Installing DMF Switches

This chapter describes installing DANZ Monitoring Fabric (DMF) switches and performing initial setup and configuration.

DMF supports secure HTTPS connectivity for Controller-hosted URLs using ZTP.

Before DMF version 8.4, the Controller used HTTP to access ZTP install scripts and software images. HTTP does not provide the security required in today’s network environments, so the need for HTTPS support arose in those customer environments where all port 80 traffic (HTTP) is blocked. Blocking HTTP access makes the DHCP-based installation of Switch Light and other required software impossible. This new feature allows access to ZTP install scripts and software images via secure HTTPS.

HTTPS Support for Controller Hosted URLs using ZTP

DANZ Monitoring Fabric (DMF) supports secure HTTPS connectivity for controller-hosted URLs using ZTP.

This feature does not require any special configuration.

Use the CLI show switch-image url command to display the URLs for the ZTP install script and images.

The output contains HTTP and HTTPS URLs for the script and each available image, as shown in the following example.

C1> show switch-image url
# FileUrlAlternative Url
-|-------------------------|------------------------------------------------------------|---------------|
1 arista-ztp-install-script http://<controller IP>/switchlight/arista-ztp-install-script
2 arista-ztp-install-script https://<controller IP>/switchlight/arista-ztp-install-script
3 install-amd64 http://<controller IP>/switchlight/install-amd64
4 install-amd64 https://<controller IP>/switchlight/install-amd64
5 update-amd64http://<controller IP>/switchlight/amd64
6 update-amd64https://<controller IP>/switchlight/amd64
7 update-aristaeoshttp://<controller IP>/eos/x86_64
8 update-aristaeoshttps://<controller IP>/eos/x86_64

Zero Touch Fabric Provisioning Modes

Complete the fabric switch installation using one of the following two modes:

Layer 2 Zero Touch Fabric (L2ZTF, Auto-discovery switch provisioning mode): In this mode, which is the default, Switch ONIE software automatically discovers the Controller via IPv6 local link addresses and downloads and installs the appropriate Switch Light OS image from the Controller. This installation method requires all the fabric switches and the DMF Controller to be in the same Layer 2 network (IP subnet). If the fabric switches need IPv4 addresses to communicate with SNMP or other external services, configure IPAM, which provides the Controller with a range of IPv4 addresses to allocate to the fabric switches.
Layer 3 Zero Touch Fabric (L3ZTF, Preconfigured switch provisioning mode): When fabric switches are in a different Layer 2 network from the Controller, log in to each switch individually to configure network information and download the ZTF installer. Subsequently, the switch automatically downloads Switch Light OS from the Controller. This mode requires communication between the Controller and the fabric switches to occur using IPv4 addresses, and no IPAM configuration is required.

Note: For both switch installation modes, you must enter the following commands for every switch:

controller-1(config)# switch <name>
controller-1(config-switch)# mac <mac-address>

The following table summarizes the requirements for installation using each mode:

Requirements	Layer 2 mode	Layer 3 mode
Any switch in a different subnet from the Controller?	No	Yes
IPAM configuration for SNMP and other IPv4 services?	Yes	No
IP address assignment	IPv4 or IPv6	IPv4-only
Refer to this section	Using L2 ZTF (Auto-Discovery) Provisioning Mode	Changing to Layer 3 (Pre-Configured) Switch Provisioning Mode

Install all the fabric switches in a single fabric using the same mode. If there are any fabric switches in a different IP subnet than the Controller, DANZ Monitoring Fabric (DMF) requires using Layer 3 mode to install all the switches, even those in the same Layer 2 network as the Controller. Installing switches in mixed mode, with some switches using ZTF in the same Layer 2 network as the Controller, while other switches in a different subnet are installed manually or using DHCP is unsupported.

Using L2 ZTF (Auto-Discovery) Provisioning Mode

Layer 2 Zero Touch Fabric (L2 ZTF) is used to provision and install DANZ Monitoring Fabric (DMF) switches that are in the same Layer 2 management network as the DMF Controllers. ZTF uses the Open Network Install Environment (ONIE) boot loader to automate switch installation and configuration. Supported fabric switches are shipped with an ONIE network-enabled boot image. Refer to the DANZ Monitoring Fabric 8.5 Hardware Compatibility List for a list of supported monitoring fabric switches. During switch boot up, each switch gets the Switch Light OS software from the DMF Controller.

Note: DMF supports deploying switches from different vendors in the same fabric. However, using cables from different vendors to connect switches is not supported. Optics are required to interconnect switches from different vendors. See the Hardware Compatibility List for details on supported optics for each switch platform.

Note: If a switch is in a different subnet than the Controller, refer to the Changing to Layer 3 (Pre-Configured) Switch Provisioning Mode section for details about how to install it.

Requirements

Consider the following and perform each item when using ZTF to install fabric switches:

The DANZ Monitoring Fabric 8.5 Hardware Compatibility List lists the supported fabric switches.
Connect the management Ethernet interface of each physical switch to the management network and power it up.
Connect the DANZ Monitoring Fabric (DMF) Controller appliance management interface to the same Layer 2 management network as the management Ethernet interface of every physical switch.
When upgrading switches from a previous deployment, ensure the Switch Light OS image is compatible with your Controller version.
Designate a range of IPv4 addresses to be assigned using IPAM when switches must communicate with SNMP, NTP, syslog, or other IPv4 services.

Note: DMF implements ZTF using the IPv6 link-local address, which is auto-generated.

Warning: If a switch has an installed operating system, follow the instructions provided in the Removing the existing OS from a Switch topic before connecting the switch to a DMF Controller.

Switch Installation Procedure

This section describes using ZTF to perform a fresh installation of one or more supported DANZ Monitoring Fabric (DMF) switches using the Switch Light OS included with the Controller software.

The figure below illustrates a two-tier DMF out-of-band deployment with two switches connected to SPAN or TAP ports in a production network and a third switch connected to monitoring and analysis tools.

Figure 1. DMF Two Tier Out-of-Band Deployment

As shown in the illustration, services can be provided by the DMF Service Node Appliance or a third-party Network Packet Broker (NPB).

To use ZTF to bring up a DMF switch in this deployment, complete the following steps:

Take note of the MAC address of the switch.
Note: The MAC address is usually printed on the top surface of the switch.
If it is not possible to view the switch label (it will not be visible for already racked switches), obtain the MAC address from the local console of each switch by entering one of the following commands.
- In uboot mode, enter printenv ethaddr.
- In ONIE mode, enter ifconfig to display the ONIE prompt, and type the following at the command prompt:
  ``=> run onie_bootcmd``
Register each switch on the Controller by entering the following commands.
Note: A given switch can be connected to only one Controller cluster.
```
controller-1(config)# switch Filter-1
controller-1(config-switch)# mac 70:72:cf:bc:c4:c4
controller-1(config-switch)# 

controller-1(config)# switch Filter-2
controller-1(config-switch)# mac 70:72:cf:ea:1b:bb
controller-1(config-switch)#

controller-1(config)# switch Delivery-1
controller-1(config-switch)# mac 70:72:cf:bd:54:24
controller-1(config-switch)#
```
Note: Verify that the switch provisioning mode is configured for auto-discovery.
Auto-discovery mode is the default mode. After entering the show running-config command,deployment-mode auto-discovery should appear.
Power on or restart the fabric switch.
Initiate the ONIE request on the switch.
1. On the GNU GRUB menu, select ONIE.
  To get to the ONIE mode, during the reboot countdown, press any key when you see the prompt: “Hit any key to stop autoboot: 0”. The following command launches the ONIE install mode:
```
=> run onie_bootcmd
GNU GRUB version 2.02~beta2+e4a1fe391
+-----------------------------------------------------------+
| Switch Light OS |
|*ONIE |
| |
| |
| |
+------------------------------------------------------------+
Use the ^ and v keys to select which entry is highlighted.
Press enter to boot the selected OS, ❵e' to edit the commands
before booting or ❵c' for a command-line.
```
2. Select ONIE: Install OS.
  This selection puts the switch into the installer mode, and the rest of the process runs automatically, beginning with the following message.
```
### START - switch console output for installer :
ONIE: OS Install Mode ...
...
```
  The switch discovers the Controller on the management plane as part of the installation process that occurs when it starts. The following figure illustrates the process after registering a connected fabric switch on the Controller.
  
  Figure 2. Switch Boot and ZTF Configuration
  
  When powering on a compatible switch, it boots using the U-boot service, which is pre-installed, and this starts the ONIE loader.
  
  The remainder of the steps in the installation and configuration process happen automatically after powering on the registered and physically connected switch. These automated steps are shown in the figure above and are summarized below.
Note: Steps 5 through 7 below are performed automatically during the ZTF process and typically require no user intervention. If a switch is in a different subnet than the Controller, refer to the Changing to Layer 3 (Pre-Configured) Switch Provisioning Mode section for details about how to install it.
The ONIE loader generates an IPv6 neighbor discovery message on the local network segment.
Because the MAC address is already registered in Step 2 of the procedure described above, the Controller responds to the ONIE request from that switch and instructs the switch to download the Switch Light OS loader and begin the installation.
After installing the Switch Light OS loader and rebooting, the loader broadcasts a ZTF request.
(Not illustrated) The ZTF server (the Active DMF Controller) sends the Switch Light OS image, manifest, and startup-config, or a URL to the location where the switch can download it.
The switch downloads its startup-config from the Controller, which includes the following configuration information.
- Hostname
- Switch MAC address
- Controller IP addresses
- NTP, logging, and SNMP configuration mirrored from the Controller configuration
When all the switches are powered up, enter the show switch command to verify the switch connectivity to the Controller. For example:
```
controller-1(config)# show switch
```

Arista Switch Installation Procedure for 7050X Series and 7260X Series

The initial installation of Switch Light OS on the Arista switch platforms must be performed manually in DANZ Monitoring Fabric (DMF). The initial boot process cannot be performed automatically in the same L2 domain like existing DMF-supported switches that are running ONIE.

The initial installation of Switch Light OS on the Arista platforms is accomplished by dropping it into the Aboot shell interface at boot time and telling it to boot the Switch Light switch image. This operation will install Switch Light on the system. This is a one-time extra step needed during the first installation of Switch Light OS in DMF. The boxes will subsequently boot as expected under Switch Light.

This procedure is also required for any Arista switches currently running EOS. Perform the following steps for the Arista switch to boot from the DMF Controller:

Attach a console cable to the Arista switch and then power on or reboot the switch.

Interrupt the boot process with Control-C to drop into the Aboot shell.

Warning - AGESA callout: platform_PcieSlotResetControl not supported
Warning - AGESA callout: platform_PcieSlotResetControl not supported
agesawrapper_amdinitearly() returned AGESA_SUCCESS
Watchdog enabled, will fire in 2 mins
CBFS: 'Master Header Locator' located CBFS at [200:ffffc0)
CBFS: Locating 'normal/romstage'
CBFS: Found @ offset 5b3d40 size 7b7c
Aboot 9.0.3-4core-14223577
Press Control-C now to enter Aboot shell
^CWelcome to Aboot.
Aboot#
Press Control-C now to enter Aboot shell
^CWelcome to Aboot.
Aboot#

Configure an IP address for the switch’s ma1 management interface. Either configure ma1 statically or use DHCP.

Note: To use DHCP, type udhcpc -i ma1.

Aboot# udhcpc -i ma1
udhcpc (v1.18.1) started
Sending discover...
Sending discover...
Sending select for 10.6.3.237...
Lease of 10.6.3.237 obtained, lease time 534

To configure ma1 statically, use the following command. Add the gateway IP address using route add or ip route add command.

Aboot# ifconfig ma1 172.24.210.61 netmask 255.255.252.0
Aboot# route add default gateway 172.24.208.1 ma1
OR
Aboot# ip route add default via 172.24.208.1

Identify the MAC address of the ma1 management interface of the switch. Use the ifconfig -a command. The HWaddr is the MAC address. A label on the rear of the switch contains the MAC address.

Note: On switches with Aboot version 6.1.x, the HWAddr for interface ma1 can display 00:10:18:00:00:00 if there is any delay in entering the Aboot shell. To avoid this, press Control-C exactly at the prompt and not later. If there is a delay in entering the Aboot shell, do not use the MAC address 00:10:18:00:00:00 in the next step. Instead, use the MAC address printed on the rear of the switch or the System MAC address from the show version output in EOS.

Aboot# ifconfig -a
lo Link encap:Local Loopback
LOOPBACK MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
ma1 Link encap:Ethernet HWaddr C0:D6:82:18:00:3C
inet addr:172.24.210.61 Bcast:172.24.211.255 Mask:255.255.252.0
inet6 addr: fe80::c2d6:82ff:fe18:3c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:198 errors:0 dropped:0 overruns:0 frame:0
TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:46514 (45.4 KiB) TX bytes:2258 (2.2 KiB)
Interrupt:37

On a separate terminal window, log into the DMF Controller to configure the name of the Arista switch and its MAC address. In the following example, the switch is assigned the name filter-1.
```
DMF(config)# switch filter-1
DMF(config-switch)# mac c0:d6:82:18:00:3c
```

On the DMF Controller, issue the command

show
                switch-image url

to obtain the Switch Light boot image URL. The required URL is Update-amd64. Please note this URL; the following steps need it.

DMF(config-switch)# show switch-image url
Install-amd64 : http://172.24.210.21/switchlight/install-amd64
Install-powerpc: http://172.24.210.21/switchlight/install-powerpc
Update-amd64 : http://172.24.210.21/switchlight/amd64
Update-powerpc : http://172.24.210.21/switchlight/powerpc

Return to the switch Aboot shell and boot with the URL of the Switch Light image. The command is boot url. The following is the complete console log of a successful Switch Light OS installation in L2 ZTN mode.

Aboot# boot http://172.24.210.21/switchlight/amd64
Downloading http://172.24.210.21/switchlight/amd64
Connecting to 172.24.210.21 (172.24.210.21:80)
swi 100% |********************************| 316M 0:00:00 ETA
Secure Boot disabled, skipping check
SPI flash hardware write protection disabled
4444.69: Running SwitchLight install...
...
Aboot 9.0.3-4core-14223577
Press Control-C now to enter Aboot shell
Booting flash:aboot-chainloader.swi
Secure Boot disabled, skipping check
SPI flash hardware write protection disabled
11.24: SKU: DCS-7050SX3-48YC8
11.24: DCS-7050SX3-48YC8: kernel=kernel-4.9-lts-x86_64-all args=console=ttyS0,9600n8
platform=woodpecker scd.lpc_irq=13 scd.lpc_res_addr=0xf00000 scd.lpc_res_size=0x100000
sid=Marysville onl_mnt=/dev/mmcblk0p1 tsc=reliable pcie_ports=native reboot=p pti=off
reassign_prefmem amd_iommu_dump=1 platform=x86-64-arista-7050sx3-48yc8-r0
11.24: Loading kernel and initrd...
+ kexec --load --command-line 'console=ttyS0,9600n8 platform=woodpecker scd.lpc_irq=13 scd.
lpc_res_addr=0xf00000 scd.lpc_res_size=0x100000 sid[ 11.969258] kexec_core: Starting
new kernel
=Marysville onl_mnt=/dev/mmcblk0p1 tsc=reliable pcie_ports=native reboot=p pti=off
reassign_prefmem amd_iommu_dump=1 quiet=1 onl_platform=x86-64-arista-7050sx3-48yc8-r0
onl_sku=DCS-7050SX3-48YC8' --initrd /mnt/flash/onl/boot/x86-64-arista-7050sx3-48yc8-r0.
initrng: Linux Random Number Generator (RNG) early init
found interface name alias eth0 --> ma1
remapping interface eth0 --> ma1
No dynamic mount operations in unified mode.
No dynamic mount operations in unified mode.
INFO:PKI:Using existing private key.
INFO:PKI:Using existing certificate.
Setting up ma1 as bonded interface...
ma1 is now [ oma1 ]
************************************************************
*
* Switch Light OS Loader
*
* Version: SWL-OS-DMF-8.0.0(0)
* Id: 2020-08-27.14:06-dff2d80
*
* Platform: x86-64-arista-7050sx3-48yc8-r0
* ma1: c0:d6:82:18:00:3c
*
************************************************************
[ boot-config ]
NETDEV=ma1
NETAUTO=up
BOOTMODE=ztn
ZTNMODE=deferred
Press Control-C now to enter the interactive loader shell.
[ Starting Autoboot ]
[ Configuring Interfaces ]
Waiting for link on ma1...
ma1: up
[ BOOTMODE is ztn. ]
...
SLREST port is not ready....
Saving switch default settings...done.
Loading ZTN startup-config......done.
Saving last startup-config......done.
Stopping watchdog keepalive daemon....
Starting watchdog daemon....
Switch Light OS SWL-OS-DMF-8.0.0(0), 2020-08-27.14:06-dff2d80
filter-1 login:

Once the switch has booted up successfully, the Arista switch will appear as connected under the State column when viewed from the DMF Controller using the show switch DMF-F1 command. For example:

DMF-CTRL(config)# show switch DMF-F1
#Switch NameIP Address State Pipeline Mode
- |----------- |--------------------------- |-------- |-------------------|
1 DMF-F1 fe80::7272:cfff:febd:dcbc%9connected l3-l4-match-push-vlan
DMF-CTRL(config)#

Allocating IPv4 Addresses to Fabric Switches

When using L2 ZTF, the DANZ Monitoring Fabric (DMF) Controllers and fabric switches use link-local IPv6 for communication. To enable switches to communicate with external (IPv4) services, configure IP address management (IPAM), which assigns IPv4 addresses to the switches in the fabric from a configured pool of addresses. This configuration enables a fabric switch in L2-ZTN mode to communicate with external services such as NTP, SNMP, and Syslog.

No IPv4 address is required for the switch to interact with the Controller for time synchronization (NTP) and logging (syslog).

Note: This procedure applies only to Layer 2 ZTF. Attempting to configure IPAM when the provisioning mode is set to Layer 3 (Preconfigured) results in the display of an error message.

Static IP Addresses

Static IPv4 addresses can be configured on switches in a fabric managed by IPAM.When IPAM is enabled, IPAM will automatically assign IPv4 addresses to switches on which a static IPv4 address has not been configured as long as there are allocated IP addresses available. DMF preserves both automatically and statically allocated IP addresses in the event of a reboot or Controller failure.

Using the GUI to Allocate IPv4 Addresses

To allocate a pool of IPv4 addresses for IPAM to assign to fabric switches, complete the following steps:

Select Fabric > Switches from the main menu and click on the IP Address Allocation tab.

Figure 3. Accessing the Switches Page

The Switches page lists the switches connected to the DANZ Monitoring Fabric (DMF) Controller, and the IP Address Allocation tab provides controls for configuring a pool of IPv4 addresses for IPAM assignment to the fabric switches.
Click the Edit Configuration control at the top of the IP Address Allocation tab.

Figure 4. IP Address Allocation Tab
In the Edit Switch IP Address Allocation dialog, enable IPAM using the Status switch, and specify the gateway, DNS server, and subnet mask length.

Figure 5. Edit Switch IP Address Allocation Dialog
Click the Provision (+) button next to IP Ranges to add IP ranges to be used for IPAM assignment. When finished adding IP address ranges to the pool, click Submit.
To view the operational state of IPAM in the fabric and confirm the address range, select Fabric > Switches from the main menu and click on the IP Address Allocation tab.To view the IP address assignment for each switch, click on the + icon.

Figure 6. Viewing Operational State

Figure 7. Viewing IP Address Assignments

Using the CLI to Allocate IPv4 Addresses with IPAM

To allocate a pool of IPv4 addresses for IPAM to assign to fabric switches and configure the DNS server, default gateway, and subnet mask length, complete the following steps:

Enter the config-ipam-switch submode using the ipam switch command.

controller-1(config)# ipam switch
controller-1(config-ipam-switch)#

Identify the DNS server IP address to be used by the fabric switches using the dns-server command.
```
controller-1(config-ipam-switch)# dns-server 192.168.1.1
```
Identify the default gateway server IP address to be used by the fabric switches using the gateway command.
```
controller-1(config-ipam-switch)# gateway 192.168.1.1
```
Identify the range of IP addresses to be used by the fabric switches via the ip-range command. For multiple non-contiguous address ranges, repeat the command as needed.
```
controller-1(config-ipam-switch)# ip-range 192.168.1.100 192.168.1.200
controller-1(config-ipam-switch)# ip-range 192.168.3.100 192.168.3.200
```
Note: This example allocates 100 addresses in the subnetwork 192.168.1.0 and 100 addresses in the subnetwork 192.168.3.0. To view the IP addresses allocated by IPAM, enter the show ipam switch command.
Set the length of the subnet mask using the subnet-mask-length command.This mask length applies to all configured address ranges.
```
controller-1(config-ipam-switch)# subnet-mask-length 21
```
Enable IPAM IPv4 address allocation to the fabric switches using the allocate command.
```
controller-1(config-ipam-switch)# allocate
```
To display the static or automatic IP address configuration for all switches, use the show running-config switch command. The ip-address fields contain the newly introduced values.
```
controller-1(config-ipam-switch)# show running-config switch

! switch
switch core1
ip-address auto 10.0.0.2
mac 52:54:00:57:c9:3b

switch delivery1
ip-address auto 10.0.0.3
mac 52:54:00:c2:9c:24

switch filter1
ip-address auto 10.0.0.4
mac 52:54:00:ab:3a:e6
```
Note: The address displayed does not necessarily mean that the specified IP address has been assigned to the switch. For an address to be automatically assigned, IPAM has to be enabled and a corresponding IP range must be defined in the IPAM configuration. In the case of a static IP address, the IP address should exist within the defined IPAM subnet. Use the show ipam switch command to display actual allocations rather than the configuration.

Assigning Static IPv4 Addresses

If needed, a static IPv4 address can be assigned to a switch in a fabric managed by IPAM. Removing the assigned address will return the switch to IPAM address management, and an IPv4 address will be assigned to it from the allocated pool if one is available.

Using the GUI to Assign a Static IPv4 Address

To assign a static IPv4 address to a fabric switch, complete the following steps:

Select Fabric > Switches from the main menu and select the IP Address Allocation tab.

Figure 8. Accessing the Switches Page
On the Switches tab, click the menu icon next to the switch to which the address will be assigned, and select Configure from the menu.

Figure 9. Configure
In the Configure Switch dialog, set the IP Assignment Type to Manual and enter the desired IPv4 address for the switch.

Figure 10. Configure Switch

Note: The assigned static address must be in the defined IPAM subnet.
Click Submit to assign the configured IPv4 address to the switch.
To confirm the IP address assignment for the switch, select Fabric > Switches from the main menu and click on the IP Address Allocation tab, then click on the + icon to display IP addresses for all switches.

Figure 11. Viewing IP Address Assignments

Using the CLI to Assign a Static IPv4 Address

When IPAM is enabled and there are enough IPv4 addresses allocated for assignment, it automatically assigns IPv4 addresses to each switch in the fabric. The show running-config command displays those addresses as auto as shown below:

controller-1(config)# show running-config switch core1

! switch
switch core1
ip-address auto 10.0.0.2
mac 00:53:00:57:c9:3b

To assign a static IPv4 address to a fabric switch instead, complete the following steps:

Enter switch configuration mode for the switch to which a static address will be assigned using the switch command.
```
controller-1(config)# switch core1 
controller-1(config-switch)#
```
Set the IP address to static and configure the address using the ip-address static command.
Note: The assigned IPv4 address must be within the defined IPAM subnet.
```
controller-1(config-switch)# ip-address static 10.0.0.3
controller-1(config-switch)#
```

To confirm the address assignment, use the show this and show ipam switch commands.

controller-1(config-switch)# show this

! switch
switch core1
ip-address static 10.0.0.3
mac 00:53:00:57:c9:3b

controller-1(config-ipam-switch)# show ipam switch 
~~~~~~~~~~~~~~~~ Allocated IP Addresses ~~~~~~~~~~~~~~~~
# Start IP End IP Count Used SwitchAllocated IP 
-|--------|----------|-----|----|---------|------------|
1 10.0.0.2 10.0.0.255 254 3delivery1 10.0.0.2
2 10.0.0.2 core1 10.0.0.3
3 10.0.0.2 filter1 10.0.0.4

To remove a static IPv4 address assignment from an IPAM-managed fabric switch (restoring it to auto), use the no ip-address static command.
```
controller-1(config)# switch core1 
controller-1(config-switch)# no ip-address static 10.0.0.3
controller-1(config-switch)# show this

! switch
switch core1
ip-address auto 10.0.0.3
mac 52:54:00:01:b4:18
```
Note: The switch IP address may not change when the static address is removed.In the previous example, DMF removed the static IP address 10.0.0.3; however, since IPAM is still enabled, a new IP address was immediately assigned from the IPAM IP range. The IP address 10.0.0.3 was the first available IP address in the pool and was therefore assigned to the switch.The address remains the same in this case, but the status changes to auto.

Static Address Assignment Troubleshooting and Limitations

Syslog Messages and Tracing

There are no syslog messages associated with this feature. To gain insight into the IPAM IP allocation process, enable tracing logs.

Note: In some cases, enabling tracing can seriously impact switch performance. Please use it cautiously and seek advice from an Arista Networks representative before enabling tracing in any production environment.

Enable more detailed tracing logs using the following commands:

controller-1(config)#logging level org.projectfloodlight.core.ipalloc trace
controller-1(config)#logging level org.projectfloodlight.zerotouch.startupconfig trace
controller-1(config)#show logging controller | grep Ipam

Locate relevant log output in the floodlight syslog at /var/log/floodlight/floodlight.log.

Troubleshooting

When troubleshooting, be sure to use the show ipam switch command to display actual IP address allocations instead of the show running-config ipam switch command, which only displays the configuration and last used auto IP addresses of the switches.

If a switch does not receive the expected IP address allocation, ensure that:

IPAM is enabled.
- Make sure that the allocate field is present in the IPAM configuration. If not, configure the deployment mode as shown below:
```
controller-1(config)#ipam switch
controller-1(config-ipam-switch)#allocate
```
- Make sure that the ZTN deployment mode is set to auto-discovery.If not, configure the deployment mode as shown below:
```
controller-1(config)deployment-mode auto-discovery
```
For a configured s IP address, make sure that the address is in the defined IPAM subnet.
For an auto IP address, make sure that there are enough IP addresses in the defined IP address ranges for all switches.
Note: An auto IP address in a switch configuration does not necessarily result in an actual IP address assignment and stays there even if the allocated IP address is unavailable, e.g., if IPAM is disabled or the corresponding IP address range is removed. If a configuration change (such as enabling IPAM or adding an IP address range that includes the allocated address), the switch will get this IP address, which was the last automatically allocated IP address, to promote IP stability.

You may cross-check the applied IP address on the running configuration of the switch as shown below:

controller-1#show switch core1 running-config | grep ip-address
swl interface ip-address 10.0.0.3 prefix 21

An alternative way to cross-check the IP address of the switch is to connect to it and then execute the ifconfig command to view the IP address of the interface:

> connect switch core1 
Switch Light OS SWL-OS-DMF-8.5.x(0), 2023-12-01.02:24-4be6844
Linux core1 4.19.296-OpenNetworkLinux #1 SMP Fri Dec 1 02:35:57 UTC 2023 x86_64

SwitchLight ZTN Manual Configuration. Type help or ? to list commands.

(ztn-config) debug bash
*****************************WARNING******************************

Any/All activities within bash mode are UNSUPPORTED
This is intended ONLY for additional debugging ONLY by Arista TAC.

 Please type "exit" or Ctrl-D to return to the CLI

*****************************WARNING******************************
root@core1:~# ifconfig -a
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>mtu 1500
inet6 2001:0DB8:0:1:5054:ff:fe59:b9b6prefixlen 64scopeid 0x20<link>
...
ma1: flags=5187<UP,BROADCAST,RUNNING,MASTER,MULTICAST>mtu 1500
inet 10.0.0.2netmask 255.255.248.0broadcast 0.0.0.0
...

Limitations

Note that the show switch command does not display IPv4 addresses. To cross-check the assigned IPv4 number, examine the running config of the switch. (See Troubleshooting section.)
In order to enable IPAM, ZTN deployment mode must be configured as auto-discovery.
IPAM can only manage switch IP addresses in a single subnet, but multiple IP address ranges can be defined in that subnet.

Using L3 ZTN (Pre-Configured) Switch Provisioning Mode

When a switch is in a different subnet than the Controller, configure the network information in the switch, which enables the switch loader to download the correct Switch Light OS image from the Controller and install it on the switch via the ZTN process.

Note: DANZ Monitoring Fabric (DMF) supports deploying switches from different vendors in the same fabric. However, using cables from different vendors to connect switches is not supported. Optics are required to interconnect switches from different vendors. See the Hardware Compatibility List for details on supported optics for each switch platform.

Ensure the deployment-mode pre-configured command is entered on the DMF Controller to enable Layer 3 ZTF.

Note: In Layer 3 mode, ZTF uses TCP port 8843 for communication between the Controller and switches. This port must be allowed on the Controller and on any devices connecting the Controller to the fabric switches.

Installing a Switch Using L3 ZTF (Preconfigured) Provisioning Mode

To install a switch with the DANZ Monitoring Fabric (DMF) provisioning mode set to pre-configured, complete the following steps:

Confirm that the switch has ONIE installed.

Note: Power on the switch and connect to the switch console using the default baud rate. The default baud rate is 9600 for switches by Arista Networks. The default baud rate is 115200 for ONIE-enabled switches.
The supported switches, listed in the DANZ Monitoring Fabric 8.5 Hardware Compatibility List, come with ONIE installed by the manufacturer.

Verify that the switch management port is connected to the management network with an IP address assigned either manually or from a DHCP server. If an IP address in Step 2a is not assigned, follow Steps 2b and 2c. If an IP address is already set in Step 2a, skip to Step 3.

Check IP addressing on the management port.

ONIE:/ # ifconfig
eth0 Link encap:Ethernet HWaddr 90:B1:1C:F4:CB:A9
inet addr:10.240.130.96 Bcast:10.240.130.127 Mask:255.255.255.128
inet6 addr: fe80::92b1:1cff:fef4:cba9/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5550 errors:0 dropped:0 overruns:0 frame:0
TX packets:3937 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:728610 (711.5 KiB) TX bytes:563219 (550.0 KiB)
Interrupt:21 Memory:ff300000-ff320000
ONIE:/ #

Manually assign an IP address to the management port.

ONIE:/ # ifconfig eth0 192.168.10.10 netmask 255.255.255.0

Add the default gateway.

ONIE:/ # route add default gw 192.168.10.1 eth0
ONIE:/ # netstat -arn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.10.1 0.0.0.0 UG 0 0 0 eth0
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
ONIE:/ #

Note: To verify or change the IP address and gateway, use the ifconfig command.

On the DMF Controller, identify the switch image URL for the installation files by entering the show switch-image url command, as in the following example.

controller-1# show switch-image url
Install-amd64 : http://10.8.25.31/switchlight/install-amd64
Install-powerpc: http://10.8.25.31/switchlight/install-powerpc
Update-amd64 : http://10.8.25.31/switchlight/amd64
Update-powerpc : http://10.8.25.31/switchlight/powerpc
Update-powerpc : http://10.8.34.1/switchlight/powerpc

For example, for a switch using amd-64 hardware, the URL would be http://10.8.25.31/switchlight/install-amd64.

For AMD-64 platform boxes (for example, Dell S6100):
1. Reboot and select ONIE from the GNU/GRUB menu.
2. To get to the ONIE mode and during the reboot countdown, press any key when the prompt: Hit any key to stop autoboot: 0 appears. The following command enters the ONIE install mode: run onie_bootcmd
3. Type onie-discovery-stop at the installer mode in ONIE.
```
ONIE:/ # onie-discovery-stop
```

Verify the switch can ping the Controller IP address.

ONIE:/ # ping 10.8.25.31
PING 10.8.25.31 (10.8.25.31): 56 data bytes
64 bytes from 10.8.25.31: seq=0 ttl=63 time=0.398 ms
64 bytes from 10.8.25.31: seq=1 ttl=63 time=0.434 ms

Use the image-url path from the Controller for the platform amd-64.

ONIE:/ # install_url http://10.8.25.31/switchlight/install-amd64
discover: installer mode detected.
Stopping: discover... done.

Note: The switch now goes into ZTN discover.

INFO:PKI:Using existing certificate.
************************************************************
*
* Switch Light OS Loader
...
Press Control-C now to enter the interactive loader shell.
^C
Welcome to the shell.
Type 'help' for command help.

Enter Control-C to drop into the loader mode.

Press Control-C now to enter the interactive loader shell.
^C
Welcome to the shell.
Type 'help' for command help.
loader#

Enter zcsh to drop into ztn-config mode.

loader# zcsh
SwitchLight ZTN Manual Configuration. Type help or ? to list commands.
(ztn-config)
(ztn-config) help
Documented commands (type help <topic>):
========================================
controller debug dns help interface reboot setup show version
Undocumented commands:
======================
EOF exit quit
(ztn-config)

Configure the static IP address on the switch.
```
(ztn-config) interface ma1 ip-address 10.8.67.135/24 gateway 10.8.67.1
```
Note: Attempting to configure IPAM when the provisioning mode is set to Layer 3 (Preconfigured) results in an error message.
Configure the IP address of the DMF Controller (ZTN server).
```
(ztn-config) controller set 10.8.25.31,10.8.25.32
```

Set the DNS information.

(ztn-config) dns server 10.3.0.4
(ztn-config) dns domain qa.arista.com

Enter the show command to verify the configuration.

(ztn-config) show
IP Option: Static
IP Address: 10.8.67.135
Netmask: 255.255.255.0
Gateway: 10.8.67.1
DNS Server: 10.3.0.4
DNS Domain: qa.arista.com
Controllers: 10.8.25.32,10.8.25.31
(ztn-config)

Reboot the switch to activate the configuration.
```
(ztn-config) reboot
```
Note: The switch now automatically downloads the SWI image from the Controller and boots up with the image.
```
###### Start - Switch Console output in DMF-L3 ZTN mode
...
Switch Light OS SWL-OS-DMF-7.0.0(0), 2018-01.21.00:19-784f432
###### END - Switch Console output in DMF-L3 ZTN mode
```
Note: When the final messages appear, the installation is completed.

To verify the installation, enter the following show commands on the Controller.

controller-1(config)# show switch s1-s6100 details
#Switch Name Mac addressSwitch DPID State 
- |---------- |----------------------- |---------------------- |-------- 
1 s1-s61004c:76:25:f6:c8:80 (Dell) 00:00:4c:76:25:f6:c8:80 connected
 Quarantine reason IP AddressTCP Port Connected SincePipeline Mode 
|---------------- |---------- |------- |----------------------------|-------------
10.8.67.135 380182018-10.01 11:27:48.663000 PST l3l4-push-vlan

controller-1 (config)# show switch s1-s6100 zerotouch
Device : 4c:76:25:f6:c8:80 (Dell)
Zerotouch state : ok
Name : s1-s6100
Reload pending : False
Platform : x86-64-dell-s6100-c2538-r0
Serial number : CN0WKFYN7793164P0004
Ip address : 10.8.67.135
Dpid : 00:00:4c:76:25:f6:c8:80
Last update : 2018-10.01 15:06:13.619000 PST
Controller address : 10.8.25.31
controller-1 (config)#

Log in to the switch and enter the show command to display the switch status when the following (ztn-config) prompt appears.

Switch Light OS SWL-OS-DMF-6.3.0(0), 2017-01-24.00:19-784f432
s1-s6100 login: admin
Password:
Linux s1-s6100 3.16.39-OpenNetworkLinux #1 SMP Tue Jan 24 08:38:28 UTC 2017 x86_64
SwitchLight ZTN Manual Configuration. Type help or ? to list commands.
(ztn-config) show
IP Option : Static
IP Address : 10.8.67.135
Netmask : 255.255.255.0
Gateway : 10.8.67.1
Controllers: 10.8.25.33,10.8.25.32,10.8.25.31

Installing Arista 7050X and 7260X Series Switch Using L3 ZTF (Preconfigured) Provisioning Mode

Perform the initial installation of Switch Light OS on the Arista platforms manually in the DANZ Monitoring Fabric (DMF), similar to the requirements for ONIE-enabled switches. Use this guide for DMF Controllers configured for L3 ZTN mode.

Note: L3 ZTN means the Controller is set up for deployment-mode pre-configured.

The initial installation of Switch Light OS on the Arista switch is accomplished by dropping it to the Aboot shell interface at boot and telling it to boot the Switch Light switch image. This operation installs Switch Light on the system. This is a one-time extra step needed during the first installation of Switch Light in DMF. The boxes will subsequently boot as expected under Switch Light.

Note: This procedure is also required for any Arista switches running EOS.

Procedure

Attach a console cable to the Arista switch and power on or reboot the switch.

Interrupt the boot process with Control-C to drop into the Aboot shell.

Warning - AGESA callout: platform_PcieSlotResetControl not supported
Warning - AGESA callout: platform_PcieSlotResetControl not supported
agesawrapper_amdinitearly() returned AGESA_SUCCESS
Watchdog enabled, will fire in 2 mins
CBFS: Locating 'normal/romstage'
CBFS: Found @ offset 5b3d40 size 7b7c
Aboot 9.0.3-4core-14223577
Press Control-C now to enter Aboot shell
^CWelcome to Aboot.
Aboot#

Configure an IP address for the switch’s ma1 management interface. Configure ma1 statically or use DHCP.

To use DHCP, type udhcpc -i ma1.

Aboot# udhcpc -i ma1
udhcpc (v1.18.1) started
Sending discover...
Sending discover...
Sending select for 10.6.3.237...
Lease of 10.6.3.237 obtained, lease time 534

To configure ma1 statically.

Aboot# ifconfig ma1 172.24.210.61 netmask 255.255.252.0
Aboot# route add default gateway 172.24.208.1 ma1
OR
Aboot# ip route add default via 172.24.208.1
Tip: Please use the "route" command to verify the correct routing table.

Identify the MAC address of the ma1 management interface of the switch. Use the ifconfig -a command. The HWaddr is the MAC address. A label on the rear of the switch contains the MAC address.

Aboot# ifconfig -a
lo Link encap:Local Loopback
LOOPBACK MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
ma1 Link encap:Ethernet HWaddr C0:D6:82:18:00:3C
inet addr:172.24.210.61 Bcast:172.24.211.255 Mask:255.255.252.0
inet6 addr: fe80::c2d6:82ff:fe18:3c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:198 errors:0 dropped:0 overruns:0 frame:0
TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:46514 (45.4 KiB) TX bytes:2258 (2.2 KiB)
Interrupt:37

On a separate terminal window, log into the DMF Controller to configure the name of the Arista switch and its MAC address. In this example, the switch is assigned the name filter-1.
```
DMF(config)# switch filter-1
DMF(config-switch)# mac c0:d6:82:18:00:3c
```

On the DMF Controller, issue the command show switch-image url to obtain the Switch Light boot image URL. The URL that is needed is Update-amd64. Please note this URL; the following steps need it. Do not use the other URLs.

DMF(config-switch)# show switch-image url
Install-amd64 : http://172.24.210.21/switchlight/install-amd64
Install-powerpc: http://172.24.210.21/switchlight/install-powerpc
Update-amd64 : http://172.24.210.21/switchlight/amd64
Update-powerpc : http://172.24.210.21/switchlight/powerpc

Back on to the switch Aboot shell, boot with the URL of the Switch Light image. The command is boot url.

Aboot# boot http://172.24.210.21/switchlight/amd64
Downloading http://172.24.210.21/switchlight/amd64
Connecting to 172.24.210.21 (172.24.210.21:80)
swi 100% |********************************| 316M 0:00:00 ETA
Secure Boot disabled, skipping check
SPI flash hardware write protection disabled
93.50: Running SwitchLight install...
Archive: /tmp/swi
..
..

Interrupt the Switch Light OS Loader with Control-C to drop into the interactive loader shell.

No dynamic mount operations in unified mode.
No dynamic mount operations in unified mode.
INFO:PKI:Using existing private key.
INFO:PKI:Using existing certificate.
Setting up ma1 as bonded interface...
ma1 is now [ oma1 ]
************************************************************
*
* Switch Light OS Loader
*
* Version: SWL-OS-DMF-8.0.0(0)
* Id: 2020-08-27.14:06-dff2d80
*
* Platform: x86-64-arista-7050sx3-48yc8-r0
* ma1: c0:d6:82:18:00:3c
*
************************************************************
[ boot-config ]
NETDEV=ma1
NETAUTO=up
BOOTMODE=ztn
ZTNMODE=deferred
Press Control-C now to enter the interactive loader shell.
^C
Welcome to the shell.
Type 'help' for command help.
loader#

Type zcsh to start the Switch Light ZTN manual configuration.

loader# zcsh
SwitchLight ZTN Manual Configuration. Type help or ? to list commands.
(ztn-config)

Type setup followed by Enter to begin interactive setup.

(ztn-config) setup
You are now running the interactive setup.
Press Enter to continue...

Configure the IP address of the management interface on the switch. Choose DHCP or Static. Optionally configure the DNS parameters. The following example uses a static IP address.

Please choose an IP option:
(DHCP/Static)? Static
Please provide static IP settings:
IP Address: 172.24.210.64
Netmask: 255.255.252.0
Gateway: 172.24.208.1
Do you want to configure DNS settings?
(Yes/No)? yes
DNS Server: 10.3.0.4
DNS Domain: arista.com

Configure the IP addresses of the primary and secondary DMF Controller. In this example, there is no secondary Controller.

Please provide the IP address of the controller:
Controller IP: 172.24.210.21
Do you have a second controller?
(Yes/No)? No

Review the manual ZTN configuration. Type Yes to complete the Switch Light ZTN manual configuration.

Configuration Summary:
IP Option: Static
IP Address: 172.24.210.64
Netmask: 255.255.252.0
Gateway: 172.24.208.1
DNS Server: 10.3.0.4
DNS Domain: arista.com
Controller IP: 172.24.210.21
Please confirm that the above settings are correct:
(Yes/Reset)?
(Yes/Reset)? Yes
Interactive setup completed successfully.
(ztn-config)

Type reboot. The Arista switch will reboot and complete the ZTN process using the previously configured boot parameters.

(ztn-config) reboot
Proceed with reboot [confirm]
Requesting system reboot
[ 2115.237162] reboot: Restarting system
coreboot-coreboot-unknown-Aboot-norcal9-9.0.3-4core-14223577 Wed Nov 13 22:08:55 UTC 2019
bootblock starting...
Family_Model: 00660f01
PMxC0 STATUS: 0x800
...
...
...
************************************************************
*
* Switch Light OS Loader
*
* Version: SWL-OS-DMF-8.0.0(0)
* Id: 2020-08-27.14:06-dff2d80
*
* Platform: x86-64-arista-7050sx3-48yc8-r0
* ma1: c0:d6:82:18:00:3c
*
************************************************************
[ boot-config ]
ZTNSERVERS=172.24.210.21
NETGW=172.24.208.1
NETDEV=ma1
NETDOMAIN=arista.com
BOOTMODE=ztn
NETMASK=255.255.252.0
NETIP=172.24.210.64
ZTNMODE=deferred
NETDNS=10.3.0.4
Press Control-C now to enter the interactive loader shell.
[ Starting Autoboot ]
[ Configuring Interfaces ]
[ BOOTMODE is ztn. ]
....
Saving switch default settings...done.
Loading ZTN startup-config......done.
Saving last startup-config......done.
Stopping watchdog keepalive daemon....
Starting watchdog daemon....
Switch Light OS SWL-OS-DMF-8.0.0(0), 2020-08-27.14:06-dff2d80
filter-1 login:

Once the switch has booted up successfully, the Arista switch will appear as connected under the State column when viewed from the DMF Controller using the show switch command. For example:
```
DMF(config)# show switch
# Switch NameIP AddressStatePipeline Mode
- |----------- |------------ |--------- |-------------- |
1 filter-1 172.24.210.64 connectedl3-l4-push-vlan
```

Installing Arista 7280R Series Switch Using L3 ZTF (Preconfigured) Provisioning Mode

DANZ Monitoring Fabric (DMF) 8.1.0 is the first release to support the Arista 7280R, 7280R2, and 7280R3 series of switches. These switches use Arista Networks EOS operating system instead of running Switch Light OS while deployed in the DANZ Monitoring Fabric.

For all 7280 series of switches, configure the Controller with deployment mode pre-configured (L3 ZTN). This is the default mode of operation starting in the DMF 8.5.0 release.

Note: L3 ZTN means the Controller is set up for deployment-mode pre-configured.

This is a one-time setup needed to load the DMF-compatible EOS image. When set up, the next Controller upgrade will also automatically upgrade the switches.

Perform these steps on the 7280R Series switch to boot from the DMF Controller.

On the DMF Controller, issue the command show switch-image url to obtain the URL for the boot image. The URL that is needed is update-aristaeos. Make a note of this URL, which will be required later when copying the image to the switch. Do not use the other URLs.
```
DMF(config)# show switch-image url
File Url
---------------- |---------------------------------------------- |
install-amd64http://172.24.210.21/switchlight/install-amd64
update-amd64 http://172.24.210.21/switchlight/amd64
update-aristaeos http://172.24.210.21/eos/i686
```
Attach a console connection to the Arista 7280R Series switch and power on or reboot the switch.

Interrupt the boot process with Control-C to drop into the Aboot shell.

Warning - AGESA callout: platform_PcieSlotResetControl not supported
agesawrapper_amdinitearly() returned AGESA_SUCCESS
Watchdog enabled, will fire in 2 mins
CBFS: 'Master Header Locator' located CBFS at [200:ffffc0)
CBFS: Locating 'normal/romstage'
CBFS: Found @ offset 5b3d40 size 7b7c
Aboot 9.0.3-4core-14223577
Press Control-C now to enter Aboot shell
^CWelcome to Aboot.
Aboot#

Configure an IP address for the switch’s ma1 management interface. Configure ma1 statically or use DHCP.

To use DHCP, type udhcpc -i ma1.

Aboot# udhcpc -i ma1
udhcpc: started, v1.30.1
udhcpc: sending discover
udhcpc: sending select for 172.24.208.123
udhcpc: lease of 172.24.208.123 obtained, lease time 86400

To configure ma1 statically.

Aboot# ifconfig ma1 172.24.210.61 netmask 255.255.252.0
Aboot# route add default gateway 172.24.208.1 ma1
Tip: Please use the "route" command to verify the correct routing table.

Change directory to /mnt/ﬂash/ on the switch.

Aboot# cd /mnt/flash
Aboot#
Aboot# ls -l
-rw-rw-r-- 1 root 88 2541 Apr 29 19:29 AsuFastPktTransmit.log
drwxrwxr-x 2 root 88 4096 Oct 31 01:06 Fossil
-rw-rw-r-- 1 root 88 1562 Apr 29 19:29 SsuRestore.log
-rw-rw-r-- 1 root 88 1562 Apr 29 19:29 SsuRestoreLegacy.log
-rw-rwx--- 1 root 88 47 Apr 29 19:37 boot-config
-rw-rw-r-- 1 root 88 4 Apr 29 18:19 config_match
drwxrwx--- 3 root 88 4096 Apr 29 19:38 debug
drwxrwxr-x 2 root 88 4096 Oct 31 01:06 fastpkttx.backup
drwxrwx--- 2 root 88 16384 Oct 31 01:04 lost+found
drwxrwxr-x 3 root 88 4096 Apr 29 19:36 persist
drwxrwxr-x 3 root 88 4096 Oct 31 01:20 schedule
-rw-rw-r-- 1 root 88 0 Oct 31 01:20 startup-config
-rw-rw-r-- 1 root 88 0 Apr 29 19:30 zerotouch-config

Use wget to copy the Arista EOS image from the DMF Controller. Use the update-aristaeos URL from the Step 1. The command is wget url.

Aboot# wget http://172.24.210.21/eos/i686
Connecting to 172.24.210.21 (172.24.210.21:80)
i686 100% |********************************| 933M 0:00:00 ETA

Edit the /mnt/ﬂash/boot-config file. Boot using the newly downloaded EOS image from the DMF Controller.
```
SWI=flash:/i686
```

Verify the boot-config was saved.

Aboot# cat /mnt/flash/boot-config
SWI=flash:/i686

Reboot the system. Type: reboot.

Aboot# reboot
Aboot# [ 1096.250482] sysrq: SysRq : Remount R/O
Requesting system reboot
Restarting system
coreboot-coreboot-unknown-Aboot-norcal9-9.0.3-4core-14223577 Wed Nov 13 22:08:55 UTC 2019
bootblock starting...
Family_Model: 00660f01
PMxC0 STATUS: 0x800
BIT11
agesawrapper_amdinitreset() entry
CBFS: 'Master Header Locator' located CBFS at [200:ffffc0)
CBFS: Locating 'AGESA'
CBFS: Found @ offset dffdc0 size 71786
Fch OEM config in INIT RESET Done
coreboot-coreboot-unknown-Aboot-norcal9-9.0.3-4core-14223577 Wed Nov 13 22:08:55 UTC 2019
bootblock starting...
Family_Model: 00660f01
PMxC0 STATUS: 0x80800
DoReset BIT11
agesawrapper_amdinitreset() entry
CBFS: 'Master Header Locator' located CBFS at [200:ffffc0)
CBFS: Locating 'AGESA'
CBFS: Found @ offset dffdc0 size 71786
Fch OEM config in INIT RESET Done
agesawrapper_amdinitreset() returned AGESA_SUCCESS
agesawrapper_amdinitearly() entry
Warning - AGESA callout: platform_PcieSlotResetControl not supported
Warning - AGESA callout: platform_PcieSlotResetControl not supported
Warning - AGESA callout: platform_PcieSlotResetControl not supported
Warning - AGESA callout: platform_PcieSlotResetControl not supported
Warning - AGESA callout: platform_PcieSlotResetControl not supported
Warning - AGESA callout: platform_PcieSlotResetControl not supported
agesawrapper_amdinitearly() returned AGESA_SUCCESS
Watchdog enabled, will fire in 2 mins
CBFS: 'Master Header Locator' located CBFS at [200:ffffc0)
CBFS: Locating 'normal/romstage'
CBFS: Found @ offset 5b3d40 size 7b7c
Aboot 9.0.3-4core-14223577
Press Control-C now to enter Aboot shell
Booting flash:/i686
Secure Boot disabled, skipping check
SPI flash hardware write protection disabled
[ 12.590004] kexec_core: Starting new kernel
[ 0.972580] Running e2fsck on: /mnt/flash
[ 4.216655] Running e2fsck on: /mnt/crash
Switching rootfs
starting version 219
Welcome to Arista Networks EOS 4.26.0FX-DMF
New seat seat0.
Starting ProcMgr: Removing all files in all subdirs of /etc/ProcMgr.d/run
[ OK ]
Starting EOS initialization stage 1: [ OK ]
Starting NorCal initialization: [ OK ]
Starting EOS initialization stage 2: [ OK ]
Completing EOS initialization (press ESC to skip): [ OK ]
Model: DCS-7280CR3-32P4
Serial Number: JPE20383403
System RAM: 8147180 kB
Flash Memory size: 7.1G
Apr 29 19:59:55 localhost SandFapNi: %AGENT-6-INITIALIZED: Agent 'SandFapNi-FixedSystem'
initialized; pid=3054
Apr 29 19:59:55 localhost PowerManager: %PWRMGMT-4-INPUT_POWER_LOSS: PowerSupply1 has lost
input power.
Apr 29 19:59:55 localhost SandMcast: %AGENT-6-INITIALIZED: Agent 'SandMcast' initialized;
pid=3051
No startup-config was found.
The device is in Zero Touch Provisioning mode and is attempting to
download the startup-config from a remote system. The device will not
be fully functional until either a valid startup-config is downloaded
from a remote system or Zero Touch Provisioning is cancelled.
To cancel Zero Touch Provisioning, login as admin and type
'zerotouch cancel' at the CLI. Alternatively, to disable Zero Touch
Provisioning permanently, type 'zerotouch disable' at the CLI.
Note: The device will reload when these commands are issued.
localhost login:

Log in as admin. From the enable mode, turn off Zero Touch Provisioning. The system will reload again. Type: zerotouch cancel.

localhost> en
localhost# zerotouch cancel
Apr 29 20:00:12 localhost ZeroTouch: %ZTP-6-CANCEL: Cancelling Zero Touch Provisioning
Apr 29 20:00:12 localhost ZeroTouch: %ZTP-6-RELOAD: Rebooting the system
localhost# Flushing AAA accounting queue: [ OK ]
Restarting system
[20:00:14] watchdog punch .
[20:00:14] watchdog punch .
[20:00:15] watchdog punch .
[20:00:16] watchdog punch .
[ 176.580458] sysrq: Remount R/O
[20:00:16] watchdog punch .
[20:00:16] watchdog punch .
[20:00:17] watchdog punch .
[20:00:18] watchdog punch .
coreboot-coreboot-unknown-Aboot-norcal9-9.0.3-4core-14223577 Wed Nov 13 22:08:55 UTC 2019
bootblock starting...
Family_Model: 00660f01
PMxC0 STATUS: 0x800
BIT11
agesawrapper_amdinitreset() entry
CBFS: 'Master Header Locator' located CBFS at [200:ffffc0)
CBFS: Locating 'AGESA'
CBFS: Found @ offset dffdc0 size 71786
Fch OEM config in INIT RESET Done
coreboot-coreboot-unknown-Aboot-norcal9-9.0.3-4core-14223577 Wed Nov 13 22:08:55 UTC 2019
bootblock starting...
Family_Model: 00660f01
PMxC0 STATUS: 0x80800
DoReset BIT11
agesawrapper_amdinitreset() entry
CBFS: 'Master Header Locator' located CBFS at [200:ffffc0)
CBFS: Locating 'AGESA'
CBFS: Found @ offset dffdc0 size 71786
Fch OEM config in INIT RESET Done
agesawrapper_amdinitreset() returned AGESA_SUCCESS
agesawrapper_amdinitearly() entry
Warning - AGESA callout: platform_PcieSlotResetControl not supported
Warning - AGESA callout: platform_PcieSlotResetControl not supported
Warning - AGESA callout: platform_PcieSlotResetControl not supported
Warning - AGESA callout: platform_PcieSlotResetControl not supported
Warning - AGESA callout: platform_PcieSlotResetControl not supported
Warning - AGESA callout: platform_PcieSlotResetControl not supported
agesawrapper_amdinitearly() returned AGESA_SUCCESS
Watchdog enabled, will fire in 2 mins
CBFS: 'Master Header Locator' located CBFS at [200:ffffc0)
CBFS: Locating 'normal/romstage'
CBFS: Found @ offset 5b3d40 size 7b7c
Aboot 9.0.3-4core-14223577
Press Control-C now to enter Aboot shell
Booting flash:/i686
Secure Boot disabled, skipping check
SPI flash hardware write protection disabled
[ 12.512179] kexec_core: Starting new kernel
[ 0.976275] Running e2fsck on: /mnt/flash
[ 4.186065] Running e2fsck on: /mnt/crash
Switching rootfs
starting version 219
Welcome to Arista Networks EOS 4.26.0FX-DMF
New seat seat0.
Starting ProcMgr: Removing all files in all subdirs of /etc/ProcMgr.d/run
[ OK ]
Starting EOS initialization stage 1: [ OK ]
Starting NorCal initialization: [ OK ]
Starting EOS initialization stage 2: [ OK ]
Completing EOS initialization (press ESC to skip): [ OK ]
Model: DCS-7280CR3-32P4
Serial Number: JPE20383403
System RAM: 8147180 kB
Flash Memory size: 7.1G
localhost login:

Log in to the switch as admin. Get the System MAC address of the switch in show version. Type: show version. In this example, the System MAC = d4af.f754.195b. Obtain the MAC address located on the ID label on the rear of the 7280R Series switch.

localhost login: admin
Output to this terminal is being recorded for diagnostic purposes.
Note that only output that is visible on the console is recorded.
localhost> show version
Arista DCS-7280CR3-32P4-F
Hardware version: 12.25
Serial number: JPE20383403
Hardware MAC address: d4af.f754.195b
System MAC address: d4af.f754.195b
Software image version: 4.26.0FX-DMF-21985293.4260FXDMF (engineering build)
Architecture: i686
Internal build version: 4.26.0FX-DMF-21985293.4260FXDMF
Internal build ID: 568674e7-5c84-4fc6-8a42-8fb55d2fa639
Uptime: 0 weeks, 0 days, 0 hours and 27 minutes
Total memory: 8147180 kB
Free memory: 6097456 kB

On the DMF Controller, assign a switch name and configure the System MAC address noted from the previous step. The format of the MAC address must be entered in colon format such as d4:af:f7:54:19:5b.
```
DMF(config)# switch filter-1
DMF(config-switch)# mac d4:af:f7:54:19:5b
```

On the switch console, configure the IP address of the management interface.

localhost(config)# interface Management1
localhost(config-if-Ma1)# ip address 172.24.210.89/22

On the switch console, configure the IP address(es) of the DMF Controllers. For dual Controllers, the syntax is: controller address controller#1 controller#2. In this example, there is only one Controller. ZTN configuration download will begin after configuring this part.
```
localhost(config-if-Ma1)# management dmf
localhost(config-mgmt-dmf)# controller address 172.24.210.21
localhost(config-mgmt-dmf)# no disabled
```

Verify the switch is connected to the DMF Controller. From the switch console, type: show management dmf indigo.

filter-1(config)# show management dmf indigo
DMF: enabled
Indigo agent: active
TCAM profile programming status: success
Controllers:
IDIP AddressConnection State Connection Role
------- ------------------- ---------------------- ---------------
0 172.24.210.21 connectedactive

The Arista switch will appear as connected under the State column when viewed from the DMF Controller using the show switch command. For example:

DMF(config-switch)# show switch
# Switch NameIP Address StatePipeline Mode
- |----------- |------------- |--------- |---------------------|
1 filter-1 172.24.210.89connectedl3-l4-match-push-vlan

Configuring the Switch Static IP and Controller IP in Interactive ZTF Mode

To configure or change the static IP or Controller IP addressing from the zcsh CLI, complete the following steps:

From the Switch Light OS prompt on the switch to be configured, enter Control-c to drop into the loader mode.

Press Control-C now to enter the interactive loader shell.
^C
Welcome to the shell.
Type 'help' for command help.
loader#

Enter zcsh to drop to ztn-config mode.

loader# zcsh
SwitchLight ZTN Manual Configuration. Type help or ? to list commands.
(ztn-config)
SwitchLight ZTN Manual Configuration. Type help or ? to list commands.

Enter the setup command.

(ztn-config) setup
You are now running the interactive setup.
Press Enter to continue...

When prompted, type static and enter the IP address for the switch.

Note: Additional settings for the DNS server and DNS domain options are available starting with DMF Release 6.3.1.

Please choose an IP option:
(DHCP/Static)? static
Please provide static IP settings:
IP Address: 10.9.36.29
Netmask: 255.255.255.0
Gateway: 10.9.36.1
Do you want to configure DNS settings?
(Yes/No)? yes
DNS Server: 10.3.0.4
DNS Domain: 10.1.5.200
Please provide the IP address of the Controller:
Controller IP: 10.2.0.66

If there is a second Controller, type yes when prompted and enter the IP address of the secondary Controller.

Do you have a second controller?
(Yes/No)? yes
Please provide the IP address of the second controller:
Second Controller IP: 10.8.25.32
IP Option : Static
IP Address : 10.8.39.203
Netmask : 255.255.192.0
Gateway : 10.8.0.1
DNS Server : 10.3.0.4
DNS Domain : qa.arista.com
Controller IP : 10.8.25.31
Second Controller IP: 10.8.25.32
Please confirm that the above settings are correct:
(Yes/Reset)? yes
Interactive setup completed successfully.
(ztn-config) reboot
Proceed with reboot [confirm]
Terminated
Requesting systRestarting system.

Installing Arista 7050X and 7260X Series using DHCP with bootfile-name option

Starting with DANZ Monitoring Fabric (DMF) 8.2, installing Switch Light OS on Arista switches can be automated using an Arista ZTP boot script available on the DMF Controller. The Arista switch models that support this procedure are the 7050CX3, 7050SX3, and 7260CX3.

The Arista ZTP boot script is served to the Arista switch using DHCP’s bootfile-name option (option #67). The Arista switch downloads and executes this Arista ZTP boot script during its ZTP (Zero Touch Provisioning) phase following boot. The Arista ZTP boot script copies the Switch Light OS files from the DMF Controller and configures the appropriate boot settings on the Arista switch.

Procedure

Connect to the Arista switch to get the system MAC access. The system MAC address is the HWaddr for the management interface (ma1). The MAC in this example is 2C:DD:E9:7C:84:38.

localhost# show interfaces management 1
Management1 is up, line protocol is up (connected)
Hardware is Ethernet, address is 2cdd.e97c.8438 (bia 2cdd.e97c.8438)
IPv6 link-local address is fe80::2edd:e9ff:fe7c:8438/64
Address being determined by SLAAC
No IPv6 global unicast address is assigned
IP MTU 1500 bytes (default) , BW 1000000 kbit
Full-duplex, 1Gb/s, auto negotiation: on, uni-link: n/a
Up 3 hours, 50 minutes, 21 seconds
Loopback Mode : None
4 link status changes since last clear
Last clearing of "show interface" counters 3:53:44 ago
5 minutes input rate 4.71 kbps (0.0% with framing overhead), 5 packets/sec
5 minutes output rate 172 bps (0.0% with framing overhead), 0 packets/sec
65939 packets input, 8202861 bytes
Received 10799 broadcasts, 51269 multicast
0 runts, 0 giants
0 input errors, 0 CRC, 0 alignment, 0 symbol, 0 input discards
0 PAUSE input
1155 packets output, 303450 bytes
Sent 584 broadcasts, 470 multicast
0 output errors, 0 collisions
0 late collision, 0 deferred, 0 output discards
0 PAUSE output
localhost#

On the DMF Controller, configure the name of the Arista switch and its MAC address. In this example, the switch is assigned the name DMF-F1.
```
switch DMF-F1
mac 2c:dd:e9:7c:84:38
```

From the DMF Controller, obtain the Arista ZTP boot script URL. Run the command show switch-image url. The arista-ztp-install-script is the URL needed.

DMF-CTL2(config)# show switch-image url
FileUrl
------------------------- |---------------------------------------------------------
arista-ztp-install-script http://10.240.129.29/switchlight/arista-ztp-install-script
install-amd64 http://10.240.129.29/switchlight/install-amd64
update-amd64http://10.240.129.29/switchlight/amd64
update-aristaeoshttp://10.240.129.29/eos/x86_64
DMF-CTL2(config)#

On the DHCP server, include the bootfile-name option. Use the URL of the Arista ZTP script from the previous step. In this example, the /etc/dhcp/dhcpd.conf file is from an ISC DHCP server. Bring up the DMF switches using either A) vendor-class-identifier or B) switch hardware address.

Note: The edits required depend on the specific network environment and the type of switches.
1. For a large DMF deployment, use the vendor-class-identifier as shown below. DMF switches should use a different subnet than UCN switches when using vendor-class-identifier.
```
subnet 10.240.130.0 netmask 255.255.255.128 {
range 10.240.130.61 10.240.130.64;
option domain-name-servers 10.240.48.6;
option subnet-mask 255.255.255.128;
option routers 10.240.130.1;
option broadcast-address 10.240.130.127;
class "Arista"{ match if substring (option vendor-class-identifier, 0, 6) =
"Arista";
option bootfile-name = "http://10.240.129.29/switchlight/
arista-ztp-install-script"; }
}
```
2. If DMF switches are in the same subnet as UCN switches, use the host address on dhcpd.config to identify the DMF switches.
```
host 7050X3 {
hardware ethernet 2c:dd:e9:7c:84:38;
option bootfile-name = "http://10.240.129.29/switchlight/arista-ztp-
install-script";
}
```
Restart the dhcp server process after editing the /etc/dhcp/dhcpd.conf file.
The Arista ZTP boot script will be downloaded and executed at the ZTP phase.

On the DMF Controller, verify the switch is connected using the show switch DMF-F1 command.

DMF-CTL2(config)# show switch DMF-F1
#Switch NameIP AddressStatePipeline Mode
- |----------- |-------------------------- |--------- |-------------------- |
1 DMF-F1 fe80::968e:d3ff:feaa:ad0e%9 connectedfull-match-push-vlan
DMF-CTL2(config)#

Installing Arista 7280R Series using DHCP with bootfile-name option

The installation of EOS on Arista SAND platforms (7280x) can be automated using an Arista ZTP boot script available on the DANZ Monitoring Fabric (DMF) Controller. This procedure applies to all Arista 7280R Series platforms that are supported in DMF.

The Arista ZTP boot script is served to the Arista switch using DHCP’s bootfile-name option (option #67). The Arista switch downloads and executes this Arista ZTP boot script during its ZTP (Zero Touch Provisioning) phase following boot. The Arista ZTP boot script copies the EOS SWI from the DMF Controller and configures the appropriate boot settings on the Arista switch.

Note: The Controller must be set up for deployment-mode pre-configured.

Procedure

Connect to the Arista switch to get the system MAC access. The system MAC address is the HWaddr for interface ma1 in Aboot. The MAC in this example is D4:AF:F7:F9:EE:38.

Aboot# ifconfig ma1
ma1 Link encap:Ethernet HWaddr D4:AF:F7:54:19:5A
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:37

On the DMF Controller, configure the name of the Arista switch and its MAC address. In this example,the switch is assigned the name filter-1.
```
switch DMF-F1
mac d4:af:f7:54:19:5a
```

From the DMF Controller, obtain the Arista ZTP boot script URL. Run the command show switch-image url. The arista-ztp-install-script is the URL needed.

DMF-CTL2(config)# show switch-image url
File Url
------------------------- |----------------------------------------------------------
arista-ztp-install-script http://10.240.129.29/switchlight/arista-ztp-install-script
install-amd64 http://10.240.129.29/switchlight/install-amd64
update-amd64http://10.240.129.29/switchlight/amd64
update-aristaeoshttp://10.240.129.29/eos/x86_64
DMF-CTL2(config)#

On the DHCP server, include the bootfile-name option. Use the URL of the Arista ZTP script from the previous step. In this example, the /etc/dhcp/dhcpd.conf file is from an ISC DHCP server. Bring up the DMF switches using eitherA) vendor-class-identifier or B) switch hardware address.

Note: The edits required depend on the specific network environment and the type of switches.
1. For a large DMF deployment, use the vendor-class-identifier as shown below. DMF switches should use a different subnet than UCN switches when using vendor-class-identifier.
```
subnet 10.240.130.0 netmask 255.255.255.128 {
range 10.240.130.61 10.240.130.64;
option domain-name-servers 10.240.48.6;
option subnet-mask 255.255.255.128;
option routers 10.240.130.1;
option broadcast-address 10.240.130.127;
class "Arista"{ match if substring (option vendor-class-identifier, 0, 6) =
"Arista";
option bootfile-name = "http://10.240.129.29/switchlight/
arista-ztp-install-script"; }
}
```
2. If DMF switches are in the same subnet as the UCN switches, use the host address on dhcpd.config to identify the DMF switches.
```
host 7050X3 {
hardware ethernet 2c:dd:e9:7c:84:38;
option bootfile-name = "http://10.240.129.29/switchlight/arista-ztp-
install-script";
}
```
Restart the dhcp server process after editing the /etc/dhcp/dhcpd.conf file.
The Arista ZTP boot script will be downloaded and executed at the ZTP phase.

On the DMF Controller, verify the switch is connected using the show switch DMF-F1 command.

DMF-CTL2(config)# show switch DMF-F1
#Switch NameIP Address StatePipeline Mode
- |----------- |--------------------------- |--------- |-------------------
1DMF-F1 10.240.130.62connectedfull-match-push-vlan
DMF-CTL2(config)#

Using DHCP with Default URL for Switch Installation in Preconfigured Provisioning Mode

To install the Switch Light OS using a DHCP server, complete the following steps:

Log in to the DHCP server serving the L2 segment where the monitoring fabric switches are connected.
Edit the /etc/dhcp/dhcpd.conf file.
Note: The edits required depend on your network environment and the type of switches you are connecting to the fabric. The example below shows how the dhcpd.conf file might look like when using fabric switches of the same architectural type, in this case, the PowerPC architecture.
dhcpd.conf File (All Switches of the Same Type)
```
subnet 10.9.18.0 netmask 255.255.254.0 {
range 10.9.18.201 10.9.18.254;
option routers 10.9.18.1;
option domain-name-servers 10.3.0.4;
option domain-name "qa.arista.com";
option domain-search "qa.arista.com", ".com";
option default-url = "http://10.9.18.12/switchlight/install-powerpc";
filename "pxelinux.0";
next-server 10.8.0.3;
}
```
Note: The URL points to the PowerPC install image on the Controller. The example below shows a DHCP configuration file with PowerPC and AMD64-based switches.
dhcpd.conf File (Switches of Different Types)
```
class "onie-vendor-powerpc-class" {
match if substring(option vendor-class-identifier, 0, 19) = "onie_vendor:powerpc";
option default-url = "http://10.9.18.11/switchlight/install-powerpc";
}
class "onie-vendor-amd64-class" {
match if substring(option vendor-class-identifier, 0, 18) = "onie_vendor:x86_64";
option default-url = "http://10.9.18.11/switchlight/install-amd64";
}
subnet 10.9.18.0 netmask 255.255.254.0 {
pool {
allow members of "onie-vendor-powerpc-class";
range 10.9.18.120 10.9.18.150;
}
pool {
allow members of "onie-vendor-amd64-class";
range 10.9.18.151 10.9.18.200;
}
range 10.9.18.201 10.9.18.254;
option routers 10.9.18.1;
option domain-name-servers 10.3.0.4;
option domain-name "qa.arista.com";
option domain-search "qa.arista.com", "qa.arista.com";
filename "pxelinux.0";
next-server 10.8.0.3;
}
```
Note: The URLs point to the PowerPC and AMD64 install images on the Controller. In the examples above, two DHCP options are supported to deliver ZTN Controller addresses to the switch.
default-url
- If the default-url option is set, the address from the URL will be extracted and used for ZTN transactions.
- If the default-url option is used to support automatic installation via ONIE then the same setting can be used to indicate the initial Controller address against which L3 manifest transactions should be performed.
next-server
- This option is used to get the software images and configurations. In case of DMF, this is optional as the default-url provides for SWI and configurations.
Restart the dhcp server process on the DHCP server.
Restart the switch after the dhcp service restarts.

Registering a Switch After Initial Deployment

To add a switch to the fabric after initial deployment, register the name and MAC address of the switch with the active DANZ Monitoring Fabric (DMF) Controller. The switch downloads a compatible Switch Light OS image and configuration from the Controller and uses the registered switch name to refer to the switch in the CLI output and GUI displays.

Using the GUI to Register a Switch

Procedure

Select Fabric > Switches from the main menu.

Figure 12. Fabric Switches Option

This page lists the switches connected to the DANZ Monitoring Fabric (DMF) Controller, with the current alias of the switch providing a link to the Switch View for the specified switch.
To add an alias or change the existing alias, click the Menu control next to the switch name and select Configure from the pull-down menu that appears.

Figure 13. Configure Switch (Page 1)

This dialog provides the means to assign an alias and a MAC address, shut down or re-enable the switch, and change the password for direct remote connections to the switch.
Type the alias for the switch in the Name field.
Enter the MAC address and click Submit
This dialog also provides access to a series of dialogues used to override the default configuration pushed from the DMF Controller to the switch. To advance to another page, click the numbered link for the page or click Next.

Figure 14. Continue Configuration

Using the CLI to Register a Switch

Enter the switch switch-name command to enter the config-switch submode, to associate the switch name with the MAC address of a physical switch. Replace switch-name with a unique alphanumeric text string. For example, the following commands assign the switch names core-sw-1, filter-sw-1, and delivery-sw-1 to three switches:

controller-1(config)# switch DMF-CORE-SWITCH-1
controller-1(config-switch)# mac 00:00:00:00:00:09
controller-1(config-switch)# switch DMF-FILTER-SWITCH-1
controller-1(config-switch)# mac 00:00:00:00:00:0b
controller-1(config-switch)# switch DMF-DELIVERY-SWITCH-1
controller-1(config-switch)# mac 00:00:00:00:00:0e

To view the switches in the DANZ Monitoring Fabric (DMF), enter the show switch command from any mode, as in the following example:

controller-1> show switch
# Switch NameIP Address StatePipeline Mode
- |--------------- |--------------------------- |--------- |---------------------
1 bigtap-switch-1fe80::ce37:abff:fe60:d474%2connectedbigtap-l3l4-push-vlan
2 bigtap-switch-2fe80::ce37:abff:fe60:cf8a%2connectedbigtap-l3l4-push-vlan
3 bigtap-switch-3fe80::ce37:abff:fea0:9071%2connectedbigtap-l3l4-push-vlan

The output shows the switch alias, IP address, state and pipeline mode.

To associate a new name with an existing switch MAC address, remove the switch registration with the no switch command.

controller-1(config)# no switch DMF-CORE-SWITCH-1

To view additional details about a switch, enter the show switch all detail command, as in the following example:

After removing the switch registration, perform a new switch registration using the new switch name.

Changing the ZTF Mode After Deployment

Changing to Layer 3 (Pre-Configured) Switch Provisioning Mode

ZTF cannot be used to install the switches when the switch management network connects the DANZ Monitoring Fabric (DMF) Controllers through a Layer 3 network. However, when a switch is in a different subnet than the Controller, manually configure the switches or use a DHCP server to download the Switch Light OS image to each fabric switch. To do this, change the switch provisioning mode to Pre-Configured.

If the switches and Controllers are in the same L2 broadcast domain, use the default switch deployment-mode (auto-discovery) for L2-ZTF deployment. If the switches and Controllers are not in the same L2 broadcast domain, change the provisioning mode to pre-configured to enable L3-ZTF deployment. The entire fabric must be in a single provisioning mode; DMF only supports the auto-discovery provisioning mode if all the switches are in the same Layer 2 domain.

Using the GUI to Change the Switch Provisioning Mode

Complete the following steps to use the DANZ Monitoring Fabric (DMF) GUI to change the switch provisioning mode.

Procedure

Click the DMF logo in the GUI Main menu to display the Controller landing page.
Click the Settings control in the Features section on the Controller landing page.

Figure 15. Changing the Switch Provisioning Mode

Note: For information about the other options in this section, refer to the DMF User Guide.
Click the Settings controller to the right of the Device Provisioning Mode option and click Submit.

Control the configuration of this feature using the Edit icon by clicking on the pencil icon.

Figure 16. Edit Device Deployment Mode
Click on the downward arrow and choose from the drop-down options. There are two ways to modify the switch configuration. Select the Pre-Configured option, click on the Submit button, and conﬁrm the operation when prompted. An error message is displayed if switches are already deployed using Auto Discovery mode.

Using the CLI to Change the Switch Provisioning Mode

Complete the following steps to use the CLI to change from Auto-discovery (L2-ZTF) Mode to preconfigured (L3-ZTF) Mode.

Procedure

Disable IPAM by entering the following commands.

Note: IPAM is supported only in L2-ZTF mode. Disable it before moving to L3-ZTF mode. However, before disabling IPAM, remove the IPAM configuration in the config-ipam-switch submode.

controller-1(config-ipam-switch)# no dns-server
controller-1(config-ipam-switch)# no gateway
controller-1(config-ipam-switch)# no ip-range 10.8.39.81 10.8.39.90 subnet-mask-length 18
controller-1(config-ipam-switch)# (config-ipam-switch)# exit
controller-1(config-ipam-switch) (config)# no ipam switch

Change the switch provisioning mode by entering the following command on the Active DANZ Monitoring Fabric (DMF) Controller.
```
controller-1(config)# deployment-mode pre-configured
```
Configure the switches using DHCP or static IP addresses.

Note: If not using DHCP, assign a static IP using the switch CLI (PCLI) on each fabric switch.
Configure the Active and Standby DMF Controller IP address on each fabric switch.
Reboot each switch.
If switches and Controllers are in the same L2 broadcast domain, use the default switch deployment-mode (auto-discovery) for L2-ZTF deployment. If the switches and Controllers are not in the same L2 broadcast domain, change the provisioning mode to pre-configured to enable L3-ZTF deployment. The entire fabric must be in a single provisioning mode; DMF only supports the auto-discovery provisioning mode if all the switches are in the same Layer 2 domain.

Changing to Layer 3 ZTF (Preconfigured) Mode

Complete the following steps to change to Preconfigured (L3-ZTF) Mode from Auto Discovery (L2-ZTF) mode.

Procedure

Change the configuration of each switch management (ma1) IP to DHCP or assign static IP.

(ztn-config) interface ma1 ip-address
Set the management interface address parameters. Possibilities are:
interface ma1 ip-address dhcp
interface ma1 ip-address <ip-address>/<prefix> gateway <gateway-address>
A) Setting ma1 interface of switch to use DHCP.
(ztn-config) interface ma1 ip-address dhcp
(ztn-config) show
IP Option: DHCP
Controllers: fe80::250:56ff:fea2:df9b
(ztn-config)
B) Setting ma1 interface of switch for static IP
(ztn-config) interface ma1 ip-address 192.168.10.10/25 gateway 192.168.10.1
(ztn-config) show
IP Option: Static
IP Address: 192.168.10.10
Netmask: 255.255.255.128
Gateway: 192.168.10.1
DNS Server: None
DNS Domain: None
Controllers: fe80::250:56ff:fea2:df9b
(ztn-config)

At the ztn-config prompt, clear the Controller configuration and add the Controller IP (active and standby).

A) Clearing controller config on switch.
(ztn-config) controller clear
(ztn-config) show
IP Option: Static
IP Address: 10.240.130.13
Netmask: 255.255.255.128
Gateway: 10.240.130.1
DNS Server: None
DNS Domain: None
Controllers:
(ztn-config)
B) Adding controller IP.
(ztn-config) controller set 10.240.130.15,10.240.130.16
(ztn-config)
(ztn-config) show
IP Option: Static
IP Address: 10.240.130.13
Netmask: 255.255.255.128
Gateway: 10.240.130.1
DNS Server: None
DNS Domain: None
Controllers: 10.240.130.16,10.240.130.15
(ztn-config)

At the ztn-config prompt, reboot each switch.
Enter the deployment-mode pre-configured command on the DANZ Monitoring Fabric (DMF) Controller to enable Layer 3 mode switch installation, whether using the manual method or DHCP with the default URL method of installation.
Note: In Layer 3 mode, ZTF uses TCP port 8843 for communication between the Controller and switches. This port must be allowed on the Controller and on any devices connecting the Controller to the fabric switches.

Changing to Layer 2 ZTF (Auto-Discovery) Mode

Complete the following steps to change to Auto-Discovery (L2-ZTF) Mode from Preconfigured (L3-ZTF) Mode.

Procedure

Move the switches or Controllers into the same L2 broadcast domain if required.

Note: L2-ZTF requires all the switches and Controllers to be in the same broadcast domain.
Change the switch provisioning mode by entering the following command on the active DANZ Monitoring Fabric (DMF) Controller.
```
controller-1(config)# deployment-mode auto-discovery
```

In L2-ZTF mode, the Controllers are auto-discovered by switches.

(ztn-config) interface ma1 ip-address dhcp
(ztn-config) controller clear
(ztn-config) show
IP Option: DHCP
Controllers:
(ztn-config)

At the ztn-config prompt, reboot each switch.

System Reinstall for an EOS Switch

Perform a system reinstall by removing the local startup-config/zerotouch-config on the switch so the DANZ Monitoring Fabric (DMF) Controller no longer manages it.

Rebooting the switch restarts the Arista-native ZTP process and requests a fresh image from the Controller.

Use the following command to perform a system reinstall:

C1# system reinstall switch eos-switch-name reboot

Note: There are other optional parameters (such as timeout and factory-default), but they do not apply to EOS switches.

The following is an example where the switch name is core1.

C1(config)# system reinstall switch core1 reboot
system switch reinstall: "deployment-mode pre-configured"
system switch reinstall: l3-ztn currently configured
system switch reinstall: l3-ztn implies switches are remote
system switch reinstall: l3-ztn and some switches may not rejoin
reinstall may cause service interruption
system switch reinstall ("y" or "yes" to continue): y

An optional parameter called reboot forces the switch to reboot and begin the re-installation process.

CLI Show Commands

When the switch is rebooting, ZTN cannot communicate with the switch, so a Zerotouch state error hint and Zerotouch state error msg appear when using the following show command:

(config)# show switch core1 zerotouch
Name : core1
Ip address : 10.243.254.25
Last update: 2023-06-02 07:18:35.749000 UTC
Zerotouch state: reloading
Zerotouch state error hint : Rest API Client problem
Zerotouch state error msg: Connect to 10.243.254.25:80 [/10.243.254.25] failed: Connection refused (Connection refused)

The error message changes after the switch has fully booted.

SM-InspiringPare-Broadwater-C1(config-crypto)# show switch core1 zerotouch
Name : core1
Ip address : 10.243.254.25
Last update: 2023-06-02 07:29:34.850000 UTC
Zerotouch state: reloading
Zerotouch state error hint : Rest API Client problem
Zerotouch state error msg: No route to host (Host unreachable)

At this point, the switch has booted up entirely. Still, the Controller cannot talk to the switch, as the necessary configuration is absent. Kick-start the DMF ZTN process on the switch again using the commands below:

(config)# management dmf
(config-mgmt-dmf)# controller address ip-address
(config-mgmt-dmf)# no disabled

Troubleshooting

Check the status using the command show switch switch-name zerotouch.

After performing the steps above for reconnecting an EOS switch, and if the state remains stuck in reloading (and there is a Zerotouch state error hint / Zerotouch state error msg output), please contact This email address is being protected from spambots. You need JavaScript enabled to view it..

SKU Reporting for EOS Switches

Like SwitchLight (SWL) OS switches, EOS switches now report their SKUs to the DANZ Monitoring Fabric (DMF) Controller.

View the EOS switch SKU using the DMF Controller CLI or GUI.

Using the CLI to Configure SKU Reporting for EOS Switches

Run the show fabric inventory command from the login mode to view the switch SKUs from the DMF Controller CLI.

The Switch Inventory table enumerates the switches associated with the DMF environment. The SKU column indicates the SKU of each switch.

CONTROLLER-1> show fabric inventory 
~~~~~~~~~~~~~~~~~ Controller Inventory ~~~~~~~~~~~~~~~~~
# Node Id Hostname SKUSerial Number
-|-------|-------------------|-----------|-------------|
1 29617 CONTROLLER-1DCA-DM-C450FF99R52
2 23262 CONTROLLER-2DCA-DM-C4503W9D3Y2

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Switch Inventory ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Switch SKU Serial Number ManufacturerAsic
-|--------------------|-----------------|-------------|---------------|------------|
1 dmf-arista-7280SR2-2 DCS-7280SR2-48YC6 JPE22123192 Arista Networks jericho-plus
2 dmf-arista-7280CR3-1 DCS-7280CR3-32P4JPE20383391 Arista Networks jericho2
3 dmf-arista-7280SR3-1 DCS-7280SR3-48YC8 JPE22191168 Arista Networks jericho2c
4 dmf-arista-7280CR3-2 DCS-7280CR3-32P4JPE20383398 Arista Networks jericho2
5 dmf-arista-7280SR-1DCS-7280SR-48C6 SGD20370893 Arista Networks jericho
6 dmf-arista-7280SR2-1 DCS-7280SR2-48YC6 JPE20476226 Arista Networks jericho-plus

~~~~~~~~~ Recorder Node Inventory~~~~~~~~~
# Recorder NodeSKUSerial Number
-|-----------------|----------|-------------|
1 DMF-RECORDER-NODE DCA-DM-RA3 FLC1RN3

~~~~~~~~ Service Node Inventory~~~~~~~~
# Service NodeSKUSerial Number
-|-----------------|----------|-------------|
1 DMF-SERVICE-NODEDCA-DM-SDL GS11RN3

Using the GUI to Configure SKU Reporting for EOS Switches

To view the switch SKUs from the DMF Controller GUI, hover the mouse over the Fabric menu bar and select Switches.

The Switches page loads.

The SKUs do not appear by default but display after enabling the SKU column. To enable the column, click the menu button in the table. In the menu, select Show/Hide Columns.

In the dialog box, select the SKU checkbox and click Save Preferences.

The SKU column appears in the Switches table and displays the SKU of each switch.

DANZ Monitoring Fabric Deployment Guide

Installing DMF Switches

HTTPS Support for Controller Hosted URLs using ZTP

Zero Touch Fabric Provisioning Modes

Using L2 ZTF (Auto-Discovery) Provisioning Mode

Requirements

Switch Installation Procedure

Arista Switch Installation Procedure for 7050X Series and 7260X Series

Allocating IPv4 Addresses to Fabric Switches

Static IP Addresses

Using the GUI to Allocate IPv4 Addresses

Using the CLI to Allocate IPv4 Addresses with IPAM

Assigning Static IPv4 Addresses

Using the GUI to Assign a Static IPv4 Address

Using the CLI to Assign a Static IPv4 Address

Static Address Assignment Troubleshooting and Limitations

Syslog Messages and Tracing

Troubleshooting

Limitations

Using L3 ZTN (Pre-Configured) Switch Provisioning Mode

Installing a Switch Using L3 ZTF (Preconfigured) Provisioning Mode

Installing Arista 7050X and 7260X Series Switch Using L3 ZTF (Preconfigured) Provisioning Mode

Installing Arista 7280R Series Switch Using L3 ZTF (Preconfigured) Provisioning Mode

Configuring the Switch Static IP and Controller IP in Interactive ZTF Mode

Installing Arista 7050X and 7260X Series using DHCP with bootfile-name option

Installing Arista 7280R Series using DHCP with bootfile-name option

Using DHCP with Default URL for Switch Installation in Preconfigured Provisioning Mode

Registering a Switch After Initial Deployment

Using the GUI to Register a Switch

Using the CLI to Register a Switch

Changing the ZTF Mode After Deployment

Changing to Layer 3 (Pre-Configured) Switch Provisioning Mode

Using the GUI to Change the Switch Provisioning Mode

Using the CLI to Change the Switch Provisioning Mode

Changing to Layer 3 ZTF (Preconfigured) Mode

Changing to Layer 2 ZTF (Auto-Discovery) Mode

System Reinstall for an EOS Switch

SKU Reporting for EOS Switches

Using the CLI to Configure SKU Reporting for EOS Switches

Using the GUI to Configure SKU Reporting for EOS Switches