:13:08 AUTOCONFIG.TIMER Loading timer with 1 seconds1970.01.01 12:13:09 AUTOCONFIG.STATUS Applying Configuration1970.01.01 12:13:09 AUTOCONFIG.STATUS Done1970.01.01 12:13:09 AUTOCONFIG.TIMER Loading timer with 500 milliseconds1970.01.01 12:13:10 AUTOCONFIG Done. File: AUTO_CONFIG_FINAL.CFG applied to running-config.The debug http client command activates debug messages associated with HTTP client operation in AOS.This debug command is useful only when using the HTTP(S) file transfer method. The output displays thecommands being sent to the server. In the following example, the server could not be reached:>enable#debug http client13:07:04 HTTP_CLIENT GET string:GET /ADTRAN_CONFIG.cfg HTTP/1.1Authorization: Basic YWR0cmFuOmFkdHJhbg==Connection: closeHost: 10.10.10.1User-Agent: TA916/Total Access 916 (2nd Gen)13:07:04 HTTP_CLIENT Resolved hostname 10.10.10.1 to 10.10.10.113:07:04 HTTP_CLIENT Connecting to service at 10.10.10.1:801970.01.01 13:07:24 HTTP_CLIENT Timeout connecting to service at 10.10.10.1The debug ip tftp client packets command activates debug messages associated with TFTP clientpackets. This debug command is useful only when using a TFTP server to retrieve configuration files. Theoutput displays the commands being sent to the server. In the following example, the file was successfullytransferred:>enable#debug ip tftp client packets1970.01.01 13:17:37 TFTP.CLIENT TX Read Request (retry 0) to ::FFFF:10.17.220.1 for file"ADTRAN_CONFIG.cfg"1970.01.01 13:17:37 TFTP.CLIENT RX block 1 from ::FFFF:10.17.220.1:6277561200560L1-29.2B © 2013 ADTRAN, Inc. 25

Auto-Config Additional Resources1970.01.01 13:17:37 TFTP.CLIENT TX ACK for block 1 (retry 0) to ::FFFF:10.17.220.1:627751970.01.01 13:17:37 TFTP.CLIENT Received "ADTRAN_CONFIG.cfg" from ::FFFF:10.17.220.1:62775successfully. Saved as local file "auto-config-download".1970.01.01 13:17:39 AUTOCONFIG Done. File: ADTRAN_CONFIG.cfg applied to running-config.Additional ResourcesThere are additional resources available to aid in configuring your ADTRAN unit. The documents listedbelow are available online at ADTRAN’s Support Forum at https://supportforums.adtran.com.• AOS Command Reference Guide• Upgrading Firmware in AOS61200560L1-29.2B © 2013 ADTRAN, Inc. 26

Auto-Config Appendix A: Creating Configuration Files in AOSAppendix A: Creating Configuration Files in AOSA configuration file is an ASCII text file that contains valid AOS commands. For the Auto-Config feature,these files are usually short and can be created using any text editor program. Alternatively, you can createa configuration file on an AOS device directly, especially if the device is a TFTP server used byAuto-Config hosts. This is the method used for this example.This example shows how to create a configuration file named TESTFILE on an AOS device.1. Verify that there is not a file named TESTFILE already on the unit’s file system using the show flashcommand.#show flash5970 startup-config5710 startup-config.bak13439188 T9162A-R10-4-M-5-E.biz13795810 T9162A-R10-5-0-2-E.biz27611341 bytes used, 4157714 available, 31769055 total2. Since a file with this name does not exist on the file system, it is safe to create one. Using the copyconsole command at the Enable Mode prompt, create the file and use AOS to compose thecontents. After each command is composed, press the Enter key. While in this mode, the Backspacekey deletes a character and moves the cursor back one space. However, editing is done line by line soAOS does not allow the user to edit to a previous line once Enter is pressed. When finished enteringthe contents of the configuration file, enter Ctrl-D.#copy console TESTFILEEnter text to be saved to "TESTFILE".Type CTRL+D to finish.! This is a comment. Comments are not processed!interface ethernet 0/2no shutdownexitip tftp serverenable password qwertybanner motd !This is the message of the day!do write61200560L1-29.2B © 2013 ADTRAN, Inc. 27

Auto-Config Appendix A: Creating Configuration Files in AOS3. Verify that the file was created on the file system using the show flash command.#show flash186 TESTFILE5970 startup-config5710 startup-config.bak13439188 T9162A-R10-4-M-5-E.biz13795810 T9162A-R10-5-0-2-E.biz27611527 bytes used, 4157528 available, 31769055 total4. To display the contents of the file, use the show file command.#show file TESTFILEUsing 187 bytes! This is a comment. Comments are not processed!interface ethernet 0/2no shutdownexitip tftp serverenable password qwertybanner motd !This is the message of the day!do write61200560L1-29.2B © 2013 ADTRAN, Inc. 28